diff --git a/sbin/Makefile b/sbin/Makefile index c125075c6696..0c648f29badb 100644 --- a/sbin/Makefile +++ b/sbin/Makefile @@ -1,99 +1,98 @@ -# @(#)Makefile 8.5 (Berkeley) 3/31/94 .include SUBDIR=adjkerntz \ camcontrol \ clri \ comcontrol \ conscontrol \ ddb \ devd \ devfs \ devmatch \ dhclient \ dmesg \ dump \ dumpfs \ dumpon \ etherswitchcfg \ ffsinfo \ fsck \ fsck_ffs \ fsck_msdosfs \ fsdb \ fsirand \ gbde \ geom \ ggate \ growfs \ gvinum \ ifconfig \ init \ kldconfig \ kldload \ kldstat \ kldunload \ ldconfig \ md5 \ mdconfig \ mdmfs \ mknod \ mksnap_ffs \ mount \ mount_cd9660 \ mount_fusefs \ mount_msdosfs \ mount_nfs \ mount_nullfs \ mount_udf \ mount_unionfs \ newfs \ newfs_msdos \ nfsiod \ nos-tun \ pfilctl \ rcorder \ reboot \ recoverdisk \ resolvconf \ restore \ route \ savecore \ setkey \ shutdown \ swapon \ sysctl \ tunefs \ umount .if ${MK_INET} != "no" || ${MK_INET6} != "no" SUBDIR+= ping .endif SUBDIR.${MK_CCD}+= ccdconfig SUBDIR.${MK_HAST}+= hastctl SUBDIR.${MK_HAST}+= hastd SUBDIR.${MK_INET6}+= rtsol SUBDIR.${MK_IPFILTER}+= ipf SUBDIR.${MK_IPFW}+= ipfw SUBDIR.${MK_IPFW}+= natd SUBDIR.${MK_NVME}+= nvmecontrol SUBDIR.${MK_OPENSSL}+= decryptcore SUBDIR.${MK_PF}+= pfctl SUBDIR.${MK_PF}+= pflogd SUBDIR.${MK_QUOTAS}+= quotacheck SUBDIR.${MK_ROUTED}+= routed SUBDIR.${MK_VERIEXEC}+= veriexec SUBDIR.${MK_ZFS}+= bectl SUBDIR.${MK_ZFS}+= zfsbootcfg SUBDIR.${MK_TESTS}+= tests .include SUBDIR_PARALLEL= .include .include diff --git a/sbin/Makefile.inc b/sbin/Makefile.inc index d59f70fe1ef6..a9e857c046de 100644 --- a/sbin/Makefile.inc +++ b/sbin/Makefile.inc @@ -1,9 +1,8 @@ -# @(#)Makefile.inc 8.1 (Berkeley) 6/8/93 .include BINDIR?= /sbin .if ${MK_DYNAMICROOT} == "no" NO_SHARED?= YES .endif diff --git a/sbin/bectl/bectl.8 b/sbin/bectl/bectl.8 index 19cd867df56b..93244c52ce4d 100644 --- a/sbin/bectl/bectl.8 +++ b/sbin/bectl/bectl.8 @@ -1,514 +1,512 @@ .\" .\" SPDX-License-Identifier: BSD-2-Clause .\" .\" Copyright (c) 2017 Kyle J. Kneitinger .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: .\" 1. Redistributions of source code must retain the above copyright .\" notice, this list of conditions and the following disclaimer. .\" 2. Redistributions in binary form must reproduce the above copyright .\" notice, this list of conditions and the following disclaimer in the .\" documentation and/or other materials provided with the distribution. .\" .\" -.\" @(#)be.1 -.\" .Dd October 5, 2023 .Dt BECTL 8 .Os .Sh NAME .Nm bectl .Nd Utility to manage boot environments on ZFS .Sh SYNOPSIS .Nm .Op Fl h\&? .Nm .Op Fl r Ar beroot .Cm activate .Op Fl t | Fl T .Ar beName .Nm .Op Fl r Ar beroot .Cm check .Nm .Op Fl r Ar beroot .Cm create .Op Fl r .Op Fl e Brq Ar nonActiveBe | Ar beName Ns Cm @ Ns Ar snapshot .Ar newBeName .Nm .Op Fl r Ar beroot .Cm create .Op Fl r .Ar beName@snapshot .Nm .Op Fl r Ar beroot .Cm destroy .Op Fl \&Fo .Ar beName Ns Op Cm @ Ns Ar snapshot .Nm .Op Fl r Ar beroot .Cm export .Ar sourceBe .Nm .Op Fl r Ar beroot .Cm import .Ar targetBe .Nm .Op Fl r Ar beroot .Cm jail .Op Fl bU .Oo Bro Fl o Ar key Ns Cm = Ns Ar value | Fl u Ar key Brc Oc Ns ... .Ar beName .Op Ar utility Op Ar argument ... .Nm .Op Fl r Ar beroot .Cm list .Op Fl aDHs .Op Fl c Ar property .Op Fl C Ar property .Oo Bro Fl c Ar property | Fl C Ar property Brc Oc .Nm .Op Fl r Ar beroot .Cm mount .Ar beName .Op Ar mountpoint .Nm .Op Fl r Ar beroot .Cm rename .Ar origBeName .Ar newBeName .Nm .Op Fl r Ar beroot .Brq Cm ujail | unjail .Brq Ar jailId | jailName | beName .Nm .Op Fl r Ar beroot .Brq Cm umount | unmount .Op Fl f .Ar beName .Sh DESCRIPTION The .Nm command is used to setup and interact with ZFS boot environments, which are bootable clones of datasets. .Pp A boot environment allows the system to be upgraded, while preserving the pre-upgrade system environment. .Pp .Nm itself accepts an .Fl r flag specified before the command to indicate the .Ar beroot that should be used as the boot environment root, or the dataset whose children are all boot environments. Normally this information is derived from the bootfs property of the pool that is mounted at .Pa / , but it is useful when the system has not been booted into a ZFS root or a different pool should be operated on. For instance, booting into the recovery media and manually importing a pool from one of the system's resident disks will require the .Fl r flag to work. .Ss Supported Subcommands and Flags .Bl -tag -width activate .It Xo .Fl h | .Fl \&? .Xc Print usage information. .It Xo .Cm activate .Op Fl t | Fl T .Ar beName .Xc Activate the given .Ar beName as the default boot filesystem. If the .Fl t flag is given, this takes effect only for the next boot. Flag .Fl T removes temporary boot once configuration. Without temporary configuration, the next boot will use zfs dataset specified in boot pool .Ar bootfs property. .It Xo .Cm check .Xc Performs a silent sanity check on the current system. If boot environments are supported and used, .Nm will exit with a status code of 0. Any other status code is not currently defined and may, in the future, grow special meaning for different degrees of sanity check failures. .It Xo .Cm create .Op Fl r .Op Fl e Brq Ar nonActiveBe | Ar beName Ns Cm @ Ns Ar snapshot .Ar newBeName .Xc Create a new boot environment named .Ar newBeName . .Pp If the .Fl r flag is given, a recursive boot environment will be made. See .Sx Boot Environment Structures for a discussion on different layouts. .Pp If the .Fl e flag is specified, the new environment will be cloned from the given .Ar nonActiveBe or .Ar beName Ns Cm @ Ns Ar snapshot . Otherwise, the new environment will be created from the currently booted environment. .Pp If .Nm is creating from another boot environment, a snapshot of that boot environment will be created to clone from. .It Xo .Cm create .Op Fl r .Ar beName@snapshot .Xc Create a snapshot of the boot environment named .Ar beName . .Pp If the .Fl r flag is given, a recursive snapshot of the boot environment will be created. A snapshot is created for each descendant dataset of the boot environment. See .Sx Boot Environment Structures for a discussion on different layouts. .Pp No new boot environment is created with this subcommand. .It Xo .Cm destroy .Op Fl \&Fo .Ar beName Ns Op Cm @ Ns Ar snapshot .Xc Destroy the given .Ar beName boot environment or .Ar beName Ns Cm @ Ns Ar snapshot snapshot without confirmation, unlike in .Xr beadm 1 . Specifying .Fl F will automatically unmount without confirmation. .Pp By default, .Nm will warn that it is not destroying the origin of .Ar beName . The .Fl o flag may be specified to destroy the origin as well. .It Cm export Ar sourceBe Export .Ar sourceBe to .Xr stdout 4 . .Xr stdout 4 must be piped or redirected to a file. .It Cm import Ar targetBe Import .Ar targetBe from .Xr stdin 4 . .It Xo .Cm jail .Op Fl bU .Oo Bro Fl o Ar key Ns Cm = Ns Ar value | Fl u Ar key Brc Oc Ns ... .Ar beName .Op Ar utility Op Ar argument ... .Xc Create a jail of the given boot environment. Multiple .Fl o and .Fl u arguments may be specified. .Fl o will set a jail parameter, and .Fl u will unset a jail parameter. .Pp By default, jails are created in interactive mode and .Pa /bin/sh is executed within the jail. If .Ar utility is specified, it will be executed instead of .Pa /bin/sh . The jail will be destroyed and the boot environment unmounted when the command finishes executing, unless the .Fl U argument is specified. .Pp The .Fl b argument enables batch mode, thereby disabling interactive mode. The .Fl U argument will be ignored in batch mode. .Pp The .Va name , .Va host.hostname , and .Va path must be set, the default values are specified below. .Pp All .Ar key Ns Cm = Ns Ar value pairs are interpreted as jail parameters as described in .Xr jail 8 . The following default parameters are provided: .Bl -column "allow.mount.devfs" "" .It Va allow.mount Ta Cm true .It Va allow.mount.devfs Ta Cm true .It Va enforce_statfs Ta Cm 1 .It Va name Ta Set to jail ID. .It Va host.hostname Ta Va bootenv .It Va path Ta Set to a path in Pa /tmp generated by .Xr libbe 3 . .El .Pp All default parameters may be overwritten. .It Xo .Cm list .Op Fl aDHs .Oo Bro Fl c Ar property | Fl C Ar property Brc Oc .Xc .Pp Display all boot environments. The .Em Active field indicates whether the boot environment is active now .Pq Em \&N ; active on reboot .Pq Em \&R ; is used on next boot once .Pq Em \&T ; or combination of .Pq Em \&NRT . .Bl -tag -width indent .It Fl a Display all datasets. .It Fl D Display the full space usage for each boot environment, assuming all other boot environments were destroyed. .It Fl H Used for scripting. Do not print headers and separate fields by a single tab instead of arbitrary white space. .It Fl s Display all snapshots as well. .It Fl c Ar property Sort boot environments by the given ZFS dataset property. The following properties are supported: .Pp .Bl -tag -width 4n -offset indent -compact .It name (the default) .It creation .It origin .It used .It usedbydataset .It usedbyrefreservation .It usedbysnapshots .El .Pp Short forms usedds, usedrefreserv and usedsnap are also supported. .It Fl C Ar property Same as the .Fl c option, but displays in descending order. .El .Pp The .Fl D option is ignored when either the .Fl s or .Fl a option is used. .It Cm mount Ar beName Op Ar mountpoint Mount the given boot environment. .Pp If a nonexistent .Ar mountpoint is given: .Nm will make the directory, including intermediate directories as required. .Pp If no .Ar mountpoint is given: .Nm will make a directory such as .Pa be_mount.c6Sf in .Pa /tmp . Randomness in the last four characters of the directory name will prevent mount point conflicts. Unmount of an environment, followed by mount of the same environment without giving a .Ar mountpoint , will result in a different randomly-named mountpoint. .It Cm rename Ar origBeName newBeName Rename the given .Ar origBeName to the given .Ar newBeName . The boot environment will not be unmounted in order for this rename to occur. .It Cm ujail Brq Ar jailId | jailName | beName .It Cm unjail Brq Ar jailId | jailName | beName Destroy the jail created from the given boot environment. .It Xo .Cm umount .Op Fl f .Ar beName .Xc .It Xo .Cm unmount .Op Fl f .Ar beName .Xc Unmount the given boot environment, if it is mounted. Specifying .Fl f will force the unmount if busy. .Pp Unmount will not remove the mount point. .El .Ss Boot Environment Structures The traditional .Fx boot environment layout, as created by the Auto ZFS option to .Xr bsdinstall 8 , is a .Dq shallow boot environment structure, where boot environment datasets do not have any directly subordinate datasets. Instead, they're organized off in .Pa zroot/ROOT , and they rely on datasets elsewhere in the pool having .Dv canmount set to .Dv off . For instance, a simplified pool may be laid out as such: .Bd -literal -offset indent % zfs list -o name,canmount,mountpoint NAME CANMOUNT MOUNTPOINT zroot zroot/ROOT noauto none zroot/ROOT/default noauto none zroot/home on /home zroot/usr off /usr zroot/usr/src on /usr/src zroot/var off /var .Ed .Pp In that example, .Pa zroot/usr has .Dv canmount set to .Dv off , thus files in .Pa /usr typically fall into the boot environment because this dataset is not mounted. .Pa zroot/usr/src is mounted, thus files in .Pa /usr/src are not in the boot environment. .Pp The other style of boot environments in use, frequently called .Dq deep boot environments , organizes some or all of the boot environment as subordinate to the boot environment dataset. For example: .Bd -literal -offset indent % zfs list -o name,canmount,mountpoint NAME CANMOUNT MOUNTPOINT zroot zroot/ROOT noauto none zroot/ROOT/default noauto none zroot/ROOT/default/usr noauto /usr zroot/ROOT/default/usr/local noauto /usr/local zroot/var on /var .Ed .Pp Note that the subordinate datasets now have .Dv canmount set to .Dv noauto . These are more obviously a part of the boot environment, as indicated by their positioning in the layout. These subordinate datasets will be mounted by the .Dv zfsbe .Xr rc 8 script at boot time. In this example, .Pa /var is excluded from the boot environment. .Pp .Nm subcommands that have their own .Fl r operate on this second, .Dq deep style of boot environment, when the .Fl r flag is set. A future version of .Nm may default to handling both styles and deprecate the various .Fl r flags. .\" .Sh EXAMPLES .\" .Bl -bullet .\" .It .\" To fill in with jail upgrade example when behavior is firm. .\" .El .Sh SEE ALSO .Xr libbe 3 , .Xr zfsprops 7 , .Xr beinstall.sh 8 , .Xr jail 8 , .Xr zfs 8 , .Xr zpool 8 .Sh HISTORY .Nm is based on .Xr beadm 1 and was implemented as a project for the 2017 Summer of Code, along with .Xr libbe 3 . .Sh AUTHORS .Nm was written by .An Kyle Kneitinger (kneitinger) Aq Mt kyle@kneit.in . .Pp .Xr beadm 1 was written and is maintained by .An Slawomir Wojciech Wojtczak (vermaden) Aq Mt vermaden@interia.pl . .Pp .An Bryan Drewery (bdrewery) Aq Mt bryan@shatow.net wrote the original .Xr beadm 1 manual page that this one is derived from. diff --git a/sbin/bsdlabel/Makefile b/sbin/bsdlabel/Makefile index f1d6461beaef..9bfa0fad6573 100644 --- a/sbin/bsdlabel/Makefile +++ b/sbin/bsdlabel/Makefile @@ -1,18 +1,17 @@ -# @(#)Makefile 8.2 (Berkeley) 3/17/94 .PATH: ${SRCTOP}/sys/geom CONFS= disktab PACKAGE=runtime PROG= bsdlabel SRCS= bsdlabel.c geom_bsd_enc.c MAN+= bsdlabel.8 .if ${MACHINE_CPUARCH} == "i386" || ${MACHINE_CPUARCH} == "amd64" LINKS= ${BINDIR}/bsdlabel ${BINDIR}/disklabel MLINKS= bsdlabel.8 disklabel.8 .endif LIBADD= geom .include diff --git a/sbin/bsdlabel/bsdlabel.8 b/sbin/bsdlabel/bsdlabel.8 index 9228bba78d4b..0e5b35a0588c 100644 --- a/sbin/bsdlabel/bsdlabel.8 +++ b/sbin/bsdlabel/bsdlabel.8 @@ -1,506 +1,504 @@ .\" Copyright (c) 1987, 1988, 1991, 1993 .\" The Regents of the University of California. All rights reserved. .\" .\" This code is derived from software contributed to Berkeley by .\" Symmetric Computer Systems. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: .\" 1. Redistributions of source code must retain the above copyright .\" notice, this list of conditions and the following disclaimer. .\" 2. Redistributions in binary form must reproduce the above copyright .\" notice, this list of conditions and the following disclaimer in the .\" documentation and/or other materials provided with the distribution. .\" 3. Neither the name of the University nor the names of its contributors .\" may be used to endorse or promote products derived from this software .\" without specific prior written permission. .\" .\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE .\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" @(#)disklabel.8 8.2 (Berkeley) 4/19/94 -.\" .Dd October 5, 2016 .Dt BSDLABEL 8 .Os .Sh NAME .Nm bsdlabel .Nd read and write BSD label .Sh SYNOPSIS .Nm .Op Fl A .Ar disk | Fl f Ar file .Nm .Fl w .Op Fl \&An .Op Fl B Op Fl b Ar boot .Op Fl m Ar machine .Ar disk | Fl f Ar file .Op Ar type .Nm .Fl e .Op Fl \&An .Op Fl B Op Fl b Ar boot .Op Fl m Ar machine .Ar disk | Fl f Ar file .Nm .Fl R .Op Fl \&An .Op Fl B Op Fl b Ar boot .Op Fl m Ar machine .Op Fl f .Ar disk | Fl f Ar file .Ar protofile .Sh DESCRIPTION The .Nm utility installs, examines or modifies the .Bx label on a disk partition, or on a file containing a partition image. In addition, .Nm can install bootstrap code. .Ss Disk Device Name When specifying the device (i.e., when the .Fl f option is not used), the .Pa /dev/ path prefix may be omitted; the .Nm utility will automatically prepend it. .Ss General Options The .Fl A option enables processing of the historical parts of the .Bx label. If the option is not given, suitable values are set for these fields. .Pp The .Fl f option tells .Nm that the program will operate on a file instead of a disk partition. .Pp The .Fl n option stops the .Nm program right before the disk would have been modified, and displays the result instead of writing it. .Pp The .Fl m Ar machine argument forces .Nm to use a layout suitable for a different architecture. Current valid values are .Cm i386 and .Cm amd64 . If this option is omitted, .Nm will use a layout suitable for the current machine. .Ss Reading the Disk Label To examine the label on a disk drive, use the form .Pp .Nm .Op Fl A .Op Fl m Ar machine .Ar disk .Pp .Ar disk represents the disk in question, and may be in the form .Pa da0 or .Pa /dev/da0 . It will display the partition layout. .Ss Writing a Standard Label To write a standard label, use the form .Pp .Nm .Fl w .Op Fl \&An .Op Fl m Ar machine .Ar disk .Op Ar type .Pp If the drive .Ar type is specified, the entry of that name in the .Xr disktab 5 file is used; otherwise, or if the type is specified as 'auto', a default layout is used. .Ss Editing an Existing Disk Label To edit an existing disk label, use the form .Pp .Nm .Fl e .Op Fl \&An .Op Fl m Ar machine .Ar disk .Pp This command opens the disk label in the default editor, and when the editor exits, the label is validated and if OK written to disk. .Ss Restoring a Disk Label From a File To restore a disk label from a file, use the form .Pp .Nm .Fl R .Op Fl \&An .Op Fl m Ar machine .Ar disk protofile .Pp The .Nm utility is capable of restoring a disk label that was previously saved in a file in .Tn ASCII format. The prototype file used to create the label should be in the same format as that produced when reading or editing a label. Comments are delimited by .Ql # and newline. .Ss Installing Bootstraps If the .Fl B option is specified, bootstrap code will be read from the file .Pa /boot/boot and written to the disk. The .Fl b Ar boot option allows a different file to be used. .Sh FILES .Bl -tag -width ".Pa /etc/disktab" -compact .It Pa /boot/boot Default boot image. .It Pa /etc/disktab Disk description file. .El .Sh SAVED FILE FORMAT The .Nm utility uses an .Tn ASCII version of the label when examining, editing, or restoring a disk label. The format is: .Bd -literal -offset 4n 8 partitions: # size offset fstype [fsize bsize bps/cpg] a: 81920 16 4.2BSD 2048 16384 5128 b: 1091994 81936 swap c: 1173930 0 unused 0 0 # "raw" part, don't edit .Ed .Pp If the .Fl A option is specified, the format is: .Bd -literal -offset 4n # /dev/da1c: type: SCSI disk: da0s1 label: flags: bytes/sector: 512 sectors/track: 51 tracks/cylinder: 19 sectors/cylinder: 969 cylinders: 1211 sectors/unit: 1173930 rpm: 3600 interleave: 1 trackskew: 0 cylinderskew: 0 headswitch: 0 # milliseconds track-to-track seek: 0 # milliseconds drivedata: 0 8 partitions: # size offset fstype [fsize bsize bps/cpg] a: 81920 16 4.2BSD 1024 8192 16 b: 160000 81936 swap c: 1173930 0 unused 0 0 # "raw" part, don't edit .Ed .Pp Lines starting with a .Ql # mark are comments. .Pp The partition table can have up to 8 entries. It contains the following information: .Bl -tag -width indent .It Ar # The partition identifier is a single letter in the range .Ql a to .Ql h . By convention, partition .Ql c is reserved to describe the entire disk. .It Ar size The size of the partition in sectors, .Cm K (kilobytes - 1024), .Cm M (megabytes - 1024*1024), .Cm G (gigabytes - 1024*1024*1024), .Cm % (percentage of free space .Em after removing any fixed-size partitions other than partition .Ql c ) , or .Cm * (all remaining free space .Em after fixed-size and percentage partitions). For partition .Ql c , a size of .Cm * indicates the entire disk. Lowercase versions of suffixes .Cm K , M , and .Cm G are allowed. Size and suffix should be specified without any spaces between them. .Pp Example: 2097152, 1G, 1024M and 1048576K are all the same size (assuming 512-byte sectors). .It Ar offset The offset of the start of the partition from the beginning of the drive in sectors, or .Cm * to have .Nm calculate the correct offset to use (the end of the previous partition plus one, ignoring partition .Ql c ) . For partition .Ql c , .Cm * will be interpreted as an offset of 0. The first partition should start at offset 16, because the first 16 sectors are reserved for metadata. .It Ar fstype Describes the purpose of the partition. The above example shows all currently used partition types. For .Tn UFS file systems and .Xr ccd 4 partitions, use type .Cm 4.2BSD . For Vinum drives, use type .Cm vinum . Other common types are .Cm swap and .Cm unused . By convention, partition .Ql c represents the entire slice and should be of type .Cm unused , though .Nm does not enforce this convention. The .Nm utility also knows about a number of other partition types, none of which are in current use. (See the definitions starting with .Dv FS_UNUSED in .In sys/disklabel.h for more details.) .It Ar fsize For .Cm 4.2BSD file systems only, the fragment size; see .Xr newfs 8 . .It Ar bsize For .Cm 4.2BSD file systems only, the block size; see .Xr newfs 8 . .It Ar bps/cpg For .Cm 4.2BSD file systems, the number of cylinders in a cylinder group; see .Xr newfs 8 . .El .Sh EXAMPLES Display the label for the first slice of the .Pa da0 disk, as obtained via .Pa /dev/da0s1 : .Pp .Dl "bsdlabel da0s1" .Pp Save the in-core label for .Pa da0s1 into the file .Pa savedlabel . This file can be used with the .Fl R option to restore the label at a later date: .Pp .Dl "bsdlabel da0s1 > savedlabel" .Pp Create a label for .Pa da0s1 : .Pp .Dl "bsdlabel -w /dev/da0s1" .Pp Read the label for .Pa da0s1 , edit it, and install the result: .Pp .Dl "bsdlabel -e da0s1" .Pp Read the on-disk label for .Pa da0s1 , edit it, and display what the new label would be (in sectors). It does .Em not install the new label either in-core or on-disk: .Pp .Dl "bsdlabel -e -n da0s1" .Pp Write a default label on .Pa da0s1 . Use another .Nm Fl e command to edit the partitioning and file system information: .Pp .Dl "bsdlabel -w da0s1" .Pp Restore the on-disk and in-core label for .Pa da0s1 from information in .Pa savedlabel : .Pp .Dl "bsdlabel -R da0s1 savedlabel" .Pp Display what the label would be for .Pa da0s1 using the partition layout in .Pa label_layout . This is useful for determining how much space would be allotted for various partitions with a labeling scheme using .Cm % Ns -based or .Cm * partition sizes: .Pp .Dl "bsdlabel -R -n da0s1 label_layout" .Pp Install a new bootstrap on .Pa da0s1 . The boot code comes from .Pa /boot/boot : .Pp .Dl "bsdlabel -B da0s1" .Pp Install a new label and bootstrap. The bootstrap code comes from the file .Pa newboot in the current working directory: .Pp .Dl "bsdlabel -w -B -b newboot /dev/da0s1" .Pp Completely wipe any prior information on the disk, creating a new bootable disk with a .Tn DOS partition table containing one slice, covering the whole disk. Initialize the label on this slice, then edit it. The .Xr dd 1 commands are optional, but may be necessary for some .Tn BIOS Ns es to properly recognize the disk: .Bd -literal -offset indent dd if=/dev/zero of=/dev/da0 bs=512 count=32 gpart create -s MBR da0 gpart add -t freebsd da0 gpart set -a active -i 1 da0 gpart bootcode -b /boot/mbr da0 dd if=/dev/zero of=/dev/da0s1 bs=512 count=32 bsdlabel -w -B da0s1 bsdlabel -e da0s1 .Ed .Pp This is an example disk label that uses some of the new partition size types such as .Cm % , M , G , and .Cm * , which could be used as a source file for .Dq Li "bsdlabel -R ada0s1 new_label_file" : .Bd -literal -offset 4n # /dev/ada0s1: 8 partitions: # size offset fstype [fsize bsize bps/cpg] a: 400M 16 4.2BSD 4096 16384 75 # (Cyl. 0 - 812*) b: 1G * swap c: * * unused e: 204800 * 4.2BSD f: 5g * 4.2BSD g: * * 4.2BSD .Ed .Sh DIAGNOSTICS The kernel device drivers will not allow the size of a disk partition to be decreased or the offset of a partition to be changed while it is open. .Sh COMPATIBILITY Due to the use of an .Vt uint32_t to store the number of sectors, .Bx labels are restricted to a maximum of 2^32-1 sectors. This usually means 2TB of disk space. Larger disks should be partitioned using another method such as .Xr gpart 8 . .Pp The various .Bx Ns s all use slightly different versions of .Bx labels and are not generally compatible. .Sh SEE ALSO .Xr ccd 4 , .Xr geom 4 , .Xr md 4 , .Xr disktab 5 , .Xr boot0cfg 8 , .Xr gpart 8 , .Xr newfs 8 .Sh HISTORY The .Nm disklabel utility appeared in .Bx 4.3 Tahoe . diff --git a/sbin/bsdlabel/bsdlabel.c b/sbin/bsdlabel/bsdlabel.c index 766def59ffe9..bc0dec3bc399 100644 --- a/sbin/bsdlabel/bsdlabel.c +++ b/sbin/bsdlabel/bsdlabel.c @@ -1,1532 +1,1528 @@ /*- * SPDX-License-Identifier: BSD-4-Clause * * Copyright (c) 1994, 1995 Gordon W. Ross * Copyright (c) 1994 Theo de Raadt * All rights reserved. * Copyright (c) 1987, 1993 * The Regents of the University of California. All rights reserved. * * This code is derived from software contributed to Berkeley by * Symmetric Computer Systems. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. All advertising materials mentioning features or use of this software * must display the following acknowledgement: * This product includes software developed by the University of * California, Berkeley and its contributors. * This product includes software developed by Theo de Raadt. * 4. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * * from: $NetBSD: disksubr.c,v 1.13 2000/12/17 22:39:18 pk $ */ #if 0 #ifndef lint static const char copyright[] = "@(#) Copyright (c) 1987, 1993\n\ The Regents of the University of California. All rights reserved.\n"; #endif /* not lint */ -#ifndef lint -static char sccsid[] = "@(#)disklabel.c 8.2 (Berkeley) 1/7/94"; -/* from static char sccsid[] = "@(#)disklabel.c 1.2 (Symmetric) 11/28/85"; */ -#endif /* not lint */ #endif #include #include #include #include #include #include #include #define DKTYPENAMES #define FSTYPENAMES #define MAXPARTITIONS 20 #include #include #include #include #include #include #include #include #include #include #include #include "pathnames.h" static void makelabel(const char *, struct disklabel *); static int geom_class_available(const char *); static int writelabel(void); static int readlabel(int flag); static void display(FILE *, const struct disklabel *); static int edit(void); static int editit(void); static void fixlabel(struct disklabel *); static char *skip(char *); static char *word(char *); static int getasciilabel(FILE *, struct disklabel *); static int getasciipartspec(char *, struct disklabel *, int, int); static int checklabel(struct disklabel *); static void usage(void); static struct disklabel *getvirginlabel(void); #define DEFEDITOR _PATH_VI #define DEFPARTITIONS 8 static char *specname; static char *pname; static char tmpfil[] = PATH_TMPFILE; static struct disklabel lab; static u_char bootarea[BBSIZE]; static off_t mediasize; static ssize_t secsize; static char blank[] = ""; static char unknown[] = "unknown"; #define MAX_PART ('z') #define MAX_NUM_PARTS (1 + MAX_PART - 'a') static char part_size_type[MAX_NUM_PARTS]; static char part_offset_type[MAX_NUM_PARTS]; static int part_set[MAX_NUM_PARTS]; static int installboot; /* non-zero if we should install a boot program */ static int allfields; /* present all fields in edit */ static char const *xxboot; /* primary boot */ static uint32_t lba_offset; #ifndef LABELSECTOR #define LABELSECTOR -1 #endif #ifndef LABELOFFSET #define LABELOFFSET -1 #endif static int labelsoffset = LABELSECTOR; static int labeloffset = LABELOFFSET; static int bbsize = BBSIZE; static enum { UNSPEC, EDIT, READ, RESTORE, WRITE, WRITEBOOT } op = UNSPEC; static int disable_write; /* set to disable writing to disk label */ static int is_file; /* work on a file (abs. pathname), "-f" opt. */ int main(int argc, char *argv[]) { FILE *t; int ch, error, fd; const char *name; error = 0; name = NULL; while ((ch = getopt(argc, argv, "ABb:efm:nRrw")) != -1) switch (ch) { case 'A': allfields = 1; break; case 'B': ++installboot; break; case 'b': xxboot = optarg; break; case 'f': is_file=1; break; case 'm': if (!strcmp(optarg, "i386") || !strcmp(optarg, "amd64")) { labelsoffset = 1; labeloffset = 0; bbsize = 8192; } else { errx(1, "Unsupported architecture"); } break; case 'n': disable_write = 1; break; case 'R': if (op != UNSPEC) usage(); op = RESTORE; break; case 'e': if (op != UNSPEC) usage(); op = EDIT; break; case 'r': /* * We accept and ignore -r for compatibility with * historical disklabel usage. */ break; case 'w': if (op != UNSPEC) usage(); op = WRITE; break; case '?': default: usage(); } argc -= optind; argv += optind; if (argc < 1) usage(); if (labelsoffset < 0 || labeloffset < 0) errx(1, "a -m option must be specified"); /* Figure out the names of the thing we're working on */ if (is_file) { specname = argv[0]; } else { specname = g_device_path(argv[0]); if (specname == NULL) { warn("unable to get correct path for %s", argv[0]); return(1); } fd = open(specname, O_RDONLY); if (fd < 0) { warn("error opening %s", specname); return(1); } pname = g_providername(fd); if (pname == NULL) { warn("error getting providername for %s", specname); close(fd); return(1); } close(fd); } if (installboot && op == UNSPEC) op = WRITEBOOT; else if (op == UNSPEC) op = READ; switch(op) { case UNSPEC: break; case EDIT: if (argc != 1) usage(); readlabel(1); fixlabel(&lab); error = edit(); break; case READ: if (argc != 1) usage(); readlabel(1); display(stdout, NULL); error = checklabel(NULL); break; case RESTORE: if (argc != 2) usage(); if (!(t = fopen(argv[1], "r"))) err(4, "fopen %s", argv[1]); readlabel(0); if (!getasciilabel(t, &lab)) exit(1); error = writelabel(); break; case WRITE: if (argc == 2) name = argv[1]; else if (argc == 1) name = "auto"; else usage(); readlabel(0); makelabel(name, &lab); fixlabel(&lab); if (checklabel(NULL) == 0) error = writelabel(); break; case WRITEBOOT: readlabel(1); fixlabel(&lab); if (argc == 2) makelabel(argv[1], &lab); if (checklabel(NULL) == 0) error = writelabel(); break; } exit(error); } static void fixlabel(struct disklabel *lp) { struct partition *dp; int i; for (i = 0; i < lp->d_npartitions; i++) { if (i == RAW_PART) continue; if (lp->d_partitions[i].p_size) return; } dp = &lp->d_partitions[0]; dp->p_offset = BBSIZE / secsize; dp->p_size = lp->d_secperunit - dp->p_offset; } /* * Construct a prototype disklabel from /etc/disktab. */ static void makelabel(const char *type, struct disklabel *lp) { struct disklabel *dp; if (strcmp(type, "auto") == 0) dp = getvirginlabel(); else dp = getdiskbyname(type); if (dp == NULL) errx(1, "%s: unknown disk type", type); *lp = *dp; bzero(lp->d_packname, sizeof(lp->d_packname)); } static void readboot(void) { int fd; struct stat st; if (xxboot == NULL) xxboot = "/boot/boot"; fd = open(xxboot, O_RDONLY); if (fd < 0) err(1, "cannot open %s", xxboot); fstat(fd, &st); if (st.st_size <= BBSIZE) { if (read(fd, bootarea, st.st_size) != st.st_size) err(1, "read error %s", xxboot); close(fd); return; } errx(1, "boot code %s is wrong size", xxboot); } static int geom_class_available(const char *name) { struct gclass *class; struct gmesh mesh; int error; error = geom_gettree(&mesh); if (error != 0) errc(1, error, "Cannot get GEOM tree"); LIST_FOREACH(class, &mesh.lg_class, lg_class) { if (strcmp(class->lg_name, name) == 0) { geom_deletetree(&mesh); return (1); } } geom_deletetree(&mesh); return (0); } static int writelabel(void) { int i, fd, serrno; struct disklabel *lp = &lab; if (disable_write) { warnx("write to disk label suppressed - label was as follows:"); display(stdout, NULL); return (0); } lp->d_magic = DISKMAGIC; lp->d_magic2 = DISKMAGIC; lp->d_checksum = 0; lp->d_checksum = dkcksum(lp); if (installboot) readboot(); for (i = 0; i < lab.d_npartitions; i++) if (lab.d_partitions[i].p_size) lab.d_partitions[i].p_offset += lba_offset; bsd_disklabel_le_enc(bootarea + labeloffset + labelsoffset * lab.d_secsize, lp); fd = open(specname, O_RDWR); if (fd < 0) { if (is_file) { warn("cannot open file %s for writing label", specname); return(1); } else serrno = errno; if (geom_class_available("PART") != 0) { /* * Since we weren't able open provider for * writing, then recommend user to use gpart(8). */ warnc(serrno, "cannot open provider %s for writing label", specname); warnx("Try to use gpart(8)."); return (1); } warnc(serrno, "%s", specname); return (1); } else { if (write(fd, bootarea, bbsize) != bbsize) { warn("write %s", specname); close (fd); return (1); } close (fd); } return (0); } static void get_file_parms(int f) { int i; struct stat sb; if (fstat(f, &sb) != 0) err(4, "fstat failed"); i = sb.st_mode & S_IFMT; if (i != S_IFREG && i != S_IFLNK) errx(4, "%s is not a valid file or link", specname); secsize = DEV_BSIZE; mediasize = sb.st_size; } /* * Fetch disklabel for disk. */ static int readlabel(int flag) { ssize_t nbytes; uint32_t lba; int f, i; int error; f = open(specname, O_RDONLY); if (f < 0) err(1, "%s", specname); if (is_file) get_file_parms(f); else { mediasize = g_mediasize(f); secsize = g_sectorsize(f); if (secsize < 0 || mediasize < 0) err(4, "cannot get disk geometry"); } if (mediasize > (off_t)0xffffffff * secsize) errx(1, "disks with more than 2^32-1 sectors are not supported"); (void)lseek(f, (off_t)0, SEEK_SET); nbytes = read(f, bootarea, BBSIZE); if (nbytes == -1) err(4, "%s read", specname); if (nbytes != BBSIZE) errx(4, "couldn't read %d bytes from %s", BBSIZE, specname); close (f); error = bsd_disklabel_le_dec( bootarea + (labeloffset + labelsoffset * secsize), &lab, MAXPARTITIONS); if (flag && error) errx(1, "%s: no valid label found", specname); if (is_file) return(0); /* * Compensate for absolute block addressing by finding the * smallest partition offset and if the offset of the 'c' * partition is equal to that, subtract it from all offsets. */ lba = ~0; for (i = 0; i < lab.d_npartitions; i++) { if (lab.d_partitions[i].p_size) lba = MIN(lba, lab.d_partitions[i].p_offset); } if (lba != 0 && lab.d_partitions[RAW_PART].p_offset == lba) { for (i = 0; i < lab.d_npartitions; i++) { if (lab.d_partitions[i].p_size) lab.d_partitions[i].p_offset -= lba; } /* * Save the offset so that we can write the label * back with absolute block addresses. */ lba_offset = lba; } return (error); } static void display(FILE *f, const struct disklabel *lp) { int i, j; const struct partition *pp; if (lp == NULL) lp = &lab; fprintf(f, "# %s:\n", specname); if (allfields) { if (lp->d_type < DKMAXTYPES) fprintf(f, "type: %s\n", dktypenames[lp->d_type]); else fprintf(f, "type: %u\n", lp->d_type); fprintf(f, "disk: %.*s\n", (int)sizeof(lp->d_typename), lp->d_typename); fprintf(f, "label: %.*s\n", (int)sizeof(lp->d_packname), lp->d_packname); fprintf(f, "flags:"); if (lp->d_flags & D_REMOVABLE) fprintf(f, " removeable"); if (lp->d_flags & D_ECC) fprintf(f, " ecc"); if (lp->d_flags & D_BADSECT) fprintf(f, " badsect"); fprintf(f, "\n"); fprintf(f, "bytes/sector: %lu\n", (u_long)lp->d_secsize); fprintf(f, "sectors/track: %lu\n", (u_long)lp->d_nsectors); fprintf(f, "tracks/cylinder: %lu\n", (u_long)lp->d_ntracks); fprintf(f, "sectors/cylinder: %lu\n", (u_long)lp->d_secpercyl); fprintf(f, "cylinders: %lu\n", (u_long)lp->d_ncylinders); fprintf(f, "sectors/unit: %lu\n", (u_long)lp->d_secperunit); fprintf(f, "rpm: %u\n", lp->d_rpm); fprintf(f, "interleave: %u\n", lp->d_interleave); fprintf(f, "trackskew: %u\n", lp->d_trackskew); fprintf(f, "cylinderskew: %u\n", lp->d_cylskew); fprintf(f, "headswitch: %lu\t\t# milliseconds\n", (u_long)lp->d_headswitch); fprintf(f, "track-to-track seek: %ld\t# milliseconds\n", (u_long)lp->d_trkseek); fprintf(f, "drivedata: "); for (i = NDDATA - 1; i >= 0; i--) if (lp->d_drivedata[i]) break; if (i < 0) i = 0; for (j = 0; j <= i; j++) fprintf(f, "%lu ", (u_long)lp->d_drivedata[j]); fprintf(f, "\n\n"); } fprintf(f, "%u partitions:\n", lp->d_npartitions); fprintf(f, "# size offset fstype [fsize bsize bps/cpg]\n"); pp = lp->d_partitions; for (i = 0; i < lp->d_npartitions; i++, pp++) { if (pp->p_size) { fprintf(f, " %c: %10lu %10lu ", 'a' + i, (u_long)pp->p_size, (u_long)pp->p_offset); if (pp->p_fstype < FSMAXTYPES) fprintf(f, "%8.8s", fstypenames[pp->p_fstype]); else fprintf(f, "%8d", pp->p_fstype); switch (pp->p_fstype) { case FS_UNUSED: /* XXX */ fprintf(f, " %5lu %5lu %2s", (u_long)pp->p_fsize, (u_long)(pp->p_fsize * pp->p_frag), ""); break; case FS_BSDFFS: fprintf(f, " %5lu %5lu %5u", (u_long)pp->p_fsize, (u_long)(pp->p_fsize * pp->p_frag), pp->p_cpg); break; case FS_BSDLFS: fprintf(f, " %5lu %5lu %5d", (u_long)pp->p_fsize, (u_long)(pp->p_fsize * pp->p_frag), pp->p_cpg); break; default: fprintf(f, "%20.20s", ""); break; } if (i == RAW_PART) { fprintf(f, " # \"raw\" part, don't edit"); } fprintf(f, "\n"); } } fflush(f); } static int edit(void) { int c, fd; struct disklabel label; FILE *fp; if ((fd = mkstemp(tmpfil)) == -1 || (fp = fdopen(fd, "w")) == NULL) { warnx("can't create %s", tmpfil); return (1); } display(fp, NULL); fclose(fp); for (;;) { if (!editit()) break; fp = fopen(tmpfil, "r"); if (fp == NULL) { warnx("can't reopen %s for reading", tmpfil); break; } bzero((char *)&label, sizeof(label)); c = getasciilabel(fp, &label); fclose(fp); if (c) { lab = label; if (writelabel() == 0) { (void) unlink(tmpfil); return (0); } } printf("re-edit the label? [y]: "); fflush(stdout); c = getchar(); if (c != EOF && c != (int)'\n') while (getchar() != (int)'\n') ; if (c == (int)'n') break; } (void) unlink(tmpfil); return (1); } static int editit(void) { int pid, xpid; int locstat, omask; const char *ed; uid_t uid; gid_t gid; omask = sigblock(sigmask(SIGINT)|sigmask(SIGQUIT)|sigmask(SIGHUP)); while ((pid = fork()) < 0) { if (errno == EPROCLIM) { warnx("you have too many processes"); return(0); } if (errno != EAGAIN) { warn("fork"); return(0); } sleep(1); } if (pid == 0) { sigsetmask(omask); gid = getgid(); if (setresgid(gid, gid, gid) == -1) err(1, "setresgid"); uid = getuid(); if (setresuid(uid, uid, uid) == -1) err(1, "setresuid"); if ((ed = getenv("EDITOR")) == (char *)0) ed = DEFEDITOR; execlp(ed, ed, tmpfil, (char *)0); err(1, "%s", ed); } while ((xpid = wait(&locstat)) >= 0) if (xpid == pid) break; sigsetmask(omask); return(!locstat); } static char * skip(char *cp) { while (*cp != '\0' && isspace(*cp)) cp++; if (*cp == '\0' || *cp == '#') return (NULL); return (cp); } static char * word(char *cp) { char c; while (*cp != '\0' && !isspace(*cp) && *cp != '#') cp++; if ((c = *cp) != '\0') { *cp++ = '\0'; if (c != '#') return (skip(cp)); } return (NULL); } /* * Read an ascii label in from fd f, * in the same format as that put out by display(), * and fill in lp. */ static int getasciilabel(FILE *f, struct disklabel *lp) { char *cp, *endp; const char **cpp; u_int part; char *tp, line[BUFSIZ]; u_long v; int lineno = 0, errors = 0; int i; makelabel("auto", lp); bzero(&part_set, sizeof(part_set)); bzero(&part_size_type, sizeof(part_size_type)); bzero(&part_offset_type, sizeof(part_offset_type)); lp->d_bbsize = BBSIZE; /* XXX */ lp->d_sbsize = 0; /* XXX */ while (fgets(line, sizeof(line) - 1, f)) { lineno++; if ((cp = strchr(line,'\n')) != NULL) *cp = '\0'; cp = skip(line); if (cp == NULL) continue; tp = strchr(cp, ':'); if (tp == NULL) { fprintf(stderr, "line %d: syntax error\n", lineno); errors++; continue; } *tp++ = '\0', tp = skip(tp); if (!strcmp(cp, "type")) { if (tp == NULL) tp = unknown; cpp = dktypenames; for (; cpp < &dktypenames[DKMAXTYPES]; cpp++) if (*cpp && !strcmp(*cpp, tp)) { lp->d_type = cpp - dktypenames; break; } if (cpp < &dktypenames[DKMAXTYPES]) continue; errno = 0; v = strtoul(tp, &endp, 10); if (errno != 0 || *endp != '\0') v = DKMAXTYPES; if (v >= DKMAXTYPES) fprintf(stderr, "line %d:%s %lu\n", lineno, "Warning, unknown disk type", v); else lp->d_type = v; continue; } if (!strcmp(cp, "flags")) { for (v = 0; (cp = tp) && *cp != '\0';) { tp = word(cp); if (!strcmp(cp, "removeable")) v |= D_REMOVABLE; else if (!strcmp(cp, "ecc")) v |= D_ECC; else if (!strcmp(cp, "badsect")) v |= D_BADSECT; else { fprintf(stderr, "line %d: %s: bad flag\n", lineno, cp); errors++; } } lp->d_flags = v; continue; } if (!strcmp(cp, "drivedata")) { for (i = 0; (cp = tp) && *cp != '\0' && i < NDDATA;) { lp->d_drivedata[i++] = strtoul(cp, NULL, 10); tp = word(cp); } continue; } if (sscanf(cp, "%lu partitions", &v) == 1) { if (v > MAXPARTITIONS) { fprintf(stderr, "line %d: bad # of partitions\n", lineno); lp->d_npartitions = MAXPARTITIONS; errors++; } else if (v < DEFPARTITIONS) { fprintf(stderr, "line %d: bad # of partitions\n", lineno); lp->d_npartitions = DEFPARTITIONS; errors++; } else lp->d_npartitions = v; continue; } if (tp == NULL) tp = blank; if (!strcmp(cp, "disk")) { strncpy(lp->d_typename, tp, sizeof (lp->d_typename)); continue; } if (!strcmp(cp, "label")) { strncpy(lp->d_packname, tp, sizeof (lp->d_packname)); continue; } if (!strcmp(cp, "bytes/sector")) { v = strtoul(tp, NULL, 10); if (v == 0 || (v % DEV_BSIZE) != 0) { fprintf(stderr, "line %d: %s: bad sector size\n", lineno, tp); errors++; } else lp->d_secsize = v; continue; } if (!strcmp(cp, "sectors/track")) { v = strtoul(tp, NULL, 10); #if (ULONG_MAX != 0xffffffffUL) if (v == 0 || v > 0xffffffff) #else if (v == 0) #endif { fprintf(stderr, "line %d: %s: bad %s\n", lineno, tp, cp); errors++; } else lp->d_nsectors = v; continue; } if (!strcmp(cp, "sectors/cylinder")) { v = strtoul(tp, NULL, 10); if (v == 0) { fprintf(stderr, "line %d: %s: bad %s\n", lineno, tp, cp); errors++; } else lp->d_secpercyl = v; continue; } if (!strcmp(cp, "tracks/cylinder")) { v = strtoul(tp, NULL, 10); if (v == 0) { fprintf(stderr, "line %d: %s: bad %s\n", lineno, tp, cp); errors++; } else lp->d_ntracks = v; continue; } if (!strcmp(cp, "cylinders")) { v = strtoul(tp, NULL, 10); if (v == 0) { fprintf(stderr, "line %d: %s: bad %s\n", lineno, tp, cp); errors++; } else lp->d_ncylinders = v; continue; } if (!strcmp(cp, "sectors/unit")) { v = strtoul(tp, NULL, 10); if (v == 0) { fprintf(stderr, "line %d: %s: bad %s\n", lineno, tp, cp); errors++; } else lp->d_secperunit = v; continue; } if (!strcmp(cp, "rpm")) { v = strtoul(tp, NULL, 10); if (v == 0 || v > USHRT_MAX) { fprintf(stderr, "line %d: %s: bad %s\n", lineno, tp, cp); errors++; } else lp->d_rpm = v; continue; } if (!strcmp(cp, "interleave")) { v = strtoul(tp, NULL, 10); if (v == 0 || v > USHRT_MAX) { fprintf(stderr, "line %d: %s: bad %s\n", lineno, tp, cp); errors++; } else lp->d_interleave = v; continue; } if (!strcmp(cp, "trackskew")) { v = strtoul(tp, NULL, 10); if (v > USHRT_MAX) { fprintf(stderr, "line %d: %s: bad %s\n", lineno, tp, cp); errors++; } else lp->d_trackskew = v; continue; } if (!strcmp(cp, "cylinderskew")) { v = strtoul(tp, NULL, 10); if (v > USHRT_MAX) { fprintf(stderr, "line %d: %s: bad %s\n", lineno, tp, cp); errors++; } else lp->d_cylskew = v; continue; } if (!strcmp(cp, "headswitch")) { v = strtoul(tp, NULL, 10); lp->d_headswitch = v; continue; } if (!strcmp(cp, "track-to-track seek")) { v = strtoul(tp, NULL, 10); lp->d_trkseek = v; continue; } /* the ':' was removed above */ if (*cp < 'a' || *cp > MAX_PART || cp[1] != '\0') { fprintf(stderr, "line %d: %s: Unknown disklabel field\n", lineno, cp); errors++; continue; } /* Process a partition specification line. */ part = *cp - 'a'; if (part >= lp->d_npartitions) { fprintf(stderr, "line %d: partition name out of range a-%c: %s\n", lineno, 'a' + lp->d_npartitions - 1, cp); errors++; continue; } part_set[part] = 1; if (getasciipartspec(tp, lp, part, lineno) != 0) { errors++; break; } } errors += checklabel(lp); return (errors == 0); } #define NXTNUM(n) do { \ if (tp == NULL) { \ fprintf(stderr, "line %d: too few numeric fields\n", lineno); \ return (1); \ } else { \ cp = tp, tp = word(cp); \ (n) = strtoul(cp, NULL, 10); \ } \ } while (0) /* retain 1 character following number */ #define NXTWORD(w,n) do { \ if (tp == NULL) { \ fprintf(stderr, "line %d: too few numeric fields\n", lineno); \ return (1); \ } else { \ char *tmp; \ cp = tp, tp = word(cp); \ (n) = strtoul(cp, &tmp, 10); \ if (tmp) (w) = *tmp; \ } \ } while (0) /* * Read a partition line into partition `part' in the specified disklabel. * Return 0 on success, 1 on failure. */ static int getasciipartspec(char *tp, struct disklabel *lp, int part, int lineno) { struct partition *pp; char *cp, *endp; const char **cpp; u_long v; pp = &lp->d_partitions[part]; cp = NULL; v = 0; NXTWORD(part_size_type[part],v); if (v == 0 && part_size_type[part] != '*') { fprintf(stderr, "line %d: %s: bad partition size\n", lineno, cp); return (1); } pp->p_size = v; v = 0; NXTWORD(part_offset_type[part],v); if (v == 0 && part_offset_type[part] != '*' && part_offset_type[part] != '\0') { fprintf(stderr, "line %d: %s: bad partition offset\n", lineno, cp); return (1); } pp->p_offset = v; if (tp == NULL) { fprintf(stderr, "line %d: missing file system type\n", lineno); return (1); } cp = tp, tp = word(cp); for (cpp = fstypenames; cpp < &fstypenames[FSMAXTYPES]; cpp++) if (*cpp && !strcmp(*cpp, cp)) break; if (*cpp != NULL) { pp->p_fstype = cpp - fstypenames; } else { if (isdigit(*cp)) { errno = 0; v = strtoul(cp, &endp, 10); if (errno != 0 || *endp != '\0') v = FSMAXTYPES; } else v = FSMAXTYPES; if (v >= FSMAXTYPES) { fprintf(stderr, "line %d: Warning, unknown file system type %s\n", lineno, cp); v = FS_UNUSED; } pp->p_fstype = v; } switch (pp->p_fstype) { case FS_UNUSED: case FS_BSDFFS: case FS_BSDLFS: /* accept defaults for fsize/frag/cpg */ if (tp) { NXTNUM(pp->p_fsize); if (pp->p_fsize == 0) break; NXTNUM(v); pp->p_frag = v / pp->p_fsize; if (tp != NULL) NXTNUM(pp->p_cpg); } /* else default to 0's */ break; default: break; } return (0); } /* * Check disklabel for errors and fill in * derived fields according to supplied values. */ static int checklabel(struct disklabel *lp) { struct partition *pp; int i, errors = 0; char part; u_long base_offset, needed, total_percent, current_offset; long free_space; int seen_default_offset; int hog_part; int j; struct partition *pp2; if (lp == NULL) lp = &lab; if (allfields) { if (lp->d_secsize == 0) { fprintf(stderr, "sector size 0\n"); return (1); } if (lp->d_nsectors == 0) { fprintf(stderr, "sectors/track 0\n"); return (1); } if (lp->d_ntracks == 0) { fprintf(stderr, "tracks/cylinder 0\n"); return (1); } if (lp->d_ncylinders == 0) { fprintf(stderr, "cylinders/unit 0\n"); errors++; } if (lp->d_rpm == 0) warnx("revolutions/minute 0"); if (lp->d_secpercyl == 0) lp->d_secpercyl = lp->d_nsectors * lp->d_ntracks; if (lp->d_secperunit == 0) lp->d_secperunit = lp->d_secpercyl * lp->d_ncylinders; if (lp->d_bbsize == 0) { fprintf(stderr, "boot block size 0\n"); errors++; } else if (lp->d_bbsize % lp->d_secsize) warnx("boot block size %% sector-size != 0"); if (lp->d_npartitions > MAXPARTITIONS) { warnx("number of partitions (%lu) > MAXPARTITIONS (%d)", (u_long)lp->d_npartitions, MAXPARTITIONS); errors++; } if (lp->d_npartitions < DEFPARTITIONS) { warnx("number of partitions (%lu) < DEFPARTITIONS (%d)", (u_long)lp->d_npartitions, DEFPARTITIONS); errors++; } } else { struct disklabel *vl; vl = getvirginlabel(); if (lp->d_secsize == 0) lp->d_secsize = vl->d_secsize; if (lp->d_nsectors == 0) lp->d_nsectors = vl->d_nsectors; if (lp->d_ntracks == 0) lp->d_ntracks = vl->d_ntracks; if (lp->d_ncylinders == 0) lp->d_ncylinders = vl->d_ncylinders; if (lp->d_rpm == 0) lp->d_rpm = vl->d_rpm; if (lp->d_interleave == 0) lp->d_interleave = vl->d_interleave; if (lp->d_secpercyl == 0) lp->d_secpercyl = vl->d_secpercyl; if (lp->d_secperunit == 0 || lp->d_secperunit > vl->d_secperunit) lp->d_secperunit = vl->d_secperunit; if (lp->d_bbsize == 0) lp->d_bbsize = vl->d_bbsize; if (lp->d_npartitions < DEFPARTITIONS || lp->d_npartitions > MAXPARTITIONS) lp->d_npartitions = vl->d_npartitions; } /* first allocate space to the partitions, then offsets */ total_percent = 0; /* in percent */ hog_part = -1; /* find all fixed partitions */ for (i = 0; i < lp->d_npartitions; i++) { pp = &lp->d_partitions[i]; if (part_set[i]) { if (part_size_type[i] == '*') { if (i == RAW_PART) { pp->p_size = lp->d_secperunit; } else { if (hog_part != -1) warnx("Too many '*' partitions (%c and %c)", hog_part + 'a',i + 'a'); else hog_part = i; } } else { off_t size; size = pp->p_size; switch (part_size_type[i]) { case '%': total_percent += size; break; case 't': case 'T': size *= 1024ULL; /* FALLTHROUGH */ case 'g': case 'G': size *= 1024ULL; /* FALLTHROUGH */ case 'm': case 'M': size *= 1024ULL; /* FALLTHROUGH */ case 'k': case 'K': size *= 1024ULL; break; case '\0': break; default: warnx("unknown multiplier suffix '%c' for partition %c (should be K, M, G or T)", part_size_type[i], i + 'a'); break; } /* don't count %'s yet */ if (part_size_type[i] != '%') { /* * for all not in sectors, convert to * sectors */ if (part_size_type[i] != '\0') { if (size % lp->d_secsize != 0) warnx("partition %c not an integer number of sectors", i + 'a'); size /= lp->d_secsize; pp->p_size = size; } } } } } /* Find out the total free space, excluding the boot block area. */ base_offset = BBSIZE / secsize; free_space = 0; for (i = 0; i < lp->d_npartitions; i++) { pp = &lp->d_partitions[i]; if (!part_set[i] || i == RAW_PART || part_size_type[i] == '%' || part_size_type[i] == '*') continue; if (pp->p_offset > base_offset) free_space += pp->p_offset - base_offset; if (pp->p_offset + pp->p_size > base_offset) base_offset = pp->p_offset + pp->p_size; } if (base_offset < lp->d_secperunit) free_space += lp->d_secperunit - base_offset; /* handle % partitions - note %'s don't need to add up to 100! */ if (total_percent != 0) { if (total_percent > 100) { fprintf(stderr,"total percentage %lu is greater than 100\n", total_percent); errors++; } if (free_space > 0) { for (i = 0; i < lp->d_npartitions; i++) { pp = &lp->d_partitions[i]; if (part_set[i] && part_size_type[i] == '%') { /* careful of overflows! and integer roundoff */ pp->p_size = ((double)pp->p_size/100) * free_space; /* FIX we can lose a sector or so due to roundoff per partition. A more complex algorithm could avoid that */ } } } else { fprintf(stderr, "%ld sectors available to give to '*' and '%%' partitions\n", free_space); errors++; /* fix? set all % partitions to size 0? */ } } /* give anything remaining to the hog partition */ if (hog_part != -1) { /* * Find the range of offsets usable by '*' partitions around * the hog partition and how much space they need. */ needed = 0; base_offset = BBSIZE / secsize; for (i = hog_part - 1; i >= 0; i--) { pp = &lp->d_partitions[i]; if (!part_set[i] || i == RAW_PART) continue; if (part_offset_type[i] == '*') { needed += pp->p_size; continue; } base_offset = pp->p_offset + pp->p_size; break; } current_offset = lp->d_secperunit; for (i = lp->d_npartitions - 1; i > hog_part; i--) { pp = &lp->d_partitions[i]; if (!part_set[i] || i == RAW_PART) continue; if (part_offset_type[i] == '*') { needed += pp->p_size; continue; } current_offset = pp->p_offset; } if (current_offset - base_offset <= needed) { fprintf(stderr, "Cannot find space for partition %c\n", hog_part + 'a'); fprintf(stderr, "Need more than %lu sectors between %lu and %lu\n", needed, base_offset, current_offset); errors++; lp->d_partitions[hog_part].p_size = 0; } else { lp->d_partitions[hog_part].p_size = current_offset - base_offset - needed; } } /* Now set the offsets for each partition */ current_offset = BBSIZE / secsize; /* in sectors */ seen_default_offset = 0; for (i = 0; i < lp->d_npartitions; i++) { part = 'a' + i; pp = &lp->d_partitions[i]; if (part_set[i]) { if (part_offset_type[i] == '*') { if (i == RAW_PART) { pp->p_offset = 0; } else { pp->p_offset = current_offset; seen_default_offset = 1; } } else { /* allow them to be out of order for old-style tables */ if (pp->p_offset < current_offset && seen_default_offset && i != RAW_PART && pp->p_fstype != FS_VINUM) { fprintf(stderr, "Offset %ld for partition %c overlaps previous partition which ends at %lu\n", (long)pp->p_offset,i+'a',current_offset); fprintf(stderr, "Labels with any *'s for offset must be in ascending order by sector\n"); errors++; } else if (pp->p_offset != current_offset && i != RAW_PART && seen_default_offset) { /* * this may give unneeded warnings if * partitions are out-of-order */ warnx( "Offset %ld for partition %c doesn't match expected value %ld", (long)pp->p_offset, i + 'a', current_offset); } } if (i != RAW_PART) current_offset = pp->p_offset + pp->p_size; } } for (i = 0; i < lp->d_npartitions; i++) { part = 'a' + i; pp = &lp->d_partitions[i]; if (pp->p_size == 0 && pp->p_offset != 0) warnx("partition %c: size 0, but offset %lu", part, (u_long)pp->p_offset); #ifdef notdef if (pp->p_size % lp->d_secpercyl) warnx("partition %c: size %% cylinder-size != 0", part); if (pp->p_offset % lp->d_secpercyl) warnx("partition %c: offset %% cylinder-size != 0", part); #endif if (pp->p_offset > lp->d_secperunit) { fprintf(stderr, "partition %c: offset past end of unit\n", part); errors++; } if (pp->p_offset + pp->p_size > lp->d_secperunit) { fprintf(stderr, "partition %c: partition extends past end of unit\n", part); errors++; } if (i == RAW_PART) { if (pp->p_fstype != FS_UNUSED) warnx("partition %c is not marked as unused!",part); if (pp->p_offset != 0) warnx("partition %c doesn't start at 0!",part); if (pp->p_size != lp->d_secperunit) warnx("partition %c doesn't cover the whole unit!",part); if ((pp->p_fstype != FS_UNUSED) || (pp->p_offset != 0) || (pp->p_size != lp->d_secperunit)) { warnx("An incorrect partition %c may cause problems for " "standard system utilities",part); } } /* check for overlaps */ /* this will check for all possible overlaps once and only once */ for (j = 0; j < i; j++) { pp2 = &lp->d_partitions[j]; if (j != RAW_PART && i != RAW_PART && pp->p_fstype != FS_VINUM && pp2->p_fstype != FS_VINUM && part_set[i] && part_set[j]) { if (pp2->p_offset < pp->p_offset + pp->p_size && (pp2->p_offset + pp2->p_size > pp->p_offset || pp2->p_offset >= pp->p_offset)) { fprintf(stderr,"partitions %c and %c overlap!\n", j + 'a', i + 'a'); errors++; } } } } for (; i < lp->d_npartitions; i++) { part = 'a' + i; pp = &lp->d_partitions[i]; if (pp->p_size || pp->p_offset) warnx("unused partition %c: size %d offset %lu", 'a' + i, pp->p_size, (u_long)pp->p_offset); } return (errors); } /* * When operating on a "virgin" disk, try getting an initial label * from the associated device driver. This might work for all device * drivers that are able to fetch some initial device parameters * without even having access to a (BSD) disklabel, like SCSI disks, * most IDE drives, or vn devices. * * The device name must be given in its "canonical" form. */ static struct disklabel * getvirginlabel(void) { static struct disklabel loclab; struct partition *dp; int f; u_int u; if ((f = open(specname, O_RDONLY)) == -1) { warn("cannot open %s", specname); return (NULL); } if (is_file) get_file_parms(f); else { mediasize = g_mediasize(f); secsize = g_sectorsize(f); if (secsize < 0 || mediasize < 0) { close (f); return (NULL); } } memset(&loclab, 0, sizeof loclab); loclab.d_magic = DISKMAGIC; loclab.d_magic2 = DISKMAGIC; loclab.d_secsize = secsize; loclab.d_secperunit = mediasize / secsize; /* * Nobody in these enlightened days uses the CHS geometry for * anything, but nonetheless try to get it right. If we fail * to get any good ideas from the device, construct something * which is IBM-PC friendly. */ if (ioctl(f, DIOCGFWSECTORS, &u) == 0) loclab.d_nsectors = u; else loclab.d_nsectors = 63; if (ioctl(f, DIOCGFWHEADS, &u) == 0) loclab.d_ntracks = u; else if (loclab.d_secperunit <= 63*1*1024) loclab.d_ntracks = 1; else if (loclab.d_secperunit <= 63*16*1024) loclab.d_ntracks = 16; else loclab.d_ntracks = 255; loclab.d_secpercyl = loclab.d_ntracks * loclab.d_nsectors; loclab.d_ncylinders = loclab.d_secperunit / loclab.d_secpercyl; loclab.d_npartitions = DEFPARTITIONS; /* Various (unneeded) compat stuff */ loclab.d_rpm = 3600; loclab.d_bbsize = BBSIZE; loclab.d_interleave = 1; strncpy(loclab.d_typename, "amnesiac", sizeof(loclab.d_typename)); dp = &loclab.d_partitions[RAW_PART]; dp->p_size = loclab.d_secperunit; loclab.d_checksum = dkcksum(&loclab); close (f); return (&loclab); } static void usage(void) { fprintf(stderr, "%s\n%s\n%s\n%s\n%s\n%s\n%s\n%s\n%s\n%s\n%s\n%s\n%s\n%s\n", "usage: bsdlabel disk", "\t\t(to read label)", " bsdlabel -w [-n] [-m machine] disk [type]", "\t\t(to write label with existing boot program)", " bsdlabel -e [-n] [-m machine] disk", "\t\t(to edit label)", " bsdlabel -R [-n] [-m machine] disk protofile", "\t\t(to restore label with existing boot program)", " bsdlabel -B [-b boot] [-m machine] disk", "\t\t(to install boot program with existing on-disk label)", " bsdlabel -w -B [-n] [-b boot] [-m machine] disk [type]", "\t\t(to write label and install boot program)", " bsdlabel -R -B [-n] [-b boot] [-m machine] disk protofile", "\t\t(to restore label and install boot program)" ); exit(1); } diff --git a/sbin/bsdlabel/pathnames.h b/sbin/bsdlabel/pathnames.h index f28593e71e55..4d215eb72e33 100644 --- a/sbin/bsdlabel/pathnames.h +++ b/sbin/bsdlabel/pathnames.h @@ -1,37 +1,35 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1989, 1993 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. - * - * @(#)pathnames.h 8.1 (Berkeley) 6/5/93 */ #include #define _PATH_BOOTDIR "/boot" #define PATH_TMPFILE "/tmp/EdDk.XXXXXXXXXX" diff --git a/sbin/clri/Makefile b/sbin/clri/Makefile index 726adbf8871c..ac3eda4cd597 100644 --- a/sbin/clri/Makefile +++ b/sbin/clri/Makefile @@ -1,9 +1,8 @@ -# @(#)Makefile 8.1 (Berkeley) 6/5/93 PACKAGE=ufs PROG= clri MAN= clri.8 LIBADD= ufs WARNS?= 2 .include diff --git a/sbin/clri/clri.8 b/sbin/clri/clri.8 index f9a86fe659ec..9d1fb92e22ba 100644 --- a/sbin/clri/clri.8 +++ b/sbin/clri/clri.8 @@ -1,80 +1,78 @@ .\" Copyright (c) 1980, 1993 .\" The Regents of the University of California. All rights reserved. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: .\" 1. Redistributions of source code must retain the above copyright .\" notice, this list of conditions and the following disclaimer. .\" 2. Redistributions in binary form must reproduce the above copyright .\" notice, this list of conditions and the following disclaimer in the .\" documentation and/or other materials provided with the distribution. .\" 3. Neither the name of the University nor the names of its contributors .\" may be used to endorse or promote products derived from this software .\" without specific prior written permission. .\" .\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE .\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" @(#)clri.8 8.2 (Berkeley) 4/19/94 -.\" .Dd October 5, 2016 .Dt CLRI 8 .Os .Sh NAME .Nm clri .Nd clear an inode .Sh SYNOPSIS .Nm .Ar special_device inode_number ... .Sh DESCRIPTION .Bf -symbolic The .Nm utility is obsoleted for normal file system repair work by .Xr fsck 8 . .Ef .Pp The .Nm utility zeroes out the inodes with the specified inode number(s) on the file system residing on the given .Ar special_device . The .Xr fsck 8 utility is usually run after .Nm to reclaim the zeroed inode(s) and the blocks previously claimed by those inode(s). Both read and write permission are required on the specified .Ar special_device . .Pp The primary purpose of this routine is to remove a file which for some reason is not being properly handled by .Xr fsck 8 . Once removed, it is anticipated that .Xr fsck 8 will be able to clean up the resulting mess. .Sh SEE ALSO .Xr fsck 8 , .Xr fsdb 8 .Sh HISTORY The .Nm utility first appeared in .At v6 . .Sh BUGS If the file is open, the work of .Nm will be lost when the inode is written back to disk from the inode cache. diff --git a/sbin/clri/clri.c b/sbin/clri/clri.c index 7144490869cd..8eeafbda70af 100644 --- a/sbin/clri/clri.c +++ b/sbin/clri/clri.c @@ -1,120 +1,117 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1990, 1993 * The Regents of the University of California. All rights reserved. * * This code is derived from software contributed to Berkeley by * Rich $alz of BBN Inc. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #if 0 #ifndef lint static const char copyright[] = "@(#) Copyright (c) 1990, 1993\n\ The Regents of the University of California. All rights reserved.\n"; #endif /* not lint */ -#ifndef lint -static char sccsid[] = "@(#)clri.c 8.2 (Berkeley) 9/23/93"; -#endif /* not lint */ #endif #include #include #include #include #include #include #include #include #include #include #include #include #include static void usage(void) { (void)fprintf(stderr, "usage: clri special_device inode_number ...\n"); exit(1); } int main(int argc, char *argv[]) { union dinodep dp; struct uufsd disk; long generation; int inonum, exitval; char *fsname; if (argc < 3) usage(); /* get the superblock. */ fsname = *++argv; if (ufs_disk_fillout(&disk, fsname) == -1) { printf("loading superblock: %s\n", disk.d_error); exit (1); } /* remaining arguments are inode numbers. */ exitval = 0; while (*++argv) { /* get the inode number. */ if ((inonum = atoi(*argv)) < UFS_ROOTINO) { printf("%s is not a valid inode number", *argv); exitval = 1; continue; } (void)printf("clearing %d\n", inonum); if (getinode(&disk, &dp, inonum) == -1) { printf("getinode: %s\n", disk.d_error); exitval = 1; continue; } /* clear the inode, and bump the generation count. */ if (disk.d_fs.fs_magic == FS_UFS1_MAGIC) { generation = dp.dp1->di_gen + 1; memset(dp.dp1, 0, sizeof(*dp.dp1)); dp.dp1->di_gen = generation; } else { generation = dp.dp2->di_gen + 1; memset(dp.dp2, 0, sizeof(*dp.dp2)); dp.dp2->di_gen = generation; } putinode(&disk); (void)fsync(disk.d_fd); } (void)ufs_disk_close(&disk); exit(exitval); } diff --git a/sbin/comcontrol/Makefile b/sbin/comcontrol/Makefile index 2ddb60218039..809f1060d183 100644 --- a/sbin/comcontrol/Makefile +++ b/sbin/comcontrol/Makefile @@ -1,7 +1,6 @@ -# @(#)Makefile 5.4 (Berkeley) 6/5/91 PACKAGE=runtime PROG= comcontrol MAN= comcontrol.8 .include diff --git a/sbin/dmesg/Makefile b/sbin/dmesg/Makefile index 4214988b7c71..d1863f2b448c 100644 --- a/sbin/dmesg/Makefile +++ b/sbin/dmesg/Makefile @@ -1,9 +1,8 @@ -# @(#)Makefile 8.1 (Berkeley) 6/5/93 PACKAGE=runtime PROG= dmesg MAN= dmesg.8 LIBADD= kvm .include diff --git a/sbin/dmesg/dmesg.8 b/sbin/dmesg/dmesg.8 index cbd7d66f9e98..2ef3be8b6610 100644 --- a/sbin/dmesg/dmesg.8 +++ b/sbin/dmesg/dmesg.8 @@ -1,103 +1,101 @@ .\" Copyright (c) 1980, 1991, 1993 .\" The Regents of the University of California. All rights reserved. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: .\" 1. Redistributions of source code must retain the above copyright .\" notice, this list of conditions and the following disclaimer. .\" 2. Redistributions in binary form must reproduce the above copyright .\" notice, this list of conditions and the following disclaimer in the .\" documentation and/or other materials provided with the distribution. .\" 3. Neither the name of the University nor the names of its contributors .\" may be used to endorse or promote products derived from this software .\" without specific prior written permission. .\" .\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE .\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" @(#)dmesg.8 8.1 (Berkeley) 6/5/93 -.\" .Dd May 7, 2022 .Dt DMESG 8 .Os .Sh NAME .Nm dmesg .Nd "display the system message buffer" .Sh SYNOPSIS .Nm .Op Fl ac .Op Fl M Ar core Op Fl N Ar system .Sh DESCRIPTION The .Nm utility displays the contents of the system message buffer. If the .Fl M option is not specified, the buffer is read from the currently running kernel via the .Xr sysctl 3 interface. Otherwise, the buffer is read from the specified core file, using the name list from the specified kernel image (or from the default image). .Pp The options are as follows: .Bl -tag -width indent .It Fl a Show all data in the message buffer. This includes any syslog records and .Pa /dev/console output. .It Fl c Clear the kernel buffer after printing. .It Fl M Extract values associated with the name list from the specified core. .It Fl N If .Fl M is also specified, extract the name list from the specified system instead of the default, which is the kernel image the system has booted from. .El .Sh SYSCTL VARIABLES The following .Xr sysctl 8 variables control how the kernel timestamps entries in the message buffer: The default value is shown next to each variable. .Bl -tag -width indent .It kern.msgbuf_show_timestamp : No 0 If set to 0, no timetamps are added. If set to 1, then a 1-second granularity timestamp will be added to most lines in the message buffer. If set to 2, then a microsecond granularity timestamp will be added. This may also be set as a boot .Xr loader 8 tunable. The timestamps are placed at the start of most lines that the kernel generates. Some multi-line messages will have only the first line tagged with a timestamp. .El .Sh FILES .Bl -tag -width ".Pa /var/run/dmesg.boot" -compact .It Pa /var/run/dmesg.boot usually a snapshot of the buffer contents taken soon after file systems are mounted at startup time .El .Sh SEE ALSO .Xr sysctl 3 , .Xr syslogd 8 .Sh HISTORY The .Nm utility appeared in .Bx 3 . diff --git a/sbin/dmesg/dmesg.c b/sbin/dmesg/dmesg.c index 9b744aee7d2e..4e243d2f51cd 100644 --- a/sbin/dmesg/dmesg.c +++ b/sbin/dmesg/dmesg.c @@ -1,213 +1,210 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1991, 1993 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #if 0 #ifndef lint static const char copyright[] = "@(#) Copyright (c) 1991, 1993\n\ The Regents of the University of California. All rights reserved.\n"; #endif /* not lint */ -#ifndef lint -static const char sccsid[] = "@(#)dmesg.c 8.1 (Berkeley) 6/5/93"; -#endif /* not lint */ #endif #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include static struct nlist nl[] = { #define X_MSGBUF 0 { "_msgbufp", 0, 0, 0, 0 }, { NULL, 0, 0, 0, 0 }, }; void usage(void) __dead2; #define KREAD(addr, var) \ kvm_read(kd, addr, &var, sizeof(var)) != sizeof(var) int main(int argc, char *argv[]) { struct msgbuf *bufp, cur; char *bp, *ep, *memf, *nextp, *nlistf, *p, *q, *visbp; kvm_t *kd; size_t buflen, bufpos; long pri; int ch, clear; bool all; all = false; clear = false; (void) setlocale(LC_CTYPE, ""); memf = nlistf = NULL; while ((ch = getopt(argc, argv, "acM:N:")) != -1) switch(ch) { case 'a': all = true; break; case 'c': clear = true; break; case 'M': memf = optarg; break; case 'N': nlistf = optarg; break; case '?': default: usage(); } argc -= optind; if (argc != 0) usage(); if (memf == NULL) { /* * Running kernel. Use sysctl. This gives an unwrapped buffer * as a side effect. Remove nulterm (if present) so the value * returned by sysctl is formatted as the rest of the code * expects (the same as the value read from a core file below). */ if (sysctlbyname("kern.msgbuf", NULL, &buflen, NULL, 0) == -1) err(1, "sysctl kern.msgbuf"); /* Allocate extra room for growth between the sysctl calls. */ buflen += buflen/8; /* Allocate more than sysctl sees, for room to append \n\0. */ if ((bp = malloc(buflen + 2)) == NULL) errx(1, "malloc failed"); if (sysctlbyname("kern.msgbuf", bp, &buflen, NULL, 0) == -1) err(1, "sysctl kern.msgbuf"); if (buflen > 0 && bp[buflen - 1] == '\0') buflen--; if (clear) if (sysctlbyname("kern.msgbuf_clear", NULL, NULL, &clear, sizeof(int))) err(1, "sysctl kern.msgbuf_clear"); } else { /* Read in kernel message buffer and do sanity checks. */ kd = kvm_open(nlistf, memf, NULL, O_RDONLY, "dmesg"); if (kd == NULL) exit (1); if (kvm_nlist(kd, nl) == -1) errx(1, "kvm_nlist: %s", kvm_geterr(kd)); if (nl[X_MSGBUF].n_type == 0) errx(1, "%s: msgbufp not found", nlistf ? nlistf : "namelist"); if (KREAD(nl[X_MSGBUF].n_value, bufp) || KREAD((long)bufp, cur)) errx(1, "kvm_read: %s", kvm_geterr(kd)); if (cur.msg_magic != MSG_MAGIC) errx(1, "kernel message buffer has different magic " "number"); if ((bp = malloc(cur.msg_size + 2)) == NULL) errx(1, "malloc failed"); /* Unwrap the circular buffer to start from the oldest data. */ bufpos = MSGBUF_SEQ_TO_POS(&cur, cur.msg_wseq); if (kvm_read(kd, (long)&cur.msg_ptr[bufpos], bp, cur.msg_size - bufpos) != (ssize_t)(cur.msg_size - bufpos)) errx(1, "kvm_read: %s", kvm_geterr(kd)); if (bufpos != 0 && kvm_read(kd, (long)cur.msg_ptr, &bp[cur.msg_size - bufpos], bufpos) != (ssize_t)bufpos) errx(1, "kvm_read: %s", kvm_geterr(kd)); kvm_close(kd); buflen = cur.msg_size; } /* * Ensure that the buffer ends with a newline and a \0 to avoid * complications below. We left space above. */ if (buflen == 0 || bp[buflen - 1] != '\n') bp[buflen++] = '\n'; bp[buflen] = '\0'; if ((visbp = malloc(4 * buflen + 1)) == NULL) errx(1, "malloc failed"); /* * The message buffer is circular, but has been unwrapped so that * the oldest data comes first. The data will be preceded by \0's * if the message buffer was not full. */ p = bp; ep = &bp[buflen]; if (*p == '\0') { /* Strip leading \0's */ while (*p == '\0') p++; } for (; p < ep; p = nextp) { nextp = memchr(p, '\n', ep - p); nextp++; /* Skip ^<[0-9]+> syslog sequences. */ if (*p == '<' && isdigit(*(p+1))) { errno = 0; pri = strtol(p + 1, &q, 10); if (*q == '>' && pri >= 0 && pri < INT_MAX && errno == 0) { if (LOG_FAC(pri) != LOG_KERN && !all) continue; p = q + 1; } } (void)strvisx(visbp, p, nextp - p, 0); (void)printf("%s", visbp); } exit(0); } void usage(void) { fprintf(stderr, "usage: dmesg [-ac] [-M core [-N system]]\n"); exit(1); } diff --git a/sbin/dump/Makefile b/sbin/dump/Makefile index 5cb5b9f27a47..d982e5bc033e 100644 --- a/sbin/dump/Makefile +++ b/sbin/dump/Makefile @@ -1,29 +1,28 @@ -# @(#)Makefile 8.1 (Berkeley) 6/5/93 # dump.h header file # itime.c reads /etc/dumpdates # main.c driver # optr.c operator interface # dumprmt.c handles remote tape via rmt(8) # tape.c handles the mag tape and opening/closing # traverse.c traverses the file system # unctime.c undo ctime # # DEBUG use local directory to find ddate and dumpdates # TDEBUG trace out the process forking PACKAGE=ufs PROG= dump CONFS= /dev/null CONFSGRP= operator CONFSMODE= 664 CONFSNAME_/dev/null= dumpdates LINKS= ${BINDIR}/dump ${BINDIR}/rdump CFLAGS+=-DRDUMP SRCS= itime.c main.c optr.c dumprmt.c tape.c traverse.c unctime.c cache.c MAN= dump.8 LIBADD= ufs MLINKS= dump.8 rdump.8 WARNS?= 2 .include diff --git a/sbin/dump/dump.8 b/sbin/dump/dump.8 index 00cfef444c9b..08b3c2e574d7 100644 --- a/sbin/dump/dump.8 +++ b/sbin/dump/dump.8 @@ -1,581 +1,579 @@ .\" Copyright (c) 1980, 1991, 1993 .\" Regents of the University of California. .\" All rights reserved. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: .\" 1. Redistributions of source code must retain the above copyright .\" notice, this list of conditions and the following disclaimer. .\" 2. Redistributions in binary form must reproduce the above copyright .\" notice, this list of conditions and the following disclaimer in the .\" documentation and/or other materials provided with the distribution. .\" 3. Neither the name of the University nor the names of its contributors .\" may be used to endorse or promote products derived from this software .\" without specific prior written permission. .\" .\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE .\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" @(#)dump.8 8.3 (Berkeley) 5/1/95 -.\" .Dd December 28, 2020 .Dt DUMP 8 .Os .Sh NAME .Nm dump , .Nm rdump .Nd file system backup .Sh SYNOPSIS .Nm .Op Fl 0123456789acLnrRSu .Op Fl B Ar records .Op Fl b Ar blocksize .Op Fl C Ar cachesize .Op Fl D Ar dumpdates .Op Fl d Ar density .Op Fl f Ar file | Fl P Ar pipecommand .Op Fl h Ar level .Op Fl s Ar feet .Op Fl T Ar date .Ar filesystem .Nm .Fl W | Fl w .Sh DESCRIPTION The .Nm utility examines files on a file system and determines which files need to be backed up. These files are copied to the given disk, tape or other storage medium for safe keeping (see the .Fl f option below for doing remote backups). A dump that is larger than the output medium is broken into multiple volumes. On most media the size is determined by writing until an end-of-media indication is returned. This can be enforced by using the .Fl a option. .Pp On media that cannot reliably return an end-of-media indication (such as some cartridge tape drives) each volume is of a fixed size; the actual size is determined by the tape size and density and/or .Fl B options. By default, the same output file name is used for each volume after prompting the operator to change media. .Pp The file system to be dumped is specified by the argument .Ar filesystem as either its device-special file or its mount point (if that is in a standard entry in .Pa /etc/fstab ) . .Pp .Nm may also be invoked as .Nm rdump . The .Bx 4.3 option syntax is implemented for backward compatibility, but is not documented here. .Pp The following options are supported by .Nm : .Bl -tag -width Ds .It Fl 0-9 Dump levels. A level 0, full backup, guarantees the entire file system is copied (but see also the .Fl h option below). A level number above 0, incremental backup, tells dump to copy all files new or modified since the last dump of any lower level. The default level is 0. .It Fl a .Dq auto-size . Bypass all tape length considerations, and enforce writing until an end-of-media indication is returned. This fits best for most modern tape drives. Use of this option is particularly recommended when appending to an existing tape, or using a tape drive with hardware compression (where you can never be sure about the compression ratio). .It Fl B Ar records The number of kilobytes per output volume, except that if it is not an integer multiple of the output block size, the command uses the next smaller such multiple. This option overrides the calculation of tape size based on length and density. .It Fl b Ar blocksize The number of kilobytes per output block. The default block size is 10. .It Fl C Ar cachesize Specify the cache size in megabytes. This will greatly improve performance at the cost of .Nm possibly not noticing changes in the file system between passes unless a snapshot is being used. The potential for performance improvement indicates that use of this option together with snapshots is the recommended course of action. Beware that .Nm forks, and the actual memory use may be larger than the specified cache size. The recommended cache size is between 8 and 32 (megabytes). .It Fl c Change the defaults for use with a cartridge tape drive, with a density of 8000 bpi, and a length of 1700 feet. .It Fl D Ar dumpdates Specify an alternate path to the .Pa dumpdates file. The default is .Pa /etc/dumpdates . .It Fl d Ar density Set tape density to .Ar density . The default is 1600BPI. .It Fl f Ar file Write the backup to .Ar file ; .Ar file may be a special device file like .Pa /dev/sa0 (a tape drive), .Pa /dev/fd1 (a floppy disk drive), an ordinary file, or .Sq Fl (the standard output). Multiple file names may be given as a single argument separated by commas. Each file will be used for one dump volume in the order listed; if the dump requires more volumes than the number of names given, the last file name will used for all remaining volumes after prompting for media changes. If the name of the file is of the form .Dq host:file , or .Dq user@host:file , .Nm writes to the named file on the remote host using .Xr rmt 8 . The default path name of the remote .Xr rmt 8 program is .\" rmt path, is the path on the remote host .Pa /etc/rmt ; this can be overridden by the environment variable .Ev RMT . .It Fl P Ar pipecommand Use .Xr popen 3 to execute the .Xr sh 1 script string defined by .Ar pipecommand for the output device of each volume. This child pipeline's .Dv stdin .Pq Pa /dev/fd/0 is redirected from the .Nm output stream, and the environment variable .Ev DUMP_VOLUME is set to the current volume number being written. After every volume, the writer side of the pipe is closed and .Ar pipecommand is executed again. Subject to the media size specified by .Fl B , each volume is written in this manner as if the output were a tape drive. .It Fl h Ar level Honor the user .Dq nodump flag .Pq Dv UF_NODUMP only for dumps at or above the given .Ar level . The default honor level is 1, so that incremental backups omit such files but full backups retain them. .It Fl L This option is to notify .Nm that it is dumping a live file system. To obtain a consistent dump image, .Nm takes a snapshot of the file system in the .Pa .snap directory in the root of the file system being dumped and then does a dump of the snapshot. The snapshot is unlinked as soon as the dump starts, and is thus removed when the dump is complete. This option is ignored for unmounted or read-only file systems. If the .Pa .snap directory does not exist in the root of the file system being dumped, a warning will be issued and the .Nm will revert to the standard behavior. This problem can be corrected by creating a .Pa .snap directory in the root of the file system to be dumped; its owner should be .Dq Li root , its group should be .Dq Li operator , and its mode should be .Dq Li 0770 . .It Fl n Whenever .Nm requires operator attention, notify all operators in the group .Dq operator by means similar to a .Xr wall 1 . .It Fl r Be rsync-friendly. Normally dump stores the date of the current and prior dump in numerous places throughout the dump. These scattered changes significantly slow down rsync or another incremental file transfer program when they are used to update a remote copy of a level 0 dump, since the date changes for each dump. This option sets both dates to the epoch, permitting rsync to be much more efficient when transferring a dump file. The .Fl r option can be used only to create level 0 dumps. A dump using the .Fl r option cannot be used as the basis for a later incremental dump. .It Fl R Be even more rsync-friendly. This option disables the storage of the actual inode access time (storing it instead as the inode's modified time). This option permits rsync to be even more efficient when transferring dumps generated from filesystems with numerous files which are not changing other than their access times. The .Fl R option also sets .Fl r . The .Fl R option can be used only to create level 0 dumps. A dump using the .Fl R option cannot be used as the basis for a later incremental dump. .It Fl S Display an estimate of the backup size and the number of tapes required, and exit without actually performing the dump. .It Fl s Ar feet Attempt to calculate the amount of tape needed at a particular density. If this amount is exceeded, .Nm prompts for a new tape. It is recommended to be a bit conservative on this option. The default tape length is 2300 feet. .It Fl T Ar date Use the specified date as the starting time for the dump instead of the time determined from looking in the .Pa dumpdates file. The format of date is the same as that of .Xr ctime 3 . This option is useful for automated dump scripts that wish to dump over a specific period of time. The .Fl T option is mutually exclusive from the .Fl u option. .It Fl u Update the .Pa dumpdates file after a successful dump. The format of the .Pa dumpdates file is readable by people, consisting of one free format record per line: file system name, increment level and .Xr ctime 3 format dump date. There may be only one entry per file system at each level. The .Pa dumpdates file may be edited to change any of the fields, if necessary. The default path for the .Pa dumpdates file is .Pa /etc/dumpdates , but the .Fl D option may be used to change it. .It Fl W Tell the operator what file systems need to be dumped. This information is gleaned from the files .Pa dumpdates and .Pa /etc/fstab . The .Fl W option causes .Nm to print out, for each file system in the .Pa dumpdates file the most recent dump date and level, and highlights those file systems that should be dumped. If the .Fl W option is set, all other options are ignored, and .Nm exits immediately. .It Fl w Is like .Fl W , but prints only those file systems which need to be dumped. .El .Pp Directories and regular files which have their .Dq nodump flag .Pq Dv UF_NODUMP set will be omitted along with everything under such directories, subject to the .Fl h option. .Pp The .Nm utility requires operator intervention on these conditions: end of tape, end of dump, tape write error, tape open error or disk read error (if there are more than a threshold of 32). In addition to alerting all operators implied by the .Fl n key, .Nm interacts with the operator on .Em dump's control terminal at times when .Nm can no longer proceed, or if something is grossly wrong. All questions .Nm poses .Em must be answered by typing .Dq yes or .Dq no , appropriately. .Pp Since making a dump involves a lot of time and effort for full dumps, .Nm checkpoints itself at the start of each tape volume. If writing that volume fails for some reason, .Nm will, with operator permission, restart itself from the checkpoint after the old tape has been rewound and removed, and a new tape has been mounted. .Pp The .Nm utility tells the operator what is going on at periodic intervals (every 5 minutes, or promptly after receiving .Dv SIGINFO ) , including usually low estimates of the number of blocks to write, the number of tapes it will take, the time to completion, and the time to the tape change. The output is verbose, so that others know that the terminal controlling .Nm is busy, and will be for some time. .Pp In the event of a catastrophic disk event, the time required to restore all the necessary backup tapes or files to disk can be kept to a minimum by staggering the incremental dumps. An efficient method of staggering incremental dumps to minimize the number of tapes follows: .Bl -bullet -offset indent .It Always start with a level 0 backup, for example: .Bd -literal -offset indent /sbin/dump -0u -f /dev/nsa0 /usr/src .Ed .Pp This should be done at set intervals, say once a month or once every two months, and on a set of fresh tapes that is saved forever. .It After a level 0, dumps of active file systems (file systems with files that change, depending on your partition layout some file systems may contain only data that does not change) are taken on a daily basis, using a modified Tower of Hanoi algorithm, with this sequence of dump levels: .Bd -literal -offset indent 3 2 5 4 7 6 9 8 9 9 ... .Ed .Pp For the daily dumps, it should be possible to use a fixed number of tapes for each day, used on a weekly basis. Each week, a level 1 dump is taken, and the daily Hanoi sequence repeats beginning with 3. For weekly dumps, another fixed set of tapes per dumped file system is used, also on a cyclical basis. .El .Pp After several months or so, the daily and weekly tapes should get rotated out of the dump cycle and fresh tapes brought in. .Sh ENVIRONMENT .Bl -tag -width ".Ev TAPE" .It Ev TAPE The .Ar file or device to dump to if the .Fl f option is not used. .It Ev RMT Pathname of the remote .Xr rmt 8 program. .It Ev RSH Pathname of a remote shell program, if not .Xr rsh 1 . .El .Sh FILES .Bl -tag -width /etc/dumpdates -compact .It Pa /dev/sa0 default tape unit to dump to .It Pa /etc/dumpdates dump date records (this can be changed; see the .Fl D option) .It Pa /etc/fstab dump table: file systems and frequency .It Pa /etc/group to find group .Em operator .El .Sh EXIT STATUS Dump exits with zero status on success. Startup errors are indicated with an exit code of 1; abnormal termination is indicated with an exit code of 3. .Sh EXAMPLES Dumps the .Pa /u file system to DVDs using .Nm growisofs . Uses a 16MB cache, creates a snapshot of the dump, and records the .Pa dumpdates file. .Bd -literal /sbin/dump -0u -L -C16 -B4589840 -P 'growisofs -Z /dev/cd0=/dev/fd/0' /u .Ed .Sh DIAGNOSTICS Many, and verbose. .Sh SEE ALSO .Xr chflags 1 , .Xr fstab 5 , .Xr restore 8 , .Xr rmt 8 .Sh HISTORY A .Nm utility appeared in .At v4 . .Sh BUGS Fewer than 32 read errors on the file system are ignored, though all errors will generate a warning message. This is a bit of a compromise. In practice, it is possible to generate read errors when doing dumps on mounted partitions if the file system is being modified while the .Nm is running. Since dumps are often done in an unattended fashion using .Xr cron 8 jobs asking for Operator intervention would result in the .Nm dying. However, there is nothing wrong with a dump tape written when this sort of read error occurs, and there is no reason to terminate the .Nm . .Pp Each reel requires a new process, so parent processes for reels already written just hang around until the entire tape is written. .Pp The .Nm utility with the .Fl W or .Fl w options does not report file systems that have never been recorded in the .Pa dumpdates file, even if listed in .Pa /etc/fstab . .Pp It would be nice if .Nm knew about the dump sequence, kept track of the tapes scribbled on, told the operator which tape to mount when, and provided more assistance for the operator running .Xr restore 8 . .Pp The .Nm utility cannot do remote backups without being run as root, due to its security history. This will be fixed in a later version of .Fx . Presently, it works if you set it setuid (like it used to be), but this might constitute a security risk. diff --git a/sbin/dump/dump.h b/sbin/dump/dump.h index bd133fc4c68e..9429704a1800 100644 --- a/sbin/dump/dump.h +++ b/sbin/dump/dump.h @@ -1,182 +1,180 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1980, 1993 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. - * - * @(#)dump.h 8.2 (Berkeley) 4/28/95 */ /* * Dump maps used to describe what is to be dumped. */ extern int mapsize; /* size of the state maps */ extern char *usedinomap; /* map of allocated inodes */ extern char *dumpdirmap; /* map of directories to be dumped */ extern char *dumpinomap; /* map of files to be dumped */ /* * Map manipulation macros. */ #define SETINO(ino, map) \ map[(u_int)((ino) - 1) / CHAR_BIT] |= \ 1 << ((u_int)((ino) - 1) % CHAR_BIT) #define CLRINO(ino, map) \ map[(u_int)((ino) - 1) / CHAR_BIT] &= \ ~(1 << ((u_int)((ino) - 1) % CHAR_BIT)) #define TSTINO(ino, map) \ (map[(u_int)((ino) - 1) / CHAR_BIT] & \ (1 << ((u_int)((ino) - 1) % CHAR_BIT))) /* * All calculations done in 0.1" units! */ extern char *disk; /* name of the disk file */ extern char *tape; /* name of the tape file */ extern char *popenout; /* popen(3) per-"tape" command */ extern char *dumpdates; /* name of the file containing dump date info */ extern int lastlevel; /* dump level of previous dump */ extern int level; /* dump level of this dump */ extern int uflag; /* update flag */ extern int diskfd; /* disk file descriptor */ extern int pipeout; /* true => output to standard output */ extern ino_t curino; /* current inumber; used globally */ extern int newtape; /* new tape flag */ extern int density; /* density in 0.1" units */ extern long tapesize; /* estimated tape size, blocks */ extern long tsize; /* tape size in 0.1" units */ extern int etapes; /* estimated number of tapes */ extern int nonodump; /* if set, do not honor UF_NODUMP user flags */ extern int unlimited; /* if set, write to end of medium */ extern int cachesize; /* size of block cache in bytes */ extern int rsync_friendly; /* be friendly with rsync */ extern int notify; /* notify operator flag */ extern int blockswritten; /* number of blocks written on current tape */ extern int tapeno; /* current tape number */ extern int ntrec; /* blocking factor on tape */ extern long blocksperfile; /* number of blocks per output file */ extern int cartridge; /* assume non-cartridge tape */ extern char *host; /* remote host (if any) */ extern time_t tstart_writing; /* when started writing the first tape block */ extern time_t tend_writing; /* after writing the last tape block */ extern int passno; /* current dump pass number */ extern struct fs *sblock; /* the file system super block */ extern long dev_bsize; /* block size of underlying disk device */ extern int dev_bshift; /* log2(dev_bsize) */ extern int tp_bshift; /* log2(TP_BSIZE) */ /* operator interface functions */ void broadcast(const char *message); void infosch(int); void lastdump(int arg); /* int should be char */ void msg(const char *fmt, ...) __printflike(1, 2); void msgtail(const char *fmt, ...) __printflike(1, 2); int query(const char *question); void quit(const char *fmt, ...) __printflike(1, 2); void timeest(void); time_t unctime(char *str); /* mapping rouintes */ union dinode; int mapfiles(ino_t maxino, long *tapesize); int mapdirs(ino_t maxino, long *tapesize); /* file dumping routines */ void blkread(ufs2_daddr_t blkno, char *buf, int size); ssize_t cread(int fd, void *buf, size_t nbytes, off_t offset); void dumpino(union dinode *dp, ino_t ino); void dumpmap(char *map, int type, ino_t ino); void writeheader(ino_t ino); /* tape writing routines */ int alloctape(void); void close_rewind(void); void dumpblock(ufs2_daddr_t blkno, int size); void startnewtape(int top); void trewind(void); void writerec(char *dp, int isspcl); void Exit(int status) __dead2; void dumpabort(int signo) __dead2; void dump_getfstab(void); char *rawname(char *cp); union dinode *getino(ino_t inum, int *mode); /* rdump routines */ #ifdef RDUMP void rmtclose(void); int rmthost(const char *host); int rmtopen(const char *tape, int mode); int rmtwrite(const char *buf, int count); #endif /* RDUMP */ void interrupt(int signo); /* in case operator bangs on console */ /* * Exit status codes */ #define X_FINOK 0 /* normal exit */ #define X_STARTUP 1 /* startup error */ #define X_REWRITE 2 /* restart writing from the check point */ #define X_ABORT 3 /* abort dump; don't attempt checkpointing */ #define OPGRENT "operator" /* group entry to notify */ struct fstab *fstabsearch(const char *key); /* search fs_file and fs_spec */ #ifndef NAME_MAX #define NAME_MAX 255 #endif /* * The contents of the file _PATH_DUMPDATES is maintained both on * a linked list, and then (eventually) arrayified. */ struct dumpdates { char dd_name[NAME_MAX+3]; int dd_level; time_t dd_ddate; }; extern int nddates; /* number of records (might be zero) */ extern struct dumpdates **ddatev; /* the arrayfied version */ void initdumptimes(void); void getdumptime(void); void putdumptime(void); #define ITITERATE(i, ddp) \ if (ddatev != NULL) \ for (ddp = ddatev[i = 0]; i < nddates; ddp = ddatev[++i]) #define DUMPFMTLEN 53 /* max device pathname length */ #define DUMPOUTFMT "%-*s %d %s" /* for printf */ /* name, level, ctime(date) */ #define DUMPINFMT "%s %d %[^\n]\n" /* inverse for scanf */ void sig(int signo); #ifndef _PATH_FSTAB #define _PATH_FSTAB "/etc/fstab" #endif diff --git a/sbin/dump/dumprmt.c b/sbin/dump/dumprmt.c index a8b2d9c221da..ef75be6f2a1f 100644 --- a/sbin/dump/dumprmt.c +++ b/sbin/dump/dumprmt.c @@ -1,374 +1,371 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1980, 1993 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #ifndef lint -#if 0 -static char sccsid[] = "@(#)dumprmt.c 8.3 (Berkeley) 4/28/95"; -#endif #endif /* not lint */ #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include "pathnames.h" #include "dump.h" #define TS_CLOSED 0 #define TS_OPEN 1 static int rmtstate = TS_CLOSED; static int rmtape; static char *rmtpeer; static int okname(const char *); static int rmtcall(const char *, const char *); static void rmtconnaborted(int); static int rmtgetb(void); static void rmtgetconn(void); static void rmtgets(char *, int); static int rmtreply(const char *); static int errfd = -1; int rmthost(const char *host) { rmtpeer = strdup(host); if (rmtpeer == NULL) return (0); signal(SIGPIPE, rmtconnaborted); rmtgetconn(); if (rmtape < 0) return (0); return (1); } static void rmtconnaborted(int sig __unused) { msg("Lost connection to remote host.\n"); if (errfd != -1) { fd_set r; struct timeval t; FD_ZERO(&r); FD_SET(errfd, &r); t.tv_sec = 0; t.tv_usec = 0; if (select(errfd + 1, &r, NULL, NULL, &t)) { int i; char buf[2048]; if ((i = read(errfd, buf, sizeof(buf) - 1)) > 0) { buf[i] = '\0'; msg("on %s: %s%s", rmtpeer, buf, buf[i - 1] == '\n' ? "" : "\n"); } } } exit(X_ABORT); } void rmtgetconn(void) { char *cp; const char *rmt; static struct servent *sp = NULL; static struct passwd *pwd = NULL; char *tuser; int size; int throughput; int on; if (sp == NULL) { sp = getservbyname("shell", "tcp"); if (sp == NULL) { msg("shell/tcp: unknown service\n"); exit(X_STARTUP); } pwd = getpwuid(getuid()); if (pwd == NULL) { msg("who are you?\n"); exit(X_STARTUP); } } if ((cp = strchr(rmtpeer, '@')) != NULL) { tuser = rmtpeer; *cp = '\0'; if (!okname(tuser)) exit(X_STARTUP); rmtpeer = ++cp; } else tuser = pwd->pw_name; if ((rmt = getenv("RMT")) == NULL) rmt = _PATH_RMT; msg("%s", ""); rmtape = rcmd(&rmtpeer, (u_short)sp->s_port, pwd->pw_name, tuser, rmt, &errfd); if (rmtape < 0) { msg("login to %s as %s failed.\n", rmtpeer, tuser); return; } (void)fprintf(stderr, "Connection to %s established.\n", rmtpeer); size = ntrec * TP_BSIZE; if (size > 60 * 1024) /* XXX */ size = 60 * 1024; /* Leave some space for rmt request/response protocol */ size += 2 * 1024; while (size > TP_BSIZE && setsockopt(rmtape, SOL_SOCKET, SO_SNDBUF, &size, sizeof (size)) < 0) size -= TP_BSIZE; (void)setsockopt(rmtape, SOL_SOCKET, SO_RCVBUF, &size, sizeof (size)); throughput = IPTOS_THROUGHPUT; if (setsockopt(rmtape, IPPROTO_IP, IP_TOS, &throughput, sizeof(throughput)) < 0) perror("IP_TOS:IPTOS_THROUGHPUT setsockopt"); on = 1; if (setsockopt(rmtape, IPPROTO_TCP, TCP_NODELAY, &on, sizeof (on)) < 0) perror("TCP_NODELAY setsockopt"); } static int okname(const char *cp0) { const char *cp; int c; for (cp = cp0; *cp; cp++) { c = *cp; if (!isascii(c) || !(isalnum(c) || c == '_' || c == '-')) { msg("invalid user name %s\n", cp0); return (0); } } return (1); } int rmtopen(const char *tape, int mode) { char buf[256]; (void)snprintf(buf, sizeof (buf), "O%.226s\n%d\n", tape, mode); rmtstate = TS_OPEN; return (rmtcall(tape, buf)); } void rmtclose(void) { if (rmtstate != TS_OPEN) return; rmtcall("close", "C\n"); rmtstate = TS_CLOSED; } int rmtread(char *buf, int count) { char line[30]; int n, i, cc; (void)snprintf(line, sizeof (line), "R%d\n", count); n = rmtcall("read", line); if (n < 0) /* rmtcall() properly sets errno for us on errors. */ return (n); for (i = 0; i < n; i += cc) { cc = read(rmtape, buf+i, n - i); if (cc <= 0) rmtconnaborted(0); } return (n); } int rmtwrite(const char *buf, int count) { char line[30]; (void)snprintf(line, sizeof (line), "W%d\n", count); write(rmtape, line, strlen(line)); write(rmtape, buf, count); return (rmtreply("write")); } void rmtwrite0(int count) { char line[30]; (void)snprintf(line, sizeof (line), "W%d\n", count); write(rmtape, line, strlen(line)); } void rmtwrite1(const char *buf, int count) { write(rmtape, buf, count); } int rmtwrite2(void) { return (rmtreply("write")); } int rmtseek(int offset, int pos) /* XXX off_t ? */ { char line[80]; (void)snprintf(line, sizeof (line), "L%d\n%d\n", offset, pos); return (rmtcall("seek", line)); } struct mtget mts; struct mtget * rmtstatus(void) { int i; char *cp; if (rmtstate != TS_OPEN) return (NULL); rmtcall("status", "S\n"); for (i = 0, cp = (char *)&mts; i < sizeof(mts); i++) *cp++ = rmtgetb(); return (&mts); } int rmtioctl(int cmd, int count) { char buf[256]; if (count < 0) return (-1); (void)snprintf(buf, sizeof (buf), "I%d\n%d\n", cmd, count); return (rmtcall("ioctl", buf)); } static int rmtcall(const char *cmd, const char *buf) { if (write(rmtape, buf, strlen(buf)) != strlen(buf)) rmtconnaborted(0); return (rmtreply(cmd)); } static int rmtreply(const char *cmd) { char *cp; char code[30], emsg[BUFSIZ]; rmtgets(code, sizeof (code)); if (*code == 'E' || *code == 'F') { rmtgets(emsg, sizeof (emsg)); msg("%s: %s", cmd, emsg); errno = atoi(code + 1); if (*code == 'F') rmtstate = TS_CLOSED; return (-1); } if (*code != 'A') { /* Kill trailing newline */ cp = code + strlen(code); if (cp > code && *--cp == '\n') *cp = '\0'; msg("Protocol to remote tape server botched (code \"%s\").\n", code); rmtconnaborted(0); } return (atoi(code + 1)); } int rmtgetb(void) { char c; if (read(rmtape, &c, 1) != 1) rmtconnaborted(0); return (c); } /* Get a line (guaranteed to have a trailing newline). */ void rmtgets(char *line, int len) { char *cp = line; while (len > 1) { *cp = rmtgetb(); if (*cp == '\n') { cp[1] = '\0'; return; } cp++; len--; } *cp = '\0'; msg("Protocol to remote tape server botched.\n"); msg("(rmtgets got \"%s\").\n", line); rmtconnaborted(0); } diff --git a/sbin/dump/itime.c b/sbin/dump/itime.c index d9121e4df05a..adeaa044ff4f 100644 --- a/sbin/dump/itime.c +++ b/sbin/dump/itime.c @@ -1,266 +1,263 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1980, 1993 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #ifndef lint -#if 0 -static char sccsid[] = "@(#)itime.c 8.1 (Berkeley) 6/5/93"; -#endif #endif /* not lint */ #include #include #include #include #include #include #include #include #include #include #include #include #include "dump.h" struct dumptime { struct dumpdates dt_value; SLIST_ENTRY(dumptime) dt_list; }; SLIST_HEAD(dthead, dumptime) dthead = SLIST_HEAD_INITIALIZER(dthead); int nddates = 0; /* number of records (might be zero) */ struct dumpdates **ddatev; /* the arrayfied version */ char *dumpdates; /* name of the file containing dump date info */ int lastlevel; /* dump level of previous dump */ static void dumprecout(FILE *, const struct dumpdates *); static int getrecord(FILE *, struct dumpdates *); static int makedumpdate(struct dumpdates *, const char *); static void readdumptimes(FILE *); void initdumptimes(void) { FILE *df; if ((df = fopen(dumpdates, "r")) == NULL) { if (errno != ENOENT) { msg("WARNING: cannot read %s: %s\n", dumpdates, strerror(errno)); return; } /* * Dumpdates does not exist, make an empty one. */ msg("WARNING: no file `%s', making an empty one\n", dumpdates); if ((df = fopen(dumpdates, "w")) == NULL) { msg("WARNING: cannot create %s: %s\n", dumpdates, strerror(errno)); return; } (void) fclose(df); if ((df = fopen(dumpdates, "r")) == NULL) { quit("cannot read %s even after creating it: %s\n", dumpdates, strerror(errno)); /* NOTREACHED */ } } (void) flock(fileno(df), LOCK_SH); readdumptimes(df); (void) fclose(df); } static void readdumptimes(FILE *df) { int i; struct dumptime *dtwalk; for (;;) { dtwalk = (struct dumptime *)calloc(1, sizeof (struct dumptime)); if (getrecord(df, &(dtwalk->dt_value)) < 0) { free(dtwalk); break; } nddates++; SLIST_INSERT_HEAD(&dthead, dtwalk, dt_list); } /* * arrayify the list, leaving enough room for the additional * record that we may have to add to the ddate structure */ ddatev = calloc((unsigned) (nddates + 1), sizeof (struct dumpdates *)); dtwalk = SLIST_FIRST(&dthead); for (i = nddates - 1; i >= 0; i--, dtwalk = SLIST_NEXT(dtwalk, dt_list)) ddatev[i] = &dtwalk->dt_value; } void getdumptime(void) { struct dumpdates *ddp; int i; char *fname; fname = disk; #ifdef FDEBUG msg("Looking for name %s in dumpdates = %s for level = %d\n", fname, dumpdates, level); #endif spcl.c_ddate = 0; lastlevel = 0; initdumptimes(); /* * Go find the entry with the same name for a lower increment * and older date */ ITITERATE(i, ddp) { if (strncmp(fname, ddp->dd_name, sizeof (ddp->dd_name)) != 0) continue; if (ddp->dd_level >= level) continue; if (ddp->dd_ddate <= _time64_to_time(spcl.c_ddate)) continue; spcl.c_ddate = _time_to_time64(ddp->dd_ddate); lastlevel = ddp->dd_level; } } void putdumptime(void) { FILE *df; struct dumpdates *dtwalk; int i; int fd; char *fname; char *tmsg; if(uflag == 0) return; if ((df = fopen(dumpdates, "r+")) == NULL) quit("cannot rewrite %s: %s\n", dumpdates, strerror(errno)); fd = fileno(df); (void) flock(fd, LOCK_EX); fname = disk; free(ddatev); ddatev = NULL; nddates = 0; readdumptimes(df); if (fseek(df, 0L, 0) < 0) quit("fseek: %s\n", strerror(errno)); spcl.c_ddate = 0; ITITERATE(i, dtwalk) { if (strncmp(fname, dtwalk->dd_name, sizeof (dtwalk->dd_name)) != 0) continue; if (dtwalk->dd_level != level) continue; goto found; } /* * construct the new upper bound; * Enough room has been allocated. */ dtwalk = ddatev[nddates] = (struct dumpdates *)calloc(1, sizeof (struct dumpdates)); nddates += 1; found: (void) strncpy(dtwalk->dd_name, fname, sizeof (dtwalk->dd_name)); dtwalk->dd_level = level; dtwalk->dd_ddate = _time64_to_time(spcl.c_date); ITITERATE(i, dtwalk) { dumprecout(df, dtwalk); } if (fflush(df)) quit("%s: %s\n", dumpdates, strerror(errno)); if (ftruncate(fd, ftell(df))) quit("ftruncate (%s): %s\n", dumpdates, strerror(errno)); (void) fclose(df); if (spcl.c_date == 0) { tmsg = "the epoch\n"; } else { time_t t = _time64_to_time(spcl.c_date); tmsg = ctime(&t); } msg("level %d dump on %s", level, tmsg); } static void dumprecout(FILE *file, const struct dumpdates *what) { if (strlen(what->dd_name) > DUMPFMTLEN) quit("Name '%s' exceeds DUMPFMTLEN (%d) bytes\n", what->dd_name, DUMPFMTLEN); if (fprintf(file, DUMPOUTFMT, DUMPFMTLEN, what->dd_name, what->dd_level, ctime(&what->dd_ddate)) < 0) quit("%s: %s\n", dumpdates, strerror(errno)); } int recno; static int getrecord(FILE *df, struct dumpdates *ddatep) { char tbuf[BUFSIZ]; recno = 0; if ( (fgets(tbuf, sizeof (tbuf), df)) != tbuf) return(-1); recno++; if (makedumpdate(ddatep, tbuf) < 0) msg("Unknown intermediate format in %s, line %d\n", dumpdates, recno); #ifdef FDEBUG msg("getrecord: %s %d %s", ddatep->dd_name, ddatep->dd_level, ddatep->dd_ddate == 0 ? "the epoch\n" : ctime(&ddatep->dd_ddate)); #endif return(0); } static int makedumpdate(struct dumpdates *ddp, const char *tbuf) { char un_buf[128]; (void) sscanf(tbuf, DUMPINFMT, ddp->dd_name, &ddp->dd_level, un_buf); ddp->dd_ddate = unctime(un_buf); if (ddp->dd_ddate < 0) return(-1); return(0); } diff --git a/sbin/dump/main.c b/sbin/dump/main.c index a5b4eaa6f8ac..945c38e519ac 100644 --- a/sbin/dump/main.c +++ b/sbin/dump/main.c @@ -1,795 +1,792 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1980, 1991, 1993, 1994 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #ifndef lint static const char copyright[] = "@(#) Copyright (c) 1980, 1991, 1993, 1994\n\ The Regents of the University of California. All rights reserved.\n"; #endif /* not lint */ #ifndef lint -#if 0 -static char sccsid[] = "@(#)main.c 8.6 (Berkeley) 5/1/95"; -#endif #endif /* not lint */ #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include "dump.h" #include "pathnames.h" int mapsize; /* size of the state maps */ char *usedinomap; /* map of allocated inodes */ char *dumpdirmap; /* map of directories to be dumped */ char *dumpinomap; /* map of files to be dumped */ char *disk; /* name of the disk file */ char *tape; /* name of the tape file */ char *popenout; /* popen(3) per-"tape" command */ int level; /* dump level of this dump */ int uflag; /* update flag */ int diskfd; /* disk file descriptor */ int pipeout; /* true => output to standard output */ int density = 0; /* density in bytes/0.1" " <- this is for hilit19 */ long tapesize; /* estimated tape size, blocks */ long tsize; /* tape size in 0.1" units */ int etapes; /* estimated number of tapes */ int nonodump; /* if set, do not honor UF_NODUMP user flags */ int unlimited; /* if set, write to end of medium */ int cachesize = 0; /* block cache size (in bytes), defaults to 0 */ int rsync_friendly; /* be friendly with rsync */ int notify = 0; /* notify operator flag */ int blockswritten = 0; /* number of blocks written on current tape */ int tapeno = 0; /* current tape number */ int ntrec = NTREC; /* # tape blocks in each tape record */ long blocksperfile; /* number of blocks per output file */ int cartridge = 0; /* Assume non-cartridge tape */ char *host = NULL; /* remote host (if any) */ time_t tstart_writing; /* when started writing the first tape block */ time_t tend_writing; /* after writing the last tape block */ int passno; /* current dump pass number */ struct fs *sblock; /* the file system super block */ long dev_bsize = 1; /* recalculated below */ int dev_bshift; /* log2(dev_bsize) */ int tp_bshift; /* log2(TP_BSIZE) */ int snapdump = 0; /* dumping live filesystem, so use snapshot */ static char *getmntpt(char *, int *); static long numarg(const char *, long, long); static void obsolete(int *, char **[]); static void usage(void) __dead2; int main(int argc, char *argv[]) { struct stat sb; ino_t ino; int dirty; union dinode *dp; struct fstab *dt; char *map, *mntpt; int ch, mode, mntflags; int i, ret, anydirskipped, bflag = 0, Tflag = 0, honorlevel = 1; int just_estimate = 0; ino_t maxino; char *tmsg; spcl.c_date = _time_to_time64(time(NULL)); tsize = 0; /* Default later, based on 'c' option for cart tapes */ dumpdates = _PATH_DUMPDATES; popenout = NULL; tape = NULL; if (TP_BSIZE / DEV_BSIZE == 0 || TP_BSIZE % DEV_BSIZE != 0) quit("TP_BSIZE must be a multiple of DEV_BSIZE\n"); level = 0; rsync_friendly = 0; if (argc < 2) usage(); obsolete(&argc, &argv); while ((ch = getopt(argc, argv, "0123456789aB:b:C:cD:d:f:h:LnP:RrSs:T:uWw")) != -1) switch (ch) { /* dump level */ case '0': case '1': case '2': case '3': case '4': case '5': case '6': case '7': case '8': case '9': level = 10 * level + ch - '0'; break; case 'a': /* `auto-size', Write to EOM. */ unlimited = 1; break; case 'B': /* blocks per output file */ blocksperfile = numarg("number of blocks per file", 1L, 0L); break; case 'b': /* blocks per tape write */ ntrec = numarg("number of blocks per write", 1L, 1000L); break; case 'C': cachesize = numarg("cachesize", 0, 0) * 1024 * 1024; break; case 'c': /* Tape is cart. not 9-track */ cartridge = 1; break; case 'D': dumpdates = optarg; break; case 'd': /* density, in bits per inch */ density = numarg("density", 10L, 327670L) / 10; if (density >= 625 && !bflag) ntrec = HIGHDENSITYTREC; break; case 'f': /* output file */ if (popenout != NULL) errx(X_STARTUP, "You cannot use the P and f " "flags together.\n"); tape = optarg; break; case 'h': honorlevel = numarg("honor level", 0L, 10L); break; case 'L': snapdump = 1; break; case 'n': /* notify operators */ notify = 1; break; case 'P': if (tape != NULL) errx(X_STARTUP, "You cannot use the P and f " "flags together.\n"); popenout = optarg; break; case 'r': /* store slightly less data to be friendly to rsync */ if (rsync_friendly < 1) rsync_friendly = 1; break; case 'R': /* store even less data to be friendlier to rsync */ if (rsync_friendly < 2) rsync_friendly = 2; break; case 'S': /* exit after estimating # of tapes */ just_estimate = 1; break; case 's': /* tape size, feet */ tsize = numarg("tape size", 1L, 0L) * 12 * 10; break; case 'T': /* time of last dump */ spcl.c_ddate = unctime(optarg); if (spcl.c_ddate < 0) { (void)fprintf(stderr, "bad time \"%s\"\n", optarg); exit(X_STARTUP); } Tflag = 1; lastlevel = -1; break; case 'u': /* update /etc/dumpdates */ uflag = 1; break; case 'W': /* what to do */ case 'w': lastdump(ch); exit(X_FINOK); /* do nothing else */ default: usage(); } argc -= optind; argv += optind; if (argc < 1) { (void)fprintf(stderr, "Must specify disk or file system\n"); exit(X_STARTUP); } disk = *argv++; argc--; if (argc >= 1) { (void)fprintf(stderr, "Unknown arguments to dump:"); while (argc--) (void)fprintf(stderr, " %s", *argv++); (void)fprintf(stderr, "\n"); exit(X_STARTUP); } if (rsync_friendly && (level > 0)) { (void)fprintf(stderr, "%s %s\n", "rsync friendly options", "can be used only with level 0 dumps."); exit(X_STARTUP); } if (Tflag && uflag) { (void)fprintf(stderr, "You cannot use the T and u flags together.\n"); exit(X_STARTUP); } if (popenout) { tape = "child pipeline process"; } else if (tape == NULL && (tape = getenv("TAPE")) == NULL) tape = _PATH_DEFTAPE; if (strcmp(tape, "-") == 0) { pipeout++; tape = "standard output"; } if (blocksperfile) blocksperfile = rounddown(blocksperfile, ntrec); else if (!unlimited) { /* * Determine how to default tape size and density * * density tape size * 9-track 1600 bpi (160 bytes/.1") 2300 ft. * 9-track 6250 bpi (625 bytes/.1") 2300 ft. * cartridge 8000 bpi (100 bytes/.1") 1700 ft. * (450*4 - slop) * hilit19 hits again: " */ if (density == 0) density = cartridge ? 100 : 160; if (tsize == 0) tsize = cartridge ? 1700L*120L : 2300L*120L; } if (strchr(tape, ':')) { host = tape; tape = strchr(host, ':'); *tape++ = '\0'; #ifdef RDUMP if (strchr(tape, '\n')) { (void)fprintf(stderr, "invalid characters in tape\n"); exit(X_STARTUP); } if (rmthost(host) == 0) exit(X_STARTUP); #else (void)fprintf(stderr, "remote dump not enabled\n"); exit(X_STARTUP); #endif } (void)setuid(getuid()); /* rmthost() is the only reason to be setuid */ if (signal(SIGHUP, SIG_IGN) != SIG_IGN) signal(SIGHUP, sig); if (signal(SIGTRAP, SIG_IGN) != SIG_IGN) signal(SIGTRAP, sig); if (signal(SIGFPE, SIG_IGN) != SIG_IGN) signal(SIGFPE, sig); if (signal(SIGBUS, SIG_IGN) != SIG_IGN) signal(SIGBUS, sig); if (signal(SIGSEGV, SIG_IGN) != SIG_IGN) signal(SIGSEGV, sig); if (signal(SIGTERM, SIG_IGN) != SIG_IGN) signal(SIGTERM, sig); if (signal(SIGINT, interrupt) == SIG_IGN) signal(SIGINT, SIG_IGN); dump_getfstab(); /* /etc/fstab snarfed */ /* * disk can be either the full special file name, * the suffix of the special file name, * the special name missing the leading '/', * the file system name with or without the leading '/'. */ dt = fstabsearch(disk); if (dt != NULL) { disk = rawname(dt->fs_spec); if (disk == NULL) errx(X_STARTUP, "%s: unknown file system", dt->fs_spec); (void)strncpy(spcl.c_dev, dt->fs_spec, NAMELEN); (void)strncpy(spcl.c_filesys, dt->fs_file, NAMELEN); } else { (void)strncpy(spcl.c_dev, disk, NAMELEN); (void)strncpy(spcl.c_filesys, "an unlisted file system", NAMELEN); } spcl.c_dev[NAMELEN-1]='\0'; spcl.c_filesys[NAMELEN-1]='\0'; if ((mntpt = getmntpt(disk, &mntflags)) != NULL) { if (mntflags & MNT_RDONLY) { if (snapdump != 0) { msg("WARNING: %s\n", "-L ignored for read-only filesystem."); snapdump = 0; } } else if (snapdump == 0) { msg("WARNING: %s\n", "should use -L when dumping live read-write " "filesystems!"); } else { char snapname[BUFSIZ], snapcmd[BUFSIZ]; snprintf(snapname, sizeof snapname, "%s/.snap", mntpt); if ((stat(snapname, &sb) < 0) || !S_ISDIR(sb.st_mode)) { msg("WARNING: %s %s\n", "-L requested but snapshot location", snapname); msg(" %s: %s\n", "is not a directory", "dump downgraded, -L ignored"); snapdump = 0; } else { snprintf(snapname, sizeof snapname, "%s/.snap/dump_snapshot", mntpt); snprintf(snapcmd, sizeof snapcmd, "%s %s %s", _PATH_MKSNAP_FFS, mntpt, snapname); unlink(snapname); if (system(snapcmd) != 0) errx(X_STARTUP, "Cannot create %s: %s\n", snapname, strerror(errno)); if ((diskfd = open(snapname, O_RDONLY)) < 0) { unlink(snapname); errx(X_STARTUP, "Cannot open %s: %s\n", snapname, strerror(errno)); } unlink(snapname); if (fstat(diskfd, &sb) != 0) err(X_STARTUP, "%s: stat", snapname); spcl.c_date = _time_to_time64(sb.st_mtime); } } } else if (snapdump != 0) { msg("WARNING: Cannot use -L on an unmounted filesystem.\n"); snapdump = 0; } if (snapdump == 0) { if ((diskfd = open(disk, O_RDONLY)) < 0) err(X_STARTUP, "Cannot open %s", disk); if (fstat(diskfd, &sb) != 0) err(X_STARTUP, "%s: stat", disk); if (S_ISDIR(sb.st_mode)) errx(X_STARTUP, "%s: unknown file system", disk); } (void)strcpy(spcl.c_label, "none"); (void)gethostname(spcl.c_host, NAMELEN); spcl.c_level = level; spcl.c_type = TS_TAPE; if (rsync_friendly) { /* don't store real dump times */ spcl.c_date = 0; spcl.c_ddate = 0; } if (spcl.c_date == 0) { tmsg = "the epoch\n"; } else { time_t t = _time64_to_time(spcl.c_date); tmsg = ctime(&t); } msg("Date of this level %d dump: %s", level, tmsg); if (!Tflag && (!rsync_friendly)) getdumptime(); /* /etc/dumpdates snarfed */ if (spcl.c_ddate == 0) { tmsg = "the epoch\n"; } else { time_t t = _time64_to_time(spcl.c_ddate); tmsg = ctime(&t); } if (lastlevel < 0) msg("Date of last (level unknown) dump: %s", tmsg); else msg("Date of last level %d dump: %s", lastlevel, tmsg); msg("Dumping %s%s ", snapdump ? "snapshot of ": "", disk); if (dt != NULL) msgtail("(%s) ", dt->fs_file); if (host) msgtail("to %s on host %s\n", tape, host); else msgtail("to %s\n", tape); sync(); if ((ret = sbget(diskfd, &sblock, UFS_STDSB, UFS_NOCSUM)) != 0) { switch (ret) { case ENOENT: warn("Cannot find file system superblock"); return (1); default: warn("Unable to read file system superblock"); return (1); } } dev_bsize = sblock->fs_fsize / fsbtodb(sblock, 1); dev_bshift = ffs(dev_bsize) - 1; if (dev_bsize != (1 << dev_bshift)) quit("dev_bsize (%ld) is not a power of 2", dev_bsize); tp_bshift = ffs(TP_BSIZE) - 1; if (TP_BSIZE != (1 << tp_bshift)) quit("TP_BSIZE (%d) is not a power of 2", TP_BSIZE); maxino = sblock->fs_ipg * sblock->fs_ncg; mapsize = roundup(howmany(maxino, CHAR_BIT), TP_BSIZE); usedinomap = (char *)calloc((unsigned) mapsize, sizeof(char)); dumpdirmap = (char *)calloc((unsigned) mapsize, sizeof(char)); dumpinomap = (char *)calloc((unsigned) mapsize, sizeof(char)); tapesize = 3 * (howmany(mapsize * sizeof(char), TP_BSIZE) + 1); nonodump = spcl.c_level < honorlevel; passno = 1; setproctitle("%s: pass 1: regular files", disk); msg("mapping (Pass I) [regular files]\n"); anydirskipped = mapfiles(maxino, &tapesize); passno = 2; setproctitle("%s: pass 2: directories", disk); msg("mapping (Pass II) [directories]\n"); while (anydirskipped) { anydirskipped = mapdirs(maxino, &tapesize); } if (pipeout || unlimited) { tapesize += 10; /* 10 trailer blocks */ msg("estimated %ld tape blocks.\n", tapesize); } else { double fetapes; if (blocksperfile) fetapes = (double) tapesize / blocksperfile; else if (cartridge) { /* Estimate number of tapes, assuming streaming stops at the end of each block written, and not in mid-block. Assume no erroneous blocks; this can be compensated for with an artificially low tape size. */ fetapes = ( (double) tapesize /* blocks */ * TP_BSIZE /* bytes/block */ * (1.0/density) /* 0.1" / byte " */ + (double) tapesize /* blocks */ * (1.0/ntrec) /* streaming-stops per block */ * 15.48 /* 0.1" / streaming-stop " */ ) * (1.0 / tsize ); /* tape / 0.1" " */ } else { /* Estimate number of tapes, for old fashioned 9-track tape */ int tenthsperirg = (density == 625) ? 3 : 7; fetapes = ( (double) tapesize /* blocks */ * TP_BSIZE /* bytes / block */ * (1.0/density) /* 0.1" / byte " */ + (double) tapesize /* blocks */ * (1.0/ntrec) /* IRG's / block */ * tenthsperirg /* 0.1" / IRG " */ ) * (1.0 / tsize ); /* tape / 0.1" " */ } etapes = fetapes; /* truncating assignment */ etapes++; /* count the dumped inodes map on each additional tape */ tapesize += (etapes - 1) * (howmany(mapsize * sizeof(char), TP_BSIZE) + 1); tapesize += etapes + 10; /* headers + 10 trailer blks */ msg("estimated %ld tape blocks on %3.2f tape(s).\n", tapesize, fetapes); } /* * If the user only wants an estimate of the number of * tapes, exit now. */ if (just_estimate) exit(0); /* * Allocate tape buffer. */ if (!alloctape()) quit( "can't allocate tape buffers - try a smaller blocking factor.\n"); startnewtape(1); (void)time((time_t *)&(tstart_writing)); dumpmap(usedinomap, TS_CLRI, maxino - 1); passno = 3; setproctitle("%s: pass 3: directories", disk); msg("dumping (Pass III) [directories]\n"); dirty = 0; /* XXX just to get gcc to shut up */ for (map = dumpdirmap, ino = 1; ino < maxino; ino++) { if (((ino - 1) % CHAR_BIT) == 0) /* map is offset by 1 */ dirty = *map++; else dirty >>= 1; if ((dirty & 1) == 0) continue; /* * Skip directory inodes deleted and maybe reallocated */ dp = getino(ino, &mode); if (mode != IFDIR) continue; (void)dumpino(dp, ino); } passno = 4; setproctitle("%s: pass 4: regular files", disk); msg("dumping (Pass IV) [regular files]\n"); for (map = dumpinomap, ino = 1; ino < maxino; ino++) { if (((ino - 1) % CHAR_BIT) == 0) /* map is offset by 1 */ dirty = *map++; else dirty >>= 1; if ((dirty & 1) == 0) continue; /* * Skip inodes deleted and reallocated as directories. */ dp = getino(ino, &mode); if (mode == IFDIR) continue; (void)dumpino(dp, ino); } (void)time((time_t *)&(tend_writing)); spcl.c_type = TS_END; for (i = 0; i < ntrec; i++) writeheader(maxino - 1); if (pipeout) msg("DUMP: %jd tape blocks\n", (intmax_t)spcl.c_tapea); else msg("DUMP: %jd tape blocks on %d volume%s\n", (intmax_t)spcl.c_tapea, spcl.c_volume, (spcl.c_volume == 1) ? "" : "s"); /* report dump performance, avoid division through zero */ if (tend_writing - tstart_writing == 0) msg("finished in less than a second\n"); else msg("finished in %jd seconds, throughput %jd KBytes/sec\n", (intmax_t)tend_writing - tstart_writing, (intmax_t)(spcl.c_tapea / (tend_writing - tstart_writing))); putdumptime(); trewind(); broadcast("DUMP IS DONE!\a\a\n"); msg("DUMP IS DONE\n"); Exit(X_FINOK); /* NOTREACHED */ } static void usage(void) { fprintf(stderr, "usage: dump [-0123456789acLnSu] [-B records] [-b blocksize] [-C cachesize]\n" " [-D dumpdates] [-d density] [-f file | -P pipecommand] [-h level]\n" " [-s feet] [-T date] filesystem\n" " dump -W | -w\n"); exit(X_STARTUP); } /* * Check to see if a disk is currently mounted. */ static char * getmntpt(char *name, int *mntflagsp) { long mntsize, i; struct statfs *mntbuf; mntsize = getmntinfo(&mntbuf, MNT_NOWAIT); for (i = 0; i < mntsize; i++) { if (!strcmp(mntbuf[i].f_mntfromname, name)) { *mntflagsp = mntbuf[i].f_flags; return (mntbuf[i].f_mntonname); } } return (0); } /* * Pick up a numeric argument. It must be nonnegative and in the given * range (except that a vmax of 0 means unlimited). */ static long numarg(const char *meaning, long vmin, long vmax) { char *p; long val; val = strtol(optarg, &p, 10); if (*p) errx(1, "illegal %s -- %s", meaning, optarg); if (val < vmin || (vmax && val > vmax)) errx(1, "%s must be between %ld and %ld", meaning, vmin, vmax); return (val); } void sig(int signo) { switch(signo) { case SIGALRM: case SIGBUS: case SIGFPE: case SIGHUP: case SIGTERM: case SIGTRAP: if (pipeout) quit("Signal on pipe: cannot recover\n"); msg("Rewriting attempted as response to unknown signal.\n"); (void)fflush(stderr); (void)fflush(stdout); close_rewind(); exit(X_REWRITE); /* NOTREACHED */ case SIGSEGV: msg("SIGSEGV: ABORTING!\n"); (void)signal(SIGSEGV, SIG_DFL); (void)kill(0, SIGSEGV); /* NOTREACHED */ } } char * rawname(char *cp) { struct stat sb; /* * Ensure that the device passed in is a raw device. */ if (stat(cp, &sb) == 0 && (sb.st_mode & S_IFMT) == S_IFCHR) return (cp); /* * Since there's only one device type now, we can't construct any * better name, so we have to return NULL. */ return (NULL); } /* * obsolete -- * Change set of key letters and ordered arguments into something * getopt(3) will like. */ static void obsolete(int *argcp, char **argvp[]) { int argc, flags; char *ap, **argv, *flagsp, **nargv, *p; /* Setup. */ argv = *argvp; argc = *argcp; /* * Return if no arguments or first argument has leading * dash or slash. */ ap = argv[1]; if (argc == 1 || *ap == '-' || *ap == '/') return; /* Allocate space for new arguments. */ if ((*argvp = nargv = malloc((argc + 1) * sizeof(char *))) == NULL || (p = flagsp = malloc(strlen(ap) + 2)) == NULL) err(1, NULL); *nargv++ = *argv; argv += 2; for (flags = 0; *ap; ++ap) { switch (*ap) { case 'B': case 'b': case 'd': case 'f': case 'D': case 'C': case 'h': case 's': case 'T': if (*argv == NULL) { warnx("option requires an argument -- %c", *ap); usage(); } if ((nargv[0] = malloc(strlen(*argv) + 2 + 1)) == NULL) err(1, NULL); nargv[0][0] = '-'; nargv[0][1] = *ap; (void)strcpy(&nargv[0][2], *argv); ++argv; ++nargv; break; default: if (!flags) { *p++ = '-'; flags = 1; } *p++ = *ap; break; } } /* Terminate flags. */ if (flags) { *p = '\0'; *nargv++ = flagsp; } else free(flagsp); /* Copy remaining arguments. */ while ((*nargv++ = *argv++)); /* Update argument count. */ *argcp = nargv - *argvp - 1; } diff --git a/sbin/dump/optr.c b/sbin/dump/optr.c index d3ca5b2a926e..15d34020b24c 100644 --- a/sbin/dump/optr.c +++ b/sbin/dump/optr.c @@ -1,429 +1,426 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1980, 1988, 1993 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #ifndef lint -#if 0 -static char sccsid[] = "@(#)optr.c 8.2 (Berkeley) 1/6/94"; -#endif #endif /* not lint */ #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include "dump.h" #include "pathnames.h" void alarmcatch(int); int datesort(const void *, const void *); /* * Query the operator; This previously-fascist piece of code * no longer requires an exact response. * It is intended to protect dump aborting by inquisitive * people banging on the console terminal to see what is * happening which might cause dump to croak, destroying * a large number of hours of work. * * Every 2 minutes we reprint the message, alerting others * that dump needs attention. */ static int timeout; static const char *attnmessage; /* attention message */ int query(const char *question) { char replybuffer[64]; int back, errcount; FILE *mytty; if ((mytty = fopen(_PATH_TTY, "r")) == NULL) quit("fopen on %s fails: %s\n", _PATH_TTY, strerror(errno)); attnmessage = question; timeout = 0; alarmcatch(0); back = -1; errcount = 0; do { if (fgets(replybuffer, 63, mytty) == NULL) { clearerr(mytty); if (++errcount > 30) /* XXX ugly */ quit("excessive operator query failures\n"); } else if (replybuffer[0] == 'y' || replybuffer[0] == 'Y') { back = 1; } else if (replybuffer[0] == 'n' || replybuffer[0] == 'N') { back = 0; } else { (void) fprintf(stderr, " DUMP: \"Yes\" or \"No\"?\n"); (void) fprintf(stderr, " DUMP: %s: (\"yes\" or \"no\") ", question); } } while (back < 0); /* * Turn off the alarm, and reset the signal to trap out.. */ (void) alarm(0); if (signal(SIGALRM, sig) == SIG_IGN) signal(SIGALRM, SIG_IGN); (void) fclose(mytty); return(back); } char lastmsg[BUFSIZ]; /* * Alert the console operator, and enable the alarm clock to * sleep for 2 minutes in case nobody comes to satisfy dump */ void alarmcatch(int sig __unused) { if (notify == 0) { if (timeout == 0) (void) fprintf(stderr, " DUMP: %s: (\"yes\" or \"no\") ", attnmessage); else msgtail("\a\a"); } else { if (timeout) { msgtail("\n"); broadcast(""); /* just print last msg */ } (void) fprintf(stderr," DUMP: %s: (\"yes\" or \"no\") ", attnmessage); } signal(SIGALRM, alarmcatch); (void) alarm(120); timeout = 1; } /* * Here if an inquisitive operator interrupts the dump program */ void interrupt(int signo __unused) { msg("Interrupt received.\n"); if (query("Do you want to abort dump?")) dumpabort(0); } /* * We now use wall(1) to do the actual broadcasting. */ void broadcast(const char *message) { FILE *fp; char buf[sizeof(_PATH_WALL) + sizeof(OPGRENT) + 3]; if (!notify) return; snprintf(buf, sizeof(buf), "%s -g %s", _PATH_WALL, OPGRENT); if ((fp = popen(buf, "w")) == NULL) return; (void) fputs("\a\a\aMessage from the dump program to all operators\n\nDUMP: NEEDS ATTENTION: ", fp); if (lastmsg[0]) (void) fputs(lastmsg, fp); if (message[0]) (void) fputs(message, fp); (void) pclose(fp); } /* * Print out an estimate of the amount of time left to do the dump */ time_t tschedule = 0; void timeest(void) { double percent; time_t tnow, tdone; char *tdone_str; int deltat, hours, mins; (void)time(&tnow); if (blockswritten > tapesize) { setproctitle("%s: 99.99%% done, finished soon", disk); if (tnow >= tschedule) { tschedule = tnow + 300; msg("99.99%% done, finished soon\n"); } } else { deltat = (blockswritten == 0) ? 0 : tstart_writing - tnow + (double)(tnow - tstart_writing) / blockswritten * tapesize; tdone = tnow + deltat; percent = (blockswritten * 100.0) / tapesize; hours = deltat / 3600; mins = (deltat % 3600) / 60; tdone_str = ctime(&tdone); tdone_str[strlen(tdone_str) - 1] = '\0'; setproctitle( "%s: pass %d: %3.2f%% done, finished in %d:%02d at %s", disk, passno, percent, hours, mins, tdone_str); if (tnow >= tschedule) { tschedule = tnow + 300; if (blockswritten < 500) return; msg("%3.2f%% done, finished in %d:%02d at %s\n", percent, hours, mins, tdone_str); } } } /* * Schedule a printout of the estimate in the next call to timeest(). */ void infosch(int signal __unused) { tschedule = 0; } void msg(const char *fmt, ...) { va_list ap; (void) fprintf(stderr," DUMP: "); #ifdef TDEBUG (void) fprintf(stderr, "pid=%d ", getpid()); #endif va_start(ap, fmt); (void) vfprintf(stderr, fmt, ap); va_end(ap); (void) fflush(stdout); (void) fflush(stderr); va_start(ap, fmt); (void) vsnprintf(lastmsg, sizeof(lastmsg), fmt, ap); va_end(ap); } void msgtail(const char *fmt, ...) { va_list ap; va_start(ap, fmt); (void) vfprintf(stderr, fmt, ap); va_end(ap); } void quit(const char *fmt, ...) { va_list ap; (void) fprintf(stderr," DUMP: "); #ifdef TDEBUG (void) fprintf(stderr, "pid=%d ", getpid()); #endif va_start(ap, fmt); (void) vfprintf(stderr, fmt, ap); va_end(ap); (void) fflush(stdout); (void) fflush(stderr); dumpabort(0); } /* * Tell the operator what has to be done; * we don't actually do it */ struct fstab * allocfsent(const struct fstab *fs) { struct fstab *new; new = (struct fstab *)malloc(sizeof (*fs)); if (new == NULL || (new->fs_file = strdup(fs->fs_file)) == NULL || (new->fs_type = strdup(fs->fs_type)) == NULL || (new->fs_spec = strdup(fs->fs_spec)) == NULL) quit("%s\n", strerror(errno)); new->fs_passno = fs->fs_passno; new->fs_freq = fs->fs_freq; return (new); } struct pfstab { SLIST_ENTRY(pfstab) pf_list; struct fstab *pf_fstab; }; static SLIST_HEAD(, pfstab) table; void dump_getfstab(void) { struct fstab *fs; struct pfstab *pf; if (setfsent() == 0) { msg("Can't open %s for dump table information: %s\n", _PATH_FSTAB, strerror(errno)); return; } while ((fs = getfsent()) != NULL) { if ((strcmp(fs->fs_type, FSTAB_RW) && strcmp(fs->fs_type, FSTAB_RO) && strcmp(fs->fs_type, FSTAB_RQ)) || strcmp(fs->fs_vfstype, "ufs")) continue; fs = allocfsent(fs); if ((pf = (struct pfstab *)malloc(sizeof (*pf))) == NULL) quit("%s\n", strerror(errno)); pf->pf_fstab = fs; SLIST_INSERT_HEAD(&table, pf, pf_list); } (void) endfsent(); } /* * Search in the fstab for a file name. * This file name can be either the special or the path file name. * * The file name can omit the leading '/'. */ struct fstab * fstabsearch(const char *key) { struct pfstab *pf; struct fstab *fs; char *rn; SLIST_FOREACH(pf, &table, pf_list) { fs = pf->pf_fstab; if (strcmp(fs->fs_file, key) == 0 || strcmp(fs->fs_spec, key) == 0) return (fs); rn = rawname(fs->fs_spec); if (rn != NULL && strcmp(rn, key) == 0) return (fs); if (key[0] != '/') { if (*fs->fs_spec == '/' && strcmp(fs->fs_spec + 1, key) == 0) return (fs); if (*fs->fs_file == '/' && strcmp(fs->fs_file + 1, key) == 0) return (fs); } } return (NULL); } /* * Tell the operator what to do */ void lastdump(int arg) /* w ==> just what to do; W ==> most recent dumps */ { int i; struct fstab *dt; struct dumpdates *dtwalk; char *lastname, *date; int dumpme; time_t tnow; struct tm *tlast; (void) time(&tnow); dump_getfstab(); /* /etc/fstab input */ initdumptimes(); /* /etc/dumpdates input */ qsort((char *) ddatev, nddates, sizeof(struct dumpdates *), datesort); if (arg == 'w') (void) printf("Dump these file systems:\n"); else (void) printf("Last dump(s) done (Dump '>' file systems):\n"); lastname = "??"; ITITERATE(i, dtwalk) { if (strncmp(lastname, dtwalk->dd_name, sizeof(dtwalk->dd_name)) == 0) continue; date = (char *)ctime(&dtwalk->dd_ddate); date[16] = '\0'; /* blast away seconds and year */ lastname = dtwalk->dd_name; dt = fstabsearch(dtwalk->dd_name); dumpme = (dt != NULL && dt->fs_freq != 0); if (dumpme) { tlast = localtime(&dtwalk->dd_ddate); dumpme = tnow > (dtwalk->dd_ddate - (tlast->tm_hour * 3600) - (tlast->tm_min * 60) - tlast->tm_sec + (dt->fs_freq * 86400)); } if (arg != 'w' || dumpme) (void) printf( "%c %8s\t(%6s) Last dump: Level %d, Date %s\n", dumpme && (arg != 'w') ? '>' : ' ', dtwalk->dd_name, dt ? dt->fs_file : "", dtwalk->dd_level, date); } } int datesort(const void *a1, const void *a2) { struct dumpdates *d1 = *(struct dumpdates **)a1; struct dumpdates *d2 = *(struct dumpdates **)a2; int diff; diff = strncmp(d1->dd_name, d2->dd_name, sizeof(d1->dd_name)); if (diff == 0) return (d2->dd_ddate - d1->dd_ddate); return (diff); } diff --git a/sbin/dump/pathnames.h b/sbin/dump/pathnames.h index 3ee966a55ff7..e309643473a7 100644 --- a/sbin/dump/pathnames.h +++ b/sbin/dump/pathnames.h @@ -1,39 +1,37 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1989, 1993 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. - * - * @(#)pathnames.h 8.1 (Berkeley) 6/5/93 */ #include #define _PATH_DEFTAPE "/dev/sa0" #define _PATH_DUMPDATES "/etc/dumpdates" #define _PATH_LOCK "/tmp/dumplockXXXXXX" #define _PATH_RMT "/etc/rmt" /* path on remote host */ diff --git a/sbin/dump/tape.c b/sbin/dump/tape.c index 3a3574f6d44d..dd3a7672586d 100644 --- a/sbin/dump/tape.c +++ b/sbin/dump/tape.c @@ -1,899 +1,896 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1980, 1991, 1993 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #ifndef lint -#if 0 -static char sccsid[] = "@(#)tape.c 8.4 (Berkeley) 5/1/95"; -#endif #endif /* not lint */ #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include "dump.h" ino_t curino; /* current inumber; used globally */ int newtape; /* new tape flag */ union u_spcl u_spcl; /* mapping of variables in a control block */ static int tapefd; /* tape file descriptor */ static long asize; /* number of 0.1" units written on cur tape */ static int writesize; /* size of malloc()ed buffer for tape */ static int64_t lastspclrec = -1; /* tape block number of last written header */ static int trecno = 0; /* next record to write in current block */ static long blocksthisvol; /* number of blocks on current output file */ static char *nexttape; static FILE *popenfp = NULL; static int atomic_read(int, void *, int); static int atomic_write(int, const void *, int); static void worker(int, int); static void create_workers(void); static void flushtape(void); static void killall(void); static void rollforward(void); /* * Concurrent dump mods (Caltech) - disk block reading and tape writing * are exported to several worker processes. While one worker writes the * tape, the others read disk blocks; they pass control of the tape in * a ring via signals. The parent process traverses the file system and * sends writeheader()'s and lists of daddr's to the workers via pipes. * The following structure defines the instruction packets sent to workers. */ struct req { ufs2_daddr_t dblk; int count; }; static int reqsiz; #define WORKERS 3 /* 1 worker writing, 1 reading, 1 for slack */ static struct worker { int64_t tapea; /* header number at start of this chunk */ int64_t firstrec; /* record number of this block */ int count; /* count to next header (used for TS_TAPE */ /* after EOT) */ int inode; /* inode that we are currently dealing with */ int fd; /* FD for this worker */ int pid; /* PID for this worker */ int sent; /* 1 == we've sent this worker requests */ char (*tblock)[TP_BSIZE]; /* buffer for data blocks */ struct req *req; /* buffer for requests */ } workers[WORKERS+1]; static struct worker *wp; static char (*nextblock)[TP_BSIZE]; static int master; /* pid of master, for sending error signals */ static int tenths; /* length of tape used per block written */ static volatile sig_atomic_t caught; /* have we caught the signal to proceed? */ static volatile sig_atomic_t ready; /* reached the lock point without having */ /* received the SIGUSR2 signal from the prev worker? */ static jmp_buf jmpbuf; /* where to jump to if we are ready when the */ /* SIGUSR2 arrives from the previous worker */ int alloctape(void) { int pgoff = getpagesize() - 1; char *buf; int i; writesize = ntrec * TP_BSIZE; reqsiz = (ntrec + 1) * sizeof(struct req); /* * CDC 92181's and 92185's make 0.8" gaps in 1600-bpi start/stop mode * (see DEC TU80 User's Guide). The shorter gaps of 6250-bpi require * repositioning after stopping, i.e, streaming mode, where the gap is * variable, 0.30" to 0.45". The gap is maximal when the tape stops. */ if (blocksperfile == 0 && !unlimited) tenths = writesize / density + (cartridge ? 16 : density == 625 ? 5 : 8); /* * Allocate tape buffer contiguous with the array of instruction * packets, so flushtape() can write them together with one write(). * Align tape buffer on page boundary to speed up tape write(). */ for (i = 0; i <= WORKERS; i++) { buf = (char *) malloc((unsigned)(reqsiz + writesize + pgoff + TP_BSIZE)); if (buf == NULL) return(0); workers[i].tblock = (char (*)[TP_BSIZE]) (((long)&buf[ntrec + 1] + pgoff) &~ pgoff); workers[i].req = (struct req *)workers[i].tblock - ntrec - 1; } wp = &workers[0]; wp->count = 1; wp->tapea = 0; wp->firstrec = 0; nextblock = wp->tblock; return(1); } void writerec(char *dp, int isspcl) { wp->req[trecno].dblk = (ufs2_daddr_t)0; wp->req[trecno].count = 1; /* Can't do a structure assignment due to alignment problems */ bcopy(dp, *(nextblock)++, sizeof (union u_spcl)); if (isspcl) lastspclrec = spcl.c_tapea; trecno++; spcl.c_tapea++; if (trecno >= ntrec) flushtape(); } void dumpblock(ufs2_daddr_t blkno, int size) { int avail, tpblks; ufs2_daddr_t dblkno; dblkno = fsbtodb(sblock, blkno); tpblks = size >> tp_bshift; while ((avail = MIN(tpblks, ntrec - trecno)) > 0) { wp->req[trecno].dblk = dblkno; wp->req[trecno].count = avail; trecno += avail; spcl.c_tapea += avail; if (trecno >= ntrec) flushtape(); dblkno += avail << (tp_bshift - dev_bshift); tpblks -= avail; } } int nogripe = 0; void tperror(int signo __unused) { if (pipeout) { msg("write error on %s\n", tape); quit("Cannot recover\n"); /* NOTREACHED */ } msg("write error %ld blocks into volume %d\n", blocksthisvol, tapeno); broadcast("DUMP WRITE ERROR!\n"); if (!query("Do you want to restart?")) dumpabort(0); msg("Closing this volume. Prepare to restart with new media;\n"); msg("this dump volume will be rewritten.\n"); killall(); nogripe = 1; close_rewind(); Exit(X_REWRITE); } void sigpipe(int signo __unused) { quit("Broken pipe\n"); } static void flushtape(void) { int i, blks, got; int64_t lastfirstrec; int siz = (char *)nextblock - (char *)wp->req; wp->req[trecno].count = 0; /* Sentinel */ if (atomic_write(wp->fd, (const void *)wp->req, siz) != siz) quit("error writing command pipe: %s\n", strerror(errno)); wp->sent = 1; /* we sent a request, read the response later */ lastfirstrec = wp->firstrec; if (++wp >= &workers[WORKERS]) wp = &workers[0]; /* Read results back from next worker */ if (wp->sent) { if (atomic_read(wp->fd, (void *)&got, sizeof got) != sizeof got) { perror(" DUMP: error reading command pipe in master"); dumpabort(0); } wp->sent = 0; /* Check for end of tape */ if (got < writesize) { msg("End of tape detected\n"); /* * Drain the results, don't care what the values were. * If we read them here then trewind won't... */ for (i = 0; i < WORKERS; i++) { if (workers[i].sent) { if (atomic_read(workers[i].fd, (void *)&got, sizeof got) != sizeof got) { perror(" DUMP: error reading command pipe in master"); dumpabort(0); } workers[i].sent = 0; } } close_rewind(); rollforward(); return; } } blks = 0; if (spcl.c_type != TS_END && spcl.c_type != TS_CLRI && spcl.c_type != TS_BITS) { assert(spcl.c_count <= TP_NINDIR); for (i = 0; i < spcl.c_count; i++) if (spcl.c_addr[i] != 0) blks++; } wp->count = lastspclrec + blks + 1 - spcl.c_tapea; wp->tapea = spcl.c_tapea; wp->firstrec = lastfirstrec + ntrec; wp->inode = curino; nextblock = wp->tblock; trecno = 0; asize += tenths; blockswritten += ntrec; blocksthisvol += ntrec; if (!pipeout && !unlimited && (blocksperfile ? (blocksthisvol >= blocksperfile) : (asize > tsize))) { close_rewind(); startnewtape(0); } timeest(); } void trewind(void) { struct stat sb; int f; int got; for (f = 0; f < WORKERS; f++) { /* * Drain the results, but unlike EOT we DO (or should) care * what the return values were, since if we detect EOT after * we think we've written the last blocks to the tape anyway, * we have to replay those blocks with rollforward. * * fixme: punt for now. */ if (workers[f].sent) { if (atomic_read(workers[f].fd, (void *)&got, sizeof got) != sizeof got) { perror(" DUMP: error reading command pipe in master"); dumpabort(0); } workers[f].sent = 0; if (got != writesize) { msg("EOT detected in last 2 tape records!\n"); msg("Use a longer tape, decrease the size estimate\n"); quit("or use no size estimate at all.\n"); } } (void) close(workers[f].fd); } while (wait((int *)NULL) >= 0) /* wait for any signals from workers */ /* void */; if (pipeout) return; msg("Closing %s\n", tape); if (popenout) { tapefd = -1; (void)pclose(popenfp); popenfp = NULL; return; } #ifdef RDUMP if (host) { rmtclose(); while (rmtopen(tape, 0) < 0) sleep(10); rmtclose(); return; } #endif if (fstat(tapefd, &sb) == 0 && S_ISFIFO(sb.st_mode)) { (void)close(tapefd); return; } (void) close(tapefd); while ((f = open(tape, 0)) < 0) sleep (10); (void) close(f); } void close_rewind() { time_t tstart_changevol, tend_changevol; trewind(); if (nexttape) return; (void)time((time_t *)&(tstart_changevol)); if (!nogripe) { msg("Change Volumes: Mount volume #%d\n", tapeno+1); broadcast("CHANGE DUMP VOLUMES!\a\a\n"); } while (!query("Is the new volume mounted and ready to go?")) if (query("Do you want to abort?")) { dumpabort(0); /*NOTREACHED*/ } (void)time((time_t *)&(tend_changevol)); if ((tstart_changevol != (time_t)-1) && (tend_changevol != (time_t)-1)) tstart_writing += (tend_changevol - tstart_changevol); } void rollforward(void) { struct req *p, *q, *prev; struct worker *twp; int i, size, got; int64_t savedtapea; union u_spcl *ntb, *otb; twp = &workers[WORKERS]; ntb = (union u_spcl *)twp->tblock[1]; /* * Each of the N workers should have requests that need to * be replayed on the next tape. Use the extra worker buffers * (workers[WORKERS]) to construct request lists to be sent to * each worker in turn. */ for (i = 0; i < WORKERS; i++) { q = &twp->req[1]; otb = (union u_spcl *)wp->tblock; /* * For each request in the current worker, copy it to twp. */ prev = NULL; for (p = wp->req; p->count > 0; p += p->count) { *q = *p; if (p->dblk == 0) *ntb++ = *otb++; /* copy the datablock also */ prev = q; q += q->count; } if (prev == NULL) quit("rollforward: protocol botch"); if (prev->dblk != 0) prev->count -= 1; else ntb--; q -= 1; q->count = 0; q = &twp->req[0]; if (i == 0) { q->dblk = 0; q->count = 1; trecno = 0; nextblock = twp->tblock; savedtapea = spcl.c_tapea; spcl.c_tapea = wp->tapea; startnewtape(0); spcl.c_tapea = savedtapea; lastspclrec = savedtapea - 1; } size = (char *)ntb - (char *)q; if (atomic_write(wp->fd, (const void *)q, size) != size) { perror(" DUMP: error writing command pipe"); dumpabort(0); } wp->sent = 1; if (++wp >= &workers[WORKERS]) wp = &workers[0]; q->count = 1; if (prev->dblk != 0) { /* * If the last one was a disk block, make the * first of this one be the last bit of that disk * block... */ q->dblk = prev->dblk + prev->count * (TP_BSIZE / DEV_BSIZE); ntb = (union u_spcl *)twp->tblock; } else { /* * It wasn't a disk block. Copy the data to its * new location in the buffer. */ q->dblk = 0; *((union u_spcl *)twp->tblock) = *ntb; ntb = (union u_spcl *)twp->tblock[1]; } } wp->req[0] = *q; nextblock = wp->tblock; if (q->dblk == 0) nextblock++; trecno = 1; /* * Clear the first workers' response. One hopes that it * worked ok, otherwise the tape is much too short! */ if (wp->sent) { if (atomic_read(wp->fd, (void *)&got, sizeof got) != sizeof got) { perror(" DUMP: error reading command pipe in master"); dumpabort(0); } wp->sent = 0; if (got != writesize) { quit("EOT detected at start of the tape!\n"); } } } /* * We implement taking and restoring checkpoints on the tape level. * When each tape is opened, a new process is created by forking; this * saves all of the necessary context in the parent. The child * continues the dump; the parent waits around, saving the context. * If the child returns X_REWRITE, then it had problems writing that tape; * this causes the parent to fork again, duplicating the context, and * everything continues as if nothing had happened. */ void startnewtape(int top) { int parentpid; int childpid; int status; char *p; sig_t interrupt_save; interrupt_save = signal(SIGINT, SIG_IGN); parentpid = getpid(); restore_check_point: (void)signal(SIGINT, interrupt_save); /* * All signals are inherited... */ setproctitle(NULL); /* Restore the proctitle. */ childpid = fork(); if (childpid < 0) { msg("Context save fork fails in parent %d\n", parentpid); Exit(X_ABORT); } if (childpid != 0) { /* * PARENT: * save the context by waiting * until the child doing all of the work returns. * don't catch the interrupt */ signal(SIGINT, SIG_IGN); #ifdef TDEBUG msg("Tape: %d; parent process: %d child process %d\n", tapeno+1, parentpid, childpid); #endif /* TDEBUG */ if (waitpid(childpid, &status, 0) == -1) msg("Waiting for child %d: %s\n", childpid, strerror(errno)); if (status & 0xFF) { msg("Child %d returns LOB status %o\n", childpid, status&0xFF); } status = (status >> 8) & 0xFF; #ifdef TDEBUG switch(status) { case X_FINOK: msg("Child %d finishes X_FINOK\n", childpid); break; case X_ABORT: msg("Child %d finishes X_ABORT\n", childpid); break; case X_REWRITE: msg("Child %d finishes X_REWRITE\n", childpid); break; default: msg("Child %d finishes unknown %d\n", childpid, status); break; } #endif /* TDEBUG */ switch(status) { case X_FINOK: Exit(X_FINOK); case X_ABORT: Exit(X_ABORT); case X_REWRITE: goto restore_check_point; default: msg("Bad return code from dump: %d\n", status); Exit(X_ABORT); } /*NOTREACHED*/ } else { /* we are the child; just continue */ #ifdef TDEBUG sleep(4); /* allow time for parent's message to get out */ msg("Child on Tape %d has parent %d, my pid = %d\n", tapeno+1, parentpid, getpid()); #endif /* TDEBUG */ /* * If we have a name like "/dev/rmt0,/dev/rmt1", * use the name before the comma first, and save * the remaining names for subsequent volumes. */ tapeno++; /* current tape sequence */ if (nexttape || strchr(tape, ',')) { if (nexttape && *nexttape) tape = nexttape; if ((p = strchr(tape, ',')) != NULL) { *p = '\0'; nexttape = p + 1; } else nexttape = NULL; msg("Dumping volume %d on %s\n", tapeno, tape); } if (pipeout) { tapefd = STDOUT_FILENO; } else if (popenout) { char volno[sizeof("2147483647")]; (void)sprintf(volno, "%d", spcl.c_volume + 1); if (setenv("DUMP_VOLUME", volno, 1) == -1) { msg("Cannot set $DUMP_VOLUME.\n"); dumpabort(0); } popenfp = popen(popenout, "w"); if (popenfp == NULL) { msg("Cannot open output pipeline \"%s\".\n", popenout); dumpabort(0); } tapefd = fileno(popenfp); } else { #ifdef RDUMP while ((tapefd = (host ? rmtopen(tape, 2) : open(tape, O_WRONLY|O_CREAT, 0666))) < 0) #else while ((tapefd = open(tape, O_WRONLY|O_CREAT, 0666)) < 0) #endif { msg("Cannot open output \"%s\".\n", tape); if (!query("Do you want to retry the open?")) dumpabort(0); } } create_workers(); /* Share open tape file descriptor with workers */ if (popenout) close(tapefd); /* Give up our copy of it. */ signal(SIGINFO, infosch); asize = 0; blocksthisvol = 0; if (top) newtape++; /* new tape signal */ spcl.c_count = wp->count; /* * measure firstrec in TP_BSIZE units since restore doesn't * know the correct ntrec value... */ spcl.c_firstrec = wp->firstrec; spcl.c_volume++; spcl.c_type = TS_TAPE; writeheader((ino_t)wp->inode); if (tapeno > 1) msg("Volume %d begins with blocks from inode %d\n", tapeno, wp->inode); } } void dumpabort(int signo __unused) { if (master != 0 && master != getpid()) /* Signals master to call dumpabort */ (void) kill(master, SIGTERM); else { killall(); msg("The ENTIRE dump is aborted.\n"); } #ifdef RDUMP rmtclose(); #endif Exit(X_ABORT); } void Exit(int status) { #ifdef TDEBUG msg("pid = %d exits with status %d\n", getpid(), status); #endif /* TDEBUG */ exit(status); } /* * proceed - handler for SIGUSR2, used to synchronize IO between the workers. */ void proceed(int signo __unused) { if (ready) longjmp(jmpbuf, 1); caught++; } void create_workers(void) { int cmd[2]; int i, j; master = getpid(); signal(SIGTERM, dumpabort); /* Worker sends SIGTERM on dumpabort() */ signal(SIGPIPE, sigpipe); signal(SIGUSR1, tperror); /* Worker sends SIGUSR1 on tape errors */ signal(SIGUSR2, proceed); /* Worker sends SIGUSR2 to next worker */ for (i = 0; i < WORKERS; i++) { if (i == wp - &workers[0]) { caught = 1; } else { caught = 0; } if (socketpair(AF_UNIX, SOCK_STREAM, 0, cmd) < 0 || (workers[i].pid = fork()) < 0) quit("too many workers, %d (recompile smaller): %s\n", i, strerror(errno)); workers[i].fd = cmd[1]; workers[i].sent = 0; if (workers[i].pid == 0) { /* Worker starts up here */ for (j = 0; j <= i; j++) (void) close(workers[j].fd); signal(SIGINT, SIG_IGN); /* Master handles this */ worker(cmd[0], i); Exit(X_FINOK); } } for (i = 0; i < WORKERS; i++) (void) atomic_write(workers[i].fd, (const void *) &workers[(i + 1) % WORKERS].pid, sizeof workers[0].pid); master = 0; } void killall(void) { int i; for (i = 0; i < WORKERS; i++) if (workers[i].pid > 0) { (void) kill(workers[i].pid, SIGKILL); workers[i].sent = 0; } } /* * Synchronization - each process has a lockfile, and shares file * descriptors to the following process's lockfile. When our write * completes, we release our lock on the following process's lock- * file, allowing the following process to lock it and proceed. We * get the lock back for the next cycle by swapping descriptors. */ static void worker(int cmd, int worker_number) { int nread; int nextworker, size, wrote, eot_count; /* * Need our own seek pointer. */ (void) close(diskfd); if ((diskfd = open(disk, O_RDONLY)) < 0) quit("worker couldn't reopen disk: %s\n", strerror(errno)); /* * Need the pid of the next worker in the loop... */ if ((nread = atomic_read(cmd, (void *)&nextworker, sizeof nextworker)) != sizeof nextworker) { quit("master/worker protocol botched - didn't get pid of next worker.\n"); } /* * Get list of blocks to dump, read the blocks into tape buffer */ while ((nread = atomic_read(cmd, (void *)wp->req, reqsiz)) == reqsiz) { struct req *p = wp->req; for (trecno = 0; trecno < ntrec; trecno += p->count, p += p->count) { if (p->dblk) { blkread(p->dblk, wp->tblock[trecno], p->count * TP_BSIZE); } else { if (p->count != 1 || atomic_read(cmd, (void *)wp->tblock[trecno], TP_BSIZE) != TP_BSIZE) quit("master/worker protocol botched.\n"); } } if (setjmp(jmpbuf) == 0) { ready = 1; if (!caught) (void) pause(); } ready = 0; caught = 0; /* Try to write the data... */ eot_count = 0; size = 0; wrote = 0; while (eot_count < 10 && size < writesize) { #ifdef RDUMP if (host) wrote = rmtwrite(wp->tblock[0]+size, writesize-size); else #endif wrote = write(tapefd, wp->tblock[0]+size, writesize-size); #ifdef WRITEDEBUG printf("worker %d wrote %d\n", worker_number, wrote); #endif if (wrote < 0) break; if (wrote == 0) eot_count++; size += wrote; } #ifdef WRITEDEBUG if (size != writesize) printf("worker %d only wrote %d out of %d bytes and gave up.\n", worker_number, size, writesize); #endif /* * Handle ENOSPC as an EOT condition. */ if (wrote < 0 && errno == ENOSPC) { wrote = 0; eot_count++; } if (eot_count > 0) size = 0; if (wrote < 0) { (void) kill(master, SIGUSR1); for (;;) (void) sigpause(0); } else { /* * pass size of write back to master * (for EOT handling) */ (void)atomic_write(cmd, (const void *)&size, sizeof size); } /* * If partial write, don't want next worker to go. * Also jolts him awake. */ (void) kill(nextworker, SIGUSR2); } if (nread != 0) quit("error reading command pipe: %s\n", strerror(errno)); } /* * Since a read from a pipe may not return all we asked for, * loop until the count is satisfied (or error). */ static int atomic_read(int fd, void *buf, int count) { int got, need = count; while ((got = read(fd, buf, need)) > 0 && (need -= got) > 0) buf += got; return (got < 0 ? got : count - need); } /* * Since a write to a pipe may not write all we ask if we get a signal, * loop until the count is satisfied (or error). */ static int atomic_write(int fd, const void *buf, int count) { int got, need = count; while ((got = write(fd, buf, need)) > 0 && (need -= got) > 0) buf += got; return (got < 0 ? got : count - need); } diff --git a/sbin/dump/traverse.c b/sbin/dump/traverse.c index 281cffcdf6f2..c166b6a1af24 100644 --- a/sbin/dump/traverse.c +++ b/sbin/dump/traverse.c @@ -1,1008 +1,1005 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1980, 1988, 1991, 1993 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #ifndef lint -#if 0 -static char sccsid[] = "@(#)traverse.c 8.7 (Berkeley) 6/15/95"; -#endif #endif /* not lint */ #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include "dump.h" union dinode { struct ufs1_dinode dp1; struct ufs2_dinode dp2; }; #define DIP(dp, field) \ ((sblock->fs_magic == FS_UFS1_MAGIC) ? \ (dp)->dp1.field : (dp)->dp2.field) #define DIP_SET(dp, field, val) do {\ if (sblock->fs_magic == FS_UFS1_MAGIC) \ (dp)->dp1.field = (val); \ else \ (dp)->dp2.field = (val); \ } while (0) #define HASDUMPEDFILE 0x1 #define HASSUBDIRS 0x2 static int dirindir(ino_t ino, ufs2_daddr_t blkno, int level, long *size, long *tapesize, int nodump, ino_t maxino); static void dmpindir(union dinode *dp, ino_t ino, ufs2_daddr_t blk, int level, off_t *size); static void ufs1_blksout(ufs1_daddr_t *blkp, int frags, ino_t ino); static void ufs2_blksout(union dinode *dp, ufs2_daddr_t *blkp, int frags, ino_t ino, int last); static int appendextdata(union dinode *dp); static void writeextdata(union dinode *dp, ino_t ino, int added); static int searchdir(ino_t ino, ufs2_daddr_t blkno, long size, long filesize, long *tapesize, int nodump, ino_t maxino); static long blockest(union dinode *dp); /* * This is an estimation of the number of TP_BSIZE blocks in the file. * It estimates the number of blocks in files with holes by assuming * that all of the blocks accounted for by di_blocks are data blocks * (when some of the blocks are usually used for indirect pointers); * hence the estimate may be high. */ static long blockest(union dinode *dp) { long blkest, sizeest; /* * dp->di_size is the size of the file in bytes. * dp->di_blocks stores the number of sectors actually in the file. * If there are more sectors than the size would indicate, this just * means that there are indirect blocks in the file or unused * sectors in the last file block; we can safely ignore these * (blkest = sizeest below). * If the file is bigger than the number of sectors would indicate, * then the file has holes in it. In this case we must use the * block count to estimate the number of data blocks used, but * we use the actual size for estimating the number of indirect * dump blocks (sizeest vs. blkest in the indirect block * calculation). */ if ((DIP(dp, di_flags) & SF_SNAPSHOT) != 0) return (1); blkest = howmany(dbtob(DIP(dp, di_blocks)), TP_BSIZE); sizeest = howmany(DIP(dp, di_size), TP_BSIZE); if (blkest > sizeest) blkest = sizeest; if (DIP(dp, di_size) > sblock->fs_bsize * UFS_NDADDR) { /* calculate the number of indirect blocks on the dump tape */ blkest += howmany(sizeest - UFS_NDADDR * sblock->fs_bsize / TP_BSIZE, TP_NINDIR); } return (blkest + 1); } /* Auxiliary macro to pick up files changed since previous dump. */ #define CHANGEDSINCE(dp, t) \ (DIP(dp, di_mtime) >= (t) || DIP(dp, di_ctime) >= (t)) /* The WANTTODUMP macro decides whether a file should be dumped. */ #ifdef UF_NODUMP #define WANTTODUMP(dp) \ (CHANGEDSINCE(dp, spcl.c_ddate) && \ (nonodump || (DIP(dp, di_flags) & UF_NODUMP) != UF_NODUMP)) #else #define WANTTODUMP(dp) CHANGEDSINCE(dp, spcl.c_ddate) #endif /* * Dump pass 1. * * Walk the inode list for a file system to find all allocated inodes * that have been modified since the previous dump time. Also, find all * the directories in the file system. */ int mapfiles(ino_t maxino, long *tapesize) { int i, cg, mode, inosused; int anydirskipped = 0; union dinode *dp; struct cg *cgp; ino_t ino; u_char *cp; if ((cgp = malloc(sblock->fs_cgsize)) == NULL) quit("mapfiles: cannot allocate memory.\n"); for (cg = 0; cg < sblock->fs_ncg; cg++) { ino = cg * sblock->fs_ipg; blkread(fsbtodb(sblock, cgtod(sblock, cg)), (char *)cgp, sblock->fs_cgsize); if (sblock->fs_magic == FS_UFS2_MAGIC) inosused = cgp->cg_initediblk; else inosused = sblock->fs_ipg; /* * If we are using soft updates, then we can trust the * cylinder group inode allocation maps to tell us which * inodes are allocated. We will scan the used inode map * to find the inodes that are really in use, and then * read only those inodes in from disk. */ if (sblock->fs_flags & FS_DOSOFTDEP) { if (!cg_chkmagic(cgp)) quit("mapfiles: cg %d: bad magic number\n", cg); cp = &cg_inosused(cgp)[(inosused - 1) / CHAR_BIT]; for ( ; inosused > 0; inosused -= CHAR_BIT, cp--) { if (*cp == 0) continue; for (i = 1 << (CHAR_BIT - 1); i > 0; i >>= 1) { if (*cp & i) break; inosused--; } break; } if (inosused <= 0) continue; } for (i = 0; i < inosused; i++, ino++) { if (ino < UFS_ROOTINO || (dp = getino(ino, &mode)) == NULL || (mode & IFMT) == 0) continue; if (ino >= maxino) { msg("Skipping inode %ju >= maxino %ju\n", (uintmax_t)ino, (uintmax_t)maxino); continue; } /* * Everything must go in usedinomap so that a check * for "in dumpdirmap but not in usedinomap" to detect * dirs with nodump set has a chance of succeeding * (this is used in mapdirs()). */ SETINO(ino, usedinomap); if (mode == IFDIR) SETINO(ino, dumpdirmap); if (WANTTODUMP(dp)) { SETINO(ino, dumpinomap); if (mode != IFREG && mode != IFDIR && mode != IFLNK) *tapesize += 1; else *tapesize += blockest(dp); continue; } if (mode == IFDIR) { if (!nonodump && (DIP(dp, di_flags) & UF_NODUMP)) CLRINO(ino, usedinomap); anydirskipped = 1; } } } /* * Restore gets very upset if the root is not dumped, * so ensure that it always is dumped. */ SETINO(UFS_ROOTINO, dumpinomap); return (anydirskipped); } /* * Dump pass 2. * * Scan each directory on the file system to see if it has any modified * files in it. If it does, and has not already been added to the dump * list (because it was itself modified), then add it. If a directory * has not been modified itself, contains no modified files and has no * subdirectories, then it can be deleted from the dump list and from * the list of directories. By deleting it from the list of directories, * its parent may now qualify for the same treatment on this or a later * pass using this algorithm. */ int mapdirs(ino_t maxino, long *tapesize) { union dinode *dp; int i, isdir, nodump; char *map; ino_t ino; union dinode di; long filesize; int ret, change = 0; isdir = 0; /* XXX just to get gcc to shut up */ for (map = dumpdirmap, ino = 1; ino < maxino; ino++) { if (((ino - 1) % CHAR_BIT) == 0) /* map is offset by 1 */ isdir = *map++; else isdir >>= 1; /* * If a directory has been removed from usedinomap, it * either has the nodump flag set, or has inherited * it. Although a directory can't be in dumpinomap if * it isn't in usedinomap, we have to go through it to * propagate the nodump flag. */ nodump = !nonodump && (TSTINO(ino, usedinomap) == 0); if ((isdir & 1) == 0 || (TSTINO(ino, dumpinomap) && !nodump)) continue; dp = getino(ino, &i); /* * inode buf may change in searchdir(). */ if (sblock->fs_magic == FS_UFS1_MAGIC) di.dp1 = dp->dp1; else di.dp2 = dp->dp2; filesize = DIP(&di, di_size); for (ret = 0, i = 0; filesize > 0 && i < UFS_NDADDR; i++) { if (DIP(&di, di_db[i]) != 0) ret |= searchdir(ino, DIP(&di, di_db[i]), (long)sblksize(sblock, DIP(&di, di_size), i), filesize, tapesize, nodump, maxino); if (ret & HASDUMPEDFILE) filesize = 0; else filesize -= sblock->fs_bsize; } for (i = 0; filesize > 0 && i < UFS_NIADDR; i++) { if (DIP(&di, di_ib[i]) == 0) continue; ret |= dirindir(ino, DIP(&di, di_ib[i]), i, &filesize, tapesize, nodump, maxino); } if (ret & HASDUMPEDFILE) { SETINO(ino, dumpinomap); *tapesize += blockest(&di); change = 1; continue; } if (nodump) { if (ret & HASSUBDIRS) change = 1; /* subdirs inherit nodump */ CLRINO(ino, dumpdirmap); } else if ((ret & HASSUBDIRS) == 0) if (!TSTINO(ino, dumpinomap)) { CLRINO(ino, dumpdirmap); change = 1; } } return (change); } /* * Read indirect blocks, and pass the data blocks to be searched * as directories. Quit as soon as any entry is found that will * require the directory to be dumped. */ static int dirindir( ino_t ino, ufs2_daddr_t blkno, int ind_level, long *filesize, long *tapesize, int nodump, ino_t maxino) { union { ufs1_daddr_t ufs1[MAXBSIZE / sizeof(ufs1_daddr_t)]; ufs2_daddr_t ufs2[MAXBSIZE / sizeof(ufs2_daddr_t)]; } idblk; int ret = 0; int i; blkread(fsbtodb(sblock, blkno), (char *)&idblk, (int)sblock->fs_bsize); if (ind_level <= 0) { for (i = 0; *filesize > 0 && i < NINDIR(sblock); i++) { if (sblock->fs_magic == FS_UFS1_MAGIC) blkno = idblk.ufs1[i]; else blkno = idblk.ufs2[i]; if (blkno != 0) ret |= searchdir(ino, blkno, sblock->fs_bsize, *filesize, tapesize, nodump, maxino); if (ret & HASDUMPEDFILE) *filesize = 0; else *filesize -= sblock->fs_bsize; } return (ret); } ind_level--; for (i = 0; *filesize > 0 && i < NINDIR(sblock); i++) { if (sblock->fs_magic == FS_UFS1_MAGIC) blkno = idblk.ufs1[i]; else blkno = idblk.ufs2[i]; if (blkno != 0) ret |= dirindir(ino, blkno, ind_level, filesize, tapesize, nodump, maxino); } return (ret); } /* * Scan a disk block containing directory information looking to see if * any of the entries are on the dump list and to see if the directory * contains any subdirectories. */ static int searchdir( ino_t ino, ufs2_daddr_t blkno, long size, long filesize, long *tapesize, int nodump, ino_t maxino) { int mode; struct direct *dp; union dinode *ip; long loc, ret = 0; static caddr_t dblk; if (dblk == NULL && (dblk = malloc(sblock->fs_bsize)) == NULL) quit("searchdir: cannot allocate indirect memory.\n"); blkread(fsbtodb(sblock, blkno), dblk, (int)size); if (filesize < size) size = filesize; for (loc = 0; loc < size; ) { dp = (struct direct *)(dblk + loc); if (dp->d_reclen == 0) { msg("corrupted directory, inumber %ju\n", (uintmax_t)ino); break; } loc += dp->d_reclen; if (dp->d_ino == 0) continue; if (dp->d_ino >= maxino) { msg("corrupted directory entry, d_ino %ju >= %ju\n", (uintmax_t)dp->d_ino, (uintmax_t)maxino); break; } if (dp->d_name[0] == '.') { if (dp->d_name[1] == '\0') continue; if (dp->d_name[1] == '.' && dp->d_name[2] == '\0') continue; } if (nodump) { ip = getino(dp->d_ino, &mode); if (TSTINO(dp->d_ino, dumpinomap)) { CLRINO(dp->d_ino, dumpinomap); *tapesize -= blockest(ip); } /* * Add back to dumpdirmap and remove from usedinomap * to propagate nodump. */ if (mode == IFDIR) { SETINO(dp->d_ino, dumpdirmap); CLRINO(dp->d_ino, usedinomap); ret |= HASSUBDIRS; } } else { if (TSTINO(dp->d_ino, dumpinomap)) { ret |= HASDUMPEDFILE; if (ret & HASSUBDIRS) break; } if (TSTINO(dp->d_ino, dumpdirmap)) { ret |= HASSUBDIRS; if (ret & HASDUMPEDFILE) break; } } } return (ret); } /* * Dump passes 3 and 4. * * Dump the contents of an inode to tape. */ void dumpino(union dinode *dp, ino_t ino) { int ind_level, cnt, last, added; off_t size; char buf[TP_BSIZE]; if (newtape) { newtape = 0; dumpmap(dumpinomap, TS_BITS, ino); } CLRINO(ino, dumpinomap); /* * Zero out the size of a snapshot so that it will be dumped * as a zero length file. */ if ((DIP(dp, di_flags) & SF_SNAPSHOT) != 0) { DIP_SET(dp, di_size, 0); DIP_SET(dp, di_flags, DIP(dp, di_flags) & ~SF_SNAPSHOT); } if (sblock->fs_magic == FS_UFS1_MAGIC) { spcl.c_mode = dp->dp1.di_mode; spcl.c_size = dp->dp1.di_size; spcl.c_extsize = 0; spcl.c_atime = _time32_to_time(dp->dp1.di_atime); spcl.c_atimensec = dp->dp1.di_atimensec; spcl.c_mtime = _time32_to_time(dp->dp1.di_mtime); spcl.c_mtimensec = dp->dp1.di_mtimensec; spcl.c_birthtime = 0; spcl.c_birthtimensec = 0; spcl.c_rdev = dp->dp1.di_rdev; spcl.c_file_flags = dp->dp1.di_flags; spcl.c_uid = dp->dp1.di_uid; spcl.c_gid = dp->dp1.di_gid; } else { spcl.c_mode = dp->dp2.di_mode; spcl.c_size = dp->dp2.di_size; spcl.c_extsize = dp->dp2.di_extsize; spcl.c_atime = _time64_to_time(dp->dp2.di_atime); spcl.c_atimensec = dp->dp2.di_atimensec; spcl.c_mtime = _time64_to_time(dp->dp2.di_mtime); spcl.c_mtimensec = dp->dp2.di_mtimensec; spcl.c_birthtime = _time64_to_time(dp->dp2.di_birthtime); spcl.c_birthtimensec = dp->dp2.di_birthnsec; spcl.c_rdev = dp->dp2.di_rdev; spcl.c_file_flags = dp->dp2.di_flags; spcl.c_uid = dp->dp2.di_uid; spcl.c_gid = dp->dp2.di_gid; } spcl.c_type = TS_INODE; spcl.c_count = 0; switch (DIP(dp, di_mode) & S_IFMT) { case 0: /* * Freed inode. */ return; case S_IFLNK: /* * Check for short symbolic link. */ if (DIP(dp, di_size) > 0 && DIP(dp, di_size) < sblock->fs_maxsymlinklen) { spcl.c_addr[0] = 1; spcl.c_count = 1; added = appendextdata(dp); writeheader(ino); memmove(buf, DIP(dp, di_shortlink), (u_long)DIP(dp, di_size)); buf[DIP(dp, di_size)] = '\0'; writerec(buf, 0); writeextdata(dp, ino, added); return; } /* FALLTHROUGH */ case S_IFDIR: case S_IFREG: if (DIP(dp, di_size) > 0) break; /* FALLTHROUGH */ case S_IFIFO: case S_IFSOCK: case S_IFCHR: case S_IFBLK: added = appendextdata(dp); writeheader(ino); writeextdata(dp, ino, added); return; default: msg("Warning: undefined file type 0%o\n", DIP(dp, di_mode) & IFMT); return; } if (DIP(dp, di_size) > UFS_NDADDR * sblock->fs_bsize) { cnt = UFS_NDADDR * sblock->fs_frag; last = 0; } else { cnt = howmany(DIP(dp, di_size), sblock->fs_fsize); last = 1; } if (sblock->fs_magic == FS_UFS1_MAGIC) ufs1_blksout(&dp->dp1.di_db[0], cnt, ino); else ufs2_blksout(dp, &dp->dp2.di_db[0], cnt, ino, last); if ((size = DIP(dp, di_size) - UFS_NDADDR * sblock->fs_bsize) <= 0) return; for (ind_level = 0; ind_level < UFS_NIADDR; ind_level++) { dmpindir(dp, ino, DIP(dp, di_ib[ind_level]), ind_level, &size); if (size <= 0) return; } } /* * Read indirect blocks, and pass the data blocks to be dumped. */ static void dmpindir(union dinode *dp, ino_t ino, ufs2_daddr_t blk, int ind_level, off_t *size) { union { ufs1_daddr_t ufs1[MAXBSIZE / sizeof(ufs1_daddr_t)]; ufs2_daddr_t ufs2[MAXBSIZE / sizeof(ufs2_daddr_t)]; } idblk; int i, cnt, last; if (blk != 0) blkread(fsbtodb(sblock, blk), (char *)&idblk, (int)sblock->fs_bsize); else memset(&idblk, 0, sblock->fs_bsize); if (ind_level <= 0) { if (*size > NINDIR(sblock) * sblock->fs_bsize) { cnt = NINDIR(sblock) * sblock->fs_frag; last = 0; } else { cnt = howmany(*size, sblock->fs_fsize); last = 1; } *size -= NINDIR(sblock) * sblock->fs_bsize; if (sblock->fs_magic == FS_UFS1_MAGIC) ufs1_blksout(idblk.ufs1, cnt, ino); else ufs2_blksout(dp, idblk.ufs2, cnt, ino, last); return; } ind_level--; for (i = 0; i < NINDIR(sblock); i++) { if (sblock->fs_magic == FS_UFS1_MAGIC) dmpindir(dp, ino, idblk.ufs1[i], ind_level, size); else dmpindir(dp, ino, idblk.ufs2[i], ind_level, size); if (*size <= 0) return; } } /* * Collect up the data into tape record sized buffers and output them. */ static void ufs1_blksout(ufs1_daddr_t *blkp, int frags, ino_t ino) { ufs1_daddr_t *bp; int i, j, count, blks, tbperdb; blks = howmany(frags * sblock->fs_fsize, TP_BSIZE); tbperdb = sblock->fs_bsize >> tp_bshift; for (i = 0; i < blks; i += TP_NINDIR) { if (i + TP_NINDIR > blks) count = blks; else count = i + TP_NINDIR; assert(count <= TP_NINDIR + i); for (j = i; j < count; j++) if (blkp[j / tbperdb] != 0) spcl.c_addr[j - i] = 1; else spcl.c_addr[j - i] = 0; spcl.c_count = count - i; writeheader(ino); bp = &blkp[i / tbperdb]; for (j = i; j < count; j += tbperdb, bp++) if (*bp != 0) { if (j + tbperdb <= count) dumpblock(*bp, (int)sblock->fs_bsize); else dumpblock(*bp, (count - j) * TP_BSIZE); } spcl.c_type = TS_ADDR; } } /* * Collect up the data into tape record sized buffers and output them. */ static void ufs2_blksout(union dinode *dp, ufs2_daddr_t *blkp, int frags, ino_t ino, int last) { ufs2_daddr_t *bp; int i, j, count, resid, blks, tbperdb, added; static int writingextdata = 0; /* * Calculate the number of TP_BSIZE blocks to be dumped. * For filesystems with a fragment size bigger than TP_BSIZE, * only part of the final fragment may need to be dumped. */ blks = howmany(frags * sblock->fs_fsize, TP_BSIZE); if (last) { if (writingextdata) resid = howmany(fragoff(sblock, spcl.c_extsize), TP_BSIZE); else resid = howmany(fragoff(sblock, dp->dp2.di_size), TP_BSIZE); if (resid > 0) blks -= howmany(sblock->fs_fsize, TP_BSIZE) - resid; } tbperdb = sblock->fs_bsize >> tp_bshift; for (i = 0; i < blks; i += TP_NINDIR) { if (i + TP_NINDIR > blks) count = blks; else count = i + TP_NINDIR; assert(count <= TP_NINDIR + i); for (j = i; j < count; j++) if (blkp[j / tbperdb] != 0) spcl.c_addr[j - i] = 1; else spcl.c_addr[j - i] = 0; spcl.c_count = count - i; if (last && count == blks && !writingextdata) added = appendextdata(dp); writeheader(ino); bp = &blkp[i / tbperdb]; for (j = i; j < count; j += tbperdb, bp++) if (*bp != 0) { if (j + tbperdb <= count) dumpblock(*bp, (int)sblock->fs_bsize); else dumpblock(*bp, (count - j) * TP_BSIZE); } spcl.c_type = TS_ADDR; spcl.c_count = 0; if (last && count == blks && !writingextdata) { writingextdata = 1; writeextdata(dp, ino, added); writingextdata = 0; } } } /* * If there is room in the current block for the extended attributes * as well as the file data, update the header to reflect the added * attribute data at the end. Attributes are placed at the end so that * old versions of restore will correctly restore the file and simply * discard the extra data at the end that it does not understand. * The attribute data is dumped following the file data by the * writeextdata() function (below). */ static int appendextdata(union dinode *dp) { int i, blks, tbperdb; /* * If no extended attributes, there is nothing to do. */ if (spcl.c_extsize == 0) return (0); /* * If there is not enough room at the end of this block * to add the extended attributes, then rather than putting * part of them here, we simply push them entirely into a * new block rather than putting some here and some later. */ if (spcl.c_extsize > UFS_NXADDR * sblock->fs_bsize) blks = howmany(UFS_NXADDR * sblock->fs_bsize, TP_BSIZE); else blks = howmany(spcl.c_extsize, TP_BSIZE); if (spcl.c_count + blks > TP_NINDIR) return (0); /* * Update the block map in the header to indicate the added * extended attribute. They will be appended after the file * data by the writeextdata() routine. */ tbperdb = sblock->fs_bsize >> tp_bshift; assert(spcl.c_count + blks <= TP_NINDIR); for (i = 0; i < blks; i++) if (&dp->dp2.di_extb[i / tbperdb] != 0) spcl.c_addr[spcl.c_count + i] = 1; else spcl.c_addr[spcl.c_count + i] = 0; spcl.c_count += blks; return (blks); } /* * Dump the extended attribute data. If there was room in the file * header, then all we need to do is output the data blocks. If there * was not room in the file header, then an additional TS_ADDR header * is created to hold the attribute data. */ static void writeextdata(union dinode *dp, ino_t ino, int added) { int i, frags, blks, tbperdb, last; ufs2_daddr_t *bp; off_t size; /* * If no extended attributes, there is nothing to do. */ if (spcl.c_extsize == 0) return; /* * If there was no room in the file block for the attributes, * dump them out in a new block, otherwise just dump the data. */ if (added == 0) { if (spcl.c_extsize > UFS_NXADDR * sblock->fs_bsize) { frags = UFS_NXADDR * sblock->fs_frag; last = 0; } else { frags = howmany(spcl.c_extsize, sblock->fs_fsize); last = 1; } ufs2_blksout(dp, &dp->dp2.di_extb[0], frags, ino, last); } else { if (spcl.c_extsize > UFS_NXADDR * sblock->fs_bsize) blks = howmany(UFS_NXADDR * sblock->fs_bsize, TP_BSIZE); else blks = howmany(spcl.c_extsize, TP_BSIZE); tbperdb = sblock->fs_bsize >> tp_bshift; for (i = 0; i < blks; i += tbperdb) { bp = &dp->dp2.di_extb[i / tbperdb]; if (*bp != 0) { if (i + tbperdb <= blks) dumpblock(*bp, (int)sblock->fs_bsize); else dumpblock(*bp, (blks - i) * TP_BSIZE); } } } /* * If an indirect block is added for extended attributes, then * di_exti below should be changed to the structure element * that references the extended attribute indirect block. This * definition is here only to make it compile without complaint. */ #define di_exti di_spare[0] /* * If the extended attributes fall into an indirect block, * dump it as well. */ if ((size = spcl.c_extsize - UFS_NXADDR * sblock->fs_bsize) > 0) dmpindir(dp, ino, dp->dp2.di_exti, 0, &size); } /* * Dump a map to the tape. */ void dumpmap(char *map, int type, ino_t ino) { int i; char *cp; spcl.c_type = type; spcl.c_count = howmany(mapsize * sizeof(char), TP_BSIZE); writeheader(ino); for (i = 0, cp = map; i < spcl.c_count; i++, cp += TP_BSIZE) writerec(cp, 0); } /* * Write a header record to the dump tape. */ void writeheader(ino_t ino) { int32_t sum, cnt, *lp; if (rsync_friendly >= 2) { /* don't track changes to access time */ spcl.c_atime = spcl.c_mtime; spcl.c_atimensec = spcl.c_mtimensec; } spcl.c_inumber = ino; spcl.c_magic = FS_UFS2_MAGIC; spcl.c_checksum = 0; lp = (int32_t *)&spcl; sum = 0; cnt = sizeof(union u_spcl) / (4 * sizeof(int32_t)); while (--cnt >= 0) { sum += *lp++; sum += *lp++; sum += *lp++; sum += *lp++; } spcl.c_checksum = CHECKSUM - sum; writerec((char *)&spcl, 1); } union dinode * getino(ino_t inum, int *modep) { static ino_t minino, maxino; static caddr_t inoblock; struct ufs1_dinode *dp1; struct ufs2_dinode *dp2; if (inoblock == NULL && (inoblock = malloc(sblock->fs_bsize)) == NULL) quit("cannot allocate inode memory.\n"); curino = inum; if (inum >= minino && inum < maxino) goto gotit; blkread(fsbtodb(sblock, ino_to_fsba(sblock, inum)), inoblock, (int)sblock->fs_bsize); minino = inum - (inum % INOPB(sblock)); maxino = minino + INOPB(sblock); gotit: if (sblock->fs_magic == FS_UFS1_MAGIC) { dp1 = &((struct ufs1_dinode *)inoblock)[inum - minino]; *modep = (dp1->di_mode & IFMT); return ((union dinode *)dp1); } dp2 = &((struct ufs2_dinode *)inoblock)[inum - minino]; *modep = (dp2->di_mode & IFMT); return ((union dinode *)dp2); } /* * Read a chunk of data from the disk. * Try to recover from hard errors by reading in sector sized pieces. * Error recovery is attempted at most BREADEMAX times before seeking * consent from the operator to continue. */ int breaderrors = 0; #define BREADEMAX 32 void blkread(ufs2_daddr_t blkno, char *buf, int size) { int secsize, bytes, resid, xfer, base, cnt, i; static char *tmpbuf; off_t offset; loop: offset = blkno << dev_bshift; secsize = sblock->fs_fsize; base = offset % secsize; resid = size % secsize; /* * If the transfer request starts or ends on a non-sector * boundary, we must read the entire sector and copy out * just the part that we need. */ if (base == 0 && resid == 0) { cnt = cread(diskfd, buf, size, offset); if (cnt == size) return; } else { if (tmpbuf == NULL && (tmpbuf = malloc(secsize)) == NULL) quit("buffer malloc failed\n"); xfer = 0; bytes = size; if (base != 0) { cnt = cread(diskfd, tmpbuf, secsize, offset - base); if (cnt != secsize) goto bad; xfer = MIN(secsize - base, size); offset += xfer; bytes -= xfer; resid = bytes % secsize; memcpy(buf, &tmpbuf[base], xfer); } if (bytes >= secsize) { cnt = cread(diskfd, &buf[xfer], bytes - resid, offset); if (cnt != bytes - resid) goto bad; xfer += cnt; offset += cnt; } if (resid == 0) return; cnt = cread(diskfd, tmpbuf, secsize, offset); if (cnt == secsize) { memcpy(&buf[xfer], tmpbuf, resid); return; } } bad: if (blkno + (size / dev_bsize) > fsbtodb(sblock, sblock->fs_size)) { /* * Trying to read the final fragment. * * NB - dump only works in TP_BSIZE blocks, hence * rounds `dev_bsize' fragments up to TP_BSIZE pieces. * It should be smarter about not actually trying to * read more than it can get, but for the time being * we punt and scale back the read only when it gets * us into trouble. (mkm 9/25/83) */ size -= dev_bsize; goto loop; } if (cnt == -1) msg("read error from %s: %s: [block %jd]: count=%d\n", disk, strerror(errno), (intmax_t)blkno, size); else msg("short read error from %s: [block %jd]: count=%d, got=%d\n", disk, (intmax_t)blkno, size, cnt); if (++breaderrors > BREADEMAX) { msg("More than %d block read errors from %s\n", BREADEMAX, disk); broadcast("DUMP IS AILING!\n"); msg("This is an unrecoverable error.\n"); if (!query("Do you want to attempt to continue?")){ dumpabort(0); /*NOTREACHED*/ } else breaderrors = 0; } /* * Zero buffer, then try to read each sector of buffer separately, * and bypass the cache. */ memset(buf, 0, size); for (i = 0; i < size; i += dev_bsize, buf += dev_bsize, blkno++) { if ((cnt = pread(diskfd, buf, (int)dev_bsize, ((off_t)blkno << dev_bshift))) == dev_bsize) continue; if (cnt == -1) { msg("read error from %s: %s: [sector %jd]: count=%ld\n", disk, strerror(errno), (intmax_t)blkno, dev_bsize); continue; } msg("short read from %s: [sector %jd]: count=%ld, got=%d\n", disk, (intmax_t)blkno, dev_bsize, cnt); } } diff --git a/sbin/dump/unctime.c b/sbin/dump/unctime.c index 5f44c80f9358..86ce682642b5 100644 --- a/sbin/dump/unctime.c +++ b/sbin/dump/unctime.c @@ -1,56 +1,53 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1980, 1993 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #ifndef lint -#if 0 -static char sccsid[] = "@(#)unctime.c 8.2 (Berkeley) 6/14/94"; -#endif #endif /* not lint */ #include /* * Convert a ctime(3) format string into a system format date. * Return the date thus calculated. * * Return -1 if the string is not in ctime format. */ time_t unctime(char *str) { struct tm then; str = strptime(str, "%a %b %e %T %Y", &then); if (str == NULL || (*str != '\n' && *str != '\0')) return ((time_t)-1); then.tm_isdst = -1; return (mktime(&then)); } diff --git a/sbin/dumpfs/Makefile b/sbin/dumpfs/Makefile index d7f768ad4c3d..b416eb1cd588 100644 --- a/sbin/dumpfs/Makefile +++ b/sbin/dumpfs/Makefile @@ -1,9 +1,8 @@ -# @(#)Makefile 8.1 (Berkeley) 6/5/93 PACKAGE=ufs PROG= dumpfs WARNS?= 2 LIBADD= ufs MAN= dumpfs.8 .include diff --git a/sbin/dumpfs/dumpfs.8 b/sbin/dumpfs/dumpfs.8 index 63da8e59aa46..768329315bc3 100644 --- a/sbin/dumpfs/dumpfs.8 +++ b/sbin/dumpfs/dumpfs.8 @@ -1,116 +1,114 @@ .\" Copyright (c) 1983, 1991, 1993 .\" The Regents of the University of California. All rights reserved. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: .\" 1. Redistributions of source code must retain the above copyright .\" notice, this list of conditions and the following disclaimer. .\" 2. Redistributions in binary form must reproduce the above copyright .\" notice, this list of conditions and the following disclaimer in the .\" documentation and/or other materials provided with the distribution. .\" 3. Neither the name of the University nor the names of its contributors .\" may be used to endorse or promote products derived from this software .\" without specific prior written permission. .\" .\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE .\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" @(#)dumpfs.8 8.1 (Berkeley) 6/5/93 -.\" .Dd July 2, 2021 .Dt DUMPFS 8 .Os .Sh NAME .Nm dumpfs .Nd dump UFS file system information .Sh SYNOPSIS .Nm .Op Fl f .Op Fl l .Op Fl m .Op Fl s .Ar filesys | device .Sh DESCRIPTION The .Nm utility prints out the UFS super block and cylinder group information for the file system or special device specified, unless the .Fl f , .Fl l , .Fl m , or .Fl s flag is specified. The listing is very long and detailed. This command is useful mostly for finding out certain file system information such as the file system block size and minimum free space percentage. .Pp If .Fl f is specified, a sorted list of all free fragments and free fragment ranges, as represented in cylinder group block free lists, is printed. If the flag is specified twice, contiguous free fragments are not collapsed into ranges and instead printed in a simple list. Fragment numbers may be converted to raw byte offsets by multiplying by the fragment size, which may be useful when recovering deleted data. .Pp If .Fl l is specified, the pathname to the file system's container derived from its unique identifier is printed. .Pp If .Fl m is specified, a .Xr newfs 8 command is printed that can be used to generate a new file system with equivalent settings. Please note that .Xr newfs 8 options .Fl E , .Fl R , .Fl S , and .Fl T are not handled and .Fl p is not useful in this case so is omitted. The .Xr newfs 8 options .Fl n and .Fl r are neither checked for nor output but should be. The .Fl r flag is needed if the filesystem uses .Xr gjournal 8 . .Pp If .Fl s is specified, only the super block information is printed. .Sh SEE ALSO .Xr fs 5 , .Xr fsck 8 , .Xr gpart 8 , .Xr newfs 8 , .Xr tunefs 8 .Sh HISTORY The .Nm utility appeared in .Bx 4.2 . diff --git a/sbin/dumpfs/dumpfs.c b/sbin/dumpfs/dumpfs.c index 7d2598c190e8..9eb1cba26824 100644 --- a/sbin/dumpfs/dumpfs.c +++ b/sbin/dumpfs/dumpfs.c @@ -1,546 +1,543 @@ /* * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 2009 Robert N. M. Watson * All rights reserved. * * This software was developed at the University of Cambridge Computer * Laboratory with support from a grant from Google, Inc. * * Copyright (c) 2002 Networks Associates Technology, Inc. * All rights reserved. * * This software was developed for the FreeBSD Project by Marshall * Kirk McKusick and Network Associates Laboratories, the Security * Research Division of Network Associates, Inc. under DARPA/SPAWAR * contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA CHATS * research program. * * Copyright (c) 1983, 1992, 1993 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #ifndef lint static const char copyright[] = "@(#) Copyright (c) 1983, 1992, 1993\n\ The Regents of the University of California. All rights reserved.\n"; #endif /* not lint */ #ifndef lint -#if 0 -static char sccsid[] = "@(#)dumpfs.c 8.5 (Berkeley) 4/29/95"; -#endif #endif /* not lint */ #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #define afs disk.d_fs #define acg disk.d_cg static struct uufsd disk; static int dumpfs(const char *, int); static int dumpfsid(void); static int dumpcg(void); static int dumpfreespace(const char *, int); static void dumpfreespacecg(int); static int marshal(const char *); static void pbits(void *, int); static void pblklist(void *, int, off_t, int); static const char *ufserr(void); static void usage(void) __dead2; int main(int argc, char *argv[]) { const char *name; int ch, dofreespace, domarshal, dolabel, dosb, eval; dofreespace = domarshal = dolabel = dosb = eval = 0; while ((ch = getopt(argc, argv, "lfms")) != -1) { switch (ch) { case 'f': dofreespace++; break; case 'm': domarshal = 1; break; case 'l': dolabel = 1; break; case 's': dosb = 1; break; case '?': default: usage(); } } argc -= optind; argv += optind; if (argc < 1) usage(); if (dofreespace && domarshal) usage(); if (dofreespace > 2) usage(); while ((name = *argv++) != NULL) { if (ufs_disk_fillout_blank(&disk, name) == -1 || sbfind(&disk, 0) == -1) { printf("\n%s: %s\n", name, ufserr()); eval |= 1; continue; } if (dofreespace) eval |= dumpfreespace(name, dofreespace); else if (domarshal) eval |= marshal(name); else if (dolabel) eval |= dumpfsid(); else eval |= dumpfs(name, dosb); ufs_disk_close(&disk); } exit(eval); } static int dumpfsid(void) { printf("%sufsid/%08x%08x\n", _PATH_DEV, afs.fs_id[0], afs.fs_id[1]); return 0; } static int dumpfs(const char *name, int dosb) { time_t fstime, fsmtime; int64_t fssize; int32_t fsflags; int i, ret; switch (disk.d_ufs) { case 2: fssize = afs.fs_size; fstime = afs.fs_time; fsmtime = afs.fs_mtime; printf("magic\t%x (UFS2)\n", afs.fs_magic); printf("last mounted time\t%s", ctime(&fsmtime)); printf("last modified time\t%s", ctime(&fstime)); printf("superblock location\t%jd\tid\t[ %08x %08x ]\n", (intmax_t)afs.fs_sblockloc, afs.fs_id[0], afs.fs_id[1]); printf("ncg\t%d\tsize\t%jd\tblocks\t%jd\n", afs.fs_ncg, (intmax_t)fssize, (intmax_t)afs.fs_dsize); break; case 1: fssize = afs.fs_old_size; fstime = afs.fs_old_time; printf("magic\t%x (UFS1)\ttime\t%s", afs.fs_magic, ctime(&fstime)); printf("id\t[ %08x %08x ]\n", afs.fs_id[0], afs.fs_id[1]); printf("ncg\t%d\tsize\t%jd\tblocks\t%jd\n", afs.fs_ncg, (intmax_t)fssize, (intmax_t)afs.fs_dsize); break; default: printf("Unknown filesystem type %d\n", disk.d_ufs); return (1); } printf("bsize\t%d\tshift\t%d\tmask\t0x%08x\n", afs.fs_bsize, afs.fs_bshift, afs.fs_bmask); printf("fsize\t%d\tshift\t%d\tmask\t0x%08x\n", afs.fs_fsize, afs.fs_fshift, afs.fs_fmask); printf("frag\t%d\tshift\t%d\tfsbtodb\t%d\n", afs.fs_frag, afs.fs_fragshift, afs.fs_fsbtodb); printf("minfree\t%d%%\toptim\t%s\tsymlinklen %d\n", afs.fs_minfree, afs.fs_optim == FS_OPTSPACE ? "space" : "time", afs.fs_maxsymlinklen); switch (disk.d_ufs) { case 2: printf("%s %d\tmaxbpg\t%d\tmaxcontig %d\tcontigsumsize %d\n", "maxbsize", afs.fs_maxbsize, afs.fs_maxbpg, afs.fs_maxcontig, afs.fs_contigsumsize); printf("nbfree\t%jd\tndir\t%jd\tnifree\t%jd\tnffree\t%jd\n", (intmax_t)afs.fs_cstotal.cs_nbfree, (intmax_t)afs.fs_cstotal.cs_ndir, (intmax_t)afs.fs_cstotal.cs_nifree, (intmax_t)afs.fs_cstotal.cs_nffree); printf("bpg\t%d\tfpg\t%d\tipg\t%d\tunrefs\t%jd\n", afs.fs_fpg / afs.fs_frag, afs.fs_fpg, afs.fs_ipg, (intmax_t)afs.fs_unrefs); printf("nindir\t%d\tinopb\t%d\tmaxfilesize\t%ju\n", afs.fs_nindir, afs.fs_inopb, (uintmax_t)afs.fs_maxfilesize); printf("sbsize\t%d\tcgsize\t%d\tcsaddr\t%jd\tcssize\t%d\n", afs.fs_sbsize, afs.fs_cgsize, (intmax_t)afs.fs_csaddr, afs.fs_cssize); break; case 1: printf("maxbpg\t%d\tmaxcontig %d\tcontigsumsize %d\n", afs.fs_maxbpg, afs.fs_maxcontig, afs.fs_contigsumsize); printf("nbfree\t%d\tndir\t%d\tnifree\t%d\tnffree\t%d\n", afs.fs_old_cstotal.cs_nbfree, afs.fs_old_cstotal.cs_ndir, afs.fs_old_cstotal.cs_nifree, afs.fs_old_cstotal.cs_nffree); printf("cpg\t%d\tbpg\t%d\tfpg\t%d\tipg\t%d\n", afs.fs_old_cpg, afs.fs_fpg / afs.fs_frag, afs.fs_fpg, afs.fs_ipg); printf("nindir\t%d\tinopb\t%d\tnspf\t%d\tmaxfilesize\t%ju\n", afs.fs_nindir, afs.fs_inopb, afs.fs_old_nspf, (uintmax_t)afs.fs_maxfilesize); printf("sbsize\t%d\tcgsize\t%d\tcgoffset %d\tcgmask\t0x%08x\n", afs.fs_sbsize, afs.fs_cgsize, afs.fs_old_cgoffset, afs.fs_old_cgmask); printf("csaddr\t%jd\tcssize\t%d\n", (intmax_t)afs.fs_csaddr, afs.fs_cssize); printf("rotdelay %dms\trps\t%d\ttrackskew %d\tinterleave %d\n", afs.fs_old_rotdelay, afs.fs_old_rps, afs.fs_old_trackskew, afs.fs_old_interleave); printf("nsect\t%d\tnpsect\t%d\tspc\t%d\n", afs.fs_old_nsect, afs.fs_old_npsect, afs.fs_old_spc); break; default: printf("Unknown filesystem type %d\n", disk.d_ufs); return (1); } printf("old_cpg\t%d\tsize_cg\t%zu\tCGSIZE\t%zu\n", afs.fs_old_cpg, sizeof(struct cg), CGSIZE(&afs)); printf("sblkno\t%d\tcblkno\t%d\tiblkno\t%d\tdblkno\t%d\n", afs.fs_sblkno, afs.fs_cblkno, afs.fs_iblkno, afs.fs_dblkno); printf("cgrotor\t%d\tfmod\t%d\tronly\t%d\tclean\t%d\n", afs.fs_cgrotor, afs.fs_fmod, afs.fs_ronly, afs.fs_clean); printf("metaspace %jd\tavgfpdir %d\tavgfilesize %d\n", afs.fs_metaspace, afs.fs_avgfpdir, afs.fs_avgfilesize); printf("flags\t"); if (afs.fs_old_flags & FS_FLAGS_UPDATED) fsflags = afs.fs_flags; else fsflags = afs.fs_old_flags; if (fsflags == 0) printf("none"); if (fsflags & FS_UNCLEAN) printf("unclean "); if (fsflags & FS_DOSOFTDEP) printf("soft-updates%s ", (fsflags & FS_SUJ) ? "+journal" : ""); if (fsflags & FS_NEEDSFSCK) printf("needs-fsck-run "); if (fsflags & FS_INDEXDIRS) printf("indexed-directories "); if (fsflags & FS_ACLS) printf("acls "); if (fsflags & FS_MULTILABEL) printf("multilabel "); if (fsflags & FS_GJOURNAL) printf("gjournal "); if (fsflags & FS_FLAGS_UPDATED) printf("fs_flags-expanded "); if (fsflags & FS_NFS4ACLS) printf("nfsv4acls "); if (fsflags & FS_TRIM) printf("trim "); fsflags &= ~(FS_UNCLEAN | FS_DOSOFTDEP | FS_NEEDSFSCK | FS_METACKHASH | FS_ACLS | FS_MULTILABEL | FS_GJOURNAL | FS_FLAGS_UPDATED | FS_NFS4ACLS | FS_SUJ | FS_TRIM | FS_INDEXDIRS); if (fsflags != 0) printf("unknown-flags (%#x)", fsflags); putchar('\n'); if (afs.fs_flags & FS_METACKHASH) { printf("check hashes\t"); fsflags = afs.fs_metackhash; if (fsflags == 0) printf("none"); if (fsflags & CK_SUPERBLOCK) printf("superblock "); if (fsflags & CK_CYLGRP) printf("cylinder-groups "); if (fsflags & CK_INODE) printf("inodes "); if (fsflags & CK_INDIR) printf("indirect-blocks "); if (fsflags & CK_DIR) printf("directories "); } fsflags &= ~(CK_SUPERBLOCK | CK_CYLGRP | CK_INODE | CK_INDIR | CK_DIR); if (fsflags != 0) printf("unknown flags (%#x)", fsflags); putchar('\n'); printf("fsmnt\t%s\n", afs.fs_fsmnt); printf("volname\t%s\tswuid\t%ju\tprovidersize\t%ju\n", afs.fs_volname, (uintmax_t)afs.fs_swuid, (uintmax_t)afs.fs_providersize); printf("\ncs[].cs_(nbfree,ndir,nifree,nffree):\n\t"); for (i = 0; i < afs.fs_ncg; i++) { struct csum *cs = &afs.fs_cs(&afs, i); if (i && i % 4 == 0) printf("\n\t"); printf("(%d,%d,%d,%d) ", cs->cs_nbfree, cs->cs_ndir, cs->cs_nifree, cs->cs_nffree); } printf("\n"); if (fssize % afs.fs_fpg) { if (disk.d_ufs == 1) printf("cylinders in last group %d\n", howmany(afs.fs_old_size % afs.fs_fpg, afs.fs_old_spc / afs.fs_old_nspf)); printf("blocks in last group %ld\n\n", (long)((fssize % afs.fs_fpg) / afs.fs_frag)); } if (dosb) return (0); ret = 0; while ((i = cgread(&disk)) != 0) { if (i == -1) { ret = 1; printf("\ncg %d: %s\n", disk.d_lcg, ufserr()); } else if (dumpcg()) ret = 1; } return (ret); } static int dumpcg(void) { time_t cgtime; off_t cur; int i, j; printf("\ncg %d:\n", disk.d_lcg); cur = fsbtodb(&afs, cgtod(&afs, disk.d_lcg)) * disk.d_bsize; switch (disk.d_ufs) { case 2: cgtime = acg.cg_time; printf("magic\t%x\ttell\t%jx\ttime\t%s", acg.cg_magic, (intmax_t)cur, ctime(&cgtime)); printf("cgx\t%d\tndblk\t%d\tniblk\t%d\tinitiblk %d\tunrefs %d\n", acg.cg_cgx, acg.cg_ndblk, acg.cg_niblk, acg.cg_initediblk, acg.cg_unrefs); break; case 1: cgtime = acg.cg_old_time; printf("magic\t%x\ttell\t%jx\ttime\t%s", acg.cg_magic, (intmax_t)cur, ctime(&cgtime)); printf("cgx\t%d\tncyl\t%d\tniblk\t%d\tndblk\t%d\n", acg.cg_cgx, acg.cg_old_ncyl, acg.cg_old_niblk, acg.cg_ndblk); break; default: break; } printf("nbfree\t%d\tndir\t%d\tnifree\t%d\tnffree\t%d\n", acg.cg_cs.cs_nbfree, acg.cg_cs.cs_ndir, acg.cg_cs.cs_nifree, acg.cg_cs.cs_nffree); printf("rotor\t%d\tirotor\t%d\tfrotor\t%d\nfrsum", acg.cg_rotor, acg.cg_irotor, acg.cg_frotor); for (i = 1, j = 0; i < afs.fs_frag; i++) { printf("\t%d", acg.cg_frsum[i]); j += i * acg.cg_frsum[i]; } printf("\nsum of frsum: %d", j); if (afs.fs_contigsumsize > 0) { for (i = 1; i < afs.fs_contigsumsize; i++) { if ((i - 1) % 8 == 0) printf("\nclusters %d-%d:", i, MIN(afs.fs_contigsumsize - 1, i + 7)); printf("\t%d", cg_clustersum(&acg)[i]); } printf("\nclusters size %d and over: %d\n", afs.fs_contigsumsize, cg_clustersum(&acg)[afs.fs_contigsumsize]); printf("clusters free:\t"); pbits(cg_clustersfree(&acg), acg.cg_nclusterblks); } else printf("\n"); printf("inodes used:\t"); pbits(cg_inosused(&acg), afs.fs_ipg); printf("blks free:\t"); pbits(cg_blksfree(&acg), afs.fs_fpg); return (0); } static int dumpfreespace(const char *name, int fflag) { intmax_t startblkno; int i, ret; ret = 0; while ((i = cgread(&disk)) != 0) { if (i != -1) { dumpfreespacecg(fflag); } else { startblkno = disk.d_lcg * afs.fs_fpg; printf("\nBlocks %jd-%jd of cg %d skipped: %s\n", startblkno, startblkno + afs.fs_fpg - 1, disk.d_lcg, ufserr()); ret = 1; } } return (ret); } static void dumpfreespacecg(int fflag) { pblklist(cg_blksfree(&acg), afs.fs_fpg, disk.d_lcg * afs.fs_fpg, fflag); } static int marshal(const char *name) { struct fs *fs; fs = &disk.d_fs; printf("# newfs command for %s (%s)\n", name, disk.d_name); printf("newfs "); if (fs->fs_volname[0] != '\0') printf("-L %s ", fs->fs_volname); printf("-O %d ", disk.d_ufs); if (fs->fs_flags & FS_DOSOFTDEP) printf("-U "); printf("-a %d ", fs->fs_maxcontig); printf("-b %d ", fs->fs_bsize); /* -c is dumb */ printf("-d %d ", fs->fs_maxbsize); printf("-e %d ", fs->fs_maxbpg); printf("-f %d ", fs->fs_fsize); printf("-g %d ", fs->fs_avgfilesize); printf("-h %d ", fs->fs_avgfpdir); printf("-i %jd ", fragroundup(fs, lblktosize(fs, fragstoblks(fs, fs->fs_fpg)) / fs->fs_ipg)); if (fs->fs_flags & FS_SUJ) printf("-j "); if (fs->fs_flags & FS_GJOURNAL) printf("-J "); printf("-k %jd ", fs->fs_metaspace); if (fs->fs_flags & FS_MULTILABEL) printf("-l "); printf("-m %d ", fs->fs_minfree); /* -n unimplemented */ printf("-o "); switch (fs->fs_optim) { case FS_OPTSPACE: printf("space "); break; case FS_OPTTIME: printf("time "); break; default: printf("unknown "); break; } /* -p..r unimplemented */ printf("-s %jd ", (intmax_t)fsbtodb(fs, fs->fs_size)); if (fs->fs_flags & FS_TRIM) printf("-t "); printf("%s ", disk.d_name); printf("\n"); return 0; } static void pbits(void *vp, int max) { int i; char *p; int count, j; for (count = i = 0, p = vp; i < max; i++) if (isset(p, i)) { if (count) printf(",%s", count % 6 ? " " : "\n\t"); count++; printf("%d", i); j = i; while ((i+1) dump .Dl db> reset .Pp After reboot .Xr savecore 8 should be able to save the core dump in the .Va Dq dumpdir directory, which is .Pa /var/crash by default: .Pp .Dl # savecore /dev/ada0s1b .Pp Three files should be created in the core directory: .Pa info.# , .Pa key.# and .Pa vmcore_encrypted.# (where .Dq # is the number of the last core dump saved by .Xr savecore 8 ) . The .Pa vmcore_encrypted.# can be decrypted using the .Xr decryptcore 8 utility: .Pp .Dl # decryptcore -p private.pem -k key.# -e vmcore_encrypted.# -c vmcore.# .Pp or shorter: .Pp .Dl # decryptcore -p private.pem -n # .Pp The .Pa vmcore.# can be now examined using .Xr kgdb 1 Pq Pa ports/devel/gdb : .Pp .Dl # kgdb /boot/kernel/kernel vmcore.# .Pp or shorter: .Pp .Dl # kgdb -n # .Pp The core was decrypted properly if .Xr kgdb 1 Pq Pa ports/devel/gdb does not print any errors. Note that the live kernel might be at a different path which can be examined by looking at the .Va kern.bootfile .Xr sysctl 8 . .Pp The .Nm .Xr rc 8 script runs early during boot, typically before networking is configured. This makes it unsuitable for configuring .Xr netdump 4 when the client address is dynamic. To configure .Xr netdump 4 when .Xr dhclient 8 binds to a server, .Xr dhclient-script 8 can be used to run .Xr dumpon 8 . For example, to automatically configure .Xr netdump 4 on the vtnet0 interface, add the following to .Pa /etc/dhclient-exit-hooks . .Bd -literal case $reason in BOUND|REBIND|REBOOT|RENEW) if [ "$interface" != vtnet0 ] || [ -n "$old_ip_address" -a \\ "$old_ip_address" = "$new_ip_address" ]; then break fi if [ -n "$new_routers" ]; then # Take the first router in the list. gateway_flag="-g ${new_routers%% *}" fi # Configure as the highest-priority dump device. dumpon -i 0 -c $new_ip_address -s $server $gateway_flag vtnet0 ;; esac .Ed .Pp Be sure to fill in the server IP address and change the interface name if needed. .Sh SEE ALSO .Xr gzip 1 , .Xr kgdb 1 Pq Pa ports/devel/gdb , .Xr zstd 1 , .Xr ddb 4 , .Xr netdump 4 , .Xr fstab 5 , .Xr rc.conf 5 , .Xr config 8 , .Xr decryptcore 8 , .Xr init 8 , .Xr loader 8 , .Xr rc 8 , .Xr savecore 8 , .Xr swapon 8 , .Xr panic 9 .Sh HISTORY The .Nm utility appeared in .Fx 2.0.5 . .Pp Support for encrypted kernel core dumps and netdump was added in .Fx 12.0 . .Sh AUTHORS The .Nm manual page was written by .An Mark Johnston Aq Mt markj@FreeBSD.org , .An Conrad Meyer Aq Mt cem@FreeBSD.org , .An Konrad Witaszczyk Aq Mt def@FreeBSD.org , and countless others. .Sh CAVEATS To configure encrypted kernel core dumps, the running kernel must have been compiled with the .Dv EKCD option. .Pp Netdump does not automatically update the configured .Ar gateway if routing topology changes. .Pp The size of a compressed dump or a minidump is not a fixed function of RAM size. Therefore, when at least one of these options is enabled, the .Nm utility cannot verify that the .Ar device has sufficient space for a dump. .Nm is also unable to verify that a configured .Xr netdumpd 8 server has sufficient space for a dump. .Pp .Fl Z requires a kernel compiled with the .Dv ZSTDIO kernel option. Similarly, .Fl z requires the .Dv GZIO option. .Sh BUGS Netdump only supports IPv4 at this time. .Sh SECURITY CONSIDERATIONS The current encrypted kernel core dump scheme does not provide integrity nor authentication. That is, the recipient of an encrypted kernel core dump cannot know if they received an intact core dump, nor can they verify the provenance of the dump. .Pp RSA keys smaller than 1024 bits are practical to factor and therefore weak. Even 1024 bit keys may not be large enough to ensure privacy for many years, so NIST recommends a minimum of 2048 bit RSA keys. As a seatbelt, .Nm prevents users from configuring encrypted kernel dumps with extremely weak RSA keys. If you do not care for cryptographic privacy guarantees, just use .Nm without specifying a .Fl k Ar pubkey option. .Pp This process is sandboxed using .Xr capsicum 4 . diff --git a/sbin/dumpon/dumpon.c b/sbin/dumpon/dumpon.c index 81144e33bc71..20a9246496ae 100644 --- a/sbin/dumpon/dumpon.c +++ b/sbin/dumpon/dumpon.c @@ -1,710 +1,707 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1980, 1993 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #if 0 #ifndef lint static const char copyright[] = "@(#) Copyright (c) 1980, 1993\n\ The Regents of the University of California. All rights reserved.\n"; #endif /* not lint */ -#ifndef lint -static char sccsid[] = "From: @(#)swapon.c 8.1 (Berkeley) 6/5/93"; -#endif /* not lint */ #endif #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #ifdef HAVE_CRYPTO #include #include #include #include #endif static int verbose; static void _Noreturn usage(void) { fprintf(stderr, "usage: dumpon [-i index] [-r] [-v] [-k ] [-Zz] \n" " dumpon [-i index] [-r] [-v] [-k ] [-Zz]\n" " [-g ] -s -c \n" " dumpon [-v] off\n" " dumpon [-v] -l\n"); exit(EX_USAGE); } /* * Look for a default route on the specified interface. */ static char * find_gateway(const char *ifname) { struct ifaddrs *ifa, *ifap; struct rt_msghdr *rtm; struct sockaddr *sa; struct sockaddr_dl *sdl; struct sockaddr_in *dst, *mask, *gw; char *buf, *next, *ret; size_t sz; int error, i, ifindex, mib[7]; /* First look up the interface index. */ if (getifaddrs(&ifap) != 0) err(EX_OSERR, "getifaddrs"); for (ifa = ifap; ifa != NULL; ifa = ifa->ifa_next) { if (ifa->ifa_addr->sa_family != AF_LINK) continue; if (strcmp(ifa->ifa_name, ifname) == 0) { sdl = (struct sockaddr_dl *)(void *)ifa->ifa_addr; ifindex = sdl->sdl_index; break; } } if (ifa == NULL) errx(1, "couldn't find interface index for '%s'", ifname); freeifaddrs(ifap); /* Now get the IPv4 routing table. */ mib[0] = CTL_NET; mib[1] = PF_ROUTE; mib[2] = 0; mib[3] = AF_INET; mib[4] = NET_RT_DUMP; mib[5] = 0; mib[6] = -1; /* FIB */ for (;;) { if (sysctl(mib, nitems(mib), NULL, &sz, NULL, 0) != 0) err(EX_OSERR, "sysctl(NET_RT_DUMP)"); buf = malloc(sz); error = sysctl(mib, nitems(mib), buf, &sz, NULL, 0); if (error == 0) break; if (errno != ENOMEM) err(EX_OSERR, "sysctl(NET_RT_DUMP)"); free(buf); } ret = NULL; for (next = buf; next < buf + sz; next += rtm->rtm_msglen) { rtm = (struct rt_msghdr *)(void *)next; if (rtm->rtm_version != RTM_VERSION) continue; if ((rtm->rtm_flags & RTF_GATEWAY) == 0 || rtm->rtm_index != ifindex) continue; dst = gw = mask = NULL; sa = (struct sockaddr *)(rtm + 1); for (i = 0; i < RTAX_MAX; i++) { if ((rtm->rtm_addrs & (1 << i)) != 0) { switch (i) { case RTAX_DST: dst = (void *)sa; break; case RTAX_GATEWAY: gw = (void *)sa; break; case RTAX_NETMASK: mask = (void *)sa; break; } } sa = (struct sockaddr *)((char *)sa + SA_SIZE(sa)); } if (dst->sin_addr.s_addr == INADDR_ANY && mask->sin_addr.s_addr == 0) { ret = inet_ntoa(gw->sin_addr); break; } } free(buf); return (ret); } static void check_link_status(const char *ifname) { struct ifaddrs *ifap, *ifa; if (getifaddrs(&ifap) != 0) err(EX_OSERR, "getifaddrs"); for (ifa = ifap; ifa != NULL; ifa = ifa->ifa_next) { if (strcmp(ifname, ifa->ifa_name) != 0) continue; if ((ifa->ifa_flags & IFF_UP) == 0) { warnx("warning: %s's link is down", ifname); } break; } freeifaddrs(ifap); } static void check_size(int fd, const char *fn) { int name[] = { CTL_HW, HW_PHYSMEM }; size_t namelen = nitems(name); unsigned long physmem; size_t len; off_t mediasize; int minidump; len = sizeof(minidump); if (sysctlbyname("debug.minidump", &minidump, &len, NULL, 0) == 0 && minidump == 1) return; len = sizeof(physmem); if (sysctl(name, namelen, &physmem, &len, NULL, 0) != 0) err(EX_OSERR, "can't get memory size"); if (ioctl(fd, DIOCGMEDIASIZE, &mediasize) != 0) err(EX_OSERR, "%s: can't get size", fn); if ((uintmax_t)mediasize < (uintmax_t)physmem) errx(EX_IOERR, "%s is smaller than physical memory", fn); } #ifdef HAVE_CRYPTO static void _genkey(const char *pubkeyfile, struct diocskerneldump_arg *kdap) { FILE *fp; RSA *pubkey; assert(pubkeyfile != NULL); assert(kdap != NULL); fp = NULL; pubkey = NULL; fp = fopen(pubkeyfile, "r"); if (fp == NULL) err(1, "Unable to open %s", pubkeyfile); /* * Obsolescent OpenSSL only knows about /dev/random, and needs to * pre-seed before entering cap mode. For whatever reason, * RSA_pub_encrypt uses the internal PRNG. */ #if OPENSSL_VERSION_NUMBER < 0x10100000L { unsigned char c[1]; RAND_bytes(c, 1); } #endif if (caph_enter() < 0) err(1, "Unable to enter capability mode"); pubkey = RSA_new(); if (pubkey == NULL) { errx(1, "Unable to allocate an RSA structure: %s", ERR_error_string(ERR_get_error(), NULL)); } pubkey = PEM_read_RSA_PUBKEY(fp, &pubkey, NULL, NULL); fclose(fp); fp = NULL; if (pubkey == NULL) errx(1, "Unable to read data from %s: %s", pubkeyfile, ERR_error_string(ERR_get_error(), NULL)); /* * RSA keys under ~1024 bits are trivially factorable (2018). OpenSSL * provides an API for RSA keys to estimate the symmetric-cipher * "equivalent" bits of security (defined in NIST SP800-57), which as * of this writing equates a 2048-bit RSA key to 112 symmetric cipher * bits. * * Use this API as a seatbelt to avoid suggesting to users that their * privacy is protected by encryption when the key size is insufficient * to prevent compromise via factoring. * * Future work: Sanity check for weak 'e', and sanity check for absence * of 'd' (i.e., the supplied key is a public key rather than a full * keypair). */ #if OPENSSL_VERSION_NUMBER >= 0x10100000L if (RSA_security_bits(pubkey) < 112) #else if (RSA_size(pubkey) * 8 < 2048) #endif errx(1, "Small RSA keys (you provided: %db) can be " "factored cheaply. Please generate a larger key.", RSA_size(pubkey) * 8); kdap->kda_encryptedkeysize = RSA_size(pubkey); if (kdap->kda_encryptedkeysize > KERNELDUMP_ENCKEY_MAX_SIZE) { errx(1, "Public key has to be at most %db long.", 8 * KERNELDUMP_ENCKEY_MAX_SIZE); } kdap->kda_encryptedkey = calloc(1, kdap->kda_encryptedkeysize); if (kdap->kda_encryptedkey == NULL) err(1, "Unable to allocate encrypted key"); /* * If no cipher was specified, choose a reasonable default. */ if (kdap->kda_encryption == KERNELDUMP_ENC_NONE) kdap->kda_encryption = KERNELDUMP_ENC_CHACHA20; else if (kdap->kda_encryption == KERNELDUMP_ENC_AES_256_CBC && kdap->kda_compression != KERNELDUMP_COMP_NONE) errx(EX_USAGE, "Unpadded AES256-CBC mode cannot be used " "with compression."); arc4random_buf(kdap->kda_key, sizeof(kdap->kda_key)); if (RSA_public_encrypt(sizeof(kdap->kda_key), kdap->kda_key, kdap->kda_encryptedkey, pubkey, RSA_PKCS1_OAEP_PADDING) != (int)kdap->kda_encryptedkeysize) { errx(1, "Unable to encrypt the one-time key: %s", ERR_error_string(ERR_get_error(), NULL)); } RSA_free(pubkey); } /* * Run genkey() in a child so it can use capability mode without affecting * the rest of the runtime. */ static void genkey(const char *pubkeyfile, struct diocskerneldump_arg *kdap) { pid_t pid; int error, filedes[2], status; ssize_t bytes; if (pipe2(filedes, O_CLOEXEC) != 0) err(1, "pipe"); pid = fork(); switch (pid) { case -1: err(1, "fork"); break; case 0: close(filedes[0]); _genkey(pubkeyfile, kdap); /* Write the new kdap back to the parent. */ bytes = write(filedes[1], kdap, sizeof(*kdap)); if (bytes != sizeof(*kdap)) err(1, "genkey pipe write"); bytes = write(filedes[1], kdap->kda_encryptedkey, kdap->kda_encryptedkeysize); if (bytes != (ssize_t)kdap->kda_encryptedkeysize) err(1, "genkey pipe write kda_encryptedkey"); _exit(0); } close(filedes[1]); /* Read in the child's genkey() result into kdap. */ bytes = read(filedes[0], kdap, sizeof(*kdap)); if (bytes != sizeof(*kdap)) errx(1, "genkey pipe read"); if (kdap->kda_encryptedkeysize > KERNELDUMP_ENCKEY_MAX_SIZE) errx(1, "Public key has to be at most %db long.", 8 * KERNELDUMP_ENCKEY_MAX_SIZE); kdap->kda_encryptedkey = calloc(1, kdap->kda_encryptedkeysize); if (kdap->kda_encryptedkey == NULL) err(1, "Unable to allocate encrypted key"); bytes = read(filedes[0], kdap->kda_encryptedkey, kdap->kda_encryptedkeysize); if (bytes != (ssize_t)kdap->kda_encryptedkeysize) errx(1, "genkey pipe read kda_encryptedkey"); error = waitpid(pid, &status, WEXITED); if (error == -1) err(1, "waitpid"); if (WIFEXITED(status) && WEXITSTATUS(status) != 0) errx(1, "genkey child exited with status %d", WEXITSTATUS(status)); else if (WIFSIGNALED(status)) errx(1, "genkey child exited with signal %d", WTERMSIG(status)); close(filedes[0]); } #endif static void listdumpdev(void) { static char ip[200]; char dumpdev[PATH_MAX]; struct diocskerneldump_arg ndconf; size_t len; const char *sysctlname = "kern.shutdown.dumpdevname"; int fd; len = sizeof(dumpdev); if (sysctlbyname(sysctlname, &dumpdev, &len, NULL, 0) != 0) { if (errno == ENOMEM) { err(EX_OSERR, "Kernel returned too large of a buffer for '%s'\n", sysctlname); } else { err(EX_OSERR, "Sysctl get '%s'\n", sysctlname); } } if (strlen(dumpdev) == 0) (void)strlcpy(dumpdev, _PATH_DEVNULL, sizeof(dumpdev)); if (verbose) { char *ctx, *dd; unsigned idx; printf("kernel dumps on priority: device\n"); idx = 0; ctx = dumpdev; while ((dd = strsep(&ctx, ",")) != NULL) printf("%u: %s\n", idx++, dd); } else printf("%s\n", dumpdev); /* If netdump is enabled, print the configuration parameters. */ if (verbose) { fd = open(_PATH_NETDUMP, O_RDONLY); if (fd < 0) { if (errno != ENOENT) err(EX_OSERR, "opening %s", _PATH_NETDUMP); return; } if (ioctl(fd, DIOCGKERNELDUMP, &ndconf) != 0) { if (errno != ENXIO) err(EX_OSERR, "ioctl(DIOCGKERNELDUMP)"); (void)close(fd); return; } printf("server address: %s\n", inet_ntop(ndconf.kda_af, &ndconf.kda_server, ip, sizeof(ip))); printf("client address: %s\n", inet_ntop(ndconf.kda_af, &ndconf.kda_client, ip, sizeof(ip))); printf("gateway address: %s\n", inet_ntop(ndconf.kda_af, &ndconf.kda_gateway, ip, sizeof(ip))); (void)close(fd); } } static int opendumpdev(const char *arg, char *dumpdev) { int fd, i; if (strncmp(arg, _PATH_DEV, sizeof(_PATH_DEV) - 1) == 0) strlcpy(dumpdev, arg, PATH_MAX); else { i = snprintf(dumpdev, PATH_MAX, "%s%s", _PATH_DEV, arg); if (i < 0) err(EX_OSERR, "%s", arg); if (i >= PATH_MAX) errc(EX_DATAERR, EINVAL, "%s", arg); } fd = open(dumpdev, O_RDONLY); if (fd < 0) err(EX_OSFILE, "%s", dumpdev); return (fd); } int main(int argc, char *argv[]) { char dumpdev[PATH_MAX]; struct diocskerneldump_arg ndconf, *kdap; struct addrinfo hints, *res; const char *dev, *pubkeyfile, *server, *client, *gateway; int ch, error, fd, cipher; bool gzip, list, netdump, zstd, insert, rflag; uint8_t ins_idx; gzip = list = netdump = zstd = insert = rflag = false; kdap = NULL; pubkeyfile = NULL; server = client = gateway = NULL; ins_idx = KDA_APPEND; cipher = KERNELDUMP_ENC_NONE; while ((ch = getopt(argc, argv, "C:c:g:i:k:lrs:vZz")) != -1) switch ((char)ch) { case 'C': if (strcasecmp(optarg, "chacha") == 0 || strcasecmp(optarg, "chacha20") == 0) cipher = KERNELDUMP_ENC_CHACHA20; else if (strcasecmp(optarg, "aes-cbc") == 0 || strcasecmp(optarg, "aes256-cbc") == 0) cipher = KERNELDUMP_ENC_AES_256_CBC; else errx(EX_USAGE, "Unrecognized cipher algorithm " "'%s'", optarg); break; case 'c': client = optarg; break; case 'g': gateway = optarg; break; case 'i': { int i; i = atoi(optarg); if (i < 0 || i >= KDA_APPEND - 1) errx(EX_USAGE, "-i index must be between zero and %d.", (int)KDA_APPEND - 2); insert = true; ins_idx = i; } break; case 'k': pubkeyfile = optarg; break; case 'l': list = true; break; case 'r': rflag = true; break; case 's': server = optarg; break; case 'v': verbose = 1; break; case 'Z': zstd = true; break; case 'z': gzip = true; break; default: usage(); } if (gzip && zstd) errx(EX_USAGE, "The -z and -Z options are mutually exclusive."); if (insert && rflag) errx(EX_USAGE, "The -i and -r options are mutually exclusive."); argc -= optind; argv += optind; if (list) { listdumpdev(); exit(EX_OK); } if (argc != 1) usage(); #ifdef HAVE_CRYPTO if (cipher != KERNELDUMP_ENC_NONE && pubkeyfile == NULL) { errx(EX_USAGE, "-C option requires a public key file."); } else if (pubkeyfile != NULL) { #if OPENSSL_VERSION_NUMBER < 0x10100000L ERR_load_crypto_strings(); #else if (!OPENSSL_init_crypto(0, NULL)) errx(EX_UNAVAILABLE, "Unable to initialize OpenSSL"); #endif } #else if (pubkeyfile != NULL) errx(EX_UNAVAILABLE,"Unable to use the public key." " Recompile dumpon with OpenSSL support."); #endif if (server != NULL && client != NULL) { dev = _PATH_NETDUMP; netdump = true; } else if (server == NULL && client == NULL && argc > 0) { if (strcmp(argv[0], "off") == 0) { rflag = true; dev = _PATH_DEVNULL; } else dev = argv[0]; netdump = false; if (strcmp(dev, _PATH_DEVNULL) == 0) { /* * Netdump has its own configuration tracking that * is not removed when using /dev/null. */ fd = open(_PATH_NETDUMP, O_RDONLY); if (fd != -1) { bzero(&ndconf, sizeof(ndconf)); ndconf.kda_index = KDA_REMOVE_ALL; ndconf.kda_af = AF_INET; error = ioctl(fd, DIOCSKERNELDUMP, &ndconf); if (error != 0) err(1, "ioctl(%s, DIOCSKERNELDUMP)", _PATH_NETDUMP); close(fd); } } } else usage(); fd = opendumpdev(dev, dumpdev); if (!netdump && !gzip && !zstd && !rflag) check_size(fd, dumpdev); kdap = &ndconf; bzero(kdap, sizeof(*kdap)); if (rflag) kdap->kda_index = KDA_REMOVE; else kdap->kda_index = ins_idx; kdap->kda_compression = KERNELDUMP_COMP_NONE; if (zstd) kdap->kda_compression = KERNELDUMP_COMP_ZSTD; else if (gzip) kdap->kda_compression = KERNELDUMP_COMP_GZIP; if (netdump) { memset(&hints, 0, sizeof(hints)); hints.ai_family = AF_INET; hints.ai_protocol = IPPROTO_UDP; res = NULL; error = getaddrinfo(server, NULL, &hints, &res); if (error != 0) { if (error == EAI_SYSTEM) err(EX_OSERR, "%s", gai_strerror(error)); errx(EX_NOHOST, "%s", gai_strerror(error)); } server = inet_ntoa( ((struct sockaddr_in *)(void *)res->ai_addr)->sin_addr); freeaddrinfo(res); if (strlcpy(ndconf.kda_iface, argv[0], sizeof(ndconf.kda_iface)) >= sizeof(ndconf.kda_iface)) errx(EX_USAGE, "invalid interface name '%s'", argv[0]); if (inet_aton(server, &ndconf.kda_server.in4) == 0) errx(EX_USAGE, "invalid server address '%s'", server); if (inet_aton(client, &ndconf.kda_client.in4) == 0) errx(EX_USAGE, "invalid client address '%s'", client); if (gateway == NULL) { gateway = find_gateway(argv[0]); if (gateway == NULL) { if (verbose) printf( "failed to look up gateway for %s\n", server); gateway = server; } } if (inet_aton(gateway, &ndconf.kda_gateway.in4) == 0) errx(EX_USAGE, "invalid gateway address '%s'", gateway); ndconf.kda_af = AF_INET; } #ifdef HAVE_CRYPTO if (pubkeyfile != NULL) { kdap->kda_encryption = cipher; genkey(pubkeyfile, kdap); } #endif error = ioctl(fd, DIOCSKERNELDUMP, kdap); if (error != 0) error = errno; if (error == EINVAL && (gzip || zstd)) { /* Retry without compression in case kernel lacks support. */ kdap->kda_compression = KERNELDUMP_COMP_NONE; error = ioctl(fd, DIOCSKERNELDUMP, kdap); if (error == 0) warnx("Compression disabled; kernel may lack gzip or zstd support."); else error = errno; } /* Emit a warning if the user configured a downed interface. */ if (error == 0 && netdump) check_link_status(kdap->kda_iface); explicit_bzero(kdap->kda_encryptedkey, kdap->kda_encryptedkeysize); free(kdap->kda_encryptedkey); explicit_bzero(kdap, sizeof(*kdap)); if (error != 0) { if (netdump) { /* * Be slightly less user-hostile for some common * errors, especially as users don't have any great * discoverability into which NICs support netdump. */ if (error == ENODEV) errx(EX_OSERR, "Unable to configure netdump " "because the interface driver does not yet " "support netdump."); } errc(EX_OSERR, error, "ioctl(DIOCSKERNELDUMP)"); } if (verbose) listdumpdev(); exit(EX_OK); } diff --git a/sbin/etherswitchcfg/Makefile b/sbin/etherswitchcfg/Makefile index 12a5c01e9ed7..6312f07b09d3 100644 --- a/sbin/etherswitchcfg/Makefile +++ b/sbin/etherswitchcfg/Makefile @@ -1,9 +1,8 @@ -# @(#)Makefile 5.4 (Berkeley) 6/5/91 PACKAGE=runtime PROG= etherswitchcfg MAN= etherswitchcfg.8 SRCS= etherswitchcfg.c ifmedia.c CFLAGS+= -I${SRCTOP}/sys .include diff --git a/sbin/ffsinfo/Makefile b/sbin/ffsinfo/Makefile index 043be5743ab1..cc03ac9d08ca 100644 --- a/sbin/ffsinfo/Makefile +++ b/sbin/ffsinfo/Makefile @@ -1,18 +1,16 @@ -# @(#)Makefile 8.8 (Berkeley) 6/21/2000 -# # $TSHeader: src/sbin/ffsinfo/Makefile,v 1.3 2000/12/05 19:45:10 tomsoft Exp $ # GROWFS= ${.CURDIR:H}/growfs .PATH: ${GROWFS} PACKAGE=ufs PROG= ffsinfo SRCS= ffsinfo.c debug.c MAN= ffsinfo.8 WARNS?= 1 CFLAGS+=-DFS_DEBUG -I${GROWFS} LIBADD= ufs .include diff --git a/sbin/fsck/fsck.c b/sbin/fsck/fsck.c index 3757ed062ba5..6bef9a31b8f5 100644 --- a/sbin/fsck/fsck.c +++ b/sbin/fsck/fsck.c @@ -1,584 +1,582 @@ /* $NetBSD: fsck.c,v 1.30 2003/08/07 10:04:15 agc Exp $ */ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1996 Christos Zoulas. All rights reserved. * Copyright (c) 1980, 1989, 1993, 1994 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. - * - * From: @(#)mount.c 8.19 (Berkeley) 4/19/94 * From: $NetBSD: mount.c,v 1.24 1995/11/18 03:34:29 cgd Exp * $NetBSD: fsck.c,v 1.30 2003/08/07 10:04:15 agc Exp $ */ #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include "fsutil.h" static enum { IN_LIST, NOT_IN_LIST } which = NOT_IN_LIST; static TAILQ_HEAD(fstypelist, entry) opthead, selhead; struct entry { char *type; char *options; TAILQ_ENTRY(entry) entries; }; static char *options = NULL; static int flags = 0; static int forceflag = 0; static int checkfs(const char *, const char *, const char *, const char *, pid_t *); static int selected(const char *); static void addoption(char *); static const char *getoptions(const char *); static void addentry(struct fstypelist *, const char *, const char *); static void maketypelist(char *); static void catopt(char **, const char *); static void mangle(char *, int *, const char ** volatile *, int *); static const char *getfstype(const char *); static void usage(void) __dead2; static int isok(struct fstab *); static struct { const char *ptype; const char *name; } ptype_map[] = { { "ufs", "ffs" }, { "ffs", "ffs" }, { "fat", "msdosfs" }, { "efi", "msdosfs" }, { NULL, NULL }, }; int main(int argc, char *argv[]) { struct fstab *fs; int i, rval = 0; const char *vfstype = NULL; char globopt[3]; const char *etc_fstab; globopt[0] = '-'; globopt[2] = '\0'; TAILQ_INIT(&selhead); TAILQ_INIT(&opthead); etc_fstab = NULL; while ((i = getopt(argc, argv, "BCdvpfFnyl:t:T:c:")) != -1) switch (i) { case 'B': if (flags & CHECK_BACKGRD) errx(1, "Cannot specify -B and -F."); flags |= DO_BACKGRD; break; case 'd': flags |= CHECK_DEBUG; break; case 'v': flags |= CHECK_VERBOSE; break; case 'F': if (flags & DO_BACKGRD) errx(1, "Cannot specify -B and -F."); flags |= CHECK_BACKGRD; break; case 'p': flags |= CHECK_PREEN; /*FALLTHROUGH*/ case 'C': flags |= CHECK_CLEAN; /*FALLTHROUGH*/ case 'n': case 'y': globopt[1] = i; catopt(&options, globopt); break; case 'f': forceflag = 1; globopt[1] = i; catopt(&options, globopt); break; case 'l': warnx("Ignoring obsolete -l option\n"); break; case 'T': if (*optarg) addoption(optarg); break; case 't': if (!TAILQ_EMPTY(&selhead)) errx(1, "only one -t option may be specified."); maketypelist(optarg); vfstype = optarg; break; case 'c': etc_fstab = optarg; break; case '?': default: usage(); /* NOTREACHED */ } argc -= optind; argv += optind; if (etc_fstab != NULL) setfstab(etc_fstab); if (argc == 0) return checkfstab(flags, isok, checkfs); #define BADTYPE(type) \ (strcmp(type, FSTAB_RO) && \ strcmp(type, FSTAB_RW) && strcmp(type, FSTAB_RQ)) for (; argc--; argv++) { const char *spec, *mntpt, *type, *cp; char device[MAXPATHLEN]; struct statfs *mntp; mntpt = NULL; spec = *argv; cp = strrchr(spec, '/'); if (cp == NULL) { (void)snprintf(device, sizeof(device), "%s%s", _PATH_DEV, spec); spec = device; } mntp = getmntpoint(spec); if (mntp != NULL) { spec = mntp->f_mntfromname; mntpt = mntp->f_mntonname; } if ((fs = getfsfile(spec)) == NULL && (fs = getfsspec(spec)) == NULL) { if (vfstype == NULL) vfstype = getfstype(spec); if (vfstype == NULL) vfstype = "ufs"; type = vfstype; devcheck(spec); } else { spec = fs->fs_spec; type = fs->fs_vfstype; mntpt = fs->fs_file; if (BADTYPE(fs->fs_type)) errx(1, "%s has unknown file system type.", spec); } if ((flags & CHECK_BACKGRD) && checkfs(type, spec, mntpt, "-F", NULL) == 0) { printf("%s: DEFER FOR BACKGROUND CHECKING\n", *argv); continue; } if ((flags & DO_BACKGRD) && forceflag == 0 && checkfs(type, spec, mntpt, "-F", NULL) != 0) continue; rval |= checkfs(type, spec, mntpt, NULL, NULL); } return rval; } static int isok(struct fstab *fs) { int i; if (fs->fs_passno == 0) return (0); if (BADTYPE(fs->fs_type)) return (0); if (!selected(fs->fs_vfstype)) return (0); /* If failok, always check now */ if (getfsopt(fs, "failok")) return (1); /* * If the -B flag has been given, then process the needed * background checks. Background checks cannot be run on * file systems that will be mounted read-only or that were * not mounted at boot time (typically those marked `noauto'). * If these basic tests are passed, check with the file system * itself to see if it is willing to do background checking * by invoking its check program with the -F flag. */ if (flags & DO_BACKGRD) { if (!strcmp(fs->fs_type, FSTAB_RO)) return (0); if (getmntpoint(fs->fs_spec) == NULL) return (0); if (checkfs(fs->fs_vfstype, fs->fs_spec, fs->fs_file, "-F", 0)) return (0); return (1); } /* * If the -F flag has been given, then consider deferring the * check to background. Background checks cannot be run on * file systems that will be mounted read-only or that will * not be mounted at boot time (e.g., marked `noauto'). If * these basic tests are passed, check with the file system * itself to see if it is willing to defer to background * checking by invoking its check program with the -F flag. */ if ((flags & CHECK_BACKGRD) == 0 || !strcmp(fs->fs_type, FSTAB_RO)) return (1); for (i = strlen(fs->fs_mntops) - 6; i >= 0; i--) if (!strncmp(&fs->fs_mntops[i], "noauto", 6)) break; if (i >= 0) return (1); if (checkfs(fs->fs_vfstype, fs->fs_spec, fs->fs_file, "-F", NULL) != 0) return (1); printf("%s: DEFER FOR BACKGROUND CHECKING\n", fs->fs_spec); return (0); } static int checkfs(const char *pvfstype, const char *spec, const char *mntpt, const char *auxopt, pid_t *pidp) { const char ** volatile argv; pid_t pid; int argc, i, status, maxargc; char *optbuf, execbase[MAXPATHLEN]; char *vfstype = NULL; const char *extra = NULL; #ifdef __GNUC__ /* Avoid vfork clobbering */ (void) &optbuf; (void) &vfstype; #endif /* * We convert the vfstype to lowercase and any spaces to underscores * to not confuse the issue * * XXX This is a kludge to make automatic filesystem type guessing * from the disklabel work for "4.2BSD" filesystems. It does a * very limited subset of transliteration to a normalised form of * filesystem name, and we do not seem to enforce a filesystem * name character set. */ vfstype = strdup(pvfstype); if (vfstype == NULL) perr("strdup(pvfstype)"); for (i = 0; i < (int)strlen(vfstype); i++) { vfstype[i] = tolower(vfstype[i]); if (vfstype[i] == ' ') vfstype[i] = '_'; } extra = getoptions(vfstype); optbuf = NULL; if (options) catopt(&optbuf, options); if (extra) catopt(&optbuf, extra); if (auxopt) catopt(&optbuf, auxopt); else if (flags & DO_BACKGRD) catopt(&optbuf, "-B"); maxargc = 64; argv = emalloc(sizeof(char *) * maxargc); (void) snprintf(execbase, sizeof(execbase), "fsck_%s", vfstype); argc = 0; argv[argc++] = execbase; if (optbuf) mangle(optbuf, &argc, &argv, &maxargc); argv[argc++] = spec; argv[argc] = NULL; if (flags & (CHECK_DEBUG|CHECK_VERBOSE)) { (void)printf("start %s %swait", mntpt, pidp ? "no" : ""); for (i = 0; i < argc; i++) (void)printf(" %s", argv[i]); (void)printf("\n"); } switch (pid = vfork()) { case -1: /* Error. */ warn("vfork"); if (optbuf) free(optbuf); free(vfstype); return (1); case 0: /* Child. */ if ((flags & CHECK_DEBUG) && auxopt == NULL) _exit(0); /* Go find an executable. */ execvP(execbase, _PATH_SYSPATH, __DECONST(char * const *, argv)); if (spec) warn("exec %s for %s in %s", execbase, spec, _PATH_SYSPATH); else warn("exec %s in %s", execbase, _PATH_SYSPATH); _exit(1); /* NOTREACHED */ default: /* Parent. */ if (optbuf) free(optbuf); free(vfstype); if (pidp) { *pidp = pid; return 0; } if (waitpid(pid, &status, 0) < 0) { warn("waitpid"); return (1); } if (WIFEXITED(status)) { if (WEXITSTATUS(status) != 0) return (WEXITSTATUS(status)); } else if (WIFSIGNALED(status)) { warnx("%s: %s", spec, strsignal(WTERMSIG(status))); return (1); } break; } return (0); } static int selected(const char *type) { struct entry *e; /* If no type specified, it's always selected. */ TAILQ_FOREACH(e, &selhead, entries) if (!strncmp(e->type, type, MFSNAMELEN)) return which == IN_LIST ? 1 : 0; return which == IN_LIST ? 0 : 1; } static const char * getoptions(const char *type) { struct entry *e; TAILQ_FOREACH(e, &opthead, entries) if (!strncmp(e->type, type, MFSNAMELEN)) return e->options; return ""; } static void addoption(char *optstr) { char *newoptions; struct entry *e; if ((newoptions = strchr(optstr, ':')) == NULL) errx(1, "Invalid option string"); *newoptions++ = '\0'; TAILQ_FOREACH(e, &opthead, entries) if (!strncmp(e->type, optstr, MFSNAMELEN)) { catopt(&e->options, newoptions); return; } addentry(&opthead, optstr, newoptions); } static void addentry(struct fstypelist *list, const char *type, const char *opts) { struct entry *e; e = emalloc(sizeof(struct entry)); e->type = estrdup(type); e->options = estrdup(opts); TAILQ_INSERT_TAIL(list, e, entries); } static void maketypelist(char *fslist) { char *ptr; if ((fslist == NULL) || (fslist[0] == '\0')) errx(1, "empty type list"); if (fslist[0] == 'n' && fslist[1] == 'o') { fslist += 2; which = NOT_IN_LIST; } else which = IN_LIST; while ((ptr = strsep(&fslist, ",")) != NULL) addentry(&selhead, ptr, ""); } static void catopt(char **sp, const char *o) { char *s; size_t i, j; s = *sp; if (s) { i = strlen(s); j = i + 1 + strlen(o) + 1; s = erealloc(s, j); (void)snprintf(s + i, j, ",%s", o); } else s = estrdup(o); *sp = s; } static void mangle(char *opts, int *argcp, const char ** volatile *argvp, int *maxargcp) { char *p, *s; int argc, maxargc; const char **argv; argc = *argcp; argv = *argvp; maxargc = *maxargcp; for (s = opts; (p = strsep(&s, ",")) != NULL;) { /* Always leave space for one more argument and the NULL. */ if (argc >= maxargc - 3) { maxargc <<= 1; argv = erealloc(argv, maxargc * sizeof(char *)); } if (*p != '\0') { if (*p == '-') { argv[argc++] = p; p = strchr(p, '='); if (p) { *p = '\0'; argv[argc++] = p+1; } } else { argv[argc++] = "-o"; argv[argc++] = p; } } } *argcp = argc; *argvp = argv; *maxargcp = maxargc; } static const char * getfstype(const char *str) { struct diocgattr_arg attr; int fd, i; if ((fd = open(str, O_RDONLY)) == -1) err(1, "cannot open `%s'", str); strncpy(attr.name, "PART::type", sizeof(attr.name)); memset(&attr.value, 0, sizeof(attr.value)); attr.len = sizeof(attr.value); if (ioctl(fd, DIOCGATTR, &attr) == -1) { (void) close(fd); return(NULL); } (void) close(fd); for (i = 0; ptype_map[i].ptype != NULL; i++) if (strstr(attr.value.str, ptype_map[i].ptype) != NULL) return (ptype_map[i].name); return (NULL); } static void usage(void) { static const char common[] = "[-Cdfnpvy] [-B | -F] [-T fstype:fsoptions] [-t fstype] [-c fstab]"; (void)fprintf(stderr, "usage: %s %s [special | node] ...\n", getprogname(), common); exit(1); } diff --git a/sbin/fsck_ffs/Makefile b/sbin/fsck_ffs/Makefile index de8913c1ecb3..59805dbbf3d6 100644 --- a/sbin/fsck_ffs/Makefile +++ b/sbin/fsck_ffs/Makefile @@ -1,18 +1,17 @@ -# @(#)Makefile 8.2 (Berkeley) 4/27/95 PACKAGE=ufs PROG= fsck_ffs LINKS+= ${BINDIR}/fsck_ffs ${BINDIR}/fsck_ufs LINKS+= ${BINDIR}/fsck_ffs ${BINDIR}/fsck_4.2bsd MAN= fsck_ffs.8 MLINKS= fsck_ffs.8 fsck_ufs.8 fsck_ffs.8 fsck_4.2bsd.8 SRCS= dir.c ea.c fsutil.c inode.c main.c pass1.c pass1b.c pass2.c pass3.c \ pass4.c pass5.c setup.c suj.c utilities.c gjournal.c getmntopts.c \ globs.c LIBADD= ufs WARNS?= 2 CFLAGS+= -I${.CURDIR} -I${.CURDIR:H}/mount .PATH: ${SRCTOP}/sys/ufs/ffs ${.CURDIR:H}/mount .include diff --git a/sbin/fsck_ffs/dir.c b/sbin/fsck_ffs/dir.c index 0551ba4521c3..597cb1996401 100644 --- a/sbin/fsck_ffs/dir.c +++ b/sbin/fsck_ffs/dir.c @@ -1,1045 +1,1042 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1980, 1986, 1993 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #if 0 -#ifndef lint -static const char sccsid[] = "@(#)dir.c 8.8 (Berkeley) 4/28/95"; -#endif /* not lint */ #endif #include #include #include #include #include #include #include #include #include #include #include "fsck.h" static struct dirtemplate emptydir = { 0, DIRBLKSIZ, DT_UNKNOWN, 0, "", 0, 0, DT_UNKNOWN, 0, "" }; static struct dirtemplate dirhead = { 0, 12, DT_DIR, 1, ".", 0, DIRBLKSIZ - 12, DT_DIR, 2, ".." }; static int chgino(struct inodesc *); static int dircheck(struct inodesc *, struct bufarea *, struct direct *); static int expanddir(struct inode *ip, char *name); static struct direct *fsck_readdir(struct inodesc *); static struct bufarea *getdirblk(ufs2_daddr_t blkno, long size); static int lftempname(char *bufp, ino_t ino); static int mkentry(struct inodesc *); /* * Propagate connected state through the tree. */ void propagate(void) { struct inoinfo **inpp, *inp; struct inoinfo **inpend; long change; inpend = &inpsort[inplast]; do { change = 0; for (inpp = inpsort; inpp < inpend; inpp++) { inp = *inpp; if (inp->i_parent == 0) continue; if (inoinfo(inp->i_parent)->ino_state == DFOUND && INO_IS_DUNFOUND(inp->i_number)) { inoinfo(inp->i_number)->ino_state = DFOUND; check_dirdepth(inp); change++; } } } while (change > 0); } /* * Check that the recorded depth of the directory is correct. */ void check_dirdepth(struct inoinfo *inp) { struct inoinfo *parentinp; struct inode ip; union dinode *dp; int saveresolved; size_t size; static int updateasked, dirdepthupdate; if ((parentinp = getinoinfo(inp->i_parent)) == NULL) { pfatal("check_dirdepth: UNKNOWN PARENT DIR"); return; } /* * If depth is correct, nothing to do. */ if (parentinp->i_depth + 1 == inp->i_depth) return; /* * Only the root inode should have depth of 0, so if any other * directory has a depth of 0 then this is an old filesystem * that has not been tracking directory depth. Ask just once * whether it should start tracking directory depth. */ if (inp->i_depth == 0 && updateasked == 0) { updateasked = 1; if (preen) { pwarn("UPDATING FILESYSTEM TO TRACK DIRECTORY DEPTH\n"); dirdepthupdate = 1; } else { /* * The file system can be marked clean even if * a directory does not have the right depth. * Hence, resolved should not be cleared when * the filesystem does not update directory depths. */ saveresolved = resolved; dirdepthupdate = reply("UPDATE FILESYSTEM TO TRACK DIRECTORY DEPTH"); resolved = saveresolved; } } /* * If we are not converting or we are running in no-write mode * there is nothing more to do. */ if ((inp->i_depth == 0 && dirdepthupdate == 0) || (fswritefd < 0 && bkgrdflag == 0)) return; /* * Individual directory at wrong depth. Report it and correct if * in preen mode or ask if in interactive mode. Note that if a * directory is renamed to a new location that is at a different * level in the tree, its depth will be recalculated, but none of * the directories that it contains will be updated. Thus it is * not unexpected to find directories with incorrect depths. No * operational harm will come from this though new directory * placement in the subtree may not be as optimal until the depths * of the affected directories are corrected. * * To avoid much spurious output on otherwise clean filesystems * we only generate detailed output when the debug flag is given. */ ginode(inp->i_number, &ip); dp = ip.i_dp; if (inp->i_depth != 0 && debug) { pwarn("DIRECTORY"); prtinode(&ip); printf(" DEPTH %d SHOULD BE %d", inp->i_depth, parentinp->i_depth + 1); if (preen == 0 && reply("ADJUST") == 0) { irelse(&ip); return; } if (preen) printf(" (ADJUSTED)\n"); } inp->i_depth = parentinp->i_depth + 1; if (bkgrdflag == 0) { DIP_SET(dp, di_dirdepth, inp->i_depth); inodirty(&ip); } else { cmd.value = inp->i_number; cmd.size = (int64_t)inp->i_depth - DIP(dp, di_dirdepth); if (debug) printf("adjdepth ino %ld amt %jd\n", (long)cmd.value, (intmax_t)cmd.size); size = MIBSIZE; if (sysctlnametomib("vfs.ffs.adjdepth", adjdepth, &size) < 0 || sysctl(adjdepth, MIBSIZE, 0, 0, &cmd, sizeof cmd) == -1) rwerror("ADJUST INODE DEPTH", cmd.value); } irelse(&ip); } /* * Scan each entry in a directory block. */ int dirscan(struct inodesc *idesc) { struct direct *dp; struct bufarea *bp; u_int dsize, n; long blksiz; char dbuf[DIRBLKSIZ]; if (idesc->id_type != DATA) errx(EEXIT, "wrong type to dirscan %d", idesc->id_type); if (idesc->id_entryno == 0 && (idesc->id_filesize & (DIRBLKSIZ - 1)) != 0) idesc->id_filesize = roundup(idesc->id_filesize, DIRBLKSIZ); blksiz = idesc->id_numfrags * sblock.fs_fsize; if (chkrange(idesc->id_blkno, idesc->id_numfrags)) { idesc->id_filesize -= blksiz; return (SKIP); } idesc->id_loc = 0; for (dp = fsck_readdir(idesc); dp != NULL; dp = fsck_readdir(idesc)) { dsize = dp->d_reclen; if (dsize > sizeof(dbuf)) dsize = sizeof(dbuf); memmove(dbuf, dp, (size_t)dsize); idesc->id_dirp = (struct direct *)dbuf; if ((n = (*idesc->id_func)(idesc)) & ALTERED) { bp = getdirblk(idesc->id_blkno, blksiz); if (bp->b_errs != 0) return (STOP); memmove(bp->b_un.b_buf + idesc->id_loc - dsize, dbuf, (size_t)dsize); dirty(bp); sbdirty(); } if (n & STOP) return (n); } return (idesc->id_filesize > 0 ? KEEPON : STOP); } /* * Get and verify the next entry in a directory. * We also verify that if there is another entry in the block that it is * valid, so if it is not valid it can be subsumed into the current entry. */ static struct direct * fsck_readdir(struct inodesc *idesc) { struct direct *dp, *ndp; struct bufarea *bp; long size, blksiz, subsume_ndp; subsume_ndp = 0; blksiz = idesc->id_numfrags * sblock.fs_fsize; if (idesc->id_filesize <= 0 || idesc->id_loc >= blksiz) return (NULL); bp = getdirblk(idesc->id_blkno, blksiz); if (bp->b_errs != 0) return (NULL); dp = (struct direct *)(bp->b_un.b_buf + idesc->id_loc); /* * Only need to check current entry if it is the first in the * the block, as later entries will have been checked in the * previous call to this function. */ if (idesc->id_loc % DIRBLKSIZ != 0 || dircheck(idesc, bp, dp) != 0) { /* * Current entry is good, update to point at next. */ idesc->id_loc += dp->d_reclen; idesc->id_filesize -= dp->d_reclen; /* * If at end of directory block, just return this entry. */ if (idesc->id_filesize <= 0 || idesc->id_loc >= blksiz || idesc->id_loc % DIRBLKSIZ == 0) return (dp); /* * If the next entry good, return this entry. */ ndp = (struct direct *)(bp->b_un.b_buf + idesc->id_loc); if (dircheck(idesc, bp, ndp) != 0) return (dp); /* * The next entry is bad, so subsume it and the remainder * of this directory block into this entry. */ subsume_ndp = 1; } /* * Current or next entry is bad. Zap current entry or * subsume next entry into current entry as appropriate. */ size = DIRBLKSIZ - (idesc->id_loc % DIRBLKSIZ); idesc->id_loc += size; idesc->id_filesize -= size; if (idesc->id_fix == IGNORE) return (NULL); if (subsume_ndp) { memset(ndp, 0, size); dp->d_reclen += size; } else { memset(dp, 0, size); dp->d_reclen = size; } if (dofix(idesc, "DIRECTORY CORRUPTED")) dirty(bp); return (dp); } /* * Verify that a directory entry is valid. * This is a superset of the checks made in the kernel. * Also optionally clears padding and unused directory space. * * Returns 0 if the entry is bad, 1 if the entry is good. */ static int dircheck(struct inodesc *idesc, struct bufarea *bp, struct direct *dp) { size_t size; char *cp; u_int8_t namlen; int spaceleft, modified, unused; spaceleft = DIRBLKSIZ - (idesc->id_loc % DIRBLKSIZ); size = DIRSIZ(0, dp); if (dp->d_reclen == 0 || dp->d_reclen > spaceleft || dp->d_reclen < size || idesc->id_filesize < size || (dp->d_reclen & (DIR_ROUNDUP - 1)) != 0) goto bad; modified = 0; if (dp->d_ino == 0) { if (!zflag || fswritefd < 0) return (1); /* * Special case of an unused directory entry. Normally only * occurs at the beginning of a directory block when the block * contains no entries. Other than the first entry in a * directory block, the kernel coalesces unused space with * the previous entry by extending its d_reclen. However, * when cleaning up a directory, fsck may set d_ino to zero * in the middle of a directory block. If we're clearing out * directory cruft (-z flag), then make sure that all directory * space in entries with d_ino == 0 gets fully cleared. */ if (dp->d_type != 0) { dp->d_type = 0; modified = 1; } if (dp->d_namlen != 0) { dp->d_namlen = 0; modified = 1; } unused = dp->d_reclen - __offsetof(struct direct, d_name); for (cp = dp->d_name; unused > 0; unused--, cp++) { if (*cp != '\0') { *cp = '\0'; modified = 1; } } if (modified) dirty(bp); return (1); } /* * The d_type field should not be tested here. A bad type is an error * in the entry itself but is not a corruption of the directory * structure itself. So blowing away all the remaining entries in the * directory block is inappropriate. Rather the type error should be * checked in pass1 and fixed there. * * The name validation should also be done in pass1 although the * check to see if the name is longer than fits in the space * allocated for it (i.e., the *cp != '\0' fails after exiting the * loop below) then it really is a structural error that requires * the stronger action taken here. */ namlen = dp->d_namlen; if (namlen == 0 || dp->d_type > 15) goto bad; for (cp = dp->d_name, size = 0; size < namlen; size++) { if (*cp == '\0' || *cp++ == '/') goto bad; } if (*cp != '\0') goto bad; if (zflag && fswritefd >= 0) { /* * Clear unused directory entry space, including the d_name * padding. */ /* First figure the number of pad bytes. */ unused = roundup2(namlen + 1, DIR_ROUNDUP) - (namlen + 1); /* Add in the free space to the end of the record. */ unused += dp->d_reclen - DIRSIZ(0, dp); /* * Now clear out the unused space, keeping track if we actually * changed anything. */ for (cp = &dp->d_name[namlen + 1]; unused > 0; unused--, cp++) { if (*cp != '\0') { *cp = '\0'; modified = 1; } } if (modified) dirty(bp); } return (1); bad: if (debug) printf("Bad dir: ino %d reclen %d namlen %d type %d name %s\n", dp->d_ino, dp->d_reclen, dp->d_namlen, dp->d_type, dp->d_name); return (0); } void direrror(ino_t ino, const char *errmesg) { fileerror(ino, ino, errmesg); } void fileerror(ino_t cwd, ino_t ino, const char *errmesg) { struct inode ip; union dinode *dp; char pathbuf[MAXPATHLEN + 1]; pwarn("%s ", errmesg); if (ino < UFS_ROOTINO || ino >= maxino) { pfatal("out-of-range inode number %ju", (uintmax_t)ino); return; } ginode(ino, &ip); dp = ip.i_dp; prtinode(&ip); printf("\n"); getpathname(pathbuf, cwd, ino); if (ftypeok(dp)) pfatal("%s=%s\n", (DIP(dp, di_mode) & IFMT) == IFDIR ? "DIR" : "FILE", pathbuf); else pfatal("NAME=%s\n", pathbuf); irelse(&ip); } void adjust(struct inodesc *idesc, int lcnt) { struct inode ip; union dinode *dp; int saveresolved; ginode(idesc->id_number, &ip); dp = ip.i_dp; if (DIP(dp, di_nlink) == lcnt) { /* * If we have not hit any unresolved problems, are running * in preen mode, and are on a file system using soft updates, * then just toss any partially allocated files. */ if (resolved && (preen || bkgrdflag) && usedsoftdep) { clri(idesc, "UNREF", 1); irelse(&ip); return; } else { /* * The file system can be marked clean even if * a file is not linked up, but is cleared. * Hence, resolved should not be cleared when * linkup is answered no, but clri is answered yes. */ saveresolved = resolved; if (linkup(idesc->id_number, (ino_t)0, NULL) == 0) { resolved = saveresolved; clri(idesc, "UNREF", 0); irelse(&ip); return; } /* * Account for the new reference created by linkup(). */ lcnt--; } } if (lcnt != 0) { pwarn("LINK COUNT %s", (lfdir == idesc->id_number) ? lfname : ((DIP(dp, di_mode) & IFMT) == IFDIR ? "DIR" : "FILE")); prtinode(&ip); printf(" COUNT %d SHOULD BE %d", DIP(dp, di_nlink), DIP(dp, di_nlink) - lcnt); if (preen || usedsoftdep) { if (lcnt < 0) { printf("\n"); pfatal("LINK COUNT INCREASING"); } if (preen) printf(" (ADJUSTED)\n"); } if (preen || reply("ADJUST") == 1) { if (bkgrdflag == 0) { DIP_SET(dp, di_nlink, DIP(dp, di_nlink) - lcnt); inodirty(&ip); } else { cmd.value = idesc->id_number; cmd.size = -lcnt; if (debug) printf("adjrefcnt ino %ld amt %lld\n", (long)cmd.value, (long long)cmd.size); if (sysctl(adjrefcnt, MIBSIZE, 0, 0, &cmd, sizeof cmd) == -1) rwerror("ADJUST INODE LINK COUNT", cmd.value); } } } irelse(&ip); } static int mkentry(struct inodesc *idesc) { struct direct *dirp = idesc->id_dirp; struct direct newent; int newlen, oldlen; newent.d_namlen = strlen(idesc->id_name); newlen = DIRSIZ(0, &newent); if (dirp->d_ino != 0) oldlen = DIRSIZ(0, dirp); else oldlen = 0; if (dirp->d_reclen - oldlen < newlen) return (KEEPON); newent.d_reclen = dirp->d_reclen - oldlen; dirp->d_reclen = oldlen; dirp = (struct direct *)(((char *)dirp) + oldlen); dirp->d_ino = idesc->id_parent; /* ino to be entered is in id_parent */ dirp->d_reclen = newent.d_reclen; dirp->d_type = inoinfo(idesc->id_parent)->ino_type; dirp->d_namlen = newent.d_namlen; memmove(dirp->d_name, idesc->id_name, (size_t)newent.d_namlen + 1); return (ALTERED|STOP); } static int chgino(struct inodesc *idesc) { struct direct *dirp = idesc->id_dirp; if (memcmp(dirp->d_name, idesc->id_name, (int)dirp->d_namlen + 1)) return (KEEPON); dirp->d_ino = idesc->id_parent; dirp->d_type = inoinfo(idesc->id_parent)->ino_type; return (ALTERED|STOP); } int linkup(ino_t orphan, ino_t parentdir, char *name) { struct inode ip; union dinode *dp; int lostdir, depth; ino_t oldlfdir; struct inoinfo *inp; struct inodesc idesc; char tempname[BUFSIZ]; memset(&idesc, 0, sizeof(struct inodesc)); ginode(orphan, &ip); dp = ip.i_dp; lostdir = (DIP(dp, di_mode) & IFMT) == IFDIR; pwarn("UNREF %s ", lostdir ? "DIR" : "FILE"); prtinode(&ip); printf("\n"); if (preen && DIP(dp, di_size) == 0) { irelse(&ip); return (0); } irelse(&ip); if (cursnapshot != 0) { pfatal("FILE LINKUP IN SNAPSHOT"); return (0); } if (preen) printf(" (RECONNECTED)\n"); else if (reply("RECONNECT") == 0) return (0); if (lfdir == 0) { ginode(UFS_ROOTINO, &ip); idesc.id_name = strdup(lfname); idesc.id_type = DATA; idesc.id_func = findino; idesc.id_number = UFS_ROOTINO; if ((ckinode(ip.i_dp, &idesc) & FOUND) != 0) { lfdir = idesc.id_parent; } else { pwarn("NO lost+found DIRECTORY"); if (preen || reply("CREATE")) { lfdir = allocdir(UFS_ROOTINO, (ino_t)0, lfmode); if (lfdir != 0) { if (makeentry(UFS_ROOTINO, lfdir, lfname) != 0) { numdirs++; if (preen) printf(" (CREATED)\n"); } else { freedirino(lfdir, UFS_ROOTINO); lfdir = 0; if (preen) printf("\n"); } } } } irelse(&ip); free(idesc.id_name); if (lfdir == 0) { pfatal("SORRY. CANNOT CREATE lost+found DIRECTORY"); printf("\n\n"); return (0); } } ginode(lfdir, &ip); dp = ip.i_dp; if ((DIP(dp, di_mode) & IFMT) != IFDIR) { pfatal("lost+found IS NOT A DIRECTORY"); if (reply("REALLOCATE") == 0) { irelse(&ip); return (0); } oldlfdir = lfdir; if ((lfdir = allocdir(UFS_ROOTINO, (ino_t)0, lfmode)) == 0) { pfatal("SORRY. CANNOT CREATE lost+found DIRECTORY\n\n"); irelse(&ip); return (0); } if ((changeino(UFS_ROOTINO, lfname, lfdir, 1) & ALTERED) == 0) { pfatal("SORRY. CANNOT CREATE lost+found DIRECTORY\n\n"); irelse(&ip); return (0); } idesc.id_type = inoinfo(oldlfdir)->ino_idtype; idesc.id_func = freeblock; idesc.id_number = oldlfdir; adjust(&idesc, inoinfo(oldlfdir)->ino_linkcnt + 1); inoinfo(oldlfdir)->ino_linkcnt = 0; inodirty(&ip); irelse(&ip); ginode(lfdir, &ip); dp = ip.i_dp; } if (inoinfo(lfdir)->ino_state != DFOUND) { pfatal("SORRY. NO lost+found DIRECTORY\n\n"); irelse(&ip); return (0); } (void)lftempname(tempname, orphan); if (makeentry(lfdir, orphan, (name ? name : tempname)) == 0) { pfatal("SORRY. NO SPACE IN lost+found DIRECTORY"); printf("\n\n"); irelse(&ip); return (0); } inoinfo(orphan)->ino_linkcnt--; if (lostdir) { depth = DIP(dp, di_dirdepth) + 1; if ((changeino(orphan, "..", lfdir, depth) & ALTERED) == 0 && parentdir != (ino_t)-1) (void)makeentry(orphan, lfdir, ".."); DIP_SET(dp, di_nlink, DIP(dp, di_nlink) + 1); inodirty(&ip); inoinfo(lfdir)->ino_linkcnt++; pwarn("DIR I=%lu CONNECTED. ", (u_long)orphan); inp = getinoinfo(parentdir); if (parentdir != (ino_t)-1 && inp != NULL) { printf("PARENT WAS I=%lu\n", (u_long)parentdir); /* * If the parent directory did not have to * be replaced then because of the ordering * guarantees, has had the link count incremented * for the child, but no entry was made. This * fixes the parent link count so that fsck does * not need to be rerun. */ if ((inp->i_flags & INFO_NEW) != 0) inoinfo(parentdir)->ino_linkcnt++; } if (preen == 0) printf("\n"); } irelse(&ip); return (1); } /* * fix an entry in a directory. */ int changeino(ino_t dir, const char *name, ino_t newnum, int depth) { struct inodesc idesc; struct inode ip; int error; memset(&idesc, 0, sizeof(struct inodesc)); idesc.id_type = DATA; idesc.id_func = chgino; idesc.id_number = dir; idesc.id_fix = DONTKNOW; idesc.id_name = strdup(name); idesc.id_parent = newnum; /* new value for name */ ginode(dir, &ip); if (((error = ckinode(ip.i_dp, &idesc)) & ALTERED) && newnum != 0) { DIP_SET(ip.i_dp, di_dirdepth, depth); inodirty(&ip); getinoinfo(dir)->i_depth = depth; } free(idesc.id_name); irelse(&ip); return (error); } /* * make an entry in a directory */ int makeentry(ino_t parent, ino_t ino, const char *name) { struct inode ip; union dinode *dp; struct inodesc idesc; int retval; char pathbuf[MAXPATHLEN + 1]; if (parent < UFS_ROOTINO || parent >= maxino || ino < UFS_ROOTINO || ino >= maxino) return (0); memset(&idesc, 0, sizeof(struct inodesc)); idesc.id_type = DATA; idesc.id_func = mkentry; idesc.id_number = parent; idesc.id_parent = ino; /* this is the inode to enter */ idesc.id_fix = DONTKNOW; idesc.id_name = strdup(name); ginode(parent, &ip); dp = ip.i_dp; if (DIP(dp, di_size) % DIRBLKSIZ) { DIP_SET(dp, di_size, roundup(DIP(dp, di_size), DIRBLKSIZ)); inodirty(&ip); } if ((ckinode(dp, &idesc) & ALTERED) != 0) { irelse(&ip); free(idesc.id_name); return (1); } getpathname(pathbuf, parent, parent); if (expanddir(&ip, pathbuf) == 0) { irelse(&ip); free(idesc.id_name); return (0); } retval = ckinode(dp, &idesc) & ALTERED; irelse(&ip); free(idesc.id_name); return (retval); } /* * Attempt to expand the size of a directory */ static int expanddir(struct inode *ip, char *name) { ufs2_daddr_t lastlbn, oldblk, newblk, indirblk; size_t filesize, lastlbnsize; struct bufarea *bp, *nbp; struct inodesc idesc; union dinode *dp; long cg, indiralloced; char *cp; nbp = NULL; indiralloced = newblk = indirblk = 0; memset(&idesc, 0, sizeof(struct inodesc)); idesc.id_type = ADDR; pwarn("NO SPACE LEFT IN %s", name); if (!preen && reply("EXPAND") == 0) return (0); cg = ino_to_cg(&sblock, ip->i_number); dp = ip->i_dp; filesize = DIP(dp, di_size); lastlbn = lblkno(&sblock, filesize); /* * We only expand lost+found to a single indirect block. */ if ((DIP(dp, di_mode) & IFMT) != IFDIR || filesize == 0 || lastlbn >= UFS_NDADDR + NINDIR(&sblock)) goto bad; /* * If last block is a fragment, expand it to a full size block. */ lastlbnsize = sblksize(&sblock, filesize, lastlbn); if (lastlbnsize > 0 && lastlbnsize < sblock.fs_bsize) { oldblk = DIP(dp, di_db[lastlbn]); bp = getdirblk(oldblk, lastlbnsize); if (bp->b_errs) goto bad; newblk = allocblk(cg, sblock.fs_frag, std_checkblkavail); if (newblk == 0) goto bad; nbp = getdatablk(newblk, sblock.fs_bsize, BT_DIRDATA); if (nbp->b_errs) goto bad; DIP_SET(dp, di_db[lastlbn], newblk); DIP_SET(dp, di_size, filesize + sblock.fs_bsize - lastlbnsize); DIP_SET(dp, di_blocks, DIP(dp, di_blocks) + btodb(sblock.fs_bsize - lastlbnsize)); inodirty(ip); memmove(nbp->b_un.b_buf, bp->b_un.b_buf, lastlbnsize); memset(&nbp->b_un.b_buf[lastlbnsize], 0, sblock.fs_bsize - lastlbnsize); for (cp = &nbp->b_un.b_buf[lastlbnsize]; cp < &nbp->b_un.b_buf[sblock.fs_bsize]; cp += DIRBLKSIZ) memmove(cp, &emptydir, sizeof emptydir); dirty(nbp); brelse(nbp); binval(bp); idesc.id_blkno = oldblk; idesc.id_numfrags = numfrags(&sblock, lastlbnsize); (void)freeblock(&idesc); if (preen) printf(" (EXPANDED)\n"); return (1); } if ((newblk = allocblk(cg, sblock.fs_frag, std_checkblkavail)) == 0) goto bad; bp = getdirblk(newblk, sblock.fs_bsize); if (bp->b_errs) goto bad; memset(bp->b_un.b_buf, 0, sblock.fs_bsize); for (cp = bp->b_un.b_buf; cp < &bp->b_un.b_buf[sblock.fs_bsize]; cp += DIRBLKSIZ) memmove(cp, &emptydir, sizeof emptydir); dirty(bp); if (lastlbn < UFS_NDADDR) { DIP_SET(dp, di_db[lastlbn], newblk); } else { /* * Allocate indirect block if needed. */ if ((indirblk = DIP(dp, di_ib[0])) == 0) { indirblk = allocblk(cg, sblock.fs_frag, std_checkblkavail); if (indirblk == 0) { binval(bp); goto bad; } indiralloced = 1; } nbp = getdatablk(indirblk, sblock.fs_bsize, BT_LEVEL1); if (nbp->b_errs) goto bad; if (indiralloced) { memset(nbp->b_un.b_buf, 0, sblock.fs_bsize); DIP_SET(dp, di_ib[0], indirblk); DIP_SET(dp, di_blocks, DIP(dp, di_blocks) + btodb(sblock.fs_bsize)); inodirty(ip); } IBLK_SET(nbp, lastlbn - UFS_NDADDR, newblk); dirty(nbp); brelse(nbp); } DIP_SET(dp, di_size, filesize + sblock.fs_bsize); DIP_SET(dp, di_blocks, DIP(dp, di_blocks) + btodb(sblock.fs_bsize)); inodirty(ip); if (preen) printf(" (EXPANDED)\n"); return (1); bad: pfatal(" (EXPANSION FAILED)\n"); if (nbp != NULL) { binval(bp); brelse(nbp); } if (newblk != 0) { idesc.id_blkno = newblk; idesc.id_numfrags = sblock.fs_frag; (void)freeblock(&idesc); } if (indiralloced) { idesc.id_blkno = indirblk; idesc.id_numfrags = sblock.fs_frag; (void)freeblock(&idesc); } return (0); } /* * allocate a new directory */ ino_t allocdir(ino_t parent, ino_t request, int mode) { ino_t ino; char *cp; struct inode ip; union dinode *dp; struct bufarea *bp; struct dirtemplate *dirp; struct inoinfo *inp, *parentinp; ino = allocino(request, IFDIR|mode); if (ino == 0) return (0); dirp = &dirhead; dirp->dot_ino = ino; dirp->dotdot_ino = parent; ginode(ino, &ip); dp = ip.i_dp; bp = getdirblk(DIP(dp, di_db[0]), sblock.fs_fsize); if (bp->b_errs) { freeino(ino); irelse(&ip); return (0); } memmove(bp->b_un.b_buf, dirp, sizeof(struct dirtemplate)); for (cp = &bp->b_un.b_buf[DIRBLKSIZ]; cp < &bp->b_un.b_buf[sblock.fs_fsize]; cp += DIRBLKSIZ) memmove(cp, &emptydir, sizeof emptydir); dirty(bp); DIP_SET(dp, di_nlink, 2); inodirty(&ip); if (ino == UFS_ROOTINO) { inp = cacheino(dp, ino); inp->i_parent = parent; inp->i_dotdot = parent; inp->i_flags |= INFO_NEW; inoinfo(ino)->ino_type = DT_DIR; inoinfo(ino)->ino_linkcnt = DIP(dp, di_nlink); irelse(&ip); return(ino); } if (!INO_IS_DVALID(parent)) { freeino(ino); irelse(&ip); return (0); } inp = cacheino(dp, ino); inp->i_parent = parent; inp->i_dotdot = parent; inp->i_flags |= INFO_NEW; if ((parentinp = getinoinfo(inp->i_parent)) == NULL) { pfatal("allocdir: UNKNOWN PARENT DIR"); } else { inp->i_depth = parentinp->i_depth + 1; DIP_SET(dp, di_dirdepth, inp->i_depth); inodirty(&ip); } inoinfo(ino)->ino_type = DT_DIR; inoinfo(ino)->ino_state = inoinfo(parent)->ino_state; if (inoinfo(ino)->ino_state == DSTATE) { inoinfo(ino)->ino_linkcnt = DIP(dp, di_nlink); inoinfo(parent)->ino_linkcnt++; } irelse(&ip); ginode(parent, &ip); dp = ip.i_dp; DIP_SET(dp, di_nlink, DIP(dp, di_nlink) + 1); inodirty(&ip); irelse(&ip); return (ino); } /* * free a directory inode */ void freedirino(ino_t ino, ino_t parent) { struct inode ip; union dinode *dp; if (ino != parent) { ginode(parent, &ip); dp = ip.i_dp; DIP_SET(dp, di_nlink, DIP(dp, di_nlink) - 1); inodirty(&ip); irelse(&ip); } removecachedino(ino); freeino(ino); } /* * generate a temporary name for the lost+found directory. */ static int lftempname(char *bufp, ino_t ino) { ino_t in; char *cp; int namlen; cp = bufp + 2; for (in = maxino; in > 0; in /= 10) cp++; *--cp = 0; namlen = cp - bufp; in = ino; while (cp > bufp) { *--cp = (in % 10) + '0'; in /= 10; } *cp = '#'; return (namlen); } /* * Get a directory block. * Insure that it is held until another is requested. */ static struct bufarea * getdirblk(ufs2_daddr_t blkno, long size) { if (pdirbp != NULL && pdirbp->b_errs == 0) brelse(pdirbp); pdirbp = getdatablk(blkno, size, BT_DIRDATA); return (pdirbp); } diff --git a/sbin/fsck_ffs/fsck.h b/sbin/fsck_ffs/fsck.h index 827336a77d67..312142eab9a7 100644 --- a/sbin/fsck_ffs/fsck.h +++ b/sbin/fsck_ffs/fsck.h @@ -1,557 +1,555 @@ /*- * SPDX-License-Identifier: BSD-3-Clause and BSD-2-Clause * * Copyright (c) 2002 Networks Associates Technology, Inc. * All rights reserved. * * This software was developed for the FreeBSD Project by Marshall * Kirk McKusick and Network Associates Laboratories, the Security * Research Division of Network Associates, Inc. under DARPA/SPAWAR * contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA CHATS * research program. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * * Copyright (c) 1980, 1986, 1993 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. - * - * @(#)fsck.h 8.4 (Berkeley) 5/9/95 */ #ifndef _FSCK_H_ #define _FSCK_H_ #include #include #include #include #include #define MAXDUP 10 /* limit on dup blks (per inode) */ #define MAXBAD 10 /* limit on bad blks (per inode) */ #define MINBUFS 100 /* minimum number of buffers required */ #define INOBUFSIZE 64*1024 /* size of buffer to read inodes in pass1 */ #define ZEROBUFSIZE (dev_bsize * 128) /* size of zero buffer used by -Z */ union dinode { struct ufs1_dinode dp1; struct ufs2_dinode dp2; }; #define DIP(dp, field) \ ((sblock.fs_magic == FS_UFS1_MAGIC) ? \ (dp)->dp1.field : (dp)->dp2.field) #define DIP_SET(dp, field, val) do { \ if (sblock.fs_magic == FS_UFS1_MAGIC) \ (dp)->dp1.field = (val); \ else \ (dp)->dp2.field = (val); \ } while (0) /* * Each inode on the file system is described by the following structure. * The linkcnt is initially set to the value in the inode. Each time it * is found during the descent in passes 2, 3, and 4 the count is * decremented. Any inodes whose count is non-zero after pass 4 needs to * have its link count adjusted by the value remaining in ino_linkcnt. */ struct inostat { u_char ino_state; /* state of inode, see below */ u_char ino_type:4; /* type of inode */ u_char ino_idtype:4; /* idesc id_type, SNAP or ADDR */ u_short ino_linkcnt; /* number of links not found */ }; /* * Inode states. */ #define USTATE 0x1 /* inode not allocated */ #define FSTATE 0x2 /* inode is file */ #define FZLINK 0x3 /* inode is file with a link count of zero */ #define DSTATE 0x4 /* inode is directory */ #define DZLINK 0x5 /* inode is directory with a zero link count */ #define DFOUND 0x6 /* directory found during descent */ /* 0x7 UNUSED - see S_IS_DVALID() definition */ #define DCLEAR 0x8 /* directory is to be cleared */ #define FCLEAR 0x9 /* file is to be cleared */ /* DUNFOUND === (state == DSTATE || state == DZLINK) */ #define S_IS_DUNFOUND(state) (((state) & ~0x1) == DSTATE) /* DVALID === (state == DSTATE || state == DZLINK || state == DFOUND) */ #define S_IS_DVALID(state) (((state) & ~0x3) == DSTATE) #define INO_IS_DUNFOUND(ino) S_IS_DUNFOUND(inoinfo(ino)->ino_state) #define INO_IS_DVALID(ino) S_IS_DVALID(inoinfo(ino)->ino_state) /* * Inode state information is contained on per cylinder group lists * which are described by the following structure. */ extern struct inostatlist { long il_numalloced; /* number of inodes allocated in this cg */ struct inostat *il_stat;/* inostat info for this cylinder group */ } *inostathead; /* * Structure to reference a dinode. */ struct inode { struct bufarea *i_bp; /* buffer containing the dinode */ union dinode *i_dp; /* pointer to dinode in buffer */ ino_t i_number; /* inode number */ }; /* * Size of hash tables */ #define HASHSIZE 2048 #define HASH(x) ((x * 2654435761) & (HASHSIZE - 1)) /* * buffer cache structure. */ struct bufarea { TAILQ_ENTRY(bufarea) b_list; /* LRU buffer queue */ LIST_ENTRY(bufarea) b_hash; /* hash list */ ufs2_daddr_t b_bno; /* disk block number */ int b_size; /* size of I/O */ int b_errs; /* I/O error */ int b_flags; /* B_ flags below */ int b_type; /* BT_ type below */ int b_refcnt; /* ref count of users */ int b_index; /* for BT_LEVEL, ptr index */ /* for BT_INODES, first inum */ union { char *b_buf; /* buffer space */ ufs1_daddr_t *b_indir1; /* UFS1 indirect block */ ufs2_daddr_t *b_indir2; /* UFS2 indirect block */ struct fs *b_fs; /* super block */ struct cg *b_cg; /* cylinder group */ struct ufs1_dinode *b_dinode1; /* UFS1 inode block */ struct ufs2_dinode *b_dinode2; /* UFS2 inode block */ } b_un; }; #define IBLK(bp, i) \ ((sblock.fs_magic == FS_UFS1_MAGIC) ? \ (bp)->b_un.b_indir1[i] : (bp)->b_un.b_indir2[i]) #define IBLK_SET(bp, i, val) do { \ if (sblock.fs_magic == FS_UFS1_MAGIC) \ (bp)->b_un.b_indir1[i] = (val); \ else \ (bp)->b_un.b_indir2[i] = (val); \ } while (0) /* * Buffer flags */ #define B_DIRTY 0x00000001 /* Buffer is dirty */ /* * Type of data in buffer */ #define BT_UNKNOWN 0 /* Buffer type is unknown */ #define BT_SUPERBLK 1 /* Buffer holds a superblock */ #define BT_CYLGRP 2 /* Buffer holds a cylinder group map */ #define BT_LEVEL1 3 /* Buffer holds single level indirect */ #define BT_LEVEL2 4 /* Buffer holds double level indirect */ #define BT_LEVEL3 5 /* Buffer holds triple level indirect */ #define BT_EXTATTR 6 /* Buffer holds external attribute data */ #define BT_INODES 7 /* Buffer holds inodes */ #define BT_DIRDATA 8 /* Buffer holds directory data */ #define BT_DATA 9 /* Buffer holds user data */ #define BT_NUMBUFTYPES 10 #define BT_NAMES { \ "unknown", \ "Superblock", \ "Cylinder Group", \ "Single Level Indirect", \ "Double Level Indirect", \ "Triple Level Indirect", \ "External Attribute", \ "Inode Block", \ "Directory Contents", \ "User Data" } extern char *buftype[]; #define BT_BUFTYPE(type) \ type < BT_NUMBUFTYPES ? buftype[type] : buftype[BT_UNKNOWN] extern long readcnt[BT_NUMBUFTYPES]; extern long totalreadcnt[BT_NUMBUFTYPES]; extern struct timespec readtime[BT_NUMBUFTYPES]; extern struct timespec totalreadtime[BT_NUMBUFTYPES]; extern struct timespec startprog; extern struct bufarea *icachebp; /* inode cache buffer */ extern struct bufarea sblk; /* file system superblock */ extern struct bufarea *pdirbp; /* current directory contents */ #define dirty(bp) do { \ if (fswritefd < 0) \ pfatal("SETTING DIRTY FLAG IN READ_ONLY MODE\n"); \ else \ (bp)->b_flags |= B_DIRTY; \ } while (0) #define initbarea(bp, type) do { \ (bp)->b_bno = (ufs2_daddr_t)-4; \ (bp)->b_size = 0; \ (bp)->b_errs = 0; \ (bp)->b_flags = 0; \ (bp)->b_type = type; \ (bp)->b_refcnt = 0; \ (bp)->b_index = 0; \ } while (0) #define sbdirty() dirty(&sblk) #define sblock (*sblk.b_un.b_fs) enum fixstate {DONTKNOW, NOFIX, FIX, IGNORE}; extern ino_t cursnapshot; struct inodesc { enum fixstate id_fix; /* policy on fixing errors */ int (*id_func)(struct inodesc *); /* function to be applied to blocks of inode */ struct bufarea *id_bp; /* ckinode: buffer with indirect pointers */ union dinode *id_dp; /* ckinode: dinode being traversed */ ino_t id_number; /* inode number described */ ino_t id_parent; /* for DATA nodes, their parent */ ufs_lbn_t id_lbn; /* logical block number of current block */ ufs2_daddr_t id_blkno; /* current block number being examined */ int id_level; /* level of indirection of this block */ int id_numfrags; /* number of frags contained in block */ ufs_lbn_t id_lballoc; /* pass1: last LBN that is allocated */ off_t id_filesize; /* for DATA nodes, the size of the directory */ ufs2_daddr_t id_entryno;/* for DATA nodes, current entry number */ int id_loc; /* for DATA nodes, current location in dir */ struct direct *id_dirp; /* for DATA nodes, ptr to current entry */ char *id_name; /* for DATA nodes, name to find or enter */ char id_type; /* type of descriptor, DATA, ADDR, or SNAP */ }; /* file types */ #define DATA 1 /* a directory */ #define SNAP 2 /* a snapshot */ #define ADDR 3 /* anything but a directory or a snapshot */ /* * Linked list of duplicate blocks. * * The list is composed of two parts. The first part of the * list (from duplist through the node pointed to by muldup) * contains a single copy of each duplicate block that has been * found. The second part of the list (from muldup to the end) * contains duplicate blocks that have been found more than once. * To check if a block has been found as a duplicate it is only * necessary to search from duplist through muldup. To find the * total number of times that a block has been found as a duplicate * the entire list must be searched for occurrences of the block * in question. The following diagram shows a sample list where * w (found twice), x (found once), y (found three times), and z * (found once) are duplicate block numbers: * * w -> y -> x -> z -> y -> w -> y * ^ ^ * | | * duplist muldup */ struct dups { struct dups *next; ufs2_daddr_t dup; }; extern struct dups *duplist; /* head of dup list */ extern struct dups *muldup; /* end of unique duplicate dup block numbers */ /* * Inode cache data structures. */ struct inoinfo { SLIST_ENTRY(inoinfo) i_hash; /* hash list */ ino_t i_number; /* inode number of this entry */ ino_t i_parent; /* inode number of parent */ ino_t i_dotdot; /* inode number of `..' */ size_t i_isize; /* size of inode */ u_int i_depth; /* depth of directory from root */ u_int i_flags; /* flags, see below */ u_int i_numblks; /* size of block array in bytes */ ufs2_daddr_t i_blks[1]; /* actually longer */ }; extern SLIST_HEAD(inohash, inoinfo) *inphash; extern struct inoinfo **inpsort; /* * flags for struct inoinfo */ #define INFO_NEW 0x0000001 /* replaced broken directory */ extern long dirhash, inplast; extern unsigned long numdirs, listmax; extern long countdirs; /* number of directories we actually found */ #define MIBSIZE 3 /* size of fsck sysctl MIBs */ extern int adjblkcnt[MIBSIZE]; /* MIB cmd to adjust inode block count */ extern int adjrefcnt[MIBSIZE]; /* MIB cmd to adjust inode reference count */ extern int adjndir[MIBSIZE]; /* MIB cmd to adjust number of directories */ extern int adjnbfree[MIBSIZE]; /* MIB cmd to adjust number of free blocks */ extern int adjnifree[MIBSIZE]; /* MIB cmd to adjust number of free inodes */ extern int adjnffree[MIBSIZE]; /* MIB cmd to adjust number of free frags */ extern int adjnumclusters[MIBSIZE]; /* MIB cmd adjust number of free clusters */ extern int adjdepth[MIBSIZE]; /* MIB cmd to adjust directory depth count */ extern int freefiles[MIBSIZE]; /* MIB cmd to free a set of files */ extern int freedirs[MIBSIZE]; /* MIB cmd to free a set of directories */ extern int freeblks[MIBSIZE]; /* MIB cmd to free a set of data blocks */ extern int setsize[MIBSIZE]; /* MIB cmd to set inode size */ extern struct fsck_cmd cmd; /* sysctl file system update commands */ extern int bkgrdcheck; /* determine if background check is possible */ extern int bkgrdsumadj; /* whether the kernel has the ability to adjust the superblock summary fields */ extern off_t bflag; /* location of alternate super block */ extern int bkgrdflag; /* use a snapshot to run on an active system */ extern char *blockmap; /* ptr to primary blk allocation map */ extern char *cdevname; /* name of device being checked */ extern int cgheader_corrupt; /* one or more CG headers are corrupt */ extern char ckclean; /* only do work if not cleanly unmounted */ extern int ckhashadd; /* check hashes to be added */ extern char *copybuf; /* buffer to copy snapshot blocks */ extern int cvtlevel; /* convert to newer file system format */ extern long dev_bsize; /* computed value of DEV_BSIZE */ extern u_int real_dev_bsize; /* actual disk sector size, not overridden */ extern int debug; /* output debugging info */ extern int Eflag; /* delete empty data blocks */ extern int fsmodified; /* 1 => write done to file system */ extern int fsreadfd; /* file descriptor for reading file system */ extern int fswritefd; /* file descriptor for writing file system */ extern char havesb; /* superblock has been read */ extern int inoopt; /* trim out unused inodes */ extern ino_t lfdir; /* lost & found directory inode number */ extern int lfmode; /* lost & found directory creation mode */ extern const char *lfname; /* lost & found directory name */ extern ufs2_daddr_t maxfsblock; /* number of blocks in the file system */ extern ino_t maxino; /* number of inodes in file system */ extern ufs2_daddr_t n_blks; /* number of blocks in use */ extern ino_t n_files; /* number of files in use */ extern char nflag; /* assume a no response */ extern char preen; /* just fix normal inconsistencies */ extern char rerun; /* rerun fsck. Only used in non-preen mode */ extern char resolved; /* cleared if unresolved changes => not clean */ extern int returntosingle; /* 1 => return to single user mode on exit */ extern long secsize; /* actual disk sector size */ extern char skipclean; /* skip clean file systems if preening */ extern int snapcnt; /* number of active snapshots */ extern struct inode snaplist[FSMAXSNAP + 1]; /* list of active snapshots */ extern int sujrecovery; /* 1 => doing check using the journal */ extern int surrender; /* Give up if reads fail */ extern char usedsoftdep; /* just fix soft dependency inconsistencies */ extern int wantrestart; /* Restart fsck on early termination */ extern char yflag; /* assume a yes response */ extern int zflag; /* zero unused directory space */ extern int Zflag; /* zero empty data blocks */ extern volatile sig_atomic_t got_siginfo; /* received a SIGINFO */ extern volatile sig_atomic_t got_sigalarm; /* received a SIGALRM */ #define clearinode(dp) \ if (sblock.fs_magic == FS_UFS1_MAGIC) { \ (dp)->dp1 = zino.dp1; \ } else { \ (dp)->dp2 = zino.dp2; \ } extern union dinode zino; #define setbmap(blkno) setbit(blockmap, blkno) #define testbmap(blkno) isset(blockmap, blkno) #define clrbmap(blkno) clrbit(blockmap, blkno) #define STOP 0x01 #define SKIP 0x02 #define KEEPON 0x04 #define ALTERED 0x08 #define FOUND 0x10 #define EEXIT 8 /* Standard error exit. */ #define ERERUN 16 /* fsck needs to be re-run. */ #define ERESTART -1 int flushentry(void); /* * Wrapper for malloc() that flushes the cylinder group cache to try * to get space. */ static inline void* Malloc(size_t size) { void *retval; while ((retval = malloc(size)) == NULL) if (flushentry() == 0) break; return (retval); } /* * Allocate a block of memory to be used as an I/O buffer. * Ensure that the buffer is aligned to the I/O subsystem requirements. */ static inline void* Balloc(size_t size) { void *retval; while ((retval = aligned_alloc(LIBUFS_BUFALIGN, size)) == NULL) if (flushentry() == 0) break; return (retval); } /* * Wrapper for calloc() that flushes the cylinder group cache to try * to get space. */ static inline void* Calloc(size_t cnt, size_t size) { void *retval; while ((retval = calloc(cnt, size)) == NULL) if (flushentry() == 0) break; return (retval); } struct fstab; void adjust(struct inodesc *, int lcnt); void alarmhandler(int sig); ufs2_daddr_t allocblk(long cg, long frags, ufs2_daddr_t (*checkblkavail) (ufs2_daddr_t blkno, long frags)); ino_t allocdir(ino_t parent, ino_t request, int mode); ino_t allocino(ino_t request, int type); void binval(struct bufarea *); void blkerror(ino_t ino, const char *type, ufs2_daddr_t blk); char *blockcheck(char *name); int blread(int fd, char *buf, ufs2_daddr_t blk, long size); void bufinit(void); void blwrite(int fd, char *buf, ufs2_daddr_t blk, ssize_t size); void blerase(int fd, ufs2_daddr_t blk, long size); void blzero(int fd, ufs2_daddr_t blk, long size); void brelse(struct bufarea *); struct inoinfo *cacheino(union dinode *dp, ino_t inumber); void catch(int); void catchquit(int); void cgdirty(struct bufarea *); struct bufarea *cglookup(int cg); int changeino(ino_t dir, const char *name, ino_t newnum, int depth); void check_blkcnt(struct inode *ip); int check_cgmagic(int cg, struct bufarea *cgbp); void rebuild_cg(int cg, struct bufarea *cgbp); void check_dirdepth(struct inoinfo *inp); int chkfilesize(mode_t mode, u_int64_t filesize); int chkrange(ufs2_daddr_t blk, int cnt); void ckfini(int markclean); int ckinode(union dinode *dp, struct inodesc *); void clri(struct inodesc *, const char *type, int flag); int clearentry(struct inodesc *); void copyonwrite(struct fs *, struct bufarea *, ufs2_daddr_t (*checkblkavail)(ufs2_daddr_t, long)); void direrror(ino_t ino, const char *errmesg); int dirscan(struct inodesc *); int dofix(struct inodesc *, const char *msg); int eascan(struct inodesc *, struct ufs2_dinode *dp); void fileerror(ino_t cwd, ino_t ino, const char *errmesg); void finalIOstats(void); int findino(struct inodesc *); int findname(struct inodesc *); void flush(int fd, struct bufarea *bp); int freeblock(struct inodesc *); void freedirino(ino_t ino, ino_t parent); void freeino(ino_t ino); void freeinodebuf(void); void fsckinit(void); void fsutilinit(void); int ftypeok(union dinode *dp); void getblk(struct bufarea *bp, ufs2_daddr_t blk, long size); struct bufarea *getdatablk(ufs2_daddr_t blkno, long size, int type); struct inoinfo *getinoinfo(ino_t inumber); union dinode *getnextinode(ino_t inumber, int rebuiltcg); void getpathname(char *namebuf, ino_t curdir, ino_t ino); void ginode(ino_t, struct inode *); void gjournal_check(const char *filesys); void infohandler(int sig); void irelse(struct inode *); ufs2_daddr_t ino_blkatoff(union dinode *, ino_t, ufs_lbn_t, int *, struct bufarea **); void inocleanup(void); void inodirty(struct inode *); struct inostat *inoinfo(ino_t inum); void IOstats(char *what); int linkup(ino_t orphan, ino_t parentdir, char *name); int makeentry(ino_t parent, ino_t ino, const char *name); int openfilesys(char *dev); void panic(const char *fmt, ...) __printflike(1, 2); void pass1(void); void pass1b(void); int pass1check(struct inodesc *); void pass2(void); void pass3(void); void pass4(void); void pass5(void); void pfatal(const char *fmt, ...) __printflike(1, 2); void propagate(void); void prtbuf(struct bufarea *, const char *, ...) __printflike(2, 3); void prtinode(struct inode *); void pwarn(const char *fmt, ...) __printflike(1, 2); int readsb(void); int removecachedino(ino_t); int reply(const char *question); void rwerror(const char *mesg, ufs2_daddr_t blk); void sblock_init(void); void setinodebuf(int, ino_t); int setup(char *dev); int snapblkfree(struct fs *, ufs2_daddr_t, long, ino_t, ufs2_daddr_t (*)(ufs2_daddr_t, long)); void snapremove(ino_t); void snapflush(ufs2_daddr_t (*checkblkavail)(ufs2_daddr_t, long)); ufs2_daddr_t std_checkblkavail(ufs2_daddr_t blkno, long frags); ufs2_daddr_t suj_checkblkavail(ufs2_daddr_t, long); int suj_check(const char *filesys); void update_maps(struct cg *, struct cg*, int); #endif /* !_FSCK_H_ */ diff --git a/sbin/fsck_ffs/fsck_ffs.8 b/sbin/fsck_ffs/fsck_ffs.8 index 8288216c0681..1eb9ebeb3b9b 100644 --- a/sbin/fsck_ffs/fsck_ffs.8 +++ b/sbin/fsck_ffs/fsck_ffs.8 @@ -1,443 +1,441 @@ .\" .\" Copyright (c) 1980, 1989, 1991, 1993 .\" The Regents of the University of California. All rights reserved. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: .\" 1. Redistributions of source code must retain the above copyright .\" notice, this list of conditions and the following disclaimer. .\" 2. Redistributions in binary form must reproduce the above copyright .\" notice, this list of conditions and the following disclaimer in the .\" documentation and/or other materials provided with the distribution. .\" 3. Neither the name of the University nor the names of its contributors .\" may be used to endorse or promote products derived from this software .\" without specific prior written permission. .\" .\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE .\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" @(#)fsck.8 8.4 (Berkeley) 5/9/95 -.\" .Dd November 17, 2023 .Dt FSCK_FFS 8 .Os .Sh NAME .Nm fsck_ffs , .Nm fsck_ufs .Nd file system consistency check and interactive repair .Sh SYNOPSIS .Nm .Op Fl BCdEFfnpRrSyZz .Op Fl b Ar block .Op Fl c Ar level .Op Fl m Ar mode .Ar filesystem .Ar ... .Sh DESCRIPTION The specified disk partitions and/or file systems are checked. In "preen" or "check clean" mode the clean flag of each file system's superblock is examined and only those file systems that are not marked clean are checked. File systems are marked clean when they are unmounted, when they have been mounted read-only, or when .Nm runs on them successfully. If the .Fl f option is specified, the file systems will be checked regardless of the state of their clean flag. .Pp The kernel takes care that only a restricted class of innocuous file system inconsistencies can happen unless hardware or software failures intervene. These are limited to the following: .Pp .Bl -item -compact -offset indent .It Unreferenced inodes .It Link counts in inodes too large .It Missing blocks in the free map .It Blocks in the free map also in files .It Counts in the super-block wrong .El .Pp These are the only inconsistencies that .Nm with the .Fl p option will correct; if it encounters other inconsistencies, it exits with an abnormal return status and an automatic reboot will then fail. For each corrected inconsistency one or more lines will be printed identifying the file system on which the correction will take place, and the nature of the correction. After successfully correcting a file system, .Nm will print the number of files on that file system, the number of used and free blocks, and the percentage of fragmentation. .Pp If sent a .Dv QUIT signal, .Nm will finish the file system checks, then exit with an abnormal return status that causes an automatic reboot to fail. This is useful when you want to finish the file system checks during an automatic reboot, but do not want the machine to come up multiuser after the checks complete. .Pp If .Nm receives a .Dv SIGINFO (see the .Dq status argument for .Xr stty 1 ) signal, a line will be written to the standard output indicating the name of the device currently being checked, the current phase number and phase-specific progress information. .Pp Without the .Fl p option, .Nm audits and interactively repairs inconsistent conditions for file systems. If the file system is inconsistent the operator is prompted for concurrence before each correction is attempted. It should be noted that some of the corrective actions which are not correctable under the .Fl p option will result in some loss of data. The amount and severity of data lost may be determined from the diagnostic output. The default action for each consistency correction is to wait for the operator to respond .Li yes or .Li no . If the operator does not have write permission on the file system .Nm will default to a .Fl n action. .Pp The following flags are interpreted by .Nm : .Bl -tag -width indent .It Fl B A check is done on the specified and possibly active file system. The set of corrections that can be done is limited to those done when running in preen mode (see the .Fl p flag). If unexpected errors are found, the file system is marked as needing a foreground check and .Nm exits without attempting any further cleaning. .It Fl b Use the block specified immediately after the flag as the super block for the file system. An alternate super block is usually located at block 32 for UFS1, and block 192 for UFS2. .Pp See the .Fl N flag of .Xr newfs 8 . .It Fl C Check if file system was dismounted cleanly. If so, skip file system checks (like "preen"). However, if the file system was not cleanly dismounted, do full checks, as if .Nm was invoked without .Fl C . .It Fl c Convert the file system to the specified level. Note that the level of a file system can only be raised. There are currently four levels defined: .Bl -tag -width indent .It 0 The file system is in the old (static table) format. .It 1 The file system is in the new (dynamic table) format. .It 2 The file system supports 32-bit uid's and gid's, short symbolic links are stored in the inode, and directories have an added field showing the file type. .It 3 If maxcontig is greater than one, build the free segment maps to aid in finding contiguous sets of blocks. If maxcontig is equal to one, delete any existing segment maps. .El .Pp In interactive mode, .Nm will list the conversion to be made and ask whether the conversion should be done. If a negative answer is given, no further operations are done on the file system. In preen mode, the conversion is listed and done if possible without user interaction. Conversion in preen mode is best used when all the file systems are being converted at once. The format of a file system can be determined from the first line of output from .Xr dumpfs 8 . .Pp This option implies the .Fl f flag. .It Fl d Enable debugging messages. .It Fl E Clear unallocated blocks, notifying the underlying device that they are not used and that their contents may be discarded. This is useful for filesystems which have been mounted on systems without TRIM support, or with TRIM support disabled, as well as filesystems which have been copied from one device to another. .Pp See the .Fl E and .Fl t flags of .Xr newfs 8 , and the .Fl t flag of .Xr tunefs 8 . .It Fl F Determine whether the file system needs to be cleaned immediately in foreground, or if its cleaning can be deferred to background. To be eligible for background cleaning it must have been running with soft updates, not have been marked as needing a foreground check, and be mounted and writable when the background check is to be done. If these conditions are met, then .Nm exits with a zero exit status. Otherwise it exits with a non-zero exit status. If the file system is clean, it will exit with a non-zero exit status so that the clean status of the file system can be verified and reported during the foreground checks. Note that when invoked with the .Fl F flag, no cleanups are done. The only thing that .Nm does is to determine whether a foreground or background check is needed and exit with an appropriate status code. .It Fl f Force .Nm to check .Sq clean file systems when preening. .It Fl m Use the mode specified in octal immediately after the flag as the permission bits to use when creating the .Pa lost+found directory rather than the default 1777. In particular, systems that do not wish to have lost files accessible by all users on the system should use a more restrictive set of permissions such as 700. .It Fl n Assume a no response to all questions asked by .Nm except for .Ql CONTINUE? , which is assumed to be affirmative; do not open the file system for writing. .It Fl p Preen file systems (see above). .It Fl R Instruct fsck_ffs to restart itself if it encounters certain errors that warrant another run. It will limit itself to a maximum of 10 restarts in a given run in order to avoid an endless loop with extremely corrupted filesystems. .It Fl r Free up excess unused inodes. Decreasing the number of preallocated inodes reduces the running time of future runs of .Nm and frees up space that can allocated to files. The .Fl r option is ignored when running in preen mode. .It Fl S Surrender on error. With this flag enabled, a hard error returned on disk i/o will cause .Nm to abort instead of continuing on and possibly tripping over more i/o errors. .It Fl y Assume a yes response to all questions asked by .Nm ; this should be used with great caution as this is a free license to continue after essentially unlimited trouble has been encountered. .It Fl Z Similar to .Fl E , but overwrites unused blocks with zeroes. If both .Fl E and .Fl Z are specified, blocks are first zeroed and then erased. .It Fl z Clear unused directory space. The cleared space includes deleted file names and name padding. .El .Pp Inconsistencies checked are as follows: .Pp .Bl -enum -compact .It Blocks claimed by more than one inode or the free map. .It Blocks claimed by an inode outside the range of the file system. .It Incorrect link counts. .It Size checks: .Bl -item -offset indent -compact .It Directory size not a multiple of DIRBLKSIZ. .It Partially truncated file. .El .It Bad inode format. .It Blocks not accounted for anywhere. .It Directory checks: .Bl -item -offset indent -compact .It File pointing to unallocated inode. .It Inode number out of range. .It Directories with unallocated blocks (holes). .It Dot or dot-dot not the first two entries of a directory or having the wrong inode number. .El .It Super Block checks: .Bl -item -offset indent -compact .It More blocks for inodes than there are in the file system. .It Bad free block map format. .It Total free block and/or free inode count incorrect. .El .El .Pp Orphaned files and directories (allocated but unreferenced) are, with the operator's concurrence, reconnected by placing them in the .Pa lost+found directory. The name assigned is the inode number. If the .Pa lost+found directory does not exist, it is created. If there is insufficient space its size is increased. .Pp The full foreground .Nm checks for many more problems that may occur after an unrecoverable disk write error. Thus, it is recommended that you perform foreground .Nm on your systems periodically and whenever you encounter unrecoverable disk write errors or file-system\-related panics. .Sh FILES .Bl -tag -width /etc/fstab -compact .It Pa /etc/fstab contains default list of file systems to check. .El .Sh EXIT STATUS .Ex -std .Pp Specific non-zero exit status values used are: .Bl -tag -width indent .It 1 Usage error (missing or invalid command arguments). .It 2 The .Fl p option was used and a .Dv SIGQUIT was received, indicating that the system should be returned to single user mode after the file system check. .It 3 The file system superblock cannot be read. This could indicate that the file system device does not exist or is not yet ready. .It 4 A mounted file system was modified; the system should be rebooted. .It 5 The .Fl B option was used and soft updates are not enabled on the file system. .It 6 The .Fl B option was used and the kernel lacks needed support. .It 7 The .Fl F option was used and the file system is clean. .It 8 General error exit. .It 16 The file system could not be completely repaired. The file system may be able to be repaired by running .Nm on the file system again. .El .Sh DIAGNOSTICS The diagnostics produced by .Nm are fully enumerated and explained in Appendix A of .Rs .%T "Fsck \- The UNIX File System Check Program" .Re .Sh SEE ALSO .Xr fs 5 , .Xr fstab 5 , .Xr ffs 7 , .Xr fsck 8 , .Xr fsdb 8 , .Xr newfs 8 , .Xr reboot 8 .Sh HISTORY A .Nm fsck utility appeared in .Bx 4.0 . It became .Nm in .Fx 5.0 with the introduction of the filesystem independent wrapper as .Nm fsck . diff --git a/sbin/fsck_ffs/fsutil.c b/sbin/fsck_ffs/fsutil.c index 05f83789236e..7e9a2c4661ef 100644 --- a/sbin/fsck_ffs/fsutil.c +++ b/sbin/fsck_ffs/fsutil.c @@ -1,1495 +1,1492 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1980, 1986, 1993 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #if 0 -#ifndef lint -static const char sccsid[] = "@(#)utilities.c 8.6 (Berkeley) 5/19/95"; -#endif /* not lint */ #endif #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include "fsck.h" int sujrecovery = 0; static struct bufarea *allocbuf(const char *); static void cg_write(struct bufarea *); static void slowio_start(void); static void slowio_end(void); static void printIOstats(void); static long diskreads, totaldiskreads, totalreads; /* Disk cache statistics */ static struct timespec startpass, finishpass; struct timeval slowio_starttime; int slowio_delay_usec = 10000; /* Initial IO delay for background fsck */ int slowio_pollcnt; static struct bufarea cgblk; /* backup buffer for cylinder group blocks */ static struct bufarea failedbuf; /* returned by failed getdatablk() */ static TAILQ_HEAD(bufqueue, bufarea) bufqueuehd; /* head of buffer cache LRU */ static LIST_HEAD(bufhash, bufarea) bufhashhd[HASHSIZE]; /* buffer hash list */ static struct bufhash freebufs; /* unused buffers */ static int numbufs; /* size of buffer cache */ static int cachelookups; /* number of cache lookups */ static int cachereads; /* number of cache reads */ static int flushtries; /* number of tries to reclaim memory */ char *buftype[BT_NUMBUFTYPES] = BT_NAMES; void fsutilinit(void) { diskreads = totaldiskreads = totalreads = 0; bzero(&startpass, sizeof(struct timespec)); bzero(&finishpass, sizeof(struct timespec)); bzero(&slowio_starttime, sizeof(struct timeval)); slowio_delay_usec = 10000; slowio_pollcnt = 0; flushtries = 0; } int ftypeok(union dinode *dp) { switch (DIP(dp, di_mode) & IFMT) { case IFDIR: case IFREG: case IFBLK: case IFCHR: case IFLNK: case IFSOCK: case IFIFO: return (1); default: if (debug) printf("bad file type 0%o\n", DIP(dp, di_mode)); return (0); } } int reply(const char *question) { int persevere; char c; if (preen) pfatal("INTERNAL ERROR: GOT TO reply()"); persevere = strcmp(question, "CONTINUE") == 0 || strcmp(question, "LOOK FOR ALTERNATE SUPERBLOCKS") == 0; printf("\n"); if (!persevere && (nflag || (fswritefd < 0 && bkgrdflag == 0))) { printf("%s? no\n\n", question); resolved = 0; return (0); } if (yflag || (persevere && nflag)) { printf("%s? yes\n\n", question); return (1); } do { printf("%s? [yn] ", question); (void) fflush(stdout); c = getc(stdin); while (c != '\n' && getc(stdin) != '\n') { if (feof(stdin)) { resolved = 0; return (0); } } } while (c != 'y' && c != 'Y' && c != 'n' && c != 'N'); printf("\n"); if (c == 'y' || c == 'Y') return (1); resolved = 0; return (0); } /* * Look up state information for an inode. */ struct inostat * inoinfo(ino_t inum) { static struct inostat unallocated = { USTATE, 0, 0, 0 }; struct inostatlist *ilp; int iloff; if (inum >= maxino) errx(EEXIT, "inoinfo: inumber %ju out of range", (uintmax_t)inum); ilp = &inostathead[inum / sblock.fs_ipg]; iloff = inum % sblock.fs_ipg; if (iloff >= ilp->il_numalloced) return (&unallocated); return (&ilp->il_stat[iloff]); } /* * Malloc buffers and set up cache. */ void bufinit(void) { int i; initbarea(&failedbuf, BT_UNKNOWN); failedbuf.b_errs = -1; failedbuf.b_un.b_buf = NULL; if ((cgblk.b_un.b_buf = Balloc((unsigned int)sblock.fs_bsize)) == NULL) errx(EEXIT, "Initial malloc(%d) failed", sblock.fs_bsize); initbarea(&cgblk, BT_CYLGRP); numbufs = cachelookups = cachereads = 0; TAILQ_INIT(&bufqueuehd); LIST_INIT(&freebufs); for (i = 0; i < HASHSIZE; i++) LIST_INIT(&bufhashhd[i]); for (i = 0; i < BT_NUMBUFTYPES; i++) { readtime[i].tv_sec = totalreadtime[i].tv_sec = 0; readtime[i].tv_nsec = totalreadtime[i].tv_nsec = 0; readcnt[i] = totalreadcnt[i] = 0; } } static struct bufarea * allocbuf(const char *failreason) { struct bufarea *bp; char *bufp; bp = (struct bufarea *)Malloc(sizeof(struct bufarea)); bufp = Balloc((unsigned int)sblock.fs_bsize); if (bp == NULL || bufp == NULL) { errx(EEXIT, "%s", failreason); /* NOTREACHED */ } numbufs++; bp->b_un.b_buf = bufp; TAILQ_INSERT_HEAD(&bufqueuehd, bp, b_list); initbarea(bp, BT_UNKNOWN); return (bp); } /* * Manage cylinder group buffers. * * Use getblk() here rather than cgget() because the cylinder group * may be corrupted but we want it anyway so we can fix it. */ static struct bufarea *cgbufs; /* header for cylinder group cache */ static int flushtries; /* number of tries to reclaim memory */ struct bufarea * cglookup(int cg) { struct bufarea *cgbp; struct cg *cgp; if ((unsigned) cg >= sblock.fs_ncg) errx(EEXIT, "cglookup: out of range cylinder group %d", cg); if (cgbufs == NULL) { cgbufs = Calloc(sblock.fs_ncg, sizeof(struct bufarea)); if (cgbufs == NULL) errx(EEXIT, "Cannot allocate cylinder group buffers"); } cgbp = &cgbufs[cg]; if (cgbp->b_un.b_cg != NULL) return (cgbp); cgp = NULL; if (flushtries == 0) cgp = Balloc((unsigned int)sblock.fs_cgsize); if (cgp == NULL) { if (sujrecovery) errx(EEXIT,"Ran out of memory during journal recovery"); flush(fswritefd, &cgblk); getblk(&cgblk, cgtod(&sblock, cg), sblock.fs_cgsize); return (&cgblk); } cgbp->b_un.b_cg = cgp; initbarea(cgbp, BT_CYLGRP); getblk(cgbp, cgtod(&sblock, cg), sblock.fs_cgsize); return (cgbp); } /* * Mark a cylinder group buffer as dirty. * Update its check-hash if they are enabled. */ void cgdirty(struct bufarea *cgbp) { struct cg *cg; cg = cgbp->b_un.b_cg; if ((sblock.fs_metackhash & CK_CYLGRP) != 0) { cg->cg_ckhash = 0; cg->cg_ckhash = calculate_crc32c(~0L, (void *)cg, sblock.fs_cgsize); } dirty(cgbp); } /* * Attempt to flush a cylinder group cache entry. * Return whether the flush was successful. */ int flushentry(void) { struct bufarea *cgbp; if (sujrecovery || flushtries == sblock.fs_ncg || cgbufs == NULL) return (0); cgbp = &cgbufs[flushtries++]; if (cgbp->b_un.b_cg == NULL) return (0); flush(fswritefd, cgbp); free(cgbp->b_un.b_buf); cgbp->b_un.b_buf = NULL; return (1); } /* * Manage a cache of filesystem disk blocks. */ struct bufarea * getdatablk(ufs2_daddr_t blkno, long size, int type) { struct bufarea *bp; struct bufhash *bhdp; cachelookups++; /* * If out of range, return empty buffer with b_err == -1 * * Skip check for inodes because chkrange() considers * metadata areas invalid to write data. */ if (type != BT_INODES && chkrange(blkno, size / sblock.fs_fsize)) { failedbuf.b_refcnt++; return (&failedbuf); } bhdp = &bufhashhd[HASH(blkno)]; LIST_FOREACH(bp, bhdp, b_hash) if (bp->b_bno == fsbtodb(&sblock, blkno)) { if (debug && bp->b_size != size) { prtbuf(bp, "getdatablk: size mismatch"); pfatal("getdatablk: b_size %d != size %ld\n", bp->b_size, size); } TAILQ_REMOVE(&bufqueuehd, bp, b_list); goto foundit; } /* * Move long-term busy buffer back to the front of the LRU so we * do not endless inspect them for recycling. */ bp = TAILQ_LAST(&bufqueuehd, bufqueue); if (bp != NULL && bp->b_refcnt != 0) { TAILQ_REMOVE(&bufqueuehd, bp, b_list); TAILQ_INSERT_HEAD(&bufqueuehd, bp, b_list); } /* * Allocate up to the minimum number of buffers before * considering recycling any of them. */ if (size > sblock.fs_bsize) errx(EEXIT, "Excessive buffer size %ld > %d\n", size, sblock.fs_bsize); if ((bp = LIST_FIRST(&freebufs)) != NULL) { LIST_REMOVE(bp, b_hash); } else if (numbufs < MINBUFS) { bp = allocbuf("cannot create minimal buffer pool"); } else if (sujrecovery) { /* * SUJ recovery does not want anything written until it * has successfully completed (so it can fail back to * full fsck). Thus, we can only recycle clean buffers. */ TAILQ_FOREACH_REVERSE(bp, &bufqueuehd, bufqueue, b_list) if ((bp->b_flags & B_DIRTY) == 0 && bp->b_refcnt == 0) break; if (bp == NULL) bp = allocbuf("Ran out of memory during " "journal recovery"); else LIST_REMOVE(bp, b_hash); } else { /* * Recycle oldest non-busy buffer. */ TAILQ_FOREACH_REVERSE(bp, &bufqueuehd, bufqueue, b_list) if (bp->b_refcnt == 0) break; if (bp == NULL) bp = allocbuf("Ran out of memory for buffers"); else LIST_REMOVE(bp, b_hash); } TAILQ_REMOVE(&bufqueuehd, bp, b_list); flush(fswritefd, bp); bp->b_type = type; LIST_INSERT_HEAD(bhdp, bp, b_hash); getblk(bp, blkno, size); cachereads++; /* fall through */ foundit: TAILQ_INSERT_HEAD(&bufqueuehd, bp, b_list); if (debug && bp->b_type != type) { printf("getdatablk: buffer type changed to %s", BT_BUFTYPE(type)); prtbuf(bp, ""); } if (bp->b_errs == 0) bp->b_refcnt++; return (bp); } void getblk(struct bufarea *bp, ufs2_daddr_t blk, long size) { ufs2_daddr_t dblk; struct timespec start, finish; dblk = fsbtodb(&sblock, blk); if (bp->b_bno == dblk) { totalreads++; } else { if (debug) { readcnt[bp->b_type]++; clock_gettime(CLOCK_REALTIME_PRECISE, &start); } bp->b_errs = blread(fsreadfd, bp->b_un.b_buf, dblk, size); if (debug) { clock_gettime(CLOCK_REALTIME_PRECISE, &finish); timespecsub(&finish, &start, &finish); timespecadd(&readtime[bp->b_type], &finish, &readtime[bp->b_type]); } bp->b_bno = dblk; bp->b_size = size; } } void brelse(struct bufarea *bp) { if (bp->b_refcnt <= 0) prtbuf(bp, "brelse: buffer with negative reference count"); bp->b_refcnt--; } void binval(struct bufarea *bp) { bp->b_flags &= ~B_DIRTY; LIST_REMOVE(bp, b_hash); LIST_INSERT_HEAD(&freebufs, bp, b_hash); } void flush(int fd, struct bufarea *bp) { struct inode ip; if ((bp->b_flags & B_DIRTY) == 0) return; bp->b_flags &= ~B_DIRTY; if (fswritefd < 0) { pfatal("WRITING IN READ_ONLY MODE.\n"); return; } if (bp->b_errs != 0) pfatal("WRITING %sZERO'ED BLOCK %lld TO DISK\n", (bp->b_errs == bp->b_size / dev_bsize) ? "" : "PARTIALLY ", (long long)bp->b_bno); bp->b_errs = 0; /* * Write using the appropriate function. */ switch (bp->b_type) { case BT_SUPERBLK: if (bp != &sblk) pfatal("BUFFER %p DOES NOT MATCH SBLK %p\n", bp, &sblk); /* * Superblocks are always pre-copied so we do not need * to check them for copy-on-write. */ if (sbput(fd, bp->b_un.b_fs, 0) == 0) fsmodified = 1; break; case BT_CYLGRP: /* * Cylinder groups are always pre-copied so we do not * need to check them for copy-on-write. */ if (sujrecovery) cg_write(bp); if (cgput(fswritefd, &sblock, bp->b_un.b_cg) == 0) fsmodified = 1; break; case BT_INODES: if (debug && sblock.fs_magic == FS_UFS2_MAGIC) { struct ufs2_dinode *dp = bp->b_un.b_dinode2; int i; for (i = 0; i < bp->b_size; dp++, i += sizeof(*dp)) { if (ffs_verify_dinode_ckhash(&sblock, dp) == 0) continue; pwarn("flush: INODE CHECK-HASH FAILED"); ip.i_bp = bp; ip.i_dp = (union dinode *)dp; ip.i_number = bp->b_index + (i / sizeof(*dp)); prtinode(&ip); if (preen || reply("FIX") != 0) { if (preen) printf(" (FIXED)\n"); ffs_update_dinode_ckhash(&sblock, dp); inodirty(&ip); } } } /* FALLTHROUGH */ default: copyonwrite(&sblock, bp, std_checkblkavail); blwrite(fd, bp->b_un.b_buf, bp->b_bno, bp->b_size); break; } } /* * If there are any snapshots, ensure that all the blocks that they * care about have been copied, then release the snapshot inodes. * These operations need to be done before we rebuild the cylinder * groups so that any block allocations are properly recorded. * Since all the cylinder group maps have already been copied in * the snapshots, no further snapshot copies will need to be done. */ void snapflush(ufs2_daddr_t (*checkblkavail)(ufs2_daddr_t, long)) { struct bufarea *bp; int cnt; if (snapcnt > 0) { if (debug) printf("Check for snapshot copies\n"); TAILQ_FOREACH_REVERSE(bp, &bufqueuehd, bufqueue, b_list) if ((bp->b_flags & B_DIRTY) != 0) copyonwrite(&sblock, bp, checkblkavail); for (cnt = 0; cnt < snapcnt; cnt++) irelse(&snaplist[cnt]); snapcnt = 0; } } /* * Journaled soft updates does not maintain cylinder group summary * information during cleanup, so this routine recalculates the summary * information and updates the superblock summary in preparation for * writing out the cylinder group. */ static void cg_write(struct bufarea *bp) { ufs1_daddr_t fragno, cgbno, maxbno; u_int8_t *blksfree; struct csum *csp; struct cg *cgp; int blk; int i; /* * Fix the frag and cluster summary. */ cgp = bp->b_un.b_cg; cgp->cg_cs.cs_nbfree = 0; cgp->cg_cs.cs_nffree = 0; bzero(&cgp->cg_frsum, sizeof(cgp->cg_frsum)); maxbno = fragstoblks(&sblock, sblock.fs_fpg); if (sblock.fs_contigsumsize > 0) { for (i = 1; i <= sblock.fs_contigsumsize; i++) cg_clustersum(cgp)[i] = 0; bzero(cg_clustersfree(cgp), howmany(maxbno, CHAR_BIT)); } blksfree = cg_blksfree(cgp); for (cgbno = 0; cgbno < maxbno; cgbno++) { if (ffs_isfreeblock(&sblock, blksfree, cgbno)) continue; if (ffs_isblock(&sblock, blksfree, cgbno)) { ffs_clusteracct(&sblock, cgp, cgbno, 1); cgp->cg_cs.cs_nbfree++; continue; } fragno = blkstofrags(&sblock, cgbno); blk = blkmap(&sblock, blksfree, fragno); ffs_fragacct(&sblock, blk, cgp->cg_frsum, 1); for (i = 0; i < sblock.fs_frag; i++) if (isset(blksfree, fragno + i)) cgp->cg_cs.cs_nffree++; } /* * Update the superblock cg summary from our now correct values * before writing the block. */ csp = &sblock.fs_cs(&sblock, cgp->cg_cgx); sblock.fs_cstotal.cs_ndir += cgp->cg_cs.cs_ndir - csp->cs_ndir; sblock.fs_cstotal.cs_nbfree += cgp->cg_cs.cs_nbfree - csp->cs_nbfree; sblock.fs_cstotal.cs_nifree += cgp->cg_cs.cs_nifree - csp->cs_nifree; sblock.fs_cstotal.cs_nffree += cgp->cg_cs.cs_nffree - csp->cs_nffree; sblock.fs_cs(&sblock, cgp->cg_cgx) = cgp->cg_cs; } void rwerror(const char *mesg, ufs2_daddr_t blk) { if (bkgrdcheck) exit(EEXIT); if (preen == 0) printf("\n"); pfatal("CANNOT %s: %ld", mesg, (long)blk); if (reply("CONTINUE") == 0) exit(EEXIT); } void ckfini(int markclean) { struct bufarea *bp, *nbp; int ofsmodified, cnt, cg; if (bkgrdflag) { if ((!(sblock.fs_flags & FS_UNCLEAN)) != markclean) { cmd.value = FS_UNCLEAN; cmd.size = markclean ? -1 : 1; if (sysctlbyname("vfs.ffs.setflags", 0, 0, &cmd, sizeof cmd) == -1) pwarn("CANNOT SET FILE SYSTEM DIRTY FLAG\n"); if (!preen) { printf("\n***** FILE SYSTEM MARKED %s *****\n", markclean ? "CLEAN" : "DIRTY"); if (!markclean) rerun = 1; } } else if (!preen && !markclean) { printf("\n***** FILE SYSTEM STILL DIRTY *****\n"); rerun = 1; } bkgrdflag = 0; } if (debug && cachelookups > 0) printf("cache with %d buffers missed %d of %d (%d%%)\n", numbufs, cachereads, cachelookups, (int)(cachereads * 100 / cachelookups)); if (fswritefd < 0) { (void)close(fsreadfd); return; } /* * To remain idempotent with partial truncations the buffers * must be flushed in this order: * 1) cylinder groups (bitmaps) * 2) indirect, directory, external attribute, and data blocks * 3) inode blocks * 4) superblock * This ordering preserves access to the modified pointers * until they are freed. */ /* Step 1: cylinder groups */ if (debug) printf("Flush Cylinder groups\n"); if (cgbufs != NULL) { for (cnt = 0; cnt < sblock.fs_ncg; cnt++) { if (cgbufs[cnt].b_un.b_cg == NULL) continue; flush(fswritefd, &cgbufs[cnt]); free(cgbufs[cnt].b_un.b_cg); } free(cgbufs); cgbufs = NULL; } flush(fswritefd, &cgblk); free(cgblk.b_un.b_buf); cgblk.b_un.b_buf = NULL; cnt = 0; /* Step 2: indirect, directory, external attribute, and data blocks */ if (debug) printf("Flush indirect, directory, external attribute, " "and data blocks\n"); if (pdirbp != NULL) { brelse(pdirbp); pdirbp = NULL; } TAILQ_FOREACH_REVERSE_SAFE(bp, &bufqueuehd, bufqueue, b_list, nbp) { switch (bp->b_type) { /* These should not be in the buffer cache list */ case BT_UNKNOWN: case BT_SUPERBLK: case BT_CYLGRP: default: prtbuf(bp,"ckfini: improper buffer type on cache list"); continue; /* These are the ones to flush in this step */ case BT_LEVEL1: case BT_LEVEL2: case BT_LEVEL3: case BT_EXTATTR: case BT_DIRDATA: case BT_DATA: break; /* These are the ones to flush in the next step */ case BT_INODES: continue; } if (debug && bp->b_refcnt != 0) prtbuf(bp, "ckfini: clearing in-use buffer"); TAILQ_REMOVE(&bufqueuehd, bp, b_list); LIST_REMOVE(bp, b_hash); cnt++; flush(fswritefd, bp); free(bp->b_un.b_buf); free((char *)bp); } /* Step 3: inode blocks */ if (debug) printf("Flush inode blocks\n"); if (icachebp != NULL) { brelse(icachebp); icachebp = NULL; } TAILQ_FOREACH_REVERSE_SAFE(bp, &bufqueuehd, bufqueue, b_list, nbp) { if (debug && bp->b_refcnt != 0) prtbuf(bp, "ckfini: clearing in-use buffer"); TAILQ_REMOVE(&bufqueuehd, bp, b_list); LIST_REMOVE(bp, b_hash); cnt++; flush(fswritefd, bp); free(bp->b_un.b_buf); free((char *)bp); } if (numbufs != cnt) errx(EEXIT, "panic: lost %d buffers", numbufs - cnt); /* Step 4: superblock */ if (debug) printf("Flush the superblock\n"); flush(fswritefd, &sblk); if (havesb && cursnapshot == 0 && sblk.b_bno != sblock.fs_sblockloc / dev_bsize) { if (preen || reply("UPDATE STANDARD SUPERBLOCK")) { /* Change write destination to standard superblock */ sblock.fs_sblockactualloc = sblock.fs_sblockloc; sblk.b_bno = sblock.fs_sblockloc / dev_bsize; sbdirty(); flush(fswritefd, &sblk); } else { markclean = 0; } } if (cursnapshot == 0 && sblock.fs_clean != markclean) { if ((sblock.fs_clean = markclean) != 0) { sblock.fs_flags &= ~(FS_UNCLEAN | FS_NEEDSFSCK); sblock.fs_pendingblocks = 0; sblock.fs_pendinginodes = 0; } sbdirty(); ofsmodified = fsmodified; flush(fswritefd, &sblk); fsmodified = ofsmodified; if (!preen) { printf("\n***** FILE SYSTEM MARKED %s *****\n", markclean ? "CLEAN" : "DIRTY"); if (!markclean) rerun = 1; } } else if (!preen) { if (markclean) { printf("\n***** FILE SYSTEM IS CLEAN *****\n"); } else { printf("\n***** FILE SYSTEM STILL DIRTY *****\n"); rerun = 1; } } /* * Free allocated tracking structures. */ if (blockmap != NULL) free(blockmap); blockmap = NULL; if (inostathead != NULL) { for (cg = 0; cg < sblock.fs_ncg; cg++) if (inostathead[cg].il_stat != NULL) free((char *)inostathead[cg].il_stat); free(inostathead); } inostathead = NULL; inocleanup(); finalIOstats(); (void)close(fsreadfd); (void)close(fswritefd); } /* * Print out I/O statistics. */ void IOstats(char *what) { int i; if (debug == 0) return; if (diskreads == 0) { printf("%s: no I/O\n\n", what); return; } if (startpass.tv_sec == 0) startpass = startprog; printf("%s: I/O statistics\n", what); printIOstats(); totaldiskreads += diskreads; diskreads = 0; for (i = 0; i < BT_NUMBUFTYPES; i++) { timespecadd(&totalreadtime[i], &readtime[i], &totalreadtime[i]); totalreadcnt[i] += readcnt[i]; readtime[i].tv_sec = readtime[i].tv_nsec = 0; readcnt[i] = 0; } clock_gettime(CLOCK_REALTIME_PRECISE, &startpass); } void finalIOstats(void) { int i; if (debug == 0) return; printf("Final I/O statistics\n"); totaldiskreads += diskreads; diskreads = totaldiskreads; startpass = startprog; for (i = 0; i < BT_NUMBUFTYPES; i++) { timespecadd(&totalreadtime[i], &readtime[i], &totalreadtime[i]); totalreadcnt[i] += readcnt[i]; readtime[i] = totalreadtime[i]; readcnt[i] = totalreadcnt[i]; } printIOstats(); } static void printIOstats(void) { long long msec, totalmsec; int i; clock_gettime(CLOCK_REALTIME_PRECISE, &finishpass); timespecsub(&finishpass, &startpass, &finishpass); printf("Running time: %jd.%03ld sec\n", (intmax_t)finishpass.tv_sec, finishpass.tv_nsec / 1000000); printf("buffer reads by type:\n"); for (totalmsec = 0, i = 0; i < BT_NUMBUFTYPES; i++) totalmsec += readtime[i].tv_sec * 1000 + readtime[i].tv_nsec / 1000000; if (totalmsec == 0) totalmsec = 1; for (i = 0; i < BT_NUMBUFTYPES; i++) { if (readcnt[i] == 0) continue; msec = readtime[i].tv_sec * 1000 + readtime[i].tv_nsec / 1000000; printf("%21s:%8ld %2ld.%ld%% %4jd.%03ld sec %2lld.%lld%%\n", buftype[i], readcnt[i], readcnt[i] * 100 / diskreads, (readcnt[i] * 1000 / diskreads) % 10, (intmax_t)readtime[i].tv_sec, readtime[i].tv_nsec / 1000000, msec * 100 / totalmsec, (msec * 1000 / totalmsec) % 10); } printf("\n"); } int blread(int fd, char *buf, ufs2_daddr_t blk, long size) { char *cp; int i, errs; off_t offset; offset = blk; offset *= dev_bsize; if (bkgrdflag) slowio_start(); totalreads++; diskreads++; if (pread(fd, buf, (int)size, offset) == size) { if (bkgrdflag) slowio_end(); return (0); } /* * This is handled specially here instead of in rwerror because * rwerror is used for all sorts of errors, not just true read/write * errors. It should be refactored and fixed. */ if (surrender) { pfatal("CANNOT READ_BLK: %ld", (long)blk); errx(EEXIT, "ABORTING DUE TO READ ERRORS"); } else rwerror("READ BLK", blk); errs = 0; memset(buf, 0, (size_t)size); printf("THE FOLLOWING DISK SECTORS COULD NOT BE READ:"); for (cp = buf, i = 0; i < size; i += secsize, cp += secsize) { if (pread(fd, cp, (int)secsize, offset + i) != secsize) { if (secsize != dev_bsize && dev_bsize != 1) printf(" %jd (%jd),", (intmax_t)(blk * dev_bsize + i) / secsize, (intmax_t)blk + i / dev_bsize); else printf(" %jd,", (intmax_t)blk + i / dev_bsize); errs++; } } printf("\n"); if (errs) resolved = 0; return (errs); } void blwrite(int fd, char *buf, ufs2_daddr_t blk, ssize_t size) { int i; char *cp; off_t offset; if (fd < 0) return; offset = blk; offset *= dev_bsize; if (pwrite(fd, buf, size, offset) == size) { fsmodified = 1; return; } resolved = 0; rwerror("WRITE BLK", blk); printf("THE FOLLOWING SECTORS COULD NOT BE WRITTEN:"); for (cp = buf, i = 0; i < size; i += dev_bsize, cp += dev_bsize) if (pwrite(fd, cp, dev_bsize, offset + i) != dev_bsize) printf(" %jd,", (intmax_t)blk + i / dev_bsize); printf("\n"); return; } void blerase(int fd, ufs2_daddr_t blk, long size) { off_t ioarg[2]; if (fd < 0) return; ioarg[0] = blk * dev_bsize; ioarg[1] = size; ioctl(fd, DIOCGDELETE, ioarg); /* we don't really care if we succeed or not */ return; } /* * Fill a contiguous region with all-zeroes. Note ZEROBUFSIZE is by * definition a multiple of dev_bsize. */ void blzero(int fd, ufs2_daddr_t blk, long size) { static char *zero; off_t offset, len; if (fd < 0) return; if (zero == NULL) { zero = Balloc(ZEROBUFSIZE); if (zero == NULL) errx(EEXIT, "cannot allocate buffer pool"); } offset = blk * dev_bsize; if (lseek(fd, offset, 0) < 0) rwerror("SEEK BLK", blk); while (size > 0) { len = MIN(ZEROBUFSIZE, size); if (write(fd, zero, len) != len) rwerror("WRITE BLK", blk); blk += len / dev_bsize; size -= len; } } /* * Verify cylinder group's magic number and other parameters. If the * test fails, offer an option to rebuild the whole cylinder group. * * Return 1 if the cylinder group is good or return 0 if it is bad. */ #undef CHK #define CHK(lhs, op, rhs, fmt) \ if (lhs op rhs) { \ pwarn("UFS%d cylinder group %d failed: " \ "%s (" #fmt ") %s %s (" #fmt ")\n", \ sblock.fs_magic == FS_UFS1_MAGIC ? 1 : 2, cg, \ #lhs, (intmax_t)lhs, #op, #rhs, (intmax_t)rhs); \ error = 1; \ } int check_cgmagic(int cg, struct bufarea *cgbp) { struct cg *cgp = cgbp->b_un.b_cg; uint32_t cghash, calchash; static int prevfailcg = -1; long start; int error; /* * Extended cylinder group checks. */ calchash = cgp->cg_ckhash; if ((sblock.fs_metackhash & CK_CYLGRP) != 0 && (ckhashadd & CK_CYLGRP) == 0) { cghash = cgp->cg_ckhash; cgp->cg_ckhash = 0; calchash = calculate_crc32c(~0L, (void *)cgp, sblock.fs_cgsize); cgp->cg_ckhash = cghash; } error = 0; CHK(cgp->cg_ckhash, !=, calchash, "%jd"); CHK(cg_chkmagic(cgp), ==, 0, "%jd"); CHK(cgp->cg_cgx, !=, cg, "%jd"); CHK(cgp->cg_ndblk, >, sblock.fs_fpg, "%jd"); if (sblock.fs_magic == FS_UFS1_MAGIC) { CHK(cgp->cg_old_niblk, !=, sblock.fs_ipg, "%jd"); CHK(cgp->cg_old_ncyl, >, sblock.fs_old_cpg, "%jd"); } else if (sblock.fs_magic == FS_UFS2_MAGIC) { CHK(cgp->cg_niblk, !=, sblock.fs_ipg, "%jd"); CHK(cgp->cg_initediblk, >, sblock.fs_ipg, "%jd"); } if (cgbase(&sblock, cg) + sblock.fs_fpg < sblock.fs_size) { CHK(cgp->cg_ndblk, !=, sblock.fs_fpg, "%jd"); } else { CHK(cgp->cg_ndblk, !=, sblock.fs_size - cgbase(&sblock, cg), "%jd"); } start = sizeof(*cgp); if (sblock.fs_magic == FS_UFS2_MAGIC) { CHK(cgp->cg_iusedoff, !=, start, "%jd"); } else if (sblock.fs_magic == FS_UFS1_MAGIC) { CHK(cgp->cg_niblk, !=, 0, "%jd"); CHK(cgp->cg_initediblk, !=, 0, "%jd"); CHK(cgp->cg_old_ncyl, !=, sblock.fs_old_cpg, "%jd"); CHK(cgp->cg_old_niblk, !=, sblock.fs_ipg, "%jd"); CHK(cgp->cg_old_btotoff, !=, start, "%jd"); CHK(cgp->cg_old_boff, !=, cgp->cg_old_btotoff + sblock.fs_old_cpg * sizeof(int32_t), "%jd"); CHK(cgp->cg_iusedoff, !=, cgp->cg_old_boff + sblock.fs_old_cpg * sizeof(u_int16_t), "%jd"); } CHK(cgp->cg_freeoff, !=, cgp->cg_iusedoff + howmany(sblock.fs_ipg, CHAR_BIT), "%jd"); if (sblock.fs_contigsumsize == 0) { CHK(cgp->cg_nextfreeoff, !=, cgp->cg_freeoff + howmany(sblock.fs_fpg, CHAR_BIT), "%jd"); } else { CHK(cgp->cg_nclusterblks, !=, cgp->cg_ndblk / sblock.fs_frag, "%jd"); CHK(cgp->cg_clustersumoff, !=, roundup(cgp->cg_freeoff + howmany(sblock.fs_fpg, CHAR_BIT), sizeof(u_int32_t)) - sizeof(u_int32_t), "%jd"); CHK(cgp->cg_clusteroff, !=, cgp->cg_clustersumoff + (sblock.fs_contigsumsize + 1) * sizeof(u_int32_t), "%jd"); CHK(cgp->cg_nextfreeoff, !=, cgp->cg_clusteroff + howmany(fragstoblks(&sblock, sblock.fs_fpg), CHAR_BIT), "%jd"); } if (error == 0) return (1); if (prevfailcg == cg) return (0); prevfailcg = cg; pfatal("CYLINDER GROUP %d: INTEGRITY CHECK FAILED", cg); printf("\n"); return (0); } void rebuild_cg(int cg, struct bufarea *cgbp) { struct cg *cgp = cgbp->b_un.b_cg; long start; /* * Zero out the cylinder group and then initialize critical fields. * Bit maps and summaries will be recalculated by later passes. */ memset(cgp, 0, (size_t)sblock.fs_cgsize); cgp->cg_magic = CG_MAGIC; cgp->cg_cgx = cg; cgp->cg_niblk = sblock.fs_ipg; cgp->cg_initediblk = MIN(sblock.fs_ipg, 2 * INOPB(&sblock)); if (cgbase(&sblock, cg) + sblock.fs_fpg < sblock.fs_size) cgp->cg_ndblk = sblock.fs_fpg; else cgp->cg_ndblk = sblock.fs_size - cgbase(&sblock, cg); start = sizeof(*cgp); if (sblock.fs_magic == FS_UFS2_MAGIC) { cgp->cg_iusedoff = start; } else if (sblock.fs_magic == FS_UFS1_MAGIC) { cgp->cg_niblk = 0; cgp->cg_initediblk = 0; cgp->cg_old_ncyl = sblock.fs_old_cpg; cgp->cg_old_niblk = sblock.fs_ipg; cgp->cg_old_btotoff = start; cgp->cg_old_boff = cgp->cg_old_btotoff + sblock.fs_old_cpg * sizeof(int32_t); cgp->cg_iusedoff = cgp->cg_old_boff + sblock.fs_old_cpg * sizeof(u_int16_t); } cgp->cg_freeoff = cgp->cg_iusedoff + howmany(sblock.fs_ipg, CHAR_BIT); cgp->cg_nextfreeoff = cgp->cg_freeoff + howmany(sblock.fs_fpg,CHAR_BIT); if (sblock.fs_contigsumsize > 0) { cgp->cg_nclusterblks = cgp->cg_ndblk / sblock.fs_frag; cgp->cg_clustersumoff = roundup(cgp->cg_nextfreeoff, sizeof(u_int32_t)); cgp->cg_clustersumoff -= sizeof(u_int32_t); cgp->cg_clusteroff = cgp->cg_clustersumoff + (sblock.fs_contigsumsize + 1) * sizeof(u_int32_t); cgp->cg_nextfreeoff = cgp->cg_clusteroff + howmany(fragstoblks(&sblock, sblock.fs_fpg), CHAR_BIT); } cgp->cg_ckhash = calculate_crc32c(~0L, (void *)cgp, sblock.fs_cgsize); cgdirty(cgbp); } /* * allocate a data block with the specified number of fragments */ ufs2_daddr_t allocblk(long startcg, long frags, ufs2_daddr_t (*checkblkavail)(ufs2_daddr_t blkno, long frags)) { ufs2_daddr_t blkno, newblk; if (sujrecovery && checkblkavail == std_checkblkavail) { pfatal("allocblk: std_checkblkavail used for SUJ recovery\n"); return (0); } if (frags <= 0 || frags > sblock.fs_frag) return (0); for (blkno = MAX(cgdata(&sblock, startcg), 0); blkno < maxfsblock - sblock.fs_frag; blkno += sblock.fs_frag) { if ((newblk = (*checkblkavail)(blkno, frags)) == 0) continue; if (newblk > 0) return (newblk); if (newblk < 0) blkno = -newblk; } for (blkno = MAX(cgdata(&sblock, 0), 0); blkno < cgbase(&sblock, startcg) - sblock.fs_frag; blkno += sblock.fs_frag) { if ((newblk = (*checkblkavail)(blkno, frags)) == 0) continue; if (newblk > 0) return (newblk); if (newblk < 0) blkno = -newblk; } return (0); } ufs2_daddr_t std_checkblkavail(ufs2_daddr_t blkno, long frags) { struct bufarea *cgbp; struct cg *cgp; ufs2_daddr_t j, k, baseblk; long cg; if ((u_int64_t)blkno > sblock.fs_size) return (0); for (j = 0; j <= sblock.fs_frag - frags; j++) { if (testbmap(blkno + j)) continue; for (k = 1; k < frags; k++) if (testbmap(blkno + j + k)) break; if (k < frags) { j += k; continue; } cg = dtog(&sblock, blkno + j); cgbp = cglookup(cg); cgp = cgbp->b_un.b_cg; if (!check_cgmagic(cg, cgbp)) return (-((cg + 1) * sblock.fs_fpg - sblock.fs_frag)); baseblk = dtogd(&sblock, blkno + j); for (k = 0; k < frags; k++) { setbmap(blkno + j + k); clrbit(cg_blksfree(cgp), baseblk + k); } n_blks += frags; if (frags == sblock.fs_frag) cgp->cg_cs.cs_nbfree--; else cgp->cg_cs.cs_nffree -= frags; cgdirty(cgbp); return (blkno + j); } return (0); } /* * Check whether a file size is within the limits for the filesystem. * Return 1 when valid and 0 when too big. * * This should match the file size limit in ffs_mountfs(). */ int chkfilesize(mode_t mode, u_int64_t filesize) { u_int64_t kernmaxfilesize; if (sblock.fs_magic == FS_UFS1_MAGIC) kernmaxfilesize = (off_t)0x40000000 * sblock.fs_bsize - 1; else kernmaxfilesize = sblock.fs_maxfilesize; if (filesize > kernmaxfilesize || filesize > sblock.fs_maxfilesize || (mode == IFDIR && filesize > MAXDIRSIZE)) { if (debug) printf("bad file size %ju:", (uintmax_t)filesize); return (0); } return (1); } /* * Slow down IO so as to leave some disk bandwidth for other processes */ void slowio_start() { /* Delay one in every 8 operations */ slowio_pollcnt = (slowio_pollcnt + 1) & 7; if (slowio_pollcnt == 0) { gettimeofday(&slowio_starttime, NULL); } } void slowio_end() { struct timeval tv; int delay_usec; if (slowio_pollcnt != 0) return; /* Update the slowdown interval. */ gettimeofday(&tv, NULL); delay_usec = (tv.tv_sec - slowio_starttime.tv_sec) * 1000000 + (tv.tv_usec - slowio_starttime.tv_usec); if (delay_usec < 64) delay_usec = 64; if (delay_usec > 2500000) delay_usec = 2500000; slowio_delay_usec = (slowio_delay_usec * 63 + delay_usec) >> 6; /* delay by 8 times the average IO delay */ if (slowio_delay_usec > 64) usleep(slowio_delay_usec * 8); } /* * Find a pathname */ void getpathname(char *namebuf, ino_t curdir, ino_t ino) { int len; char *cp; struct inode ip; struct inodesc idesc; static int busy = 0; if (curdir == ino && ino == UFS_ROOTINO) { (void)strcpy(namebuf, "/"); return; } if (busy || !INO_IS_DVALID(curdir)) { (void)strcpy(namebuf, "?"); return; } busy = 1; memset(&idesc, 0, sizeof(struct inodesc)); idesc.id_type = DATA; idesc.id_fix = IGNORE; cp = &namebuf[MAXPATHLEN - 1]; *cp = '\0'; if (curdir != ino) { idesc.id_parent = curdir; goto namelookup; } while (ino != UFS_ROOTINO) { idesc.id_number = ino; idesc.id_func = findino; idesc.id_name = strdup(".."); ginode(ino, &ip); if ((ckinode(ip.i_dp, &idesc) & FOUND) == 0) { irelse(&ip); free(idesc.id_name); break; } irelse(&ip); free(idesc.id_name); namelookup: idesc.id_number = idesc.id_parent; idesc.id_parent = ino; idesc.id_func = findname; idesc.id_name = namebuf; ginode(idesc.id_number, &ip); if ((ckinode(ip.i_dp, &idesc) & FOUND) == 0) { irelse(&ip); break; } irelse(&ip); len = strlen(namebuf); cp -= len; memmove(cp, namebuf, (size_t)len); *--cp = '/'; if (cp < &namebuf[UFS_MAXNAMLEN]) break; ino = idesc.id_number; } busy = 0; if (ino != UFS_ROOTINO) *--cp = '?'; memmove(namebuf, cp, (size_t)(&namebuf[MAXPATHLEN] - cp)); } void catch(int sig __unused) { ckfini(0); exit(12); } /* * When preening, allow a single quit to signal * a special exit after file system checks complete * so that reboot sequence may be interrupted. */ void catchquit(int sig __unused) { printf("returning to single-user after file system check\n"); returntosingle = 1; (void)signal(SIGQUIT, SIG_DFL); } /* * determine whether an inode should be fixed. */ int dofix(struct inodesc *idesc, const char *msg) { switch (idesc->id_fix) { case DONTKNOW: if (idesc->id_type == DATA) direrror(idesc->id_number, msg); else pwarn("%s", msg); if (preen) { printf(" (SALVAGED)\n"); idesc->id_fix = FIX; return (ALTERED); } if (reply("SALVAGE") == 0) { idesc->id_fix = NOFIX; return (0); } idesc->id_fix = FIX; return (ALTERED); case FIX: return (ALTERED); case NOFIX: case IGNORE: return (0); default: errx(EEXIT, "UNKNOWN INODESC FIX MODE %d", idesc->id_fix); } /* NOTREACHED */ return (0); } #include /* * Print details about a buffer. */ void prtbuf(struct bufarea *bp, const char *fmt, ...) { va_list ap; va_start(ap, fmt); if (preen) (void)fprintf(stdout, "%s: ", cdevname); (void)vfprintf(stdout, fmt, ap); va_end(ap); printf(": bp %p, type %s, bno %jd, size %d, refcnt %d, flags %s, " "index %jd\n", bp, BT_BUFTYPE(bp->b_type), (intmax_t) bp->b_bno, bp->b_size, bp->b_refcnt, bp->b_flags & B_DIRTY ? "dirty" : "clean", (intmax_t) bp->b_index); } /* * An unexpected inconsistency occurred. * Die if preening or file system is running with soft dependency protocol, * otherwise just print message and continue. */ void pfatal(const char *fmt, ...) { va_list ap; va_start(ap, fmt); if (!preen) { (void)vfprintf(stdout, fmt, ap); va_end(ap); if (usedsoftdep) (void)fprintf(stdout, "\nUNEXPECTED SOFT UPDATE INCONSISTENCY\n"); /* * Force foreground fsck to clean up inconsistency. */ if (bkgrdflag) { cmd.value = FS_NEEDSFSCK; cmd.size = 1; if (sysctlbyname("vfs.ffs.setflags", 0, 0, &cmd, sizeof cmd) == -1) pwarn("CANNOT SET FS_NEEDSFSCK FLAG\n"); fprintf(stdout, "CANNOT RUN IN BACKGROUND\n"); ckfini(0); exit(EEXIT); } return; } if (cdevname == NULL) cdevname = strdup("fsck"); (void)fprintf(stdout, "%s: ", cdevname); (void)vfprintf(stdout, fmt, ap); (void)fprintf(stdout, "\n%s: UNEXPECTED%sINCONSISTENCY; RUN fsck MANUALLY.\n", cdevname, usedsoftdep ? " SOFT UPDATE " : " "); /* * Force foreground fsck to clean up inconsistency. */ if (bkgrdflag) { cmd.value = FS_NEEDSFSCK; cmd.size = 1; if (sysctlbyname("vfs.ffs.setflags", 0, 0, &cmd, sizeof cmd) == -1) pwarn("CANNOT SET FS_NEEDSFSCK FLAG\n"); } ckfini(0); exit(EEXIT); } /* * Pwarn just prints a message when not preening or running soft dependency * protocol, or a warning (preceded by filename) when preening. */ void pwarn(const char *fmt, ...) { va_list ap; va_start(ap, fmt); if (preen) (void)fprintf(stdout, "%s: ", cdevname); (void)vfprintf(stdout, fmt, ap); va_end(ap); } /* * Stub for routines from kernel. */ void panic(const char *fmt, ...) { va_list ap; va_start(ap, fmt); pfatal("INTERNAL INCONSISTENCY:"); (void)vfprintf(stdout, fmt, ap); va_end(ap); exit(EEXIT); } diff --git a/sbin/fsck_ffs/globs.c b/sbin/fsck_ffs/globs.c index b004dd7d48b7..8c69b8db44ea 100644 --- a/sbin/fsck_ffs/globs.c +++ b/sbin/fsck_ffs/globs.c @@ -1,171 +1,168 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1980, 1986, 1993 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #if 0 #ifndef lint static const char copyright[] = "@(#) Copyright (c) 1980, 1986, 1993\n\ The Regents of the University of California. All rights reserved.\n"; #endif /* not lint */ -#ifndef lint -static char sccsid[] = "@(#)main.c 8.6 (Berkeley) 5/14/95"; -#endif /* not lint */ #endif #include #include #include #include #include #include "fsck.h" long readcnt[BT_NUMBUFTYPES]; long totalreadcnt[BT_NUMBUFTYPES]; struct timespec readtime[BT_NUMBUFTYPES]; struct timespec totalreadtime[BT_NUMBUFTYPES]; struct timespec startprog; struct bufarea sblk; /* file system superblock */ struct bufarea *pdirbp; /* current directory contents */ ino_t cursnapshot; long dirhash, inplast; unsigned long numdirs, listmax; long countdirs; /* number of directories we actually found */ int adjrefcnt[MIBSIZE]; /* MIB cmd to adjust inode reference cnt */ int adjblkcnt[MIBSIZE]; /* MIB cmd to adjust inode block count */ int setsize[MIBSIZE]; /* MIB cmd to set inode size */ int adjndir[MIBSIZE]; /* MIB cmd to adjust number of directories */ int adjnbfree[MIBSIZE]; /* MIB cmd to adjust number of free blocks */ int adjnifree[MIBSIZE]; /* MIB cmd to adjust number of free inodes */ int adjnffree[MIBSIZE]; /* MIB cmd to adjust number of free frags */ int adjnumclusters[MIBSIZE]; /* MIB cmd to adjust number of free clusters */ int adjdepth[MIBSIZE]; /* MIB cmd to adjust directory depth count */ int freefiles[MIBSIZE]; /* MIB cmd to free a set of files */ int freedirs[MIBSIZE]; /* MIB cmd to free a set of directories */ int freeblks[MIBSIZE]; /* MIB cmd to free a set of data blocks */ struct fsck_cmd cmd; /* sysctl file system update commands */ char *cdevname; /* name of device being checked */ long dev_bsize; /* computed value of DEV_BSIZE */ long secsize; /* actual disk sector size */ u_int real_dev_bsize; /* actual disk sector size, not overridden */ char nflag; /* assume a no response */ char yflag; /* assume a yes response */ int bkgrdflag; /* use a snapshot to run on an active system */ off_t bflag; /* location of alternate super block */ int debug; /* output debugging info */ int Eflag; /* delete empty data blocks */ int Zflag; /* zero empty data blocks */ int zflag; /* zero unused directory space */ int inoopt; /* trim out unused inodes */ char ckclean; /* only do work if not cleanly unmounted */ int cvtlevel; /* convert to newer file system format */ int ckhashadd; /* check hashes to be added */ int bkgrdcheck; /* determine if background check is possible */ int bkgrdsumadj; /* kernel able to adjust superblock summary */ char usedsoftdep; /* just fix soft dependency inconsistencies */ char preen; /* just fix normal inconsistencies */ char rerun; /* rerun fsck. Only used in non-preen mode */ int returntosingle; /* 1 => return to single user mode on exit */ char resolved; /* cleared if unresolved changes => not clean */ char havesb; /* superblock has been read */ char skipclean; /* skip clean file systems if preening */ int fsmodified; /* 1 => write done to file system */ int fsreadfd; /* file descriptor for reading file system */ int fswritefd; /* file descriptor for writing file system */ int surrender; /* Give up if reads fail */ int wantrestart; /* Restart fsck on early termination */ ufs2_daddr_t maxfsblock; /* number of blocks in the file system */ char *blockmap; /* ptr to primary blk allocation map */ ino_t maxino; /* number of inodes in file system */ ino_t lfdir; /* lost & found directory inode number */ const char *lfname; /* lost & found directory name */ int lfmode; /* lost & found directory creation mode */ ufs2_daddr_t n_blks; /* number of blocks in use */ int cgheader_corrupt; /* one or more CG headers are corrupt */ ino_t n_files; /* number of files in use */ volatile sig_atomic_t got_siginfo; /* received a SIGINFO */ volatile sig_atomic_t got_sigalarm; /* received a SIGALRM */ union dinode zino; struct dups *duplist; struct dups *muldup; struct inostatlist *inostathead; void fsckinit(void) { bzero(readcnt, sizeof(long) * BT_NUMBUFTYPES); bzero(totalreadcnt, sizeof(long) * BT_NUMBUFTYPES); bzero(readtime, sizeof(struct timespec) * BT_NUMBUFTYPES); bzero(totalreadtime, sizeof(struct timespec) * BT_NUMBUFTYPES); bzero(&startprog, sizeof(struct timespec)); bzero(&sblk, sizeof(struct bufarea)); cursnapshot = 0; listmax = numdirs = dirhash = inplast = 0; countdirs = 0; bzero(adjrefcnt, sizeof(int) * MIBSIZE); bzero(adjblkcnt, sizeof(int) * MIBSIZE); bzero(setsize, sizeof(int) * MIBSIZE); bzero(adjndir, sizeof(int) * MIBSIZE); bzero(adjnbfree, sizeof(int) * MIBSIZE); bzero(adjnifree, sizeof(int) * MIBSIZE); bzero(adjnffree, sizeof(int) * MIBSIZE); bzero(adjnumclusters, sizeof(int) * MIBSIZE); bzero(adjdepth, sizeof(int) * MIBSIZE); bzero(freefiles, sizeof(int) * MIBSIZE); bzero(freedirs, sizeof(int) * MIBSIZE); bzero(freeblks, sizeof(int) * MIBSIZE); bzero(&cmd, sizeof(struct fsck_cmd)); cdevname = NULL; dev_bsize = 0; secsize = 0; real_dev_bsize = 0; bkgrdsumadj = 0; usedsoftdep = 0; rerun = 0; returntosingle = 0; resolved = 0; havesb = 0; fsmodified = 0; fsreadfd = -1; fswritefd = -1; maxfsblock = 0; maxino = 0; lfdir = 0; lfname = "lost+found"; lfmode = 0700; n_blks = 0; n_files = 0; cgheader_corrupt = 0; got_siginfo = 0; got_sigalarm = 0; bzero(&zino.dp1, sizeof(struct ufs1_dinode)); bzero(&zino.dp2, sizeof(struct ufs2_dinode)); } diff --git a/sbin/fsck_ffs/inode.c b/sbin/fsck_ffs/inode.c index e4349ff97088..8b154d972dd3 100644 --- a/sbin/fsck_ffs/inode.c +++ b/sbin/fsck_ffs/inode.c @@ -1,1474 +1,1471 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1980, 1986, 1993 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #if 0 -#ifndef lint -static const char sccsid[] = "@(#)inode.c 8.8 (Berkeley) 4/28/95"; -#endif /* not lint */ #endif #include #include #include #include #include #include #include #include #include #include #include #include #include "fsck.h" struct bufarea *icachebp; /* inode cache buffer */ static int iblock(struct inodesc *, off_t isize, int type); static ufs2_daddr_t indir_blkatoff(ufs2_daddr_t, ino_t, ufs_lbn_t, ufs_lbn_t, struct bufarea **); static int snapclean(struct inodesc *idesc); static void chkcopyonwrite(struct fs *, ufs2_daddr_t, ufs2_daddr_t (*checkblkavail)(ufs2_daddr_t, long)); int ckinode(union dinode *dp, struct inodesc *idesc) { off_t remsize, sizepb; int i, offset, ret; struct inode ip; union dinode dino; ufs2_daddr_t ndb; mode_t mode; char pathbuf[MAXPATHLEN + 1]; if (idesc->id_fix != IGNORE) idesc->id_fix = DONTKNOW; idesc->id_dp = dp; idesc->id_lbn = -1; idesc->id_lballoc = -1; idesc->id_level = 0; idesc->id_entryno = 0; idesc->id_filesize = DIP(dp, di_size); mode = DIP(dp, di_mode) & IFMT; if (mode == IFBLK || mode == IFCHR || (mode == IFLNK && DIP(dp, di_size) < (unsigned)sblock.fs_maxsymlinklen)) return (KEEPON); if (sblock.fs_magic == FS_UFS1_MAGIC) dino.dp1 = dp->dp1; else dino.dp2 = dp->dp2; if (DIP(&dino, di_size) < 0) { pfatal("NEGATIVE INODE SIZE %jd\n", DIP(&dino, di_size)); return (STOP); } ndb = howmany(DIP(&dino, di_size), sblock.fs_bsize); for (i = 0; i < UFS_NDADDR; i++) { idesc->id_lbn++; if (--ndb == 0 && (offset = blkoff(&sblock, DIP(&dino, di_size))) != 0) idesc->id_numfrags = numfrags(&sblock, fragroundup(&sblock, offset)); else idesc->id_numfrags = sblock.fs_frag; if (DIP(&dino, di_db[i]) == 0) { if (idesc->id_type == DATA && ndb >= 0) { /* An empty block in a directory XXX */ getpathname(pathbuf, idesc->id_number, idesc->id_number); pfatal("DIRECTORY %s: CONTAINS EMPTY BLOCKS", pathbuf); if (reply("ADJUST LENGTH") == 1) { ginode(idesc->id_number, &ip); DIP_SET(ip.i_dp, di_size, i * sblock.fs_bsize); printf( "YOU MUST RERUN FSCK AFTERWARDS\n"); rerun = 1; inodirty(&ip); irelse(&ip); } return (STOP); } continue; } idesc->id_blkno = DIP(&dino, di_db[i]); if (idesc->id_type != DATA) ret = (*idesc->id_func)(idesc); else ret = dirscan(idesc); if (ret & STOP) return (ret); } idesc->id_numfrags = sblock.fs_frag; remsize = DIP(&dino, di_size) - sblock.fs_bsize * UFS_NDADDR; sizepb = sblock.fs_bsize; for (i = 0; i < UFS_NIADDR; i++) { sizepb *= NINDIR(&sblock); idesc->id_level = i + 1; if (DIP(&dino, di_ib[i])) { idesc->id_blkno = DIP(&dino, di_ib[i]); ret = iblock(idesc, remsize, BT_LEVEL1 + i); if (ret & STOP) return (ret); } else if (remsize > 0) { idesc->id_lbn += sizepb / sblock.fs_bsize; if (idesc->id_type == DATA) { /* An empty block in a directory XXX */ getpathname(pathbuf, idesc->id_number, idesc->id_number); pfatal("DIRECTORY %s: CONTAINS EMPTY BLOCKS", pathbuf); if (reply("ADJUST LENGTH") == 1) { ginode(idesc->id_number, &ip); DIP_SET(ip.i_dp, di_size, DIP(ip.i_dp, di_size) - remsize); remsize = 0; printf( "YOU MUST RERUN FSCK AFTERWARDS\n"); rerun = 1; inodirty(&ip); irelse(&ip); break; } } } remsize -= sizepb; } return (KEEPON); } static int iblock(struct inodesc *idesc, off_t isize, int type) { struct inode ip; struct bufarea *bp; int i, n, (*func)(struct inodesc *), nif; off_t sizepb; char buf[BUFSIZ]; char pathbuf[MAXPATHLEN + 1]; if (idesc->id_type != DATA) { func = idesc->id_func; if (((n = (*func)(idesc)) & KEEPON) == 0) return (n); } else func = dirscan; bp = getdatablk(idesc->id_blkno, sblock.fs_bsize, type); if (bp->b_errs != 0) { brelse(bp); return (SKIP); } idesc->id_bp = bp; idesc->id_level--; for (sizepb = sblock.fs_bsize, i = 0; i < idesc->id_level; i++) sizepb *= NINDIR(&sblock); if (howmany(isize, sizepb) > NINDIR(&sblock)) nif = NINDIR(&sblock); else nif = howmany(isize, sizepb); if (idesc->id_func == pass1check && nif < NINDIR(&sblock)) { for (i = nif; i < NINDIR(&sblock); i++) { if (IBLK(bp, i) == 0) continue; (void)sprintf(buf, "PARTIALLY TRUNCATED INODE I=%lu", (u_long)idesc->id_number); if (preen) { pfatal("%s", buf); } else if (dofix(idesc, buf)) { IBLK_SET(bp, i, 0); dirty(bp); } } flush(fswritefd, bp); } for (i = 0; i < nif; i++) { if (IBLK(bp, i)) { idesc->id_blkno = IBLK(bp, i); bp->b_index = i; if (idesc->id_level == 0) { idesc->id_lbn++; n = (*func)(idesc); } else { n = iblock(idesc, isize, type - 1); idesc->id_level++; } if (n & STOP) { brelse(bp); return (n); } } else { idesc->id_lbn += sizepb / sblock.fs_bsize; if (idesc->id_type == DATA && isize > 0) { /* An empty block in a directory XXX */ getpathname(pathbuf, idesc->id_number, idesc->id_number); pfatal("DIRECTORY %s: CONTAINS EMPTY BLOCKS", pathbuf); if (reply("ADJUST LENGTH") == 1) { ginode(idesc->id_number, &ip); DIP_SET(ip.i_dp, di_size, DIP(ip.i_dp, di_size) - isize); isize = 0; printf( "YOU MUST RERUN FSCK AFTERWARDS\n"); rerun = 1; inodirty(&ip); brelse(bp); return(STOP); } } } isize -= sizepb; } brelse(bp); return (KEEPON); } /* * Finds the disk block address at the specified lbn within the inode * specified by dp. This follows the whole tree and honors di_size and * di_extsize so it is a true test of reachability. The lbn may be * negative if an extattr or indirect block is requested. */ ufs2_daddr_t ino_blkatoff(union dinode *dp, ino_t ino, ufs_lbn_t lbn, int *frags, struct bufarea **bpp) { ufs_lbn_t tmpval; ufs_lbn_t cur; ufs_lbn_t next; int i; *frags = 0; if (bpp != NULL) *bpp = NULL; /* * Handle extattr blocks first. */ if (lbn < 0 && lbn >= -UFS_NXADDR) { lbn = -1 - lbn; if (lbn > lblkno(&sblock, dp->dp2.di_extsize - 1)) return (0); *frags = numfrags(&sblock, sblksize(&sblock, dp->dp2.di_extsize, lbn)); return (dp->dp2.di_extb[lbn]); } /* * Now direct and indirect. */ if (DIP(dp, di_mode) == IFLNK && DIP(dp, di_size) < sblock.fs_maxsymlinklen) return (0); if (lbn >= 0 && lbn < UFS_NDADDR) { *frags = numfrags(&sblock, sblksize(&sblock, DIP(dp, di_size), lbn)); return (DIP(dp, di_db[lbn])); } *frags = sblock.fs_frag; for (i = 0, tmpval = NINDIR(&sblock), cur = UFS_NDADDR; i < UFS_NIADDR; i++, tmpval *= NINDIR(&sblock), cur = next) { next = cur + tmpval; if (lbn == -cur - i) return (DIP(dp, di_ib[i])); /* * Determine whether the lbn in question is within this tree. */ if (lbn < 0 && -lbn >= next) continue; if (lbn > 0 && lbn >= next) continue; if (DIP(dp, di_ib[i]) == 0) return (0); return (indir_blkatoff(DIP(dp, di_ib[i]), ino, -cur - i, lbn, bpp)); } pfatal("lbn %jd not in ino %ju\n", lbn, (uintmax_t)ino); return (0); } /* * Fetch an indirect block to find the block at a given lbn. The lbn * may be negative to fetch a specific indirect block pointer or positive * to fetch a specific block. */ static ufs2_daddr_t indir_blkatoff(ufs2_daddr_t blk, ino_t ino, ufs_lbn_t cur, ufs_lbn_t lbn, struct bufarea **bpp) { struct bufarea *bp; ufs_lbn_t lbnadd; ufs_lbn_t base; int i, level; level = lbn_level(cur); if (level == -1) pfatal("Invalid indir lbn %jd in ino %ju\n", lbn, (uintmax_t)ino); if (level == 0 && lbn < 0) pfatal("Invalid lbn %jd in ino %ju\n", lbn, (uintmax_t)ino); lbnadd = 1; base = -(cur + level); for (i = level; i > 0; i--) lbnadd *= NINDIR(&sblock); if (lbn > 0) i = (lbn - base) / lbnadd; else i = (-lbn - base) / lbnadd; if (i < 0 || i >= NINDIR(&sblock)) { pfatal("Invalid indirect index %d produced by lbn %jd " "in ino %ju\n", i, lbn, (uintmax_t)ino); return (0); } if (level == 0) cur = base + (i * lbnadd); else cur = -(base + (i * lbnadd)) - (level - 1); bp = getdatablk(blk, sblock.fs_bsize, BT_LEVEL1 + level); if (bp->b_errs != 0) return (0); blk = IBLK(bp, i); bp->b_index = i; if (cur == lbn || blk == 0) { if (bpp != NULL) *bpp = bp; else brelse(bp); return (blk); } brelse(bp); if (level == 0) pfatal("Invalid lbn %jd at level 0 for ino %ju\n", lbn, (uintmax_t)ino); return (indir_blkatoff(blk, ino, cur, lbn, bpp)); } /* * Check that a block in a legal block number. * Return 0 if in range, 1 if out of range. */ int chkrange(ufs2_daddr_t blk, int cnt) { int c; if (cnt <= 0 || blk <= 0 || blk >= maxfsblock || cnt > maxfsblock - blk) { if (debug) printf("out of range: blk %ld, offset %i, size %d\n", (long)blk, (int)fragnum(&sblock, blk), cnt); return (1); } if (cnt > sblock.fs_frag || fragnum(&sblock, blk) + cnt > sblock.fs_frag) { if (debug) printf("bad size: blk %ld, offset %i, size %d\n", (long)blk, (int)fragnum(&sblock, blk), cnt); return (1); } c = dtog(&sblock, blk); if (blk < cgdmin(&sblock, c)) { if ((blk + cnt) > cgsblock(&sblock, c)) { if (debug) { printf("blk %ld < cgdmin %ld;", (long)blk, (long)cgdmin(&sblock, c)); printf(" blk + cnt %ld > cgsbase %ld\n", (long)(blk + cnt), (long)cgsblock(&sblock, c)); } return (1); } } else { if ((blk + cnt) > cgbase(&sblock, c+1)) { if (debug) { printf("blk %ld >= cgdmin %ld;", (long)blk, (long)cgdmin(&sblock, c)); printf(" blk + cnt %ld > sblock.fs_fpg %ld\n", (long)(blk + cnt), (long)sblock.fs_fpg); } return (1); } } return (0); } /* * General purpose interface for reading inodes. * * firstinum and lastinum track contents of getnextino() cache (below). */ static ino_t firstinum, lastinum; static struct bufarea inobuf; void ginode(ino_t inumber, struct inode *ip) { ufs2_daddr_t iblk; struct ufs2_dinode *dp; if (inumber < UFS_ROOTINO || inumber >= maxino) errx(EEXIT, "bad inode number %ju to ginode", (uintmax_t)inumber); ip->i_number = inumber; if (inumber >= firstinum && inumber < lastinum) { /* contents in getnextino() cache */ ip->i_bp = &inobuf; inobuf.b_refcnt++; inobuf.b_index = firstinum; } else if (icachebp != NULL && inumber >= icachebp->b_index && inumber < icachebp->b_index + INOPB(&sblock)) { /* take an additional reference for the returned inode */ icachebp->b_refcnt++; ip->i_bp = icachebp; } else { iblk = ino_to_fsba(&sblock, inumber); /* release our cache-hold reference on old icachebp */ if (icachebp != NULL) brelse(icachebp); icachebp = getdatablk(iblk, sblock.fs_bsize, BT_INODES); if (icachebp->b_errs != 0) { icachebp = NULL; ip->i_bp = NULL; ip->i_dp = &zino; return; } /* take a cache-hold reference on new icachebp */ icachebp->b_refcnt++; icachebp->b_index = rounddown(inumber, INOPB(&sblock)); ip->i_bp = icachebp; } if (sblock.fs_magic == FS_UFS1_MAGIC) { ip->i_dp = (union dinode *) &ip->i_bp->b_un.b_dinode1[inumber - ip->i_bp->b_index]; return; } ip->i_dp = (union dinode *) &ip->i_bp->b_un.b_dinode2[inumber - ip->i_bp->b_index]; dp = (struct ufs2_dinode *)ip->i_dp; /* Do not check hash of inodes being created */ if (dp->di_mode != 0 && ffs_verify_dinode_ckhash(&sblock, dp)) { pwarn("INODE CHECK-HASH FAILED"); prtinode(ip); if (preen || reply("FIX") != 0) { if (preen) printf(" (FIXED)\n"); ffs_update_dinode_ckhash(&sblock, dp); inodirty(ip); } } } /* * Release a held inode. */ void irelse(struct inode *ip) { /* Check for failed inode read */ if (ip->i_bp == NULL) return; if (debug && sblock.fs_magic == FS_UFS2_MAGIC && ffs_verify_dinode_ckhash(&sblock, (struct ufs2_dinode *)ip->i_dp)) { pwarn("irelse: releasing inode with bad check-hash"); prtinode(ip); } if (ip->i_bp->b_refcnt <= 0) pfatal("irelse: releasing unreferenced ino %ju\n", (uintmax_t) ip->i_number); brelse(ip->i_bp); } /* * Special purpose version of ginode used to optimize first pass * over all the inodes in numerical order. */ static ino_t nextinum, lastvalidinum; static long readcount, readpercg, fullcnt, inobufsize, partialcnt, partialsize; union dinode * getnextinode(ino_t inumber, int rebuiltcg) { int j; long size; mode_t mode; ufs2_daddr_t ndb, blk; union dinode *dp; struct inode ip; static caddr_t nextinop; if (inumber != nextinum++ || inumber > lastvalidinum) errx(EEXIT, "bad inode number %ju to nextinode", (uintmax_t)inumber); if (inumber >= lastinum) { readcount++; firstinum = lastinum; blk = ino_to_fsba(&sblock, lastinum); if (readcount % readpercg == 0) { size = partialsize; lastinum += partialcnt; } else { size = inobufsize; lastinum += fullcnt; } /* * Flush old contents in case they have been updated. * If getblk encounters an error, it will already have zeroed * out the buffer, so we do not need to do so here. */ if (inobuf.b_refcnt != 0) pfatal("Non-zero getnextinode() ref count %d\n", inobuf.b_refcnt); flush(fswritefd, &inobuf); getblk(&inobuf, blk, size); nextinop = inobuf.b_un.b_buf; } dp = (union dinode *)nextinop; if (sblock.fs_magic == FS_UFS1_MAGIC) nextinop += sizeof(struct ufs1_dinode); else nextinop += sizeof(struct ufs2_dinode); if ((ckhashadd & CK_INODE) != 0) { ffs_update_dinode_ckhash(&sblock, (struct ufs2_dinode *)dp); dirty(&inobuf); } if (ffs_verify_dinode_ckhash(&sblock, (struct ufs2_dinode *)dp) != 0) { pwarn("INODE CHECK-HASH FAILED"); ip.i_bp = NULL; ip.i_dp = dp; ip.i_number = inumber; prtinode(&ip); if (preen || reply("FIX") != 0) { if (preen) printf(" (FIXED)\n"); ffs_update_dinode_ckhash(&sblock, (struct ufs2_dinode *)dp); dirty(&inobuf); } } if (rebuiltcg && (char *)dp == inobuf.b_un.b_buf) { /* * Try to determine if we have reached the end of the * allocated inodes. */ mode = DIP(dp, di_mode) & IFMT; if (mode == 0) { if (memcmp(dp->dp2.di_db, zino.dp2.di_db, UFS_NDADDR * sizeof(ufs2_daddr_t)) || memcmp(dp->dp2.di_ib, zino.dp2.di_ib, UFS_NIADDR * sizeof(ufs2_daddr_t)) || dp->dp2.di_mode || dp->dp2.di_size) return (NULL); return (dp); } if (!ftypeok(dp)) return (NULL); ndb = howmany(DIP(dp, di_size), sblock.fs_bsize); if (ndb < 0) return (NULL); if (mode == IFBLK || mode == IFCHR) ndb++; if (mode == IFLNK) { /* * Fake ndb value so direct/indirect block checks below * will detect any garbage after symlink string. */ if (DIP(dp, di_size) < (off_t)sblock.fs_maxsymlinklen) { ndb = howmany(DIP(dp, di_size), sizeof(ufs2_daddr_t)); if (ndb > UFS_NDADDR) { j = ndb - UFS_NDADDR; for (ndb = 1; j > 1; j--) ndb *= NINDIR(&sblock); ndb += UFS_NDADDR; } } } for (j = ndb; ndb < UFS_NDADDR && j < UFS_NDADDR; j++) if (DIP(dp, di_db[j]) != 0) return (NULL); for (j = 0, ndb -= UFS_NDADDR; ndb > 0; j++) ndb /= NINDIR(&sblock); for (; j < UFS_NIADDR; j++) if (DIP(dp, di_ib[j]) != 0) return (NULL); } return (dp); } void setinodebuf(int cg, ino_t inosused) { ino_t inum; inum = cg * sblock.fs_ipg; lastvalidinum = inum + inosused - 1; nextinum = inum; lastinum = inum; readcount = 0; /* Flush old contents in case they have been updated */ flush(fswritefd, &inobuf); inobuf.b_bno = 0; if (inobuf.b_un.b_buf == NULL) { inobufsize = blkroundup(&sblock, MAX(INOBUFSIZE, sblock.fs_bsize)); initbarea(&inobuf, BT_INODES); if ((inobuf.b_un.b_buf = Balloc((unsigned)inobufsize)) == NULL) errx(EEXIT, "cannot allocate space for inode buffer"); } fullcnt = inobufsize / ((sblock.fs_magic == FS_UFS1_MAGIC) ? sizeof(struct ufs1_dinode) : sizeof(struct ufs2_dinode)); readpercg = inosused / fullcnt; partialcnt = inosused % fullcnt; partialsize = fragroundup(&sblock, partialcnt * ((sblock.fs_magic == FS_UFS1_MAGIC) ? sizeof(struct ufs1_dinode) : sizeof(struct ufs2_dinode))); if (partialcnt != 0) { readpercg++; } else { partialcnt = fullcnt; partialsize = inobufsize; } } int freeblock(struct inodesc *idesc) { struct dups *dlp; struct bufarea *cgbp; struct cg *cgp; ufs2_daddr_t blkno; long size, nfrags; blkno = idesc->id_blkno; if (idesc->id_type == SNAP) { pfatal("clearing a snapshot dinode\n"); return (STOP); } size = lfragtosize(&sblock, idesc->id_numfrags); if (snapblkfree(&sblock, blkno, size, idesc->id_number, std_checkblkavail)) return (KEEPON); for (nfrags = idesc->id_numfrags; nfrags > 0; blkno++, nfrags--) { if (chkrange(blkno, 1)) { return (SKIP); } else if (testbmap(blkno)) { for (dlp = duplist; dlp; dlp = dlp->next) { if (dlp->dup != blkno) continue; dlp->dup = duplist->dup; dlp = duplist; duplist = duplist->next; free((char *)dlp); break; } if (dlp == NULL) { clrbmap(blkno); n_blks--; } } } /* * If all successfully returned, account for them. */ if (nfrags == 0) { cgbp = cglookup(dtog(&sblock, idesc->id_blkno)); cgp = cgbp->b_un.b_cg; if (idesc->id_numfrags == sblock.fs_frag) cgp->cg_cs.cs_nbfree++; else cgp->cg_cs.cs_nffree += idesc->id_numfrags; cgdirty(cgbp); } return (KEEPON); } /* * Prepare a snapshot file for being removed. */ void snapremove(ino_t inum) { struct inodesc idesc; struct inode ip; int i; for (i = 0; i < snapcnt; i++) if (snaplist[i].i_number == inum) break; if (i == snapcnt) ginode(inum, &ip); else ip = snaplist[i]; if ((DIP(ip.i_dp, di_flags) & SF_SNAPSHOT) == 0) { printf("snapremove: inode %jd is not a snapshot\n", (intmax_t)inum); if (i == snapcnt) irelse(&ip); return; } if (debug) printf("snapremove: remove %sactive snapshot %jd\n", i == snapcnt ? "in" : "", (intmax_t)inum); /* * If on active snapshot list, remove it. */ if (i < snapcnt) { for (i++; i < FSMAXSNAP; i++) { if (sblock.fs_snapinum[i] == 0) break; snaplist[i - 1] = snaplist[i]; sblock.fs_snapinum[i - 1] = sblock.fs_snapinum[i]; } sblock.fs_snapinum[i - 1] = 0; bzero(&snaplist[i - 1], sizeof(struct inode)); snapcnt--; } memset(&idesc, 0, sizeof(struct inodesc)); idesc.id_type = SNAP; idesc.id_func = snapclean; idesc.id_number = inum; (void)ckinode(ip.i_dp, &idesc); DIP_SET(ip.i_dp, di_flags, DIP(ip.i_dp, di_flags) & ~SF_SNAPSHOT); inodirty(&ip); irelse(&ip); } static int snapclean(struct inodesc *idesc) { ufs2_daddr_t blkno; struct bufarea *bp; union dinode *dp; blkno = idesc->id_blkno; if (blkno == 0) return (KEEPON); dp = idesc->id_dp; if (blkno == BLK_NOCOPY || blkno == BLK_SNAP) { if (idesc->id_lbn < UFS_NDADDR) { DIP_SET(dp, di_db[idesc->id_lbn], 0); } else { bp = idesc->id_bp; IBLK_SET(bp, bp->b_index, 0); dirty(bp); } } return (KEEPON); } /* * Notification that a block is being freed. Return zero if the free * should be allowed to proceed. Return non-zero if the snapshot file * wants to claim the block. The block will be claimed if it is an * uncopied part of one of the snapshots. It will be freed if it is * either a BLK_NOCOPY or has already been copied in all of the snapshots. * If a fragment is being freed, then all snapshots that care about * it must make a copy since a snapshot file can only claim full sized * blocks. Note that if more than one snapshot file maps the block, * we can pick one at random to claim it. Since none of the snapshots * can change, we are assurred that they will all see the same unmodified * image. When deleting a snapshot file (see ino_trunc above), we * must push any of these claimed blocks to one of the other snapshots * that maps it. These claimed blocks are easily identified as they will * have a block number equal to their logical block number within the * snapshot. A copied block can never have this property because they * must always have been allocated from a BLK_NOCOPY location. */ int snapblkfree(struct fs *fs, ufs2_daddr_t bno, long size, ino_t inum, ufs2_daddr_t (*checkblkavail)(ufs2_daddr_t blkno, long frags)) { union dinode *dp; struct inode ip; struct bufarea *snapbp; ufs_lbn_t lbn; ufs2_daddr_t blkno, relblkno; int i, frags, claimedblk, copydone; /* If no snapshots, nothing to do */ if (snapcnt == 0) return (0); if (debug) printf("snapblkfree: in ino %jd free blkno %jd, size %jd\n", (intmax_t)inum, (intmax_t)bno, (intmax_t)size); relblkno = blknum(fs, bno); lbn = fragstoblks(fs, relblkno); /* Direct blocks are always pre-copied */ if (lbn < UFS_NDADDR) return (0); copydone = 0; claimedblk = 0; for (i = 0; i < snapcnt; i++) { /* * Lookup block being freed. */ ip = snaplist[i]; dp = ip.i_dp; blkno = ino_blkatoff(dp, inum != 0 ? inum : ip.i_number, lbn, &frags, &snapbp); /* * Check to see if block needs to be copied. */ if (blkno == 0) { /* * A block that we map is being freed. If it has not * been claimed yet, we will claim or copy it (below). */ claimedblk = 1; } else if (blkno == BLK_SNAP) { /* * No previous snapshot claimed the block, * so it will be freed and become a BLK_NOCOPY * (don't care) for us. */ if (claimedblk) pfatal("snapblkfree: inconsistent block type"); IBLK_SET(snapbp, snapbp->b_index, BLK_NOCOPY); dirty(snapbp); brelse(snapbp); continue; } else /* BLK_NOCOPY or default */ { /* * If the snapshot has already copied the block * (default), or does not care about the block, * it is not needed. */ brelse(snapbp); continue; } /* * If this is a full size block, we will just grab it * and assign it to the snapshot inode. Otherwise we * will proceed to copy it. See explanation for this * routine as to why only a single snapshot needs to * claim this block. */ if (size == fs->fs_bsize) { if (debug) printf("Grabonremove snapshot %ju lbn %jd " "from inum %ju\n", (intmax_t)ip.i_number, (intmax_t)lbn, (uintmax_t)inum); IBLK_SET(snapbp, snapbp->b_index, relblkno); dirty(snapbp); brelse(snapbp); DIP_SET(dp, di_blocks, DIP(dp, di_blocks) + btodb(size)); inodirty(&ip); return (1); } /* First time through, read the contents of the old block. */ if (copydone == 0) { copydone = 1; if (blread(fsreadfd, copybuf, fsbtodb(fs, relblkno), fs->fs_bsize) != 0) { pfatal("Could not read snapshot %ju block " "%jd\n", (intmax_t)ip.i_number, (intmax_t)relblkno); continue; } } /* * This allocation will never require any additional * allocations for the snapshot inode. */ blkno = allocblk(dtog(fs, relblkno), fs->fs_frag, checkblkavail); if (blkno == 0) { pfatal("Could not allocate block for snapshot %ju\n", (intmax_t)ip.i_number); continue; } if (debug) printf("Copyonremove: snapino %jd lbn %jd for inum %ju " "size %ld new blkno %jd\n", (intmax_t)ip.i_number, (intmax_t)lbn, (uintmax_t)inum, size, (intmax_t)blkno); blwrite(fswritefd, copybuf, fsbtodb(fs, blkno), fs->fs_bsize); IBLK_SET(snapbp, snapbp->b_index, blkno); dirty(snapbp); brelse(snapbp); DIP_SET(dp, di_blocks, DIP(dp, di_blocks) + btodb(fs->fs_bsize)); inodirty(&ip); } return (0); } /* * Notification that a block is being written. Return if the block * is part of a snapshot as snapshots never track other snapshots. * The block will be copied in all of the snapshots that are tracking * it and have not yet copied it. Some buffers may hold more than one * block. Here we need to check each block in the buffer. */ void copyonwrite(struct fs *fs, struct bufarea *bp, ufs2_daddr_t (*checkblkavail)(ufs2_daddr_t blkno, long frags)) { ufs2_daddr_t copyblkno; long i, numblks; /* If no snapshots, nothing to do. */ if (snapcnt == 0) return; numblks = blkroundup(fs, bp->b_size) / fs->fs_bsize; if (debug) prtbuf(bp, "copyonwrite: checking %jd block%s in buffer", (intmax_t)numblks, numblks > 1 ? "s" : ""); copyblkno = blknum(fs, dbtofsb(fs, bp->b_bno)); for (i = 0; i < numblks; i++) { chkcopyonwrite(fs, copyblkno, checkblkavail); copyblkno += fs->fs_frag; } } static void chkcopyonwrite(struct fs *fs, ufs2_daddr_t copyblkno, ufs2_daddr_t (*checkblkavail)(ufs2_daddr_t blkno, long frags)) { struct inode ip; union dinode *dp; struct bufarea *snapbp; ufs2_daddr_t blkno; int i, frags, copydone; ufs_lbn_t lbn; lbn = fragstoblks(fs, copyblkno); /* Direct blocks are always pre-copied */ if (lbn < UFS_NDADDR) return; copydone = 0; for (i = 0; i < snapcnt; i++) { /* * Lookup block being freed. */ ip = snaplist[i]; dp = ip.i_dp; blkno = ino_blkatoff(dp, ip.i_number, lbn, &frags, &snapbp); /* * Check to see if block needs to be copied. */ if (blkno != 0) { /* * A block that we have already copied or don't track. */ brelse(snapbp); continue; } /* First time through, read the contents of the old block. */ if (copydone == 0) { copydone = 1; if (blread(fsreadfd, copybuf, fsbtodb(fs, copyblkno), fs->fs_bsize) != 0) { pfatal("Could not read snapshot %ju block " "%jd\n", (intmax_t)ip.i_number, (intmax_t)copyblkno); continue; } } /* * This allocation will never require any additional * allocations for the snapshot inode. */ if ((blkno = allocblk(dtog(fs, copyblkno), fs->fs_frag, checkblkavail)) == 0) { pfatal("Could not allocate block for snapshot %ju\n", (intmax_t)ip.i_number); continue; } if (debug) prtbuf(snapbp, "Copyonwrite: snapino %jd lbn %jd using " "blkno %ju setting in buffer", (intmax_t)ip.i_number, (intmax_t)lbn, (intmax_t)blkno); blwrite(fswritefd, copybuf, fsbtodb(fs, blkno), fs->fs_bsize); IBLK_SET(snapbp, snapbp->b_index, blkno); dirty(snapbp); brelse(snapbp); DIP_SET(dp, di_blocks, DIP(dp, di_blocks) + btodb(fs->fs_bsize)); inodirty(&ip); } return; } /* * Traverse an inode and check that its block count is correct * fixing it if necessary. */ void check_blkcnt(struct inode *ip) { struct inodesc idesc; union dinode *dp; ufs2_daddr_t ndb; int j, ret, offset; dp = ip->i_dp; memset(&idesc, 0, sizeof(struct inodesc)); idesc.id_func = pass1check; idesc.id_number = ip->i_number; idesc.id_type = (DIP(dp, di_flags) & SF_SNAPSHOT) == 0 ? ADDR : SNAP; (void)ckinode(dp, &idesc); if (sblock.fs_magic == FS_UFS2_MAGIC && dp->dp2.di_extsize > 0) { ndb = howmany(dp->dp2.di_extsize, sblock.fs_bsize); for (j = 0; j < UFS_NXADDR; j++) { if (--ndb == 0 && (offset = blkoff(&sblock, dp->dp2.di_extsize)) != 0) idesc.id_numfrags = numfrags(&sblock, fragroundup(&sblock, offset)); else idesc.id_numfrags = sblock.fs_frag; if (dp->dp2.di_extb[j] == 0) continue; idesc.id_blkno = dp->dp2.di_extb[j]; ret = (*idesc.id_func)(&idesc); if (ret & STOP) break; } } idesc.id_entryno *= btodb(sblock.fs_fsize); if (DIP(dp, di_blocks) != idesc.id_entryno) { if (!(sujrecovery && preen)) { pwarn("INCORRECT BLOCK COUNT I=%lu (%ju should be %ju)", (u_long)idesc.id_number, (uintmax_t)DIP(dp, di_blocks), (uintmax_t)idesc.id_entryno); if (preen) printf(" (CORRECTED)\n"); else if (reply("CORRECT") == 0) return; } if (bkgrdflag == 0) { DIP_SET(dp, di_blocks, idesc.id_entryno); inodirty(ip); } else { cmd.value = idesc.id_number; cmd.size = idesc.id_entryno - DIP(dp, di_blocks); if (debug) printf("adjblkcnt ino %ju amount %lld\n", (uintmax_t)cmd.value, (long long)cmd.size); if (sysctl(adjblkcnt, MIBSIZE, 0, 0, &cmd, sizeof cmd) == -1) rwerror("ADJUST INODE BLOCK COUNT", cmd.value); } } } void freeinodebuf(void) { struct bufarea *bp; int i; /* * Flush old contents in case they have been updated. */ flush(fswritefd, &inobuf); if (inobuf.b_un.b_buf != NULL) free((char *)inobuf.b_un.b_buf); inobuf.b_un.b_buf = NULL; firstinum = lastinum = 0; /* * Reload the snapshot inodes in case any of them changed. */ for (i = 0; i < snapcnt; i++) { bp = snaplist[i].i_bp; bp->b_errs = blread(fsreadfd, bp->b_un.b_buf, bp->b_bno, bp->b_size); } } /* * Routines to maintain information about directory inodes. * This is built during the first pass and used during the * second and third passes. * * Enter inodes into the cache. */ struct inoinfo * cacheino(union dinode *dp, ino_t inumber) { struct inoinfo *inp; int i, blks; if (getinoinfo(inumber) != NULL) pfatal("cacheino: duplicate entry for ino %jd\n", (intmax_t)inumber); if (howmany(DIP(dp, di_size), sblock.fs_bsize) > UFS_NDADDR) blks = UFS_NDADDR + UFS_NIADDR; else if (DIP(dp, di_size) > 0) blks = howmany(DIP(dp, di_size), sblock.fs_bsize); else blks = 1; inp = (struct inoinfo *) Malloc(sizeof(*inp) + (blks - 1) * sizeof(ufs2_daddr_t)); if (inp == NULL) errx(EEXIT, "cannot increase directory list"); SLIST_INSERT_HEAD(&inphash[inumber % dirhash], inp, i_hash); inp->i_flags = 0; inp->i_parent = inumber == UFS_ROOTINO ? UFS_ROOTINO : (ino_t)0; inp->i_dotdot = (ino_t)0; inp->i_number = inumber; inp->i_isize = DIP(dp, di_size); inp->i_depth = DIP(dp, di_dirdepth); inp->i_numblks = blks; for (i = 0; i < MIN(blks, UFS_NDADDR); i++) inp->i_blks[i] = DIP(dp, di_db[i]); if (blks > UFS_NDADDR) for (i = 0; i < UFS_NIADDR; i++) inp->i_blks[UFS_NDADDR + i] = DIP(dp, di_ib[i]); if (inplast == listmax) { listmax += 100; inpsort = (struct inoinfo **)reallocarray((char *)inpsort, listmax, sizeof(struct inoinfo *)); if (inpsort == NULL) errx(EEXIT, "cannot increase directory list"); } inpsort[inplast++] = inp; return (inp); } /* * Look up an inode cache structure. */ struct inoinfo * getinoinfo(ino_t inumber) { struct inoinfo *inp; SLIST_FOREACH(inp, &inphash[inumber % dirhash], i_hash) { if (inp->i_number != inumber) continue; return (inp); } return (NULL); } /* * Remove an entry from the inode cache and disk-order sorted list. * Return 0 on success and 1 on failure. */ int removecachedino(ino_t inumber) { struct inoinfo *inp, **inpp; char *listtype; listtype = "hash"; SLIST_FOREACH(inp, &inphash[inumber % dirhash], i_hash) { if (inp->i_number != inumber) continue; SLIST_REMOVE(&inphash[inumber % dirhash], inp, inoinfo, i_hash); for (inpp = &inpsort[inplast - 1]; inpp >= inpsort; inpp--) { if (*inpp != inp) continue; *inpp = inpsort[inplast - 1]; inplast--; free(inp); return (0); } listtype = "sort"; break; } pfatal("removecachedino: entry for ino %jd not found on %s list\n", (intmax_t)inumber, listtype); return (1); } /* * Clean up all the inode cache structure. */ void inocleanup(void) { struct inoinfo **inpp; if (inphash == NULL) return; for (inpp = &inpsort[inplast - 1]; inpp >= inpsort; inpp--) free((char *)(*inpp)); free((char *)inphash); inphash = NULL; free((char *)inpsort); inpsort = NULL; } void inodirty(struct inode *ip) { if (sblock.fs_magic == FS_UFS2_MAGIC) ffs_update_dinode_ckhash(&sblock, (struct ufs2_dinode *)ip->i_dp); dirty(ip->i_bp); } void clri(struct inodesc *idesc, const char *type, int flag) { union dinode *dp; struct inode ip; ginode(idesc->id_number, &ip); dp = ip.i_dp; if (flag == 1) { pwarn("%s %s", type, (DIP(dp, di_mode) & IFMT) == IFDIR ? "DIR" : "FILE"); prtinode(&ip); printf("\n"); } if (preen || reply("CLEAR") == 1) { if (preen) printf(" (CLEARED)\n"); n_files--; if (bkgrdflag == 0) { if (idesc->id_type == SNAP) { snapremove(idesc->id_number); idesc->id_type = ADDR; } (void)ckinode(dp, idesc); inoinfo(idesc->id_number)->ino_state = USTATE; clearinode(dp); inodirty(&ip); } else { cmd.value = idesc->id_number; cmd.size = -DIP(dp, di_nlink); if (debug) printf("adjrefcnt ino %ld amt %lld\n", (long)cmd.value, (long long)cmd.size); if (sysctl(adjrefcnt, MIBSIZE, 0, 0, &cmd, sizeof cmd) == -1) rwerror("ADJUST INODE", cmd.value); } } irelse(&ip); } int findname(struct inodesc *idesc) { struct direct *dirp = idesc->id_dirp; if (dirp->d_ino != idesc->id_parent || idesc->id_entryno < 2) { idesc->id_entryno++; return (KEEPON); } memmove(idesc->id_name, dirp->d_name, (size_t)dirp->d_namlen + 1); return (STOP|FOUND); } int findino(struct inodesc *idesc) { struct direct *dirp = idesc->id_dirp; if (dirp->d_ino == 0) return (KEEPON); if (strcmp(dirp->d_name, idesc->id_name) == 0 && dirp->d_ino >= UFS_ROOTINO && dirp->d_ino < maxino) { idesc->id_parent = dirp->d_ino; return (STOP|FOUND); } return (KEEPON); } int clearentry(struct inodesc *idesc) { struct direct *dirp = idesc->id_dirp; if (dirp->d_ino != idesc->id_parent || idesc->id_entryno < 2) { idesc->id_entryno++; return (KEEPON); } dirp->d_ino = 0; return (STOP|FOUND|ALTERED); } void prtinode(struct inode *ip) { char *p; union dinode *dp; struct passwd *pw; time_t t; dp = ip->i_dp; printf(" I=%lu ", (u_long)ip->i_number); if (ip->i_number < UFS_ROOTINO || ip->i_number >= maxino) return; printf(" OWNER="); if ((pw = getpwuid((int)DIP(dp, di_uid))) != NULL) printf("%s ", pw->pw_name); else printf("%u ", (unsigned)DIP(dp, di_uid)); printf("MODE=%o\n", DIP(dp, di_mode)); if (preen) printf("%s: ", cdevname); printf("SIZE=%ju ", (uintmax_t)DIP(dp, di_size)); t = DIP(dp, di_mtime); if ((p = ctime(&t)) != NULL) printf("MTIME=%12.12s %4.4s ", &p[4], &p[20]); } void blkerror(ino_t ino, const char *type, ufs2_daddr_t blk) { pfatal("%jd %s I=%ju", (intmax_t)blk, type, (uintmax_t)ino); printf("\n"); switch (inoinfo(ino)->ino_state) { case FSTATE: case FZLINK: inoinfo(ino)->ino_state = FCLEAR; return; case DSTATE: case DZLINK: inoinfo(ino)->ino_state = DCLEAR; return; case FCLEAR: case DCLEAR: return; default: errx(EEXIT, "BAD STATE %d TO BLKERR", inoinfo(ino)->ino_state); /* NOTREACHED */ } } /* * allocate an unused inode */ ino_t allocino(ino_t request, int type) { ino_t ino; struct inode ip; union dinode *dp; struct bufarea *cgbp; struct cg *cgp; int cg, anyino; anyino = 0; if (request == 0) { request = UFS_ROOTINO; anyino = 1; } else if (inoinfo(request)->ino_state != USTATE) return (0); retry: for (ino = request; ino < maxino; ino++) if (inoinfo(ino)->ino_state == USTATE) break; if (ino >= maxino) return (0); cg = ino_to_cg(&sblock, ino); cgbp = cglookup(cg); cgp = cgbp->b_un.b_cg; if (!check_cgmagic(cg, cgbp)) { if (anyino == 0) return (0); request = (cg + 1) * sblock.fs_ipg; goto retry; } setbit(cg_inosused(cgp), ino % sblock.fs_ipg); cgp->cg_cs.cs_nifree--; switch (type & IFMT) { case IFDIR: inoinfo(ino)->ino_state = DSTATE; cgp->cg_cs.cs_ndir++; break; case IFREG: case IFLNK: inoinfo(ino)->ino_state = FSTATE; break; default: return (0); } cgdirty(cgbp); ginode(ino, &ip); dp = ip.i_dp; memset(dp, 0, ((sblock.fs_magic == FS_UFS1_MAGIC) ? sizeof(struct ufs1_dinode) : sizeof(struct ufs2_dinode))); DIP_SET(dp, di_db[0], allocblk(ino_to_cg(&sblock, ino), (long)1, std_checkblkavail)); if (DIP(dp, di_db[0]) == 0) { inoinfo(ino)->ino_state = USTATE; inodirty(&ip); irelse(&ip); return (0); } DIP_SET(dp, di_mode, type); DIP_SET(dp, di_atime, time(NULL)); DIP_SET(dp, di_ctime, DIP(dp, di_atime)); DIP_SET(dp, di_mtime, DIP(dp, di_ctime)); DIP_SET(dp, di_size, sblock.fs_fsize); DIP_SET(dp, di_blocks, btodb(sblock.fs_fsize)); n_files++; inodirty(&ip); irelse(&ip); inoinfo(ino)->ino_type = IFTODT(type); return (ino); } /* * deallocate an inode */ void freeino(ino_t ino) { struct inodesc idesc; union dinode *dp; struct inode ip; memset(&idesc, 0, sizeof(struct inodesc)); idesc.id_type = ADDR; idesc.id_func = freeblock; idesc.id_number = ino; ginode(ino, &ip); dp = ip.i_dp; (void)ckinode(dp, &idesc); clearinode(dp); inodirty(&ip); irelse(&ip); inoinfo(ino)->ino_state = USTATE; n_files--; } diff --git a/sbin/fsck_ffs/main.c b/sbin/fsck_ffs/main.c index 4189af1ba517..63446f63a110 100644 --- a/sbin/fsck_ffs/main.c +++ b/sbin/fsck_ffs/main.c @@ -1,748 +1,745 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1980, 1986, 1993 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #if 0 #ifndef lint static const char copyright[] = "@(#) Copyright (c) 1980, 1986, 1993\n\ The Regents of the University of California. All rights reserved.\n"; #endif /* not lint */ -#ifndef lint -static char sccsid[] = "@(#)main.c 8.6 (Berkeley) 5/14/95"; -#endif /* not lint */ #endif #include #define _WANT_P_OSREL #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include "fsck.h" static int restarts; static char snapname[BUFSIZ]; /* when doing snapshots, the name of the file */ static void usage(void) __dead2; static intmax_t argtoimax(int flag, const char *req, const char *str, int base); static int checkfilesys(char *filesys); static int setup_bkgrdchk(struct statfs *mntp, int sbrdfailed, char **filesys); int main(int argc, char *argv[]) { int ch; struct rlimit rlimit; struct itimerval itimerval; int fsret; int ret = 0; sync(); skipclean = 1; inoopt = 0; while ((ch = getopt(argc, argv, "b:Bc:CdEfFm:npRrSyZz")) != -1) { switch (ch) { case 'b': skipclean = 0; bflag = argtoimax('b', "number", optarg, 10); printf("Alternate super block location: %jd\n", bflag); break; case 'B': bkgrdflag = 1; break; case 'c': skipclean = 0; cvtlevel = argtoimax('c', "conversion level", optarg, 10); if (cvtlevel < 3) errx(EEXIT, "cannot do level %d conversion", cvtlevel); break; case 'd': debug++; break; case 'E': Eflag++; break; case 'f': skipclean = 0; break; case 'F': bkgrdcheck = 1; break; case 'm': lfmode = argtoimax('m', "mode", optarg, 8); if (lfmode &~ 07777) errx(EEXIT, "bad mode to -m: %o", lfmode); printf("** lost+found creation mode %o\n", lfmode); break; case 'n': nflag++; yflag = 0; break; case 'p': preen++; /*FALLTHROUGH*/ case 'C': ckclean++; break; case 'R': wantrestart = 1; break; case 'r': inoopt++; break; case 'S': surrender = 1; break; case 'y': yflag++; nflag = 0; break; case 'Z': Zflag++; break; case 'z': zflag++; break; default: usage(); } } argc -= optind; argv += optind; if (!argc) usage(); if (bkgrdflag && cvtlevel > 0) { pfatal("CANNOT CONVERT A SNAPSHOT\n"); exit(EEXIT); } if (signal(SIGINT, SIG_IGN) != SIG_IGN) (void)signal(SIGINT, catch); if (ckclean) (void)signal(SIGQUIT, catchquit); signal(SIGINFO, infohandler); if (bkgrdflag) { signal(SIGALRM, alarmhandler); itimerval.it_interval.tv_sec = 5; itimerval.it_interval.tv_usec = 0; itimerval.it_value.tv_sec = 5; itimerval.it_value.tv_usec = 0; setitimer(ITIMER_REAL, &itimerval, NULL); } /* * Push up our allowed memory limit so we can cope * with huge file systems. */ if (getrlimit(RLIMIT_DATA, &rlimit) == 0) { rlimit.rlim_cur = rlimit.rlim_max; (void)setrlimit(RLIMIT_DATA, &rlimit); } while (argc > 0) { if ((fsret = checkfilesys(*argv)) == ERESTART) continue; ret |= fsret; argc--; argv++; } if (returntosingle) ret = 2; exit(ret); } static intmax_t argtoimax(int flag, const char *req, const char *str, int base) { char *cp; intmax_t ret; ret = strtoimax(str, &cp, base); if (cp == str || *cp) errx(EEXIT, "-%c flag requires a %s", flag, req); return (ret); } /* * Check the specified file system. */ /* ARGSUSED */ static int checkfilesys(char *filesys) { ufs2_daddr_t n_ffree, n_bfree; struct dups *dp; struct statfs *mntp; intmax_t blks, files; size_t size; int sbreadfailed, ofsmodified; fsutilinit(); fsckinit(); cdevname = filesys; if (debug && ckclean) pwarn("starting\n"); /* * Make best effort to get the disk name. Check first to see * if it is listed among the mounted file systems. Failing that * check to see if it is listed in /etc/fstab. */ mntp = getmntpoint(filesys); if (mntp != NULL) filesys = mntp->f_mntfromname; else filesys = blockcheck(filesys); /* * If -F flag specified, check to see whether a background check * is possible and needed. If possible and needed, exit with * status zero. Otherwise exit with status non-zero. A non-zero * exit status will cause a foreground check to be run. */ sblock_init(); sbreadfailed = 0; if (openfilesys(filesys) == 0 || readsb() == 0) sbreadfailed = 1; if (bkgrdcheck) { if (sbreadfailed) exit(3); /* Cannot read superblock */ if ((sblock.fs_flags & FS_NEEDSFSCK) == FS_NEEDSFSCK) exit(4); /* Earlier background failed */ if ((sblock.fs_flags & FS_SUJ) == FS_SUJ) { maxino = sblock.fs_ncg * sblock.fs_ipg; maxfsblock = sblock.fs_size; bufinit(); preen = 1; if (suj_check(filesys) == 0) exit(4); /* Journal good, run it now */ } if ((sblock.fs_flags & FS_DOSOFTDEP) == 0) exit(5); /* Not running soft updates */ size = MIBSIZE; if (sysctlnametomib("vfs.ffs.adjrefcnt", adjrefcnt, &size) < 0) exit(6); /* Lacks kernel support */ if ((mntp == NULL && sblock.fs_clean == 1) || (mntp != NULL && (sblock.fs_flags & FS_UNCLEAN) == 0)) exit(7); /* Filesystem clean, report it now */ exit(0); } if (ckclean && skipclean) { /* * If file system is gjournaled, check it here. */ if (sbreadfailed) exit(3); /* Cannot read superblock */ if (bkgrdflag == 0 && (nflag || (fswritefd = open(filesys, O_WRONLY)) < 0)) { fswritefd = -1; if (preen) pfatal("NO WRITE ACCESS"); printf(" (NO WRITE)"); } if ((sblock.fs_flags & FS_GJOURNAL) != 0) { if (sblock.fs_clean == 1) { pwarn("FILE SYSTEM CLEAN; SKIPPING CHECKS\n"); exit(0); } if ((sblock.fs_flags & (FS_UNCLEAN | FS_NEEDSFSCK)) == 0) { bufinit(); gjournal_check(filesys); if (chkdoreload(mntp, pwarn) == 0) exit(0); exit(4); } else { pfatal("FULL FSCK NEEDED, CANNOT RUN FAST " "FSCK\n"); } } close(fswritefd); fswritefd = -1; } if (bkgrdflag) { switch (setup_bkgrdchk(mntp, sbreadfailed, &filesys)) { case -1: /* filesystem clean */ goto clean; case 0: /* cannot do background, give up */ exit(EEXIT); case 1: /* doing background check, preen rules apply */ preen = 1; break; } } switch (setup(filesys)) { case 0: if (preen) pfatal("CAN'T CHECK FILE SYSTEM."); return (EEXIT); case -1: clean: pwarn("clean, %ld free ", (long)(sblock.fs_cstotal.cs_nffree + sblock.fs_frag * sblock.fs_cstotal.cs_nbfree)); printf("(%jd frags, %jd blocks, %.1f%% fragmentation)\n", (intmax_t)sblock.fs_cstotal.cs_nffree, (intmax_t)sblock.fs_cstotal.cs_nbfree, sblock.fs_cstotal.cs_nffree * 100.0 / sblock.fs_dsize); return (0); } /* * Determine if we can and should do journal recovery. */ if (bkgrdflag == 0 && (sblock.fs_flags & FS_SUJ) == FS_SUJ) { if ((sblock.fs_flags & FS_NEEDSFSCK) != FS_NEEDSFSCK && skipclean) { sujrecovery = 1; if (suj_check(filesys) == 0) { pwarn("\n**** FILE SYSTEM MARKED CLEAN ****\n"); if (chkdoreload(mntp, pwarn) == 0) exit(0); exit(4); } sujrecovery = 0; pwarn("Skipping journal, " "falling through to full fsck\n"); } if (fswritefd != -1) { /* * Write the superblock so we don't try to recover the * journal on another pass. If this is the only change * to the filesystem, we do not want it to be called * out as modified. */ sblock.fs_mtime = time(NULL); sbdirty(); ofsmodified = fsmodified; flush(fswritefd, &sblk); fsmodified = ofsmodified; } } /* * If the filesystem was run on an old kernel that did not * support check hashes, clear the check-hash flags so that * we do not try to verify them. */ if ((sblock.fs_flags & FS_METACKHASH) == 0) sblock.fs_metackhash = 0; /* * If we are running on a kernel that can provide check hashes * that are not yet enabled for the filesystem and we are * running manually without the -y flag, offer to add any * supported check hashes that are not already enabled. */ ckhashadd = 0; if (preen == 0 && yflag == 0 && sblock.fs_magic != FS_UFS1_MAGIC && fswritefd != -1 && getosreldate() >= P_OSREL_CK_CYLGRP) { if ((sblock.fs_metackhash & CK_CYLGRP) == 0 && reply("ADD CYLINDER GROUP CHECK-HASH PROTECTION") != 0) { ckhashadd |= CK_CYLGRP; sblock.fs_metackhash |= CK_CYLGRP; } if ((sblock.fs_metackhash & CK_SUPERBLOCK) == 0 && getosreldate() >= P_OSREL_CK_SUPERBLOCK && reply("ADD SUPERBLOCK CHECK-HASH PROTECTION") != 0) { ckhashadd |= CK_SUPERBLOCK; sblock.fs_metackhash |= CK_SUPERBLOCK; } if ((sblock.fs_metackhash & CK_INODE) == 0 && getosreldate() >= P_OSREL_CK_INODE && reply("ADD INODE CHECK-HASH PROTECTION") != 0) { ckhashadd |= CK_INODE; sblock.fs_metackhash |= CK_INODE; } #ifdef notyet if ((sblock.fs_metackhash & CK_INDIR) == 0 && getosreldate() >= P_OSREL_CK_INDIR && reply("ADD INDIRECT BLOCK CHECK-HASH PROTECTION") != 0) { ckhashadd |= CK_INDIR; sblock.fs_metackhash |= CK_INDIR; } if ((sblock.fs_metackhash & CK_DIR) == 0 && getosreldate() >= P_OSREL_CK_DIR && reply("ADD DIRECTORY CHECK-HASH PROTECTION") != 0) { ckhashadd |= CK_DIR; sblock.fs_metackhash |= CK_DIR; } #endif /* notyet */ if (ckhashadd != 0) { sblock.fs_flags |= FS_METACKHASH; sbdirty(); } } /* * Cleared if any questions answered no. Used to decide if * the superblock should be marked clean. */ resolved = 1; /* * 1: scan inodes tallying blocks used */ if (preen == 0 || debug) { printf("** Last Mounted on %s\n", sblock.fs_fsmnt); if (mntp != NULL && mntp->f_flags & MNT_ROOTFS) printf("** Root file system\n"); printf("** Phase 1 - Check Blocks and Sizes\n"); } clock_gettime(CLOCK_REALTIME_PRECISE, &startprog); pass1(); IOstats("Pass1"); /* * 1b: locate first references to duplicates, if any */ if (duplist) { if (preen || usedsoftdep) pfatal("INTERNAL ERROR: DUPS WITH %s%s%s", preen ? "-p" : "", (preen && usedsoftdep) ? " AND " : "", usedsoftdep ? "SOFTUPDATES" : ""); if (preen == 0 || debug) printf("** Phase 1b - Rescan For More DUPS\n"); pass1b(); IOstats("Pass1b"); } /* * 2: traverse directories from root to mark all connected directories */ if (preen == 0 || debug) printf("** Phase 2 - Check Pathnames\n"); pass2(); IOstats("Pass2"); /* * 3: scan inodes looking for disconnected directories */ if (preen == 0 || debug) printf("** Phase 3 - Check Connectivity\n"); pass3(); IOstats("Pass3"); /* * 4: scan inodes looking for disconnected files; check reference counts */ if (preen == 0 || debug) printf("** Phase 4 - Check Reference Counts\n"); pass4(); IOstats("Pass4"); /* * 5: check and repair resource counts in cylinder groups */ if (preen == 0 || debug) printf("** Phase 5 - Check Cyl groups\n"); snapflush(std_checkblkavail); if (cgheader_corrupt) { printf("PHASE 5 SKIPPED DUE TO CORRUPT CYLINDER GROUP " "HEADER(S)\n\n"); } else { pass5(); IOstats("Pass5"); } /* * print out summary statistics */ n_ffree = sblock.fs_cstotal.cs_nffree; n_bfree = sblock.fs_cstotal.cs_nbfree; files = maxino - UFS_ROOTINO - sblock.fs_cstotal.cs_nifree - n_files; blks = n_blks + sblock.fs_ncg * (cgdmin(&sblock, 0) - cgsblock(&sblock, 0)); blks += cgsblock(&sblock, 0) - cgbase(&sblock, 0); blks += howmany(sblock.fs_cssize, sblock.fs_fsize); blks = maxfsblock - (n_ffree + sblock.fs_frag * n_bfree) - blks; if (bkgrdflag && (files > 0 || blks > 0)) { countdirs = sblock.fs_cstotal.cs_ndir - countdirs; pwarn("Reclaimed: %ld directories, %jd files, %jd fragments\n", countdirs, files - countdirs, blks); } pwarn("%ld files, %jd used, %ju free ", (long)n_files, (intmax_t)n_blks, (uintmax_t)n_ffree + sblock.fs_frag * n_bfree); printf("(%ju frags, %ju blocks, %.1f%% fragmentation)\n", (uintmax_t)n_ffree, (uintmax_t)n_bfree, n_ffree * 100.0 / sblock.fs_dsize); if (debug) { if (files < 0) printf("%jd inodes missing\n", -files); if (blks < 0) printf("%jd blocks missing\n", -blks); if (duplist != NULL) { printf("The following duplicate blocks remain:"); for (dp = duplist; dp; dp = dp->next) printf(" %jd,", (intmax_t)dp->dup); printf("\n"); } } duplist = (struct dups *)0; muldup = (struct dups *)0; inocleanup(); if (fsmodified) { sblock.fs_time = time(NULL); sbdirty(); } if (cvtlevel && (sblk.b_flags & B_DIRTY) != 0) { /* * Write out the duplicate super blocks */ if (sbput(fswritefd, &sblock, sblock.fs_ncg) == 0) fsmodified = 1; } if (rerun) resolved = 0; /* * Check to see if the file system is mounted read-write. */ if (bkgrdflag == 0 && mntp != NULL && (mntp->f_flags & MNT_RDONLY) == 0) resolved = 0; ckfini(resolved); if (fsmodified && !preen) printf("\n***** FILE SYSTEM WAS MODIFIED *****\n"); if (rerun) { if (wantrestart && (restarts++ < 10) && (preen || reply("RESTART"))) return (ERESTART); printf("\n***** PLEASE RERUN FSCK *****\n"); } if (chkdoreload(mntp, pwarn) != 0) { if (!fsmodified) return (0); if (!preen) printf("\n***** REBOOT NOW *****\n"); sync(); return (4); } return (rerun ? ERERUN : 0); } /* * If we are to do a background check: * Get the mount point information of the file system * If already clean, return -1 * Check that kernel supports background fsck * Find or create the snapshot directory * Create the snapshot file * Open snapshot * If anything fails print reason and return 0 which exits */ static int setup_bkgrdchk(struct statfs *mntp, int sbreadfailed, char **filesys) { struct stat snapdir; struct group *grp; struct iovec *iov; char errmsg[255]; int iovlen; size_t size; /* Get the mount point information of the file system */ if (mntp == NULL) { pwarn("NOT MOUNTED, CANNOT RUN IN BACKGROUND\n"); return (0); } if ((mntp->f_flags & MNT_RDONLY) != 0) { pwarn("MOUNTED READ-ONLY, CANNOT RUN IN BACKGROUND\n"); return (0); } if ((mntp->f_flags & MNT_SOFTDEP) == 0) { pwarn("NOT USING SOFT UPDATES, CANNOT RUN IN BACKGROUND\n"); return (0); } if (sbreadfailed) { pwarn("SUPERBLOCK READ FAILED, CANNOT RUN IN BACKGROUND\n"); return (0); } if ((sblock.fs_flags & FS_NEEDSFSCK) != 0) { pwarn("FULL FSCK NEEDED, CANNOT RUN IN BACKGROUND\n"); return (0); } if (skipclean && ckclean && (sblock.fs_flags & (FS_UNCLEAN|FS_NEEDSFSCK)) == 0) { /* * file system is clean; * skip snapshot and report it clean */ pwarn("FILE SYSTEM CLEAN; SKIPPING CHECKS\n"); return (-1); } /* Check that kernel supports background fsck */ size = MIBSIZE; if (sysctlnametomib("vfs.ffs.adjrefcnt", adjrefcnt, &size) < 0|| sysctlnametomib("vfs.ffs.adjblkcnt", adjblkcnt, &size) < 0|| sysctlnametomib("vfs.ffs.setsize", setsize, &size) < 0 || sysctlnametomib("vfs.ffs.freefiles", freefiles, &size) < 0|| sysctlnametomib("vfs.ffs.freedirs", freedirs, &size) < 0 || sysctlnametomib("vfs.ffs.freeblks", freeblks, &size) < 0) { pwarn("KERNEL LACKS BACKGROUND FSCK SUPPORT\n"); return (0); } /* * When kernel lacks runtime bgfsck superblock summary * adjustment functionality, it does not mean we can not * continue, as old kernels will recompute the summary at * mount time. However, it will be an unexpected softupdates * inconsistency if it turns out that the summary is still * incorrect. Set a flag so subsequent operation can know this. */ bkgrdsumadj = 1; if (sysctlnametomib("vfs.ffs.adjndir", adjndir, &size) < 0 || sysctlnametomib("vfs.ffs.adjnbfree", adjnbfree, &size) < 0 || sysctlnametomib("vfs.ffs.adjnifree", adjnifree, &size) < 0 || sysctlnametomib("vfs.ffs.adjnffree", adjnffree, &size) < 0 || sysctlnametomib("vfs.ffs.adjnumclusters", adjnumclusters, &size) < 0) { bkgrdsumadj = 0; pwarn("KERNEL LACKS RUNTIME SUPERBLOCK SUMMARY ADJUSTMENT " "SUPPORT\n"); } /* Find or create the snapshot directory */ snprintf(snapname, sizeof snapname, "%s/.snap", mntp->f_mntonname); if (stat(snapname, &snapdir) < 0) { if (errno != ENOENT) { pwarn("CANNOT FIND SNAPSHOT DIRECTORY %s: %s, CANNOT " "RUN IN BACKGROUND\n", snapname, strerror(errno)); return (0); } if ((grp = getgrnam("operator")) == NULL || mkdir(snapname, 0770) < 0 || chown(snapname, -1, grp->gr_gid) < 0 || chmod(snapname, 0770) < 0) { pwarn("CANNOT CREATE SNAPSHOT DIRECTORY %s: %s, " "CANNOT RUN IN BACKGROUND\n", snapname, strerror(errno)); return (0); } } else if (!S_ISDIR(snapdir.st_mode)) { pwarn("%s IS NOT A DIRECTORY, CANNOT RUN IN BACKGROUND\n", snapname); return (0); } /* Create the snapshot file */ iov = NULL; iovlen = 0; errmsg[0] = '\0'; snprintf(snapname, sizeof snapname, "%s/.snap/fsck_snapshot", mntp->f_mntonname); build_iovec(&iov, &iovlen, "fstype", "ffs", 4); build_iovec(&iov, &iovlen, "from", snapname, (size_t)-1); build_iovec(&iov, &iovlen, "fspath", mntp->f_mntonname, (size_t)-1); build_iovec(&iov, &iovlen, "errmsg", errmsg, sizeof(errmsg)); build_iovec(&iov, &iovlen, "update", NULL, 0); build_iovec(&iov, &iovlen, "snapshot", NULL, 0); /* Create snapshot, removing old snapshot if it exists */ while (nmount(iov, iovlen, mntp->f_flags) < 0) { if (errno == EEXIST && unlink(snapname) == 0) continue; pwarn("CANNOT CREATE SNAPSHOT %s: %s %s\n", snapname, strerror(errno), errmsg); return (0); } /* Open snapshot */ if (openfilesys(snapname) == 0) { unlink(snapname); pwarn("CANNOT OPEN SNAPSHOT %s: %s, CANNOT RUN IN " "BACKGROUND\n", snapname, strerror(errno)); return (0); } /* Immediately unlink snapshot so that it will be deleted when closed */ unlink(snapname); free(sblock.fs_csp); free(sblock.fs_si); if (readsb() == 0) { pwarn("CANNOT READ SNAPSHOT SUPERBLOCK\n"); return (0); } *filesys = snapname; cmd.version = FFS_CMD_VERSION; cmd.handle = fsreadfd; return (1); } static void usage(void) { (void) fprintf(stderr, "usage: %s [-BCdEFfnpRrSyZ] [-b block] [-c level] [-m mode] filesystem ...\n", getprogname()); exit(1); } void infohandler(int sig __unused) { got_siginfo = 1; } void alarmhandler(int sig __unused) { got_sigalarm = 1; } diff --git a/sbin/fsck_ffs/pass1.c b/sbin/fsck_ffs/pass1.c index bed9d547f637..99da2db3bc6b 100644 --- a/sbin/fsck_ffs/pass1.c +++ b/sbin/fsck_ffs/pass1.c @@ -1,612 +1,609 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1980, 1986, 1993 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #if 0 -#ifndef lint -static const char sccsid[] = "@(#)pass1.c 8.6 (Berkeley) 4/28/95"; -#endif /* not lint */ #endif #include #include #include #include #include #include #include #include #include #include #include #include "fsck.h" static ufs2_daddr_t badblk; static ufs2_daddr_t dupblk; static ino_t lastino; /* last inode in use */ static int checkinode(ino_t inumber, struct inodesc *, int rebuiltcg); void pass1(void) { struct inostat *info; struct inodesc idesc; struct bufarea *cgbp; struct cg *cgp; ino_t inumber, inosused, mininos; ufs2_daddr_t i, cgd; u_int8_t *cp; int c, rebuiltcg; badblk = dupblk = lastino = 0; /* * Set file system reserved blocks in used block map. */ for (c = 0; c < sblock.fs_ncg; c++) { cgd = cgdmin(&sblock, c); if (c == 0) { i = cgbase(&sblock, c); } else i = cgsblock(&sblock, c); for (; i < cgd; i++) setbmap(i); } i = sblock.fs_csaddr; cgd = i + howmany(sblock.fs_cssize, sblock.fs_fsize); for (; i < cgd; i++) setbmap(i); /* * Find all allocated blocks. */ memset(&idesc, 0, sizeof(struct inodesc)); idesc.id_func = pass1check; n_files = n_blks = 0; for (c = 0; c < sblock.fs_ncg; c++) { inumber = c * sblock.fs_ipg; cgbp = cglookup(c); cgp = cgbp->b_un.b_cg; rebuiltcg = 0; if (!check_cgmagic(c, cgbp)) { if (!reply("REBUILD CYLINDER GROUP")) { cgheader_corrupt = 1; if (!nflag) { pwarn("YOU WILL NEED TO RERUN FSCK.\n"); rerun = 1; } } else { rebuild_cg(c, cgbp); rebuiltcg = 1; } } if (!rebuiltcg && sblock.fs_magic == FS_UFS2_MAGIC) { inosused = cgp->cg_initediblk; if (inosused > sblock.fs_ipg) { pfatal("Too many initialized inodes (%ju > %d) " "in cylinder group %d\nReset to %d\n", (uintmax_t)inosused, sblock.fs_ipg, c, sblock.fs_ipg); inosused = sblock.fs_ipg; } } else { inosused = sblock.fs_ipg; } if (got_siginfo) { printf("%s: phase 1: cyl group %d of %d (%d%%)\n", cdevname, c, sblock.fs_ncg, c * 100 / sblock.fs_ncg); got_siginfo = 0; } if (got_sigalarm) { setproctitle("%s p1 %d%%", cdevname, c * 100 / sblock.fs_ncg); got_sigalarm = 0; } /* * If we are using soft updates, then we can trust the * cylinder group inode allocation maps to tell us which * inodes are allocated. We will scan the used inode map * to find the inodes that are really in use, and then * read only those inodes in from disk. */ if ((preen || inoopt) && usedsoftdep && !rebuiltcg) { cp = &cg_inosused(cgp)[(inosused - 1) / CHAR_BIT]; for ( ; inosused != 0; cp--) { if (*cp == 0) { if (inosused > CHAR_BIT) inosused -= CHAR_BIT; else inosused = 0; continue; } for (i = 1 << (CHAR_BIT - 1); i > 0; i >>= 1) { if (*cp & i) break; inosused--; } break; } } /* * Allocate inoinfo structures for the allocated inodes. */ inostathead[c].il_numalloced = inosused; if (inosused == 0) { inostathead[c].il_stat = NULL; continue; } info = Calloc((unsigned)inosused, sizeof(struct inostat)); if (info == NULL) errx(EEXIT, "cannot alloc %u bytes for inoinfo", (unsigned)(sizeof(struct inostat) * inosused)); inostathead[c].il_stat = info; /* * Scan the allocated inodes. */ setinodebuf(c, inosused); for (i = 0; i < inosused; i++, inumber++) { if (inumber < UFS_ROOTINO) { (void)getnextinode(inumber, rebuiltcg); continue; } /* * NULL return indicates probable end of allocated * inodes during cylinder group rebuild attempt. * We always keep trying until we get to the minimum * valid number for this cylinder group. */ if (checkinode(inumber, &idesc, rebuiltcg) == 0 && i > cgp->cg_initediblk) break; } /* * This optimization speeds up future runs of fsck * by trimming down the number of inodes in cylinder * groups that formerly had many inodes but now have * fewer in use. */ mininos = roundup(inosused + INOPB(&sblock), INOPB(&sblock)); if (inoopt && !preen && !rebuiltcg && sblock.fs_magic == FS_UFS2_MAGIC && cgp->cg_initediblk > 2 * INOPB(&sblock) && mininos < cgp->cg_initediblk) { i = cgp->cg_initediblk; if (mininos < 2 * INOPB(&sblock)) cgp->cg_initediblk = 2 * INOPB(&sblock); else cgp->cg_initediblk = mininos; pwarn("CYLINDER GROUP %d: RESET FROM %ju TO %d %s\n", c, i, cgp->cg_initediblk, "VALID INODES"); cgdirty(cgbp); } if (inosused < sblock.fs_ipg) continue; lastino += 1; if (lastino < (c * sblock.fs_ipg)) inosused = 0; else inosused = lastino - (c * sblock.fs_ipg); if (rebuiltcg && inosused > cgp->cg_initediblk && sblock.fs_magic == FS_UFS2_MAGIC) { cgp->cg_initediblk = roundup(inosused, INOPB(&sblock)); pwarn("CYLINDER GROUP %d: FOUND %d VALID INODES\n", c, cgp->cg_initediblk); } /* * If we were not able to determine in advance which inodes * were in use, then reduce the size of the inoinfo structure * to the size necessary to describe the inodes that we * really found. Always leave map space in the first cylinder * group in case we need to a root or lost+found directory. */ if (inumber == lastino || c == 0) continue; inostathead[c].il_numalloced = inosused; if (inosused == 0) { free(inostathead[c].il_stat); inostathead[c].il_stat = NULL; continue; } info = Calloc((unsigned)inosused, sizeof(struct inostat)); if (info == NULL) errx(EEXIT, "cannot alloc %u bytes for inoinfo", (unsigned)(sizeof(struct inostat) * inosused)); memmove(info, inostathead[c].il_stat, inosused * sizeof(*info)); free(inostathead[c].il_stat); inostathead[c].il_stat = info; } freeinodebuf(); } static int checkinode(ino_t inumber, struct inodesc *idesc, int rebuiltcg) { struct inode ip; union dinode *dp; ufs2_daddr_t ndb; mode_t mode; intmax_t size, fixsize; int j, ret, offset; if ((dp = getnextinode(inumber, rebuiltcg)) == NULL) { pfatal("INVALID INODE"); goto unknown; } mode = DIP(dp, di_mode) & IFMT; if (mode == 0) { if ((sblock.fs_magic == FS_UFS1_MAGIC && (memcmp(dp->dp1.di_db, zino.dp1.di_db, UFS_NDADDR * sizeof(ufs1_daddr_t)) || memcmp(dp->dp1.di_ib, zino.dp1.di_ib, UFS_NIADDR * sizeof(ufs1_daddr_t)) || dp->dp1.di_mode || dp->dp1.di_size)) || (sblock.fs_magic == FS_UFS2_MAGIC && (memcmp(dp->dp2.di_db, zino.dp2.di_db, UFS_NDADDR * sizeof(ufs2_daddr_t)) || memcmp(dp->dp2.di_ib, zino.dp2.di_ib, UFS_NIADDR * sizeof(ufs2_daddr_t)) || dp->dp2.di_mode || dp->dp2.di_size))) { pfatal("PARTIALLY ALLOCATED INODE I=%lu", (u_long)inumber); if (reply("CLEAR") == 1) { ginode(inumber, &ip); clearinode(ip.i_dp); inodirty(&ip); irelse(&ip); } } inoinfo(inumber)->ino_state = USTATE; return (1); } lastino = inumber; if (chkfilesize(mode, DIP(dp, di_size)) == 0) { pfatal("BAD FILE SIZE"); goto unknown; } if (!preen && mode == IFMT && reply("HOLD BAD BLOCK") == 1) { ginode(inumber, &ip); dp = ip.i_dp; DIP_SET(dp, di_size, sblock.fs_fsize); DIP_SET(dp, di_mode, IFREG|0600); inodirty(&ip); irelse(&ip); } if ((mode == IFBLK || mode == IFCHR || mode == IFIFO || mode == IFSOCK) && DIP(dp, di_size) != 0) { if (debug) printf("bad special-file size %ju:", (uintmax_t)DIP(dp, di_size)); pfatal("BAD SPECIAL-FILE SIZE"); goto unknown; } if ((mode == IFBLK || mode == IFCHR) && (dev_t)DIP(dp, di_rdev) == NODEV) { if (debug) printf("bad special-file rdev NODEV:"); pfatal("BAD SPECIAL-FILE RDEV"); goto unknown; } ndb = howmany(DIP(dp, di_size), sblock.fs_bsize); if (ndb < 0) { if (debug) printf("negative size %ju ndb %ju:", (uintmax_t)DIP(dp, di_size), (uintmax_t)ndb); pfatal("NEGATIVE FILE SIZE"); goto unknown; } if (mode == IFBLK || mode == IFCHR) ndb++; if (mode == IFLNK) { /* * Fake ndb value so direct/indirect block checks below * will detect any garbage after symlink string. */ if (DIP(dp, di_size) < (off_t)sblock.fs_maxsymlinklen) { if (sblock.fs_magic == FS_UFS1_MAGIC) ndb = howmany(DIP(dp, di_size), sizeof(ufs1_daddr_t)); else ndb = howmany(DIP(dp, di_size), sizeof(ufs2_daddr_t)); if (ndb > UFS_NDADDR) { j = ndb - UFS_NDADDR; for (ndb = 1; j > 1; j--) ndb *= NINDIR(&sblock); ndb += UFS_NDADDR; } } } for (j = ndb; ndb < UFS_NDADDR && j < UFS_NDADDR; j++) { if (DIP(dp, di_db[j]) == 0) continue; if (debug) printf("invalid direct addr[%d]: %ju\n", j, (uintmax_t)DIP(dp, di_db[j])); pfatal("INVALID DIRECT BLOCK"); ginode(inumber, &ip); prtinode(&ip); if (reply("CLEAR") == 1) { DIP_SET(ip.i_dp, di_db[j], 0); inodirty(&ip); } irelse(&ip); } for (j = 0, ndb -= UFS_NDADDR; ndb > 0; j++) ndb /= NINDIR(&sblock); for (; j < UFS_NIADDR; j++) { if (DIP(dp, di_ib[j]) == 0) continue; if (debug) printf("invalid indirect addr: %ju\n", (uintmax_t)DIP(dp, di_ib[j])); pfatal("INVALID INDIRECT BLOCK"); ginode(inumber, &ip); prtinode(&ip); if (reply("CLEAR") == 1) { DIP_SET(ip.i_dp, di_ib[j], 0); inodirty(&ip); } irelse(&ip); } if (ftypeok(dp) == 0) { pfatal("UNKNOWN FILE TYPE"); goto unknown; } n_files++; inoinfo(inumber)->ino_linkcnt = DIP(dp, di_nlink); if (mode == IFDIR) { if (DIP(dp, di_size) == 0) { inoinfo(inumber)->ino_state = DCLEAR; } else if (DIP(dp, di_nlink) == 0) { inoinfo(inumber)->ino_state = DZLINK; } else { inoinfo(inumber)->ino_state = DSTATE; } cacheino(dp, inumber); countdirs++; } else if (DIP(dp, di_nlink) <= 0) inoinfo(inumber)->ino_state = FZLINK; else inoinfo(inumber)->ino_state = FSTATE; inoinfo(inumber)->ino_type = IFTODT(mode); badblk = dupblk = 0; idesc->id_number = inumber; if (DIP(dp, di_flags) & SF_SNAPSHOT) inoinfo(inumber)->ino_idtype = SNAP; else inoinfo(inumber)->ino_idtype = ADDR; idesc->id_type = inoinfo(inumber)->ino_idtype; (void)ckinode(dp, idesc); if (sblock.fs_magic == FS_UFS2_MAGIC && dp->dp2.di_extsize > 0) { ndb = howmany(dp->dp2.di_extsize, sblock.fs_bsize); for (j = 0; j < UFS_NXADDR; j++) { if (--ndb == 0 && (offset = blkoff(&sblock, dp->dp2.di_extsize)) != 0) idesc->id_numfrags = numfrags(&sblock, fragroundup(&sblock, offset)); else idesc->id_numfrags = sblock.fs_frag; if (dp->dp2.di_extb[j] == 0) continue; idesc->id_blkno = dp->dp2.di_extb[j]; ret = (*idesc->id_func)(idesc); if (ret & STOP) break; } } if (sblock.fs_magic == FS_UFS2_MAGIC) eascan(idesc, &dp->dp2); idesc->id_entryno *= btodb(sblock.fs_fsize); if (DIP(dp, di_blocks) != idesc->id_entryno) { pwarn("INCORRECT BLOCK COUNT I=%lu (%ju should be %ju)", (u_long)inumber, (uintmax_t)DIP(dp, di_blocks), (uintmax_t)idesc->id_entryno); if (preen) printf(" (CORRECTED)\n"); else if (reply("CORRECT") == 0) return (1); if (bkgrdflag == 0) { ginode(inumber, &ip); DIP_SET(ip.i_dp, di_blocks, idesc->id_entryno); inodirty(&ip); irelse(&ip); } else { cmd.value = idesc->id_number; cmd.size = idesc->id_entryno - DIP(dp, di_blocks); if (debug) printf("adjblkcnt ino %ju amount %lld\n", (uintmax_t)cmd.value, (long long)cmd.size); if (sysctl(adjblkcnt, MIBSIZE, 0, 0, &cmd, sizeof cmd) == -1) rwerror("ADJUST INODE BLOCK COUNT", cmd.value); } } /* * UFS does not allow files to end with a hole; it requires that * the last block of a file be allocated. The last allocated block * in a file is tracked in id_lballoc. Here, we check for a size * past the last allocated block of the file and if that is found, * shorten the file to reference the last allocated block to avoid * having it reference a hole at its end. * * Soft updates will always ensure that the file size is correct * for files that contain only direct block pointers. However * soft updates does not roll back sizes for files with indirect * blocks that it has set to unallocated because their contents * have not yet been written to disk. Hence, the file can appear * to have a hole at its end because the block pointer has been * rolled back to zero. Thus finding a hole at the end of a file * that is located in an indirect block receives only a warning * while finding a hole at the end of a file in a direct block * receives a fatal error message. */ size = DIP(dp, di_size); if (idesc->id_lballoc < lblkno(&sblock, size - 1) && /* exclude embedded symbolic links */ ((mode != IFLNK) || size >= sblock.fs_maxsymlinklen)) { fixsize = lblktosize(&sblock, idesc->id_lballoc + 1); if (size > UFS_NDADDR * sblock.fs_bsize) pwarn("INODE %lu: FILE SIZE %ju BEYOND END OF " "ALLOCATED FILE, SIZE SHOULD BE %ju", (u_long)inumber, size, fixsize); else pfatal("INODE %lu: FILE SIZE %ju BEYOND END OF " "ALLOCATED FILE, SIZE SHOULD BE %ju", (u_long)inumber, size, fixsize); if (preen) printf(" (ADJUSTED)\n"); else if (reply("ADJUST") == 0) return (1); if (bkgrdflag == 0) { ginode(inumber, &ip); DIP_SET(ip.i_dp, di_size, fixsize); inodirty(&ip); irelse(&ip); } else { cmd.value = idesc->id_number; cmd.size = fixsize; if (debug) printf("setsize ino %ju size set to %ju\n", (uintmax_t)cmd.value, (uintmax_t)cmd.size); if (sysctl(setsize, MIBSIZE, 0, 0, &cmd, sizeof cmd) == -1) rwerror("SET INODE SIZE", cmd.value); } } return (1); unknown: ginode(inumber, &ip); prtinode(&ip); inoinfo(inumber)->ino_state = USTATE; if (reply("CLEAR") == 1) { clearinode(ip.i_dp); inodirty(&ip); } irelse(&ip); return (1); } int pass1check(struct inodesc *idesc) { int res = KEEPON; int anyout, nfrags; ufs2_daddr_t blkno = idesc->id_blkno; struct dups *dlp; struct dups *new; if (idesc->id_type == SNAP) { if (blkno == BLK_NOCOPY) return (KEEPON); if (idesc->id_number == cursnapshot) { if (blkno == blkstofrags(&sblock, idesc->id_lbn)) return (KEEPON); if (blkno == BLK_SNAP) { blkno = blkstofrags(&sblock, idesc->id_lbn); idesc->id_entryno -= idesc->id_numfrags; } } else { if (blkno == BLK_SNAP) return (KEEPON); } } if ((anyout = chkrange(blkno, idesc->id_numfrags)) != 0) { blkerror(idesc->id_number, "BAD", blkno); if (badblk++ >= MAXBAD) { pwarn("EXCESSIVE BAD BLKS I=%lu", (u_long)idesc->id_number); if (preen) printf(" (SKIPPING)\n"); else if (reply("CONTINUE") == 0) { ckfini(0); exit(EEXIT); } rerun = 1; return (STOP); } } for (nfrags = idesc->id_numfrags; nfrags > 0; blkno++, nfrags--) { if (anyout && chkrange(blkno, 1)) { res = SKIP; } else if (!testbmap(blkno)) { n_blks++; setbmap(blkno); } else { blkerror(idesc->id_number, "DUP", blkno); if (dupblk++ >= MAXDUP) { pwarn("EXCESSIVE DUP BLKS I=%lu", (u_long)idesc->id_number); if (preen) printf(" (SKIPPING)\n"); else if (reply("CONTINUE") == 0) { ckfini(0); exit(EEXIT); } rerun = 1; return (STOP); } new = (struct dups *)Malloc(sizeof(struct dups)); if (new == NULL) { pfatal("DUP TABLE OVERFLOW."); if (reply("CONTINUE") == 0) { ckfini(0); exit(EEXIT); } rerun = 1; return (STOP); } new->dup = blkno; if (muldup == NULL) { duplist = muldup = new; new->next = NULL; } else { new->next = muldup->next; muldup->next = new; } for (dlp = duplist; dlp != muldup; dlp = dlp->next) if (dlp->dup == blkno) break; if (dlp == muldup && dlp->dup != blkno) muldup = new; } /* * count the number of blocks found in id_entryno */ idesc->id_entryno++; } if (idesc->id_level == 0 && idesc->id_lballoc < idesc->id_lbn) idesc->id_lballoc = idesc->id_lbn; return (res); } diff --git a/sbin/fsck_ffs/pass1b.c b/sbin/fsck_ffs/pass1b.c index c1af6158f92c..fe6acd4c27db 100644 --- a/sbin/fsck_ffs/pass1b.c +++ b/sbin/fsck_ffs/pass1b.c @@ -1,123 +1,120 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1980, 1986, 1993 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #if 0 -#ifndef lint -static const char sccsid[] = "@(#)pass1b.c 8.4 (Berkeley) 4/28/95"; -#endif /* not lint */ #endif #include #include #include #include #include #include "fsck.h" static struct dups *duphead; static int pass1bcheck(struct inodesc *); void pass1b(void) { int c, i; union dinode *dp; struct inodesc idesc; ino_t inumber, inosused; memset(&idesc, 0, sizeof(struct inodesc)); idesc.id_func = pass1bcheck; duphead = duplist; for (c = 0; c < sblock.fs_ncg; c++) { if (got_siginfo) { printf("%s: phase 1b: cyl group %d of %d (%d%%)\n", cdevname, c, sblock.fs_ncg, c * 100 / sblock.fs_ncg); got_siginfo = 0; } if (got_sigalarm) { setproctitle("%s p1b %d%%", cdevname, c * 100 / sblock.fs_ncg); got_sigalarm = 0; } inosused = inostathead[c].il_numalloced; if (inosused == 0) continue; setinodebuf(c, inosused); inumber = c * sblock.fs_ipg; for (i = 0; i < inosused; i++, inumber++) { if (inumber < UFS_ROOTINO) { (void)getnextinode(inumber, 0); continue; } dp = getnextinode(inumber, 0); idesc.id_number = inumber; idesc.id_type = inoinfo(inumber)->ino_idtype; if (inoinfo(inumber)->ino_state != USTATE && (ckinode(dp, &idesc) & STOP)) { rerun = 1; freeinodebuf(); return; } } } freeinodebuf(); } static int pass1bcheck(struct inodesc *idesc) { struct dups *dlp; int nfrags, res = KEEPON; ufs2_daddr_t blkno = idesc->id_blkno; for (nfrags = idesc->id_numfrags; nfrags > 0; blkno++, nfrags--) { if (chkrange(blkno, 1)) res = SKIP; for (dlp = duphead; dlp; dlp = dlp->next) { if (dlp->dup == blkno) { blkerror(idesc->id_number, "DUP", blkno); dlp->dup = duphead->dup; duphead->dup = blkno; duphead = duphead->next; } if (dlp == muldup) break; } if (muldup == NULL || duphead == muldup->next) { rerun = 1; return (STOP); } } return (res); } diff --git a/sbin/fsck_ffs/pass2.c b/sbin/fsck_ffs/pass2.c index 977ee1b1c61e..d92bf22c4394 100644 --- a/sbin/fsck_ffs/pass2.c +++ b/sbin/fsck_ffs/pass2.c @@ -1,737 +1,734 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1980, 1986, 1993 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #if 0 -#ifndef lint -static const char sccsid[] = "@(#)pass2.c 8.9 (Berkeley) 4/28/95"; -#endif /* not lint */ #endif #include #include #include #include #include #include #include #include #include #include #include "fsck.h" #define MINDIRSIZE (sizeof (struct dirtemplate)) static int fix_extraneous(struct inoinfo *, struct inodesc *); static int deleteentry(struct inodesc *); static int blksort(const void *, const void *); static int pass2check(struct inodesc *); void pass2(void) { struct inode ip; union dinode *dp; struct inoinfo **inpp, *inp; struct inoinfo **inpend; struct inodesc curino; union dinode dino; int i; char pathbuf[MAXPATHLEN + 1]; switch (inoinfo(UFS_ROOTINO)->ino_state) { case USTATE: pfatal("ROOT INODE UNALLOCATED"); if (reply("ALLOCATE") == 0) { ckfini(0); exit(EEXIT); } if (allocdir(UFS_ROOTINO, UFS_ROOTINO, 0755) != UFS_ROOTINO) errx(EEXIT, "CANNOT ALLOCATE ROOT INODE"); break; case DCLEAR: pfatal("DUPS/BAD IN ROOT INODE"); if (reply("REALLOCATE")) { freedirino(UFS_ROOTINO, UFS_ROOTINO); if (allocdir(UFS_ROOTINO, UFS_ROOTINO, 0755) != UFS_ROOTINO) errx(EEXIT, "CANNOT ALLOCATE ROOT INODE"); break; } if (reply("CONTINUE") == 0) { ckfini(0); exit(EEXIT); } break; case FSTATE: case FCLEAR: case FZLINK: pfatal("ROOT INODE NOT DIRECTORY"); if (reply("REALLOCATE")) { freeino(UFS_ROOTINO); if (allocdir(UFS_ROOTINO, UFS_ROOTINO, 0755) != UFS_ROOTINO) errx(EEXIT, "CANNOT ALLOCATE ROOT INODE"); break; } if (reply("FIX") == 0) { ckfini(0); exit(EEXIT); } ginode(UFS_ROOTINO, &ip); dp = ip.i_dp; DIP_SET(dp, di_mode, DIP(dp, di_mode) & ~IFMT); DIP_SET(dp, di_mode, DIP(dp, di_mode) | IFDIR); inodirty(&ip); irelse(&ip); break; case DSTATE: case DZLINK: break; default: errx(EEXIT, "BAD STATE %d FOR ROOT INODE", inoinfo(UFS_ROOTINO)->ino_state); } inoinfo(UFS_ROOTINO)->ino_state = DFOUND; inoinfo(UFS_WINO)->ino_state = FSTATE; inoinfo(UFS_WINO)->ino_type = DT_WHT; /* * Sort the directory list into disk block order. */ qsort((char *)inpsort, (size_t)inplast, sizeof *inpsort, blksort); /* * Check the integrity of each directory. */ memset(&curino, 0, sizeof(struct inodesc)); curino.id_type = DATA; curino.id_func = pass2check; inpend = &inpsort[inplast]; for (inpp = inpsort; inpp < inpend; inpp++) { if (got_siginfo) { printf("%s: phase 2: dir %td of %d (%d%%)\n", cdevname, inpp - inpsort, (int)inplast, (int)((inpp - inpsort) * 100 / inplast)); got_siginfo = 0; } if (got_sigalarm) { setproctitle("%s p2 %d%%", cdevname, (int)((inpp - inpsort) * 100 / inplast)); got_sigalarm = 0; } inp = *inpp; if (inp->i_isize == 0) continue; if (inp->i_isize < MINDIRSIZE) { direrror(inp->i_number, "DIRECTORY TOO SHORT"); inp->i_isize = roundup(MINDIRSIZE, DIRBLKSIZ); if (reply("FIX") == 1) { ginode(inp->i_number, &ip); DIP_SET(ip.i_dp, di_size, inp->i_isize); inodirty(&ip); irelse(&ip); } } else if ((inp->i_isize & (DIRBLKSIZ - 1)) != 0) { getpathname(pathbuf, inp->i_number, inp->i_number); if (usedsoftdep) pfatal("%s %s: LENGTH %jd NOT MULTIPLE OF %d", "DIRECTORY", pathbuf, (intmax_t)inp->i_isize, DIRBLKSIZ); else pwarn("%s %s: LENGTH %jd NOT MULTIPLE OF %d", "DIRECTORY", pathbuf, (intmax_t)inp->i_isize, DIRBLKSIZ); if (preen) printf(" (ADJUSTED)\n"); inp->i_isize = roundup(inp->i_isize, DIRBLKSIZ); if (preen || reply("ADJUST") == 1) { ginode(inp->i_number, &ip); DIP_SET(ip.i_dp, di_size, roundup(inp->i_isize, DIRBLKSIZ)); inodirty(&ip); irelse(&ip); } } dp = &dino; memset(dp, 0, sizeof(struct ufs2_dinode)); DIP_SET(dp, di_mode, IFDIR); DIP_SET(dp, di_size, inp->i_isize); for (i = 0; i < MIN(inp->i_numblks, UFS_NDADDR); i++) DIP_SET(dp, di_db[i], inp->i_blks[i]); if (inp->i_numblks > UFS_NDADDR) for (i = 0; i < UFS_NIADDR; i++) DIP_SET(dp, di_ib[i], inp->i_blks[UFS_NDADDR + i]); curino.id_number = inp->i_number; curino.id_parent = inp->i_parent; (void)ckinode(dp, &curino); } /* * Now that the parents of all directories have been found, * make another pass to verify the value of `..' */ for (inpp = inpsort; inpp < inpend; inpp++) { inp = *inpp; if (inp->i_parent == 0 || inp->i_isize == 0) continue; if (inoinfo(inp->i_parent)->ino_state == DFOUND && INO_IS_DUNFOUND(inp->i_number)) { inoinfo(inp->i_number)->ino_state = DFOUND; check_dirdepth(inp); } if (inp->i_dotdot == inp->i_parent || inp->i_dotdot == (ino_t)-1) continue; if (inp->i_dotdot == 0) { inp->i_dotdot = inp->i_parent; if (debug) fileerror(inp->i_parent, inp->i_number, "DEFERRED MISSING '..' FIX"); (void)makeentry(inp->i_number, inp->i_parent, ".."); inoinfo(inp->i_parent)->ino_linkcnt--; continue; } /* * Here we have: * inp->i_number is directory with bad ".." in it. * inp->i_dotdot is current value of "..". * inp->i_parent is directory to which ".." should point. */ getpathname(pathbuf, inp->i_parent, inp->i_number); printf("BAD INODE NUMBER FOR '..' in DIR I=%ju (%s)\n", (uintmax_t)inp->i_number, pathbuf); getpathname(pathbuf, inp->i_dotdot, inp->i_dotdot); printf("CURRENTLY POINTS TO I=%ju (%s), ", (uintmax_t)inp->i_dotdot, pathbuf); getpathname(pathbuf, inp->i_parent, inp->i_parent); printf("SHOULD POINT TO I=%ju (%s)", (uintmax_t)inp->i_parent, pathbuf); if (cursnapshot != 0) { /* * We need to: * setcwd(inp->i_number); * setdotdot(inp->i_dotdot, inp->i_parent); */ cmd.value = inp->i_number; if (sysctlbyname("vfs.ffs.setcwd", 0, 0, &cmd, sizeof cmd) == -1) { /* kernel lacks support for these functions */ printf(" (IGNORED)\n"); continue; } cmd.value = inp->i_dotdot; /* verify same value */ cmd.size = inp->i_parent; /* new parent */ if (sysctlbyname("vfs.ffs.setdotdot", 0, 0, &cmd, sizeof cmd) == -1) { printf(" (FIX FAILED: %s)\n", strerror(errno)); continue; } printf(" (FIXED)\n"); inoinfo(inp->i_parent)->ino_linkcnt--; inp->i_dotdot = inp->i_parent; continue; } if (preen) printf(" (FIXED)\n"); else if (reply("FIX") == 0) continue; inoinfo(inp->i_dotdot)->ino_linkcnt++; inoinfo(inp->i_parent)->ino_linkcnt--; inp->i_dotdot = inp->i_parent; (void)changeino(inp->i_number, "..", inp->i_parent, getinoinfo(inp->i_parent)->i_depth + 1); } /* * Mark all the directories that can be found from the root. */ propagate(); } static int pass2check(struct inodesc *idesc) { struct direct *dirp = idesc->id_dirp; char dirname[MAXPATHLEN + 1]; struct inoinfo *inp; int n, entrysize, ret = 0; struct inode ip; union dinode *dp; const char *errmsg; struct direct proto, *newdirp; /* * check for "." */ if (idesc->id_entryno != 0) goto chk1; if (dirp->d_ino != 0 && strcmp(dirp->d_name, ".") == 0) { if (dirp->d_ino != idesc->id_number) { direrror(idesc->id_number, "BAD INODE NUMBER FOR '.'"); if (reply("FIX") == 1) { dirp->d_ino = idesc->id_number; ret |= ALTERED; } } if (dirp->d_type != DT_DIR) { direrror(idesc->id_number, "BAD TYPE VALUE FOR '.'"); if (reply("FIX") == 1) { dirp->d_type = DT_DIR; ret |= ALTERED; } } goto chk1; } proto.d_ino = idesc->id_number; proto.d_type = DT_DIR; proto.d_namlen = 1; (void)strcpy(proto.d_name, "."); entrysize = DIRSIZ(0, &proto); direrror(idesc->id_number, "MISSING '.'"); errmsg = "ADD '.' ENTRY"; if (dirp->d_reclen < entrysize + DIRSIZ(0, dirp)) { /* Not enough space to add '.', replace first entry with '.' */ if (dirp->d_ino != 0) { pwarn("\nFIRST ENTRY IN DIRECTORY CONTAINS %s\n", dirp->d_name); errmsg = "REPLACE WITH '.'"; } if (reply(errmsg) == 0) goto chk1; proto.d_reclen = dirp->d_reclen; memmove(dirp, &proto, (size_t)entrysize); ret |= ALTERED; } else { /* Move over first entry and add '.' entry */ if (reply(errmsg) == 0) goto chk1; newdirp = (struct direct *)((char *)(dirp) + entrysize); dirp->d_reclen -= entrysize; memmove(newdirp, dirp, dirp->d_reclen); proto.d_reclen = entrysize; memmove(dirp, &proto, (size_t)entrysize); idesc->id_entryno++; inoinfo(idesc->id_number)->ino_linkcnt--; dirp = newdirp; ret |= ALTERED; } chk1: if (idesc->id_entryno > 1) goto chk2; inp = getinoinfo(idesc->id_number); proto.d_ino = inp->i_parent; proto.d_type = DT_DIR; proto.d_namlen = 2; (void)strcpy(proto.d_name, ".."); entrysize = DIRSIZ(0, &proto); if (idesc->id_entryno == 0) { n = DIRSIZ(0, dirp); if (dirp->d_reclen < n + entrysize) goto chk2; proto.d_reclen = dirp->d_reclen - n; dirp->d_reclen = n; idesc->id_entryno++; inoinfo(dirp->d_ino)->ino_linkcnt--; dirp = (struct direct *)((char *)(dirp) + n); memset(dirp, 0, (size_t)proto.d_reclen); dirp->d_reclen = proto.d_reclen; } if (dirp->d_ino != 0 && strcmp(dirp->d_name, "..") == 0) { if (dirp->d_ino >= maxino) { direrror(idesc->id_number, "BAD INODE NUMBER FOR '..'"); /* * If we know parent set it now, otherwise let it * point to the root inode and it will get cleaned * up later if that is not correct. */ if (inp->i_parent != 0) dirp->d_ino = inp->i_parent; else dirp->d_ino = UFS_ROOTINO; if (reply("FIX") == 1) ret |= ALTERED; } inp->i_dotdot = dirp->d_ino; if (dirp->d_type != DT_DIR) { direrror(idesc->id_number, "BAD TYPE VALUE FOR '..'"); dirp->d_type = DT_DIR; if (reply("FIX") == 1) ret |= ALTERED; } goto chk2; } fileerror(inp->i_parent != 0 ? inp->i_parent : idesc->id_number, idesc->id_number, "MISSING '..'"); errmsg = "ADD '..' ENTRY"; if (dirp->d_reclen < entrysize + DIRSIZ(0, dirp)) { /* No space to add '..', replace second entry with '..' */ if (dirp->d_ino != 0) { pfatal("SECOND ENTRY IN DIRECTORY CONTAINS %s\n", dirp->d_name); errmsg = "REPLACE WITH '..'"; } if (reply(errmsg) == 0) { inp->i_dotdot = (ino_t)-1; goto chk2; } if (proto.d_ino == 0) { /* Defer processing until parent known */ idesc->id_entryno++; if (debug) printf("(FIX DEFERRED)\n"); } inp->i_dotdot = proto.d_ino; proto.d_reclen = dirp->d_reclen; memmove(dirp, &proto, (size_t)entrysize); ret |= ALTERED; } else { /* Move over second entry and add '..' entry */ if (reply(errmsg) == 0) { inp->i_dotdot = (ino_t)-1; goto chk2; } if (proto.d_ino == 0) { /* Defer processing until parent known */ idesc->id_entryno++; if (debug) printf("(FIX DEFERRED)\n"); } inp->i_dotdot = proto.d_ino; if (dirp->d_ino == 0) { proto.d_reclen = dirp->d_reclen; memmove(dirp, &proto, (size_t)entrysize); } else { newdirp = (struct direct *)((char *)(dirp) + entrysize); dirp->d_reclen -= entrysize; memmove(newdirp, dirp, dirp->d_reclen); proto.d_reclen = entrysize; memmove(dirp, &proto, (size_t)entrysize); if (dirp->d_ino != 0) { idesc->id_entryno++; inoinfo(dirp->d_ino)->ino_linkcnt--; } dirp = newdirp; } ret |= ALTERED; } chk2: if (dirp->d_ino == 0) return (ret|KEEPON); if (dirp->d_namlen <= 2 && dirp->d_name[0] == '.' && idesc->id_entryno >= 2) { if (dirp->d_namlen == 1) { direrror(idesc->id_number, "EXTRA '.' ENTRY"); dirp->d_ino = 0; if (reply("FIX") == 1) ret |= ALTERED; return (KEEPON | ret); } if (dirp->d_name[1] == '.') { direrror(idesc->id_number, "EXTRA '..' ENTRY"); dirp->d_ino = 0; if (reply("FIX") == 1) ret |= ALTERED; return (KEEPON | ret); } } idesc->id_entryno++; n = 0; if (dirp->d_ino >= maxino) { fileerror(idesc->id_number, dirp->d_ino, "I OUT OF RANGE"); n = reply("REMOVE"); } else if (((dirp->d_ino == UFS_WINO && dirp->d_type != DT_WHT) || (dirp->d_ino != UFS_WINO && dirp->d_type == DT_WHT))) { fileerror(idesc->id_number, dirp->d_ino, "BAD WHITEOUT ENTRY"); dirp->d_ino = UFS_WINO; dirp->d_type = DT_WHT; if (reply("FIX") == 1) ret |= ALTERED; } else { again: switch (inoinfo(dirp->d_ino)->ino_state) { case USTATE: if (idesc->id_entryno <= 2) break; fileerror(idesc->id_number, dirp->d_ino, "UNALLOCATED"); n = reply("REMOVE"); break; case DCLEAR: case FCLEAR: if (idesc->id_entryno <= 2) break; if (inoinfo(dirp->d_ino)->ino_state == FCLEAR) errmsg = "DUP/BAD"; else if (!preen && !usedsoftdep) errmsg = "ZERO LENGTH DIRECTORY"; else if (cursnapshot == 0) { n = 1; break; } else { getpathname(dirname, idesc->id_number, dirp->d_ino); pwarn("ZERO LENGTH DIRECTORY %s I=%ju", dirname, (uintmax_t)dirp->d_ino); /* * We need to: * setcwd(idesc->id_parent); * rmdir(dirp->d_name); */ cmd.value = idesc->id_number; if (sysctlbyname("vfs.ffs.setcwd", 0, 0, &cmd, sizeof cmd) == -1) { /* kernel lacks support */ printf(" (IGNORED)\n"); n = 1; break; } if (rmdir(dirp->d_name) == -1) { printf(" (REMOVAL FAILED: %s)\n", strerror(errno)); n = 1; break; } /* ".." reference to parent is removed */ inoinfo(idesc->id_number)->ino_linkcnt--; printf(" (REMOVED)\n"); break; } fileerror(idesc->id_number, dirp->d_ino, errmsg); if ((n = reply("REMOVE")) == 1) break; ginode(dirp->d_ino, &ip); dp = ip.i_dp; inoinfo(dirp->d_ino)->ino_state = (DIP(dp, di_mode) & IFMT) == IFDIR ? DSTATE : FSTATE; inoinfo(dirp->d_ino)->ino_linkcnt = DIP(dp, di_nlink); irelse(&ip); goto again; case DSTATE: case DZLINK: if (inoinfo(idesc->id_number)->ino_state == DFOUND) inoinfo(dirp->d_ino)->ino_state = DFOUND; /* FALLTHROUGH */ case DFOUND: inp = getinoinfo(dirp->d_ino); if (idesc->id_entryno > 2) { if (inp->i_parent == 0) { inp->i_parent = idesc->id_number; check_dirdepth(inp); } else if ((n = fix_extraneous(inp, idesc))) { break; } } /* FALLTHROUGH */ case FSTATE: case FZLINK: if (dirp->d_type != inoinfo(dirp->d_ino)->ino_type) { fileerror(idesc->id_number, dirp->d_ino, "BAD TYPE VALUE"); dirp->d_type = inoinfo(dirp->d_ino)->ino_type; if (reply("FIX") == 1) ret |= ALTERED; } inoinfo(dirp->d_ino)->ino_linkcnt--; break; default: errx(EEXIT, "BAD STATE %d FOR INODE I=%ju", inoinfo(dirp->d_ino)->ino_state, (uintmax_t)dirp->d_ino); } } if (n == 0) return (ret|KEEPON); dirp->d_ino = 0; return (ret|KEEPON|ALTERED); } static int fix_extraneous(struct inoinfo *inp, struct inodesc *idesc) { char *cp; struct inode ip; struct inodesc dotdesc; char oldname[MAXPATHLEN + 1]; char newname[MAXPATHLEN + 1]; /* * If we have not yet found "..", look it up now so we know * which inode the directory itself believes is its parent. */ if (inp->i_dotdot == 0) { memset(&dotdesc, 0, sizeof(struct inodesc)); dotdesc.id_type = DATA; dotdesc.id_number = idesc->id_dirp->d_ino; dotdesc.id_func = findino; dotdesc.id_name = strdup(".."); ginode(dotdesc.id_number, &ip); if ((ckinode(ip.i_dp, &dotdesc) & FOUND)) inp->i_dotdot = dotdesc.id_parent; irelse(&ip); free(dotdesc.id_name); } /* * We have the previously found old name (inp->i_parent) and the * just found new name (idesc->id_number). We have five cases: * 1) ".." is missing - can remove either name, choose to delete * new one and let fsck create ".." pointing to old name. * 2) Both new and old are in same directory, choose to delete * the new name and let fsck fix ".." if it is wrong. * 3) ".." does not point to the new name, so delete it and let * fsck fix ".." to point to the old one if it is wrong. * 4) ".." points to the old name only, so delete the new one. * 5) ".." points to the new name only, so delete the old one. * * For cases 1-4 we eliminate the new name; * for case 5 we eliminate the old name. */ if (inp->i_dotdot == 0 || /* Case 1 */ idesc->id_number == inp->i_parent || /* Case 2 */ inp->i_dotdot != idesc->id_number || /* Case 3 */ inp->i_dotdot == inp->i_parent) { /* Case 4 */ getpathname(newname, idesc->id_number, idesc->id_number); if (strcmp(newname, "/") != 0) strcat (newname, "/"); strcat(newname, idesc->id_dirp->d_name); getpathname(oldname, inp->i_number, inp->i_number); pwarn("%s IS AN EXTRANEOUS HARD LINK TO DIRECTORY %s", newname, oldname); if (cursnapshot != 0) { /* * We need to * setcwd(idesc->id_number); * unlink(idesc->id_dirp->d_name); */ cmd.value = idesc->id_number; if (sysctlbyname("vfs.ffs.setcwd", 0, 0, &cmd, sizeof cmd) == -1) { printf(" (IGNORED)\n"); return (0); } cmd.value = (intptr_t)idesc->id_dirp->d_name; cmd.size = inp->i_number; /* verify same name */ if (sysctlbyname("vfs.ffs.unlink", 0, 0, &cmd, sizeof cmd) == -1) { printf(" (UNLINK FAILED: %s)\n", strerror(errno)); return (0); } printf(" (REMOVED)\n"); return (0); } if (preen) { printf(" (REMOVED)\n"); return (1); } return (reply("REMOVE")); } /* * None of the first four cases above, so must be case (5). * Eliminate the old name and make the new the name the parent. */ getpathname(oldname, inp->i_parent, inp->i_number); getpathname(newname, inp->i_number, inp->i_number); pwarn("%s IS AN EXTRANEOUS HARD LINK TO DIRECTORY %s", oldname, newname); if (cursnapshot != 0) { /* * We need to * setcwd(inp->i_parent); * unlink(last component of oldname pathname); */ cmd.value = inp->i_parent; if (sysctlbyname("vfs.ffs.setcwd", 0, 0, &cmd, sizeof cmd) == -1) { printf(" (IGNORED)\n"); return (0); } if ((cp = strchr(oldname, '/')) == NULL) { printf(" (IGNORED)\n"); return (0); } cmd.value = (intptr_t)(cp + 1); cmd.size = inp->i_number; /* verify same name */ if (sysctlbyname("vfs.ffs.unlink", 0, 0, &cmd, sizeof cmd) == -1) { printf(" (UNLINK FAILED: %s)\n", strerror(errno)); return (0); } printf(" (REMOVED)\n"); inp->i_parent = idesc->id_number; /* reparent to correct dir */ return (0); } if (!preen && !reply("REMOVE")) return (0); memset(&dotdesc, 0, sizeof(struct inodesc)); dotdesc.id_type = DATA; dotdesc.id_number = inp->i_parent; /* directory in which name appears */ dotdesc.id_parent = inp->i_number; /* inode number in entry to delete */ dotdesc.id_func = deleteentry; ginode(dotdesc.id_number, &ip); if ((ckinode(ip.i_dp, &dotdesc) & FOUND) && preen) printf(" (REMOVED)\n"); irelse(&ip); inp->i_parent = idesc->id_number; /* reparent to correct directory */ inoinfo(inp->i_number)->ino_linkcnt++; /* name gone, return reference */ return (0); } static int deleteentry(struct inodesc *idesc) { struct direct *dirp = idesc->id_dirp; if (idesc->id_entryno++ < 2 || dirp->d_ino != idesc->id_parent) return (KEEPON); dirp->d_ino = 0; return (ALTERED|STOP|FOUND); } /* * Routine to sort disk blocks. */ static int blksort(const void *arg1, const void *arg2) { return ((*(struct inoinfo * const *)arg1)->i_blks[0] - (*(struct inoinfo * const *)arg2)->i_blks[0]); } diff --git a/sbin/fsck_ffs/pass3.c b/sbin/fsck_ffs/pass3.c index 9a01bb02ccc8..ac0b61437ccb 100644 --- a/sbin/fsck_ffs/pass3.c +++ b/sbin/fsck_ffs/pass3.c @@ -1,132 +1,129 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1980, 1986, 1993 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #if 0 -#ifndef lint -static const char sccsid[] = "@(#)pass3.c 8.2 (Berkeley) 4/27/95"; -#endif /* not lint */ #endif #include #include #include #include #include #include #include "fsck.h" void pass3(void) { struct inoinfo *inp; int loopcnt, inpindex, state; ino_t orphan; struct inode ip; struct inodesc idesc; char namebuf[UFS_MAXNAMLEN+1]; for (inpindex = inplast - 1; inpindex >= 0; inpindex--) { if (got_siginfo) { printf("%s: phase 3: dir %d of %d (%d%%)\n", cdevname, (int)(inplast - inpindex - 1), (int)inplast, (int)((inplast - inpindex - 1) * 100 / inplast)); got_siginfo = 0; } if (got_sigalarm) { setproctitle("%s p3 %d%%", cdevname, (int)((inplast - inpindex - 1) * 100 / inplast)); got_sigalarm = 0; } inp = inpsort[inpindex]; state = inoinfo(inp->i_number)->ino_state; if (inp->i_number == UFS_ROOTINO || (inp->i_parent != 0 && !S_IS_DUNFOUND(state))) continue; if (state == DCLEAR || state == DZLINK) continue; /* * If we are running with soft updates and we come * across unreferenced directories, we just leave * them in DSTATE which will cause them to be pitched * in pass 4. */ if ((preen || bkgrdflag) && resolved && usedsoftdep && S_IS_DUNFOUND(state)) { if (inp->i_dotdot >= UFS_ROOTINO) inoinfo(inp->i_dotdot)->ino_linkcnt++; continue; } for (loopcnt = 0; ; loopcnt++) { orphan = inp->i_number; if (inp->i_parent == 0 || !INO_IS_DUNFOUND(inp->i_parent) || loopcnt > countdirs) break; inp = getinoinfo(inp->i_parent); } if (loopcnt <= countdirs) { if (linkup(orphan, inp->i_dotdot, NULL)) { inp->i_parent = inp->i_dotdot = lfdir; inoinfo(lfdir)->ino_linkcnt--; inoinfo(orphan)->ino_state = DFOUND; check_dirdepth(inp); propagate(); } continue; } pfatal("ORPHANED DIRECTORY LOOP DETECTED I=%lu", (u_long)orphan); if (reply("RECONNECT") == 0) continue; memset(&idesc, 0, sizeof(struct inodesc)); idesc.id_type = DATA; idesc.id_number = inp->i_parent; idesc.id_parent = orphan; idesc.id_func = findname; idesc.id_name = namebuf; ginode(inp->i_parent, &ip); if ((ckinode(ip.i_dp, &idesc) & FOUND) == 0) pfatal("COULD NOT FIND NAME IN PARENT DIRECTORY"); if (linkup(orphan, inp->i_parent, namebuf)) { idesc.id_func = clearentry; if (ckinode(ip.i_dp, &idesc) & FOUND) inoinfo(orphan)->ino_linkcnt++; inp->i_parent = inp->i_dotdot = lfdir; inoinfo(lfdir)->ino_linkcnt--; } irelse(&ip); inoinfo(orphan)->ino_state = DFOUND; check_dirdepth(inp); propagate(); } } diff --git a/sbin/fsck_ffs/pass4.c b/sbin/fsck_ffs/pass4.c index b4cf59bc97dc..bddd7ca9a94f 100644 --- a/sbin/fsck_ffs/pass4.c +++ b/sbin/fsck_ffs/pass4.c @@ -1,127 +1,124 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1980, 1986, 1993 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #if 0 -#ifndef lint -static const char sccsid[] = "@(#)pass4.c 8.4 (Berkeley) 4/28/95"; -#endif /* not lint */ #endif #include #include #include #include #include #include #include #include #include "fsck.h" void pass4(void) { ino_t inumber; struct inode ip; struct inodesc idesc; int i, n, cg; memset(&idesc, 0, sizeof(struct inodesc)); idesc.id_func = freeblock; for (cg = 0; cg < sblock.fs_ncg; cg++) { if (got_siginfo) { printf("%s: phase 4: cyl group %d of %d (%d%%)\n", cdevname, cg, sblock.fs_ncg, cg * 100 / sblock.fs_ncg); got_siginfo = 0; } if (got_sigalarm) { setproctitle("%s p4 %d%%", cdevname, cg * 100 / sblock.fs_ncg); got_sigalarm = 0; } inumber = cg * sblock.fs_ipg; for (i = 0; i < inostathead[cg].il_numalloced; i++, inumber++) { if (inumber < UFS_ROOTINO) continue; idesc.id_number = inumber; idesc.id_type = inoinfo(inumber)->ino_idtype; switch (inoinfo(inumber)->ino_state) { case FZLINK: case DZLINK: if (inoinfo(inumber)->ino_linkcnt == 0) { clri(&idesc, "UNREF", 1); break; } /* fall through */ case FSTATE: case DFOUND: n = inoinfo(inumber)->ino_linkcnt; if (n) { adjust(&idesc, (short)n); break; } break; case DSTATE: clri(&idesc, "UNREF", 1); break; case DCLEAR: /* if on snapshot, already cleared */ if (cursnapshot != 0) break; ginode(inumber, &ip); if (DIP(ip.i_dp, di_size) == 0) { clri(&idesc, "ZERO LENGTH", 1); irelse(&ip); break; } irelse(&ip); /* fall through */ case FCLEAR: clri(&idesc, "BAD/DUP", 1); break; case USTATE: break; default: errx(EEXIT, "BAD STATE %d FOR INODE I=%ju", inoinfo(inumber)->ino_state, (uintmax_t)inumber); } } } } diff --git a/sbin/fsck_ffs/pass5.c b/sbin/fsck_ffs/pass5.c index 8980ba60e03a..efe36ca42cb4 100644 --- a/sbin/fsck_ffs/pass5.c +++ b/sbin/fsck_ffs/pass5.c @@ -1,647 +1,644 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1980, 1986, 1993 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #if 0 -#ifndef lint -static const char sccsid[] = "@(#)pass5.c 8.9 (Berkeley) 4/28/95"; -#endif /* not lint */ #endif #include #include #include #include #include #include #include #include #include #include "fsck.h" static void check_maps(u_char *, u_char *, int, ufs2_daddr_t, const char *, int *, int, int, int); static void clear_blocks(ufs2_daddr_t start, ufs2_daddr_t end); void pass5(void) { int c, i, j, blk, frags, basesize, mapsize; int inomapsize, blkmapsize; struct fs *fs = &sblock; ufs2_daddr_t d, dbase, dmax, start; int rewritecg = 0; ino_t inum; struct csum *cs; struct csum_total cstotal; struct inodesc idesc[3]; char buf[MAXBSIZE]; struct cg *cg, *newcg = (struct cg *)buf; struct bufarea *cgbp; inoinfo(UFS_WINO)->ino_state = USTATE; memset(newcg, 0, (size_t)fs->fs_cgsize); newcg->cg_niblk = fs->fs_ipg; /* check to see if we are to add a cylinder group check hash */ if ((ckhashadd & CK_CYLGRP) != 0) rewritecg = 1; if (cvtlevel >= 3) { if (fs->fs_maxcontig < 2 && fs->fs_contigsumsize > 0) { if (preen) pwarn("DELETING CLUSTERING MAPS\n"); if (preen || reply("DELETE CLUSTERING MAPS")) { fs->fs_contigsumsize = 0; rewritecg = 1; sbdirty(); } } if (fs->fs_maxcontig > 1) { const char *doit = NULL; if (fs->fs_contigsumsize < 1) { doit = "CREAT"; } else if (fs->fs_contigsumsize < fs->fs_maxcontig && fs->fs_contigsumsize < FS_MAXCONTIG) { doit = "EXPAND"; } if (doit) { i = fs->fs_contigsumsize; fs->fs_contigsumsize = MIN(fs->fs_maxcontig, FS_MAXCONTIG); if (CGSIZE(fs) > (u_int)fs->fs_bsize) { pwarn("CANNOT %s CLUSTER MAPS\n", doit); fs->fs_contigsumsize = i; } else if (preen || reply("CREATE CLUSTER MAPS")) { if (preen) pwarn("%sING CLUSTER MAPS\n", doit); fs->fs_cgsize = fragroundup(fs, CGSIZE(fs)); rewritecg = 1; sbdirty(); } } } } basesize = sizeof(*newcg); if (sblock.fs_magic == FS_UFS2_MAGIC) { newcg->cg_iusedoff = basesize; } else { /* * We reserve the space for the old rotation summary * tables for the benefit of old kernels, but do not * maintain them in modern kernels. In time, they can * go away. */ newcg->cg_old_btotoff = basesize; newcg->cg_old_boff = newcg->cg_old_btotoff + fs->fs_old_cpg * sizeof(int32_t); newcg->cg_iusedoff = newcg->cg_old_boff + fs->fs_old_cpg * fs->fs_old_nrpos * sizeof(u_int16_t); memset(&newcg[1], 0, newcg->cg_iusedoff - basesize); } inomapsize = howmany(fs->fs_ipg, CHAR_BIT); newcg->cg_freeoff = newcg->cg_iusedoff + inomapsize; blkmapsize = howmany(fs->fs_fpg, CHAR_BIT); newcg->cg_nextfreeoff = newcg->cg_freeoff + blkmapsize; if (fs->fs_contigsumsize > 0) { newcg->cg_clustersumoff = newcg->cg_nextfreeoff - sizeof(u_int32_t); newcg->cg_clustersumoff = roundup(newcg->cg_clustersumoff, sizeof(u_int32_t)); newcg->cg_clusteroff = newcg->cg_clustersumoff + (fs->fs_contigsumsize + 1) * sizeof(u_int32_t); newcg->cg_nextfreeoff = newcg->cg_clusteroff + howmany(fragstoblks(fs, fs->fs_fpg), CHAR_BIT); } newcg->cg_magic = CG_MAGIC; mapsize = newcg->cg_nextfreeoff - newcg->cg_iusedoff; memset(&idesc[0], 0, sizeof idesc); for (i = 0; i < 3; i++) idesc[i].id_type = ADDR; memset(&cstotal, 0, sizeof(struct csum_total)); dmax = blknum(fs, fs->fs_size + fs->fs_frag - 1); for (d = fs->fs_size; d < dmax; d++) setbmap(d); for (c = 0; c < fs->fs_ncg; c++) { if (got_siginfo) { printf("%s: phase 5: cyl group %d of %d (%d%%)\n", cdevname, c, sblock.fs_ncg, c * 100 / sblock.fs_ncg); got_siginfo = 0; } if (got_sigalarm) { setproctitle("%s p5 %d%%", cdevname, c * 100 / sblock.fs_ncg); got_sigalarm = 0; } cgbp = cglookup(c); cg = cgbp->b_un.b_cg; if (!cg_chkmagic(cg)) pfatal("CG %d: BAD MAGIC NUMBER\n", c); /* * If we have a cylinder group check hash and are not adding * it for the first time, verify that it is good. */ if ((fs->fs_metackhash & CK_CYLGRP) != 0 && (ckhashadd & CK_CYLGRP) == 0) { uint32_t ckhash, thishash; ckhash = cg->cg_ckhash; cg->cg_ckhash = 0; thishash = calculate_crc32c(~0L, cg, fs->fs_cgsize); if (ckhash == thishash) { cg->cg_ckhash = ckhash; } else { pwarn("CG %d: BAD CHECK-HASH %#x vs %#x\n", c, ckhash, thishash); cg->cg_ckhash = thishash; cgdirty(cgbp); } } newcg->cg_time = cg->cg_time; newcg->cg_old_time = cg->cg_old_time; newcg->cg_unrefs = cg->cg_unrefs; newcg->cg_ckhash = cg->cg_ckhash; newcg->cg_cgx = c; dbase = cgbase(fs, c); dmax = dbase + fs->fs_fpg; if (dmax > fs->fs_size) dmax = fs->fs_size; newcg->cg_ndblk = dmax - dbase; if (fs->fs_magic == FS_UFS1_MAGIC) { if (c == fs->fs_ncg - 1) newcg->cg_old_ncyl = howmany(newcg->cg_ndblk, fs->fs_fpg / fs->fs_old_cpg); else newcg->cg_old_ncyl = fs->fs_old_cpg; newcg->cg_old_niblk = fs->fs_ipg; newcg->cg_niblk = 0; } if (fs->fs_contigsumsize > 0) newcg->cg_nclusterblks = newcg->cg_ndblk / fs->fs_frag; newcg->cg_cs.cs_ndir = 0; newcg->cg_cs.cs_nffree = 0; newcg->cg_cs.cs_nbfree = 0; newcg->cg_cs.cs_nifree = fs->fs_ipg; if (cg->cg_rotor >= 0 && cg->cg_rotor < newcg->cg_ndblk) newcg->cg_rotor = cg->cg_rotor; else newcg->cg_rotor = 0; if (cg->cg_frotor >= 0 && cg->cg_frotor < newcg->cg_ndblk) newcg->cg_frotor = cg->cg_frotor; else newcg->cg_frotor = 0; if (cg->cg_irotor >= 0 && cg->cg_irotor < fs->fs_ipg) newcg->cg_irotor = cg->cg_irotor; else newcg->cg_irotor = 0; if (fs->fs_magic == FS_UFS1_MAGIC) { newcg->cg_initediblk = 0; } else { if ((unsigned)cg->cg_initediblk > fs->fs_ipg) newcg->cg_initediblk = fs->fs_ipg; else newcg->cg_initediblk = cg->cg_initediblk; } memset(&newcg->cg_frsum[0], 0, sizeof newcg->cg_frsum); memset(cg_inosused(newcg), 0, (size_t)(mapsize)); inum = fs->fs_ipg * c; for (i = 0; i < inostathead[c].il_numalloced; inum++, i++) { switch (inoinfo(inum)->ino_state) { case USTATE: break; case DSTATE: case DCLEAR: case DFOUND: case DZLINK: newcg->cg_cs.cs_ndir++; /* FALLTHROUGH */ case FSTATE: case FCLEAR: case FZLINK: newcg->cg_cs.cs_nifree--; setbit(cg_inosused(newcg), i); break; default: if (inum < UFS_ROOTINO) break; errx(EEXIT, "BAD STATE %d FOR INODE I=%ju", inoinfo(inum)->ino_state, (uintmax_t)inum); } } if (c == 0) for (i = 0; i < (int)UFS_ROOTINO; i++) { setbit(cg_inosused(newcg), i); newcg->cg_cs.cs_nifree--; } start = -1; for (i = 0, d = dbase; d < dmax; d += fs->fs_frag, i += fs->fs_frag) { frags = 0; for (j = 0; j < fs->fs_frag; j++) { if (testbmap(d + j)) { if ((Eflag || Zflag) && start != -1) { clear_blocks(start, d + j - 1); start = -1; } continue; } if (start == -1) start = d + j; setbit(cg_blksfree(newcg), i + j); frags++; } if (frags == fs->fs_frag) { newcg->cg_cs.cs_nbfree++; if (fs->fs_contigsumsize > 0) setbit(cg_clustersfree(newcg), i / fs->fs_frag); } else if (frags > 0) { newcg->cg_cs.cs_nffree += frags; blk = blkmap(fs, cg_blksfree(newcg), i); ffs_fragacct(fs, blk, newcg->cg_frsum, 1); } } if ((Eflag || Zflag) && start != -1) clear_blocks(start, d - 1); if (fs->fs_contigsumsize > 0) { int32_t *sump = cg_clustersum(newcg); u_char *mapp = cg_clustersfree(newcg); int map = *mapp++; int bit = 1; int run = 0; for (i = 0; i < newcg->cg_nclusterblks; i++) { if ((map & bit) != 0) { run++; } else if (run != 0) { if (run > fs->fs_contigsumsize) run = fs->fs_contigsumsize; sump[run]++; run = 0; } if ((i & (CHAR_BIT - 1)) != (CHAR_BIT - 1)) { bit <<= 1; } else { map = *mapp++; bit = 1; } } if (run != 0) { if (run > fs->fs_contigsumsize) run = fs->fs_contigsumsize; sump[run]++; } } if (bkgrdflag != 0) { cstotal.cs_nffree += cg->cg_cs.cs_nffree; cstotal.cs_nbfree += cg->cg_cs.cs_nbfree; cstotal.cs_nifree += cg->cg_cs.cs_nifree; cstotal.cs_ndir += cg->cg_cs.cs_ndir; } else { cstotal.cs_nffree += newcg->cg_cs.cs_nffree; cstotal.cs_nbfree += newcg->cg_cs.cs_nbfree; cstotal.cs_nifree += newcg->cg_cs.cs_nifree; cstotal.cs_ndir += newcg->cg_cs.cs_ndir; } cs = &fs->fs_cs(fs, c); if (cursnapshot == 0 && memcmp(&newcg->cg_cs, cs, sizeof *cs) != 0 && dofix(&idesc[0], "FREE BLK COUNT(S) WRONG IN SUPERBLK")) { memmove(cs, &newcg->cg_cs, sizeof *cs); sbdirty(); } if (rewritecg) { memmove(cg, newcg, (size_t)fs->fs_cgsize); cgdirty(cgbp); continue; } if (cursnapshot == 0 && memcmp(newcg, cg, basesize) != 0 && dofix(&idesc[2], "SUMMARY INFORMATION BAD")) { memmove(cg, newcg, (size_t)basesize); cgdirty(cgbp); } if (bkgrdflag != 0 || usedsoftdep || debug) update_maps(cg, newcg, bkgrdflag); if (cursnapshot == 0 && memcmp(cg_inosused(newcg), cg_inosused(cg), mapsize) != 0 && dofix(&idesc[1], "BLK(S) MISSING IN BIT MAPS")) { memmove(cg_inosused(cg), cg_inosused(newcg), (size_t)mapsize); cgdirty(cgbp); } } if (cursnapshot == 0 && memcmp(&cstotal, &fs->fs_cstotal, sizeof cstotal) != 0 && dofix(&idesc[0], "SUMMARY BLK COUNT(S) WRONG IN SUPERBLK")) { if (debug) { printf("cstotal is currently: %jd dirs, %jd blks free, " "%jd frags free, %jd inos free, %jd clusters\n", (intmax_t)fs->fs_cstotal.cs_ndir, (intmax_t)fs->fs_cstotal.cs_nbfree, (intmax_t)fs->fs_cstotal.cs_nffree, (intmax_t)fs->fs_cstotal.cs_nifree, (intmax_t)fs->fs_cstotal.cs_numclusters); printf("cstotal ought to be: %jd dirs, %jd blks free, " "%jd frags free, %jd inos free, %jd clusters\n", (intmax_t)cstotal.cs_ndir, (intmax_t)cstotal.cs_nbfree, (intmax_t)cstotal.cs_nffree, (intmax_t)cstotal.cs_nifree, (intmax_t)cstotal.cs_numclusters); } memmove(&fs->fs_cstotal, &cstotal, sizeof cstotal); fs->fs_ronly = 0; fs->fs_fmod = 0; sbdirty(); } /* * When doing background fsck on a snapshot, figure out whether * the superblock summary is inaccurate and correct it when * necessary. */ if (cursnapshot != 0) { cmd.size = 1; cmd.value = cstotal.cs_ndir - fs->fs_cstotal.cs_ndir; if (cmd.value != 0) { if (debug) printf("adjndir by %+" PRIi64 "\n", cmd.value); if (bkgrdsumadj == 0 || sysctl(adjndir, MIBSIZE, 0, 0, &cmd, sizeof cmd) == -1) rwerror("ADJUST NUMBER OF DIRECTORIES", cmd.value); } cmd.value = cstotal.cs_nbfree - fs->fs_cstotal.cs_nbfree; if (cmd.value != 0) { if (debug) printf("adjnbfree by %+" PRIi64 "\n", cmd.value); if (bkgrdsumadj == 0 || sysctl(adjnbfree, MIBSIZE, 0, 0, &cmd, sizeof cmd) == -1) rwerror("ADJUST NUMBER OF FREE BLOCKS", cmd.value); } cmd.value = cstotal.cs_nifree - fs->fs_cstotal.cs_nifree; if (cmd.value != 0) { if (debug) printf("adjnifree by %+" PRIi64 "\n", cmd.value); if (bkgrdsumadj == 0 || sysctl(adjnifree, MIBSIZE, 0, 0, &cmd, sizeof cmd) == -1) rwerror("ADJUST NUMBER OF FREE INODES", cmd.value); } cmd.value = cstotal.cs_nffree - fs->fs_cstotal.cs_nffree; if (cmd.value != 0) { if (debug) printf("adjnffree by %+" PRIi64 "\n", cmd.value); if (bkgrdsumadj == 0 || sysctl(adjnffree, MIBSIZE, 0, 0, &cmd, sizeof cmd) == -1) rwerror("ADJUST NUMBER OF FREE FRAGS", cmd.value); } cmd.value = cstotal.cs_numclusters - fs->fs_cstotal.cs_numclusters; if (cmd.value != 0) { if (debug) printf("adjnumclusters by %+" PRIi64 "\n", cmd.value); if (bkgrdsumadj == 0 || sysctl(adjnumclusters, MIBSIZE, 0, 0, &cmd, sizeof cmd) == -1) rwerror("ADJUST NUMBER OF FREE CLUSTERS", cmd.value); } } } /* * Compare the original cylinder group inode and block bitmaps with the * updated cylinder group inode and block bitmaps. Free inodes and blocks * that have been added. Complain if any previously freed inodes blocks * are now allocated. */ void update_maps( struct cg *oldcg, /* cylinder group of claimed allocations */ struct cg *newcg, /* cylinder group of determined allocations */ int usesysctl) /* 1 => use sysctl interface to update maps */ { int inomapsize, excessdirs; struct fs *fs = &sblock; inomapsize = howmany(fs->fs_ipg, CHAR_BIT); excessdirs = oldcg->cg_cs.cs_ndir - newcg->cg_cs.cs_ndir; if (excessdirs < 0) { pfatal("LOST %d DIRECTORIES\n", -excessdirs); excessdirs = 0; } if (excessdirs > 0) check_maps(cg_inosused(newcg), cg_inosused(oldcg), inomapsize, oldcg->cg_cgx * (ufs2_daddr_t)fs->fs_ipg, "DIR", freedirs, 0, excessdirs, usesysctl); check_maps(cg_inosused(newcg), cg_inosused(oldcg), inomapsize, oldcg->cg_cgx * (ufs2_daddr_t)fs->fs_ipg, "FILE", freefiles, excessdirs, fs->fs_ipg, usesysctl); check_maps(cg_blksfree(oldcg), cg_blksfree(newcg), howmany(fs->fs_fpg, CHAR_BIT), oldcg->cg_cgx * (ufs2_daddr_t)fs->fs_fpg, "FRAG", freeblks, 0, fs->fs_fpg, usesysctl); } static void check_maps( u_char *map1, /* map of claimed allocations */ u_char *map2, /* map of determined allocations */ int mapsize, /* size of above two maps */ ufs2_daddr_t startvalue, /* resource value for first element in map */ const char *name, /* name of resource found in maps */ int *opcode, /* sysctl opcode to free resource */ int skip, /* number of entries to skip before starting to free */ int limit, /* limit on number of entries to free */ int usesysctl) /* 1 => use sysctl interface to update maps */ { # define BUFSIZE 16 char buf[BUFSIZE]; long i, j, k, l, m, size; ufs2_daddr_t n, astart, aend, ustart, uend; void (*msg)(const char *fmt, ...); if (usesysctl) msg = pfatal; else msg = pwarn; astart = ustart = aend = uend = -1; for (i = 0; i < mapsize; i++) { j = *map1++; k = *map2++; if (j == k) continue; for (m = 0, l = 1; m < CHAR_BIT; m++, l <<= 1) { if ((j & l) == (k & l)) continue; n = startvalue + i * CHAR_BIT + m; if ((j & l) != 0) { if (astart == -1) { astart = aend = n; continue; } if (aend + 1 == n) { aend = n; continue; } if (astart == aend) (*msg)("ALLOCATED %s %" PRId64 " MARKED FREE\n", name, astart); else (*msg)("%s %sS %" PRId64 "-%" PRId64 " MARKED FREE\n", "ALLOCATED", name, astart, aend); astart = aend = n; } else { if (ustart == -1) { ustart = uend = n; continue; } if (uend + 1 == n) { uend = n; continue; } size = uend - ustart + 1; if (size <= skip) { skip -= size; ustart = uend = n; continue; } if (skip > 0) { ustart += skip; size -= skip; skip = 0; } if (size > limit) size = limit; if (debug && size == 1) pwarn("%s %s %" PRId64 " MARKED USED\n", "UNALLOCATED", name, ustart); else if (debug) pwarn("%s %sS %" PRId64 "-%" PRId64 " MARKED USED\n", "UNALLOCATED", name, ustart, ustart + size - 1); if (usesysctl != 0) { cmd.value = ustart; cmd.size = size; if (sysctl(opcode, MIBSIZE, 0, 0, &cmd, sizeof cmd) == -1) { snprintf(buf, BUFSIZE, "FREE %s", name); rwerror(buf, cmd.value); } } limit -= size; if (limit <= 0) return; ustart = uend = n; } } } if (astart != -1) { if (astart == aend) (*msg)("ALLOCATED %s %" PRId64 " MARKED FREE\n", name, astart); else (*msg)("ALLOCATED %sS %" PRId64 "-%" PRId64 " MARKED FREE\n", name, astart, aend); } if (ustart != -1) { size = uend - ustart + 1; if (size <= skip) return; if (skip > 0) { ustart += skip; size -= skip; } if (size > limit) size = limit; if (debug) { if (size == 1) pwarn("UNALLOCATED %s %" PRId64 " MARKED USED\n", name, ustart); else pwarn("UNALLOCATED %sS %" PRId64 "-%" PRId64 " MARKED USED\n", name, ustart, ustart + size - 1); } if (usesysctl != 0) { cmd.value = ustart; cmd.size = size; if (sysctl(opcode, MIBSIZE, 0, 0, &cmd, sizeof cmd) == -1) { snprintf(buf, BUFSIZE, "FREE %s", name); rwerror(buf, cmd.value); } } } } static void clear_blocks(ufs2_daddr_t start, ufs2_daddr_t end) { if (debug) printf("Zero frags %jd to %jd\n", start, end); if (Zflag) blzero(fswritefd, fsbtodb(&sblock, start), lfragtosize(&sblock, end - start + 1)); if (Eflag) blerase(fswritefd, fsbtodb(&sblock, start), lfragtosize(&sblock, end - start + 1)); } diff --git a/sbin/fsck_ffs/setup.c b/sbin/fsck_ffs/setup.c index b3d58749015e..71088ee13849 100644 --- a/sbin/fsck_ffs/setup.c +++ b/sbin/fsck_ffs/setup.c @@ -1,629 +1,626 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1980, 1986, 1993 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #if 0 -#ifndef lint -static const char sccsid[] = "@(#)setup.c 8.10 (Berkeley) 5/9/95"; -#endif /* not lint */ #endif #include #include #include #include #define FSTYPENAMES #include #include #include #include #include #include #include #include #include #include #include #include "fsck.h" struct inohash *inphash; /* hash list of directory inode info */ struct inoinfo **inpsort; /* disk order list of directory inodes */ struct inode snaplist[FSMAXSNAP + 1]; /* list of active snapshots */ int snapcnt; /* number of active snapshots */ char *copybuf; /* buffer to copy snapshot blocks */ static int sbhashfailed; #define POWEROF2(num) (((num) & ((num) - 1)) == 0) static int calcsb(char *dev, int devfd, struct fs *fs); static void saverecovery(int readfd, int writefd); static int chkrecovery(int devfd); static int getlbnblkno(struct inodesc *); static int checksnapinfo(struct inode *); /* * Read in a superblock finding an alternate if necessary. * Return 1 if successful, 0 if unsuccessful, -1 if file system * is already clean (ckclean and preen mode only). */ int setup(char *dev) { long i, bmapsize; struct inode ip; /* * We are expected to have an open file descriptor and a superblock. */ if (fsreadfd < 0 || havesb == 0) { if (debug) { if (fsreadfd < 0) printf("setup: missing fsreadfd\n"); else printf("setup: missing superblock\n"); } return (0); } if (preen == 0) printf("** %s", dev); if (bkgrdflag == 0 && (nflag || (fswritefd = open(dev, O_WRONLY)) < 0)) { fswritefd = -1; if (preen) pfatal("NO WRITE ACCESS"); printf(" (NO WRITE)"); } if (preen == 0) printf("\n"); if (sbhashfailed != 0) { pwarn("SUPERBLOCK CHECK HASH FAILED"); if (fswritefd == -1) pwarn("OPENED READONLY SO CANNOT CORRECT CHECK HASH\n"); else if (preen || reply("CORRECT CHECK HASH") != 0) { if (preen) printf(" (CORRECTED)\n"); sblock.fs_clean = 0; sbdirty(); } } if (skipclean && ckclean && sblock.fs_clean) { pwarn("FILE SYSTEM CLEAN; SKIPPING CHECKS\n"); return (-1); } maxfsblock = sblock.fs_size; maxino = sblock.fs_ncg * sblock.fs_ipg; /* * Check and potentially fix certain fields in the super block. */ if (sblock.fs_optim != FS_OPTTIME && sblock.fs_optim != FS_OPTSPACE) { pfatal("UNDEFINED OPTIMIZATION IN SUPERBLOCK"); if (reply("SET TO DEFAULT") == 1) { sblock.fs_optim = FS_OPTTIME; sbdirty(); } } if ((sblock.fs_minfree < 0 || sblock.fs_minfree > 99)) { pfatal("IMPOSSIBLE MINFREE=%d IN SUPERBLOCK", sblock.fs_minfree); if (reply("SET TO DEFAULT") == 1) { sblock.fs_minfree = 10; sbdirty(); } } if (sblock.fs_magic == FS_UFS1_MAGIC && sblock.fs_old_inodefmt < FS_44INODEFMT) { pwarn("Format of file system is too old.\n"); pwarn("Must update to modern format using a version of fsck\n"); pfatal("from before 2002 with the command ``fsck -c 2''\n"); exit(EEXIT); } if (preen == 0 && yflag == 0 && sblock.fs_magic == FS_UFS2_MAGIC && fswritefd != -1 && chkrecovery(fsreadfd) == 0 && reply("SAVE DATA TO FIND ALTERNATE SUPERBLOCKS") != 0) saverecovery(fsreadfd, fswritefd); /* * allocate and initialize the necessary maps */ bufinit(); bmapsize = roundup(howmany(maxfsblock, CHAR_BIT), sizeof(short)); blockmap = Calloc((unsigned)bmapsize, sizeof (char)); if (blockmap == NULL) { printf("cannot alloc %u bytes for blockmap\n", (unsigned)bmapsize); goto badsb; } inostathead = Calloc(sblock.fs_ncg, sizeof(struct inostatlist)); if (inostathead == NULL) { printf("cannot alloc %u bytes for inostathead\n", (unsigned)(sizeof(struct inostatlist) * (sblock.fs_ncg))); goto badsb; } numdirs = sblock.fs_cstotal.cs_ndir; dirhash = MAX(numdirs / 2, 1); inplast = 0; listmax = numdirs + 10; inpsort = (struct inoinfo **)Calloc(listmax, sizeof(struct inoinfo *)); inphash = (struct inohash *)Calloc(dirhash, sizeof(struct inohash)); if (inpsort == NULL || inphash == NULL) { printf("cannot alloc %ju bytes for inphash\n", (uintmax_t)numdirs * sizeof(struct inoinfo *)); goto badsb; } if (sblock.fs_flags & FS_DOSOFTDEP) usedsoftdep = 1; else usedsoftdep = 0; /* * Collect any snapshot inodes so that we can allow them to * claim any blocks that we free. The code for doing this is * imported here and into inode.c from sys/ufs/ffs/ffs_snapshot.c. */ for (snapcnt = 0; snapcnt < FSMAXSNAP; snapcnt++) { if (sblock.fs_snapinum[snapcnt] == 0) break; ginode(sblock.fs_snapinum[snapcnt], &ip); if ((DIP(ip.i_dp, di_mode) & IFMT) == IFREG && (DIP(ip.i_dp, di_flags) & SF_SNAPSHOT) != 0 && checksnapinfo(&ip)) { if (debug) printf("Load snapshot %jd\n", (intmax_t)sblock.fs_snapinum[snapcnt]); snaplist[snapcnt] = ip; continue; } printf("Removing non-snapshot inode %ju from snapshot list\n", (uintmax_t)sblock.fs_snapinum[snapcnt]); irelse(&ip); for (i = snapcnt + 1; i < FSMAXSNAP; i++) { if (sblock.fs_snapinum[i] == 0) break; sblock.fs_snapinum[i - 1] = sblock.fs_snapinum[i]; } sblock.fs_snapinum[i - 1] = 0; snapcnt--; sbdirty(); } if (snapcnt > 0 && copybuf == NULL) { copybuf = Balloc(sblock.fs_bsize); if (copybuf == NULL) errx(EEXIT, "cannot allocate space for snapshot " "copy buffer"); } return (1); badsb: ckfini(0); return (0); } /* * Check for valid snapshot information. * * Each snapshot has a list of blocks that have been copied. This list * is consulted before checking the snapshot inode. Its purpose is to * speed checking of commonly checked blocks and to avoid recursive * checks of the snapshot inode. In particular, the list must contain * the superblock, the superblock summary information, and all the * cylinder group blocks. The list may contain other commonly checked * pointers such as those of the blocks that contain the snapshot inodes. * The list is sorted into block order to allow binary search lookup. * * The twelve direct direct block pointers of the snapshot are always * copied, so we test for them first before checking the list itself * (i.e., they are not in the list). * * The checksnapinfo() routine needs to ensure that the list contains at * least the super block, its summary information, and the cylinder groups. * Here we check the list first for the superblock, zero or more cylinder * groups up to the location of the superblock summary information, the * summary group information, and any remaining cylinder group maps that * follow it. We skip over any other entries in the list. */ #define CHKBLKINLIST(chkblk) \ /* All UFS_NDADDR blocks are copied */ \ if ((chkblk) >= UFS_NDADDR) { \ /* Skip over blocks that are not of interest */ \ while (*blkp < (chkblk) && blkp < lastblkp) \ blkp++; \ /* Fail if end of list and not all blocks found */ \ if (blkp >= lastblkp) { \ pwarn("UFS%d snapshot inode %jd failed: " \ "improper block list length (%jd)\n", \ sblock.fs_magic == FS_UFS1_MAGIC ? 1 : 2, \ (intmax_t)snapip->i_number, \ (intmax_t)(lastblkp - &snapblklist[0])); \ status = 0; \ } \ /* Fail if block we seek is missing */ \ else if (*blkp++ != (chkblk)) { \ pwarn("UFS%d snapshot inode %jd failed: " \ "block list (%jd) != %s (%jd)\n", \ sblock.fs_magic == FS_UFS1_MAGIC ? 1 : 2, \ (intmax_t)snapip->i_number, \ (intmax_t)blkp[-1], #chkblk, \ (intmax_t)chkblk); \ status = 0; \ } \ } static int checksnapinfo(struct inode *snapip) { struct fs *fs; struct bufarea *bp; struct inodesc idesc; daddr_t *snapblklist, *blkp, *lastblkp, csblkno; int cg, loc, len, status; ufs_lbn_t lbn; size_t size; fs = &sblock; memset(&idesc, 0, sizeof(struct inodesc)); idesc.id_type = ADDR; idesc.id_func = getlbnblkno; idesc.id_number = snapip->i_number; lbn = howmany(fs->fs_size, fs->fs_frag); idesc.id_parent = lbn; /* sought after blkno */ if ((ckinode(snapip->i_dp, &idesc) & FOUND) == 0) return (0); size = fragroundup(fs, DIP(snapip->i_dp, di_size) - lblktosize(fs, lbn)); bp = getdatablk(idesc.id_parent, size, BT_DATA); if (bp->b_errs != 0) return (0); snapblklist = (daddr_t *)bp->b_un.b_buf; /* * snapblklist[0] is the size of the list * snapblklist[1] is the first element of the list * * We need to be careful to bound the size of the list and verify * that we have not run off the end of it if it or its size has * been corrupted. */ blkp = &snapblklist[1]; lastblkp = &snapblklist[MAX(0, MIN(snapblklist[0] + 1, size / sizeof(daddr_t)))]; status = 1; /* Check that the superblock is listed. */ CHKBLKINLIST(lblkno(fs, fs->fs_sblockloc)); if (status == 0) goto out; /* * Calculate where the summary information is located. * Usually it is in the first cylinder group, but growfs * may move it to the first cylinder group that it adds. * * Check all cylinder groups up to the summary information. */ csblkno = fragstoblks(fs, fs->fs_csaddr); for (cg = 0; cg < fs->fs_ncg; cg++) { if (fragstoblks(fs, cgtod(fs, cg)) > csblkno) break; CHKBLKINLIST(fragstoblks(fs, cgtod(fs, cg))); if (status == 0) goto out; } /* Check the summary information block(s). */ len = howmany(fs->fs_cssize, fs->fs_bsize); for (loc = 0; loc < len; loc++) { CHKBLKINLIST(csblkno + loc); if (status == 0) goto out; } /* Check the remaining cylinder groups. */ for (; cg < fs->fs_ncg; cg++) { CHKBLKINLIST(fragstoblks(fs, cgtod(fs, cg))); if (status == 0) goto out; } out: brelse(bp); return (status); } /* * Return the block number associated with a specified inode lbn. * Requested lbn is in id_parent. If found, block is returned in * id_parent. */ static int getlbnblkno(struct inodesc *idesc) { if (idesc->id_lbn < idesc->id_parent) return (KEEPON); idesc->id_parent = idesc->id_blkno; return (STOP | FOUND); } /* * Open a device or file to be checked by fsck. */ int openfilesys(char *dev) { struct stat statb; int saved_fsreadfd; if (stat(dev, &statb) < 0) return (0); if ((statb.st_mode & S_IFMT) != S_IFCHR && (statb.st_mode & S_IFMT) != S_IFBLK) { if (bkgrdflag != 0 && (statb.st_flags & SF_SNAPSHOT) == 0) { pwarn("BACKGROUND FSCK LACKS A SNAPSHOT\n"); return (0); } if (bkgrdflag != 0) { cursnapshot = statb.st_ino; } else { pwarn("%s IS NOT A DISK DEVICE\n", dev); if (preen || reply("CONTINUE") == 0) return (0); } } saved_fsreadfd = fsreadfd; if ((fsreadfd = open(dev, O_RDONLY)) < 0) { fsreadfd = saved_fsreadfd; return (0); } if (saved_fsreadfd != -1) close(saved_fsreadfd); return (1); } /* * Read in the super block and its summary info. */ int readsb(void) { struct fs *fs; sbhashfailed = 0; readcnt[sblk.b_type]++; /* * If bflag is given, then check just that superblock. */ if (bflag) { switch (sbget(fsreadfd, &fs, bflag * dev_bsize, 0)) { case 0: goto goodsb; case EINTEGRITY: printf("Check hash failed for superblock at %jd\n", bflag); return (0); case ENOENT: printf("%jd is not a file system superblock\n", bflag); return (0); case EIO: default: printf("I/O error reading %jd\n", bflag); return (0); } } /* * Check for the standard superblock and use it if good. */ if (sbget(fsreadfd, &fs, UFS_STDSB, UFS_NOMSG) == 0) goto goodsb; /* * Check if the only problem is a check-hash failure. */ skipclean = 0; if (sbget(fsreadfd, &fs, UFS_STDSB, UFS_NOMSG | UFS_NOHASHFAIL) == 0) { sbhashfailed = 1; goto goodsb; } /* * Do an exhaustive search for a usable superblock. */ switch (sbsearch(fsreadfd, &fs, 0)) { case 0: goto goodsb; case ENOENT: printf("SEARCH FOR ALTERNATE SUPER-BLOCK FAILED. " "YOU MUST USE THE\n-b OPTION TO FSCK TO SPECIFY " "THE LOCATION OF AN ALTERNATE\nSUPER-BLOCK TO " "SUPPLY NEEDED INFORMATION; SEE fsck_ffs(8).\n"); return (0); case EIO: default: printf("I/O error reading a usable superblock\n"); return (0); } goodsb: memcpy(&sblock, fs, fs->fs_sbsize); free(fs); /* * Compute block size that the file system is based on, * according to fsbtodb, and adjust superblock block number * so we can tell if this is an alternate later. */ dev_bsize = sblock.fs_fsize / fsbtodb(&sblock, 1); sblk.b_bno = sblock.fs_sblockactualloc / dev_bsize; sblk.b_size = SBLOCKSIZE; /* * If not yet done, update UFS1 superblock with new wider fields. */ if (sblock.fs_magic == FS_UFS1_MAGIC && sblock.fs_maxbsize != sblock.fs_bsize) { sblock.fs_maxbsize = sblock.fs_bsize; sblock.fs_time = sblock.fs_old_time; sblock.fs_size = sblock.fs_old_size; sblock.fs_dsize = sblock.fs_old_dsize; sblock.fs_csaddr = sblock.fs_old_csaddr; sblock.fs_cstotal.cs_ndir = sblock.fs_old_cstotal.cs_ndir; sblock.fs_cstotal.cs_nbfree = sblock.fs_old_cstotal.cs_nbfree; sblock.fs_cstotal.cs_nifree = sblock.fs_old_cstotal.cs_nifree; sblock.fs_cstotal.cs_nffree = sblock.fs_old_cstotal.cs_nffree; } havesb = 1; return (1); } void sblock_init(void) { fsreadfd = -1; fswritefd = -1; fsmodified = 0; lfdir = 0; initbarea(&sblk, BT_SUPERBLK); sblk.b_un.b_buf = Balloc(SBLOCKSIZE); if (sblk.b_un.b_buf == NULL) errx(EEXIT, "cannot allocate space for superblock"); dev_bsize = secsize = DEV_BSIZE; } /* * Calculate a prototype superblock based on information in the boot area. * When done the cgsblock macro can be calculated and the fs_ncg field * can be used. Do NOT attempt to use other macros without verifying that * their needed information is available! */ static int calcsb(char *dev, int devfd, struct fs *fs) { struct fsrecovery *fsr; char *fsrbuf; u_int secsize; /* * We need fragments-per-group and the partition-size. * * Newfs stores these details at the end of the boot block area * at the start of the filesystem partition. If they have been * overwritten by a boot block, we fail. But usually they are * there and we can use them. */ if (ioctl(devfd, DIOCGSECTORSIZE, &secsize) == -1) return (0); fsrbuf = Balloc(secsize); if (fsrbuf == NULL) errx(EEXIT, "calcsb: cannot allocate recovery buffer"); if (blread(devfd, fsrbuf, (SBLOCK_UFS2 - secsize) / dev_bsize, secsize) != 0) { free(fsrbuf); return (0); } fsr = (struct fsrecovery *)&fsrbuf[secsize - sizeof *fsr]; if (fsr->fsr_magic != FS_UFS2_MAGIC) { free(fsrbuf); return (0); } memset(fs, 0, sizeof(struct fs)); fs->fs_fpg = fsr->fsr_fpg; fs->fs_fsbtodb = fsr->fsr_fsbtodb; fs->fs_sblkno = fsr->fsr_sblkno; fs->fs_magic = fsr->fsr_magic; fs->fs_ncg = fsr->fsr_ncg; free(fsrbuf); return (1); } /* * Check to see if recovery information exists. * Return 1 if it exists or cannot be created. * Return 0 if it does not exist and can be created. */ static int chkrecovery(int devfd) { struct fsrecovery *fsr; char *fsrbuf; u_int secsize, rdsize; /* * Could not determine if backup material exists, so do not * offer to create it. */ fsrbuf = NULL; rdsize = sblock.fs_fsize; if (ioctl(devfd, DIOCGSECTORSIZE, &secsize) == -1 || rdsize % secsize != 0 || (fsrbuf = Balloc(rdsize)) == NULL || blread(devfd, fsrbuf, (SBLOCK_UFS2 - rdsize) / dev_bsize, rdsize) != 0) { free(fsrbuf); return (1); } /* * Recovery material has already been created, so do not * need to create it again. */ fsr = (struct fsrecovery *)&fsrbuf[rdsize - sizeof *fsr]; if (fsr->fsr_magic == FS_UFS2_MAGIC) { free(fsrbuf); return (1); } /* * Recovery material has not been created and can be if desired. */ free(fsrbuf); return (0); } /* * Read the last filesystem-size piece of the boot block, replace the * last 20 bytes with the recovery information, then write it back. * The recovery information only works for UFS2 filesystems. */ static void saverecovery(int readfd, int writefd) { struct fsrecovery *fsr; char *fsrbuf; u_int secsize, rdsize; fsrbuf = NULL; rdsize = sblock.fs_fsize; if (sblock.fs_magic != FS_UFS2_MAGIC || ioctl(readfd, DIOCGSECTORSIZE, &secsize) == -1 || rdsize % secsize != 0 || (fsrbuf = Balloc(rdsize)) == NULL || blread(readfd, fsrbuf, (SBLOCK_UFS2 - rdsize) / dev_bsize, rdsize) != 0) { printf("RECOVERY DATA COULD NOT BE CREATED\n"); free(fsrbuf); return; } fsr = (struct fsrecovery *)&fsrbuf[rdsize - sizeof *fsr]; fsr->fsr_magic = sblock.fs_magic; fsr->fsr_fpg = sblock.fs_fpg; fsr->fsr_fsbtodb = sblock.fs_fsbtodb; fsr->fsr_sblkno = sblock.fs_sblkno; fsr->fsr_ncg = sblock.fs_ncg; blwrite(writefd, fsrbuf, (SBLOCK_UFS2 - rdsize) / dev_bsize, rdsize); free(fsrbuf); } diff --git a/sbin/fsck_ffs/utilities.c b/sbin/fsck_ffs/utilities.c index 45bbcc9d6612..e5ec06cb101e 100644 --- a/sbin/fsck_ffs/utilities.c +++ b/sbin/fsck_ffs/utilities.c @@ -1,106 +1,103 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1980, 1986, 1993 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #if 0 -#ifndef lint -static const char sccsid[] = "@(#)utilities.c 8.6 (Berkeley) 5/19/95"; -#endif /* not lint */ #endif #include #include #include #include #include #include #include #include #include #include #include #include #include "fsck.h" char * blockcheck(char *origname) { struct stat stblock; char *newname, *cp; struct fstab *fsinfo; int retried = 0, len; static char device[MAXPATHLEN]; newname = origname; if (stat(newname, &stblock) < 0) { cp = strrchr(newname, '/'); if (cp == NULL) { (void)snprintf(device, sizeof(device), "%s%s", _PATH_DEV, newname); newname = device; } } retry: if (stat(newname, &stblock) < 0) { printf("Can't stat %s: %s\n", newname, strerror(errno)); return (origname); } switch(stblock.st_mode & S_IFMT) { case S_IFCHR: case S_IFBLK: return(newname); case S_IFDIR: if (retried) break; len = strlen(origname) - 1; if (len > 0 && origname[len] == '/') /* remove trailing slash */ origname[len] = '\0'; if ((fsinfo = getfsfile(origname)) == NULL) { printf( "Can't resolve %s to character special device.\n", origname); return (origname); } newname = fsinfo->fs_spec; retried++; goto retry; } /* * Not a block or character device, just return name and * let the user decide whether to use it. */ return (origname); } diff --git a/sbin/fsdb/Makefile b/sbin/fsdb/Makefile index 5a71210dc365..28016b4ccdfc 100644 --- a/sbin/fsdb/Makefile +++ b/sbin/fsdb/Makefile @@ -1,16 +1,15 @@ # $NetBSD: Makefile,v 1.1.1.1 1995/10/08 23:08:36 thorpej Exp $ -# @(#)Makefile 8.1 (Berkeley) 6/5/93 PACKAGE=ufs PROG= fsdb MAN= fsdb.8 SRCS= fsdb.c fsdbutil.c \ dir.c ea.c fsutil.c inode.c pass1.c pass1b.c pass2.c pass3.c pass4.c \ pass5.c setup.c utilities.c ffs_subr.c ffs_tables.c globs.c prtblknos.c CFLAGS+= -I${.CURDIR:H}/fsck_ffs WARNS?= 2 LIBADD= edit ufs .PATH: ${.CURDIR:H}/fsck_ffs ${SRCTOP}/sys/ufs/ffs \ ${SRCTOP}/tools/diag/prtblknos .include diff --git a/sbin/growfs/Makefile b/sbin/growfs/Makefile index 3f72e6ac625f..6fb1ba51db00 100644 --- a/sbin/growfs/Makefile +++ b/sbin/growfs/Makefile @@ -1,27 +1,25 @@ -# @(#)Makefile 8.8 (Berkeley) 6/21/2000 -# # $TSHeader: src/sbin/growfs/Makefile,v 1.4 2000/12/05 19:45:24 tomsoft Exp $ # .include .PATH: ${.CURDIR:H}/mount PACKAGE=ufs PROG= growfs SRCS= growfs.c getmntopts.c MAN= growfs.8 CFLAGS+=-I${.CURDIR:H}/mount .if defined(GFSDBG) SRCS+= debug.c CFLAGS+= -DFS_DEBUG NO_WCAST_ALIGN= yes .endif LIBADD= ufs util HAS_TESTS= SUBDIR.${MK_TESTS}+= tests .include diff --git a/sbin/ifconfig/Makefile b/sbin/ifconfig/Makefile index b95d7a6ea178..e5701fbcdbba 100644 --- a/sbin/ifconfig/Makefile +++ b/sbin/ifconfig/Makefile @@ -1,86 +1,85 @@ -# From: @(#)Makefile 8.1 (Berkeley) 6/5/93 .include PACKAGE=runtime PROG= ifconfig SRCS= ifconfig.c # base support # # NB: The order here defines the order in which the constructors # are called. This in turn defines the default order in which # status is displayed. Probably should add a priority mechanism # to the registration process so we don't depend on this aspect # of the toolchain. # SRCS+= af_link.c # LLC support .if ${MK_INET_SUPPORT} != "no" SRCS+= af_inet.c # IPv4 support .endif .if ${MK_INET6_SUPPORT} != "no" SRCS+= af_inet6.c # IPv6 support .endif .if ${MK_INET6_SUPPORT} != "no" SRCS+= af_nd6.c # ND6 support SRCS+= ifstf.c # STF configuration options .endif SRCS+= ifclone.c # clone device support SRCS+= ifmac.c # MAC support SRCS+= ifmedia.c # SIOC[GS]IFMEDIA support SRCS+= iffib.c # non-default FIB support SRCS+= ifvlan.c # SIOC[GS]ETVLAN support SRCS+= ifvxlan.c # VXLAN support SRCS+= ifgre.c # GRE keys etc SRCS+= ifgif.c # GIF reversed header workaround SRCS+= ifipsec.c # IPsec VTI SRCS+= sfp.c # SFP/SFP+ information LIBADD+= ifconfig m util CFLAGS+= -I${SRCTOP}/lib/libifconfig -I${OBJTOP}/lib/libifconfig .if ${MK_WIRELESS_SUPPORT} != "no" SRCS+= ifieee80211.c # SIOC[GS]IEEE80211 support LIBADD+= 80211 .endif SRCS+= carp.c # SIOC[GS]VH support SRCS+= ifgroup.c # ... .if ${MK_PF} != "no" SRCS+= ifpfsync.c # pfsync(4) support .endif SRCS+= ifbridge.c # bridge support SRCS+= iflagg.c # lagg support .if ${MK_EXPERIMENTAL} != "no" CFLAGS+= -DDRAFT_IETF_6MAN_IPV6ONLY_FLAG CFLAGS+= -DEXPERIMENTAL .endif .if ${MK_INET6_SUPPORT} != "no" CFLAGS+= -DINET6 .endif .if ${MK_INET_SUPPORT} != "no" CFLAGS+= -DINET .endif .if ${MK_JAIL} != "no" && !defined(RESCUE) CFLAGS+= -DJAIL LIBADD+= jail .endif LIBADD+= nv .if ${MK_NETLINK_SUPPORT} != "no" SRCS+= ifconfig_netlink.c .else CFLAGS+=-DWITHOUT_NETLINK .endif MAN= ifconfig.8 CFLAGS+= -Wall -Wmissing-prototypes -Wcast-qual -Wwrite-strings -Wnested-externs HAS_TESTS= SUBDIR.${MK_TESTS}+= tests .include diff --git a/sbin/ifconfig/ifconfig.8 b/sbin/ifconfig/ifconfig.8 index 3b1774606b21..789b98fd7447 100644 --- a/sbin/ifconfig/ifconfig.8 +++ b/sbin/ifconfig/ifconfig.8 @@ -1,3308 +1,3306 @@ .\" Copyright (c) 1983, 1991, 1993 .\" The Regents of the University of California. All rights reserved. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: .\" 1. Redistributions of source code must retain the above copyright .\" notice, this list of conditions and the following disclaimer. .\" 2. Redistributions in binary form must reproduce the above copyright .\" notice, this list of conditions and the following disclaimer in the .\" documentation and/or other materials provided with the distribution. .\" 3. Neither the name of the University nor the names of its contributors .\" may be used to endorse or promote products derived from this software .\" without specific prior written permission. .\" .\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE .\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" From: @(#)ifconfig.8 8.3 (Berkeley) 1/5/94 -.\" .Dd November 08, 2023 .Dt IFCONFIG 8 .Os .Sh NAME .Nm ifconfig .Nd configure network interface parameters .Sh SYNOPSIS .Nm .Op Fl j Ar jail .Op Fl kLmn .Op Fl f Ar type Ns Cm \&: Ns Ar format .Ar interface .Op Cm create .Oo .Ar address_family .Oo .Ar address .Op Ar dest_address .Oc .Oc .Op Ar parameters .Nm .Op Fl j Ar jail .Ar interface .Cm destroy .Nm .Op Fl j Ar jail .Fl a .Op Fl dkLmuv .Op Fl f Ar type Ns Cm \&: Ns Ar format .Op Fl G Ar groupname .Op Fl g Ar groupname .Op Ar address_family .Nm .Fl C .Nm .Op Fl j Ar jail .Fl g Ar groupname .Nm .Op Fl j Ar jail .Fl l .Op Fl du .Op Fl g Ar groupname .Op Ar address_family .Nm .Op Fl j Ar jail .Op Fl dkLmuv .Op Fl f Ar type Ns Cm \&: Ns Ar format .Sh DESCRIPTION The .Nm utility is used to assign an address to a network interface and/or configure network interface parameters. The .Nm utility must be used at boot time to define the network address of each interface present on a machine; it may also be used at a later time to redefine an interface's address or other operating parameters. .Pp The following options are available: .Bl -tag -width indent .It Fl a Display information about all interfaces in the system. .Pp The .Fl a flag may be used instead of the .Ar interface argument. .It Fl C List all the interface cloners available on the system, with no additional information. Use of this flag is mutually exclusive with all other flags and commands. .It Fl d Display only the interfaces that are down. .It Fl f Xo .Ar type Ns Cm \&: Ns Ar format Ns .Op Cm \&, Ns Ar type Ns Cm \&: Ns Ar format Ar ... .Xc Control the output format of .Nm . The format is specified as a comma-separated list of .Ar type Ns Cm \&: Ns Ar format pairs .Po see the .Sx EXAMPLES section for more information .Pc . .Pp The output format can also be specified via the .Ev IFCONFIG_FORMAT environment variable. The .Fl f flag can be supplied multiple times. .Pp The .Ar type Ns s and their associated .Ar format strings are: .Pp .Bl -tag -width ether .It Cm addr Adjust the display of inet and inet6 addresses: .Pp .Bl -tag -width default -compact .It Cm default Default format, .Cm numeric .It Cm fqdn Fully qualified domain names .Pq FQDN .It Cm host Unqualified hostnames .It Cm numeric Numeric format .El .It Cm ether Adjust the display of link-level ethernet (MAC) addresses: .Pp .Bl -tag -width default -compact .It Cm colon Separate address segments with a colon .It Cm dash Separate address segments with a dash .It Cm dotted Dotted notation, for example: .Ql 5254.0015.4a3b .It Cm default Default format, .Cm colon .El .It Cm inet Adjust the display of inet address subnet masks: .Pp .Bl -tag -width default -compact .It Cm cidr CIDR notation, for example: .Ql 203.0.113.224/26 .It Cm default Default format, .Cm hex .It Cm dotted Dotted quad notation, for example: .Ql 255.255.255.192 .It Cm hex Hexadecimal format, for example: .Ql 0xffffffc0 .El .It Cm inet6 Adjust the display of inet6 address prefixes (subnet masks): .Pp .Bl -tag -width default -compact .It Cm cidr CIDR notation, for example: .Ql ::1/128 or .Ql fe80::1%lo0/64 .It Cm default Default format, .Cm numeric .It Cm numeric Integer format, for example: .Ql prefixlen 64 .El .El .It Fl G Ar groupname Exclude members of the specified .Ar groupname from the output. .Ar groupname . .Pp Only one option .Fl G should be specified as later override previous ones .Ar groupname may contain shell patterns in which case it should be quoted. .Pp Setting .Ar groupname to .Cm all selects all interfaces. .It Fl g Ar groupname Limit the output to the members of the specified .Ar groupname . .Pp If .Fl g is specified before other significant flags like, e.g., .Fl a , .Fl l , or .Fl C , then .Nm lists names of interfaces belonging to .Ar groupname . Any other flags and arguments are ignored in this case. .Pp Only one option .Fl g should be specified as later override previous ones .Ar groupname may contain shell patterns in which case it should be quoted. .Pp Setting .Ar groupname to .Cm all selects all interfaces. .It Fl j Ar jail Perform the actions inside the .Ar jail . .Pp The .Cm ifconfig will first attach to the .Ar jail (by jail id or jail name) before performing the effects. .Pp This allow network interfaces of .Ar jail to be configured even if the .Cm ifconfig binary is not available in .Ar jail . .It Fl k Print keying information for the .Ar interface , if available. .Pp For example, the values of 802.11 WEP keys and .Xr carp 4 passphrases will be printed, if accessible to the current user. .Pp This information is not printed by default, as it may be considered sensitive. .It Fl L Display address lifetime for IPv6 addresses as time offset string. .It Fl l List all available interfaces on the system, with no other additional information. .Pp If an .Ar address_family is specified, only interfaces of that type will be listed. .Pp If the .Ar address_family is set to .Cm ether , then .Fl l will exclude loopback interfaces from the list of Ethernet interfaces. This is a special case, because all the other synonyms of the .Cm link address family will include loopback interfaces in the list. .Pp Use of this flag is mutually exclusive with all other flags and commands, except for .Fl d , .Fl g , and .Fl u . .It Fl m Display the capability list and all of the supported media for the specified interface. .It Fl n Disable automatic loading of network interface drivers. .Pp By default if the network interface driver is not present in the kernel then .Nm will attempt to load it. .It Fl u Display only the interfaces that are up. .It Fl v Get more verbose status for an interface. .It Ar address For the inet family, the address is either a host name present in the host name data base, .Xr hosts 5 , or an IPv4 address expressed in the Internet standard .Dq dot notation . .Pp It is also possible to use the CIDR notation (also known as the slash notation) to include the netmask. That is, one can specify an address like .Li 192.168.0.1/16 . .Pp For the .Cm inet6 family, it is also possible to specify the prefix length using the slash notation, like .Li ::1/128 . See the .Cm prefixlen parameter below for more information. .Pp The link-level .Pq Cm link address is specified as a series of colon-separated hex digits. This can be used to, for example, set a new MAC address on an Ethernet interface, though the mechanism used is not Ethernet specific. .Pp Use the .Cm random keyword to set a randomly generated MAC address. A randomly-generated MAC address might be the same as one already in use in the network. Such duplications are extremely unlikely. .Pp If the interface is already up when the link-level address is modified, it will be briefly brought down and then brought back up again in order to ensure that the receive filter in the underlying Ethernet hardware is properly reprogrammed. .It Ar address_family Specify the address family which affects interpretation of the remaining parameters. Since an interface can receive transmissions in differing protocols with different naming schemes, specifying the address family is recommended. The address or protocol families currently supported are: .Bl -tag .It Cm ether Synonymous with .Cm link .Po with some exceptions, see .Fl l .Pc . .It Cm inet Default, if available. .It Cm inet6 .It Cm link Default, if .Cm inet is not available. .It Cm lladdr Synonymous with .Cm link . .El .It Ar dest_address Specify the address of the correspondent on the other end of a point to point link. .It Ar interface This parameter is a string of the form .Dq name unit , for example, .Dq Li em0 . .El .Pp The .Nm utility displays the current configuration for a network interface when no optional parameters are supplied. If a protocol family is specified, .Nm will report only the details specific to that protocol family. .Pp When no arguments are given, .Fl a is implied. .Pp Only the super-user may modify the configuration of a network interface. .Sh PARAMETERS The following .Ar parameter Ns s may be set with .Nm : .Bl -tag -width indent .It Cm add Another name for the .Cm alias parameter. Introduced for compatibility with .Bsx . .It Cm alias Establish an additional network address for this interface. This is sometimes useful when changing network numbers, and one wishes to accept packets addressed to the old interface. If the address is on the same subnet as the first network address for this interface, a non-conflicting netmask must be given. Usually .Li 0xffffffff is most appropriate. .It Fl alias Remove the network address specified. This would be used if you incorrectly specified an alias, or it was no longer needed. If you have incorrectly set an NS address having the side effect of specifying the host portion, removing all NS addresses will allow you to respecify the host portion. .It Cm anycast (Inet6 only.) Specify that the address configured is an anycast address. Based on the current specification, only routers may configure anycast addresses. Anycast address will not be used as source address of any of outgoing IPv6 packets. .It Cm arp Enable the use of the Address Resolution Protocol .Pq Xr arp 4 in mapping between network level addresses and link level addresses (default). This is currently implemented for mapping between Internet Protocol addresses and IEEE 802 48-bit MAC addresses (Ethernet addresses). .It Fl arp Disable the use of the Address Resolution Protocol .Pq Xr arp 4 . .It Cm staticarp If the Address Resolution Protocol is enabled, the host will only reply to requests for its addresses, and will never send any requests. .It Fl staticarp If the Address Resolution Protocol is enabled, the host will perform normally, sending out requests and listening for replies. .It Cm stickyarp Enable the so-called sticky ARP mode for the interface. If this option is enabled on the given interface, any resolved address is marked as a static one and never expires. This may be used to increase security of the network by preventing ARP spoofing or to reduce latency for high-performance Ethernet networks where the time needed for ARP resolution is too high. Please note that a similar feature is also provided for bridges. See the sticky option in the .Sx Bridge Interface Parameters section. Enabling this option may impact techniques which rely on ARP expiration/overwriting feature such as load-balancers or high-availabity solutions such as .Xr carp 4 . .It Fl stickyarp Disable the so-called sticky ARP mode for the interface (default). Resolved addresses will expire normally respecting the kernel ARP configuration. .It Cm broadcast (Inet only.) Specify the address to use to represent broadcasts to the network. The default broadcast address is the address with a host part of all 1's. .It Cm debug Enable driver dependent debugging code; usually, this turns on extra console error logging. .It Fl debug Disable driver dependent debugging code. .It Cm promisc Put interface into permanently promiscuous mode. .It Fl promisc Disable permanently promiscuous mode. .It Cm delete Another name for the .Fl alias parameter. .It Cm description Ar value , Cm descr Ar value Specify a description of the interface. This can be used to label interfaces in situations where they may otherwise be difficult to distinguish. .It Cm -description , Cm -descr Clear the interface description. .It Cm down Mark an interface .Dq down . When an interface is marked .Dq down , the system will not attempt to transmit messages through that interface. If possible, the interface will be reset to disable reception as well. This action does not automatically disable routes using the interface. .It Cm group Ar groupname Assign the interface to a .Dq group . The .Ar groupname may not be longer than 15 characters and must not end in a digit. Any interface can be in multiple groups. .Pp Cloned interfaces are members of their interface family group by default. For example, a VLAN interface such as .Em vlan10 is a member of the VLAN interface family group, .Em vlan . .It Cm -group Ar groupname Remove the interface from the given .Dq group . .It Cm eui64 (Inet6 only.) Fill interface index (lowermost 64bit of an IPv6 address) automatically. .It Cm fib Ar fib_number Specify interface FIB. A FIB .Ar fib_number is assigned to all frames or packets received on that interface. The FIB is not inherited, e.g., vlans or other sub-interfaces will use the default FIB (0) irrespective of the parent interface's FIB. The kernel needs to be tuned to support more than the default FIB using the .Va ROUTETABLES kernel configuration option, or the .Va net.fibs tunable. .It Cm tunnelfib Ar fib_number Specify tunnel FIB. A FIB .Ar fib_number is assigned to all packets encapsulated by tunnel interface, e.g., .Xr gif 4 , .Xr gre 4 and .Xr vxlan 4 . .It Cm maclabel Ar label If Mandatory Access Control support is enabled in the kernel, set the MAC label to .Ar label . .\" (see .\" .Xr maclabel 7 ) . .It Cm media Ar type If the driver supports the media selection system, set the media type of the interface to .Ar type . Some interfaces support the mutually exclusive use of one of several different physical media connectors. For example, a 10Mbit/s Ethernet interface might support the use of either AUI or twisted pair connectors. Setting the media type to .Cm 10base5/AUI would change the currently active connector to the AUI port. Setting it to .Cm 10baseT/UTP would activate twisted pair. Refer to the interfaces' driver specific documentation or man page for a complete list of the available types. .It Cm mediaopt Ar opts If the driver supports the media selection system, set the specified media options on the interface. The .Ar opts argument is a comma delimited list of options to apply to the interface. Refer to the interfaces' driver specific man page for a complete list of available options. .It Fl mediaopt Ar opts If the driver supports the media selection system, disable the specified media options on the interface. .It Cm mode Ar mode If the driver supports the media selection system, set the specified operating mode on the interface to .Ar mode . For IEEE 802.11 wireless interfaces that support multiple operating modes this directive is used to select between 802.11a .Pq Cm 11a , 802.11b .Pq Cm 11b , and 802.11g .Pq Cm 11g operating modes. .It Cm txrtlmt Set if the driver supports TX rate limiting. .It Cm inst Ar minst , Cm instance Ar minst Set the media instance to .Ar minst . This is useful for devices which have multiple physical layer interfaces .Pq PHYs . .It Cm name Ar name Set the interface name to .Ar name . .It Cm rxcsum , txcsum , rxcsum6 , txcsum6 If the driver supports user-configurable checksum offloading, enable receive (or transmit) checksum offloading on the interface. The feature can be turned on selectively per protocol family. Use .Cm rxcsum6 , txcsum6 for .Xr ip6 4 or .Cm rxcsum , txcsum otherwise. Some drivers may not be able to enable these flags independently of each other, so setting one may also set the other. The driver will offload as much checksum work as it can reliably support, the exact level of offloading varies between drivers. .It Fl rxcsum , txcsum , rxcsum6 , txcsum6 If the driver supports user-configurable checksum offloading, disable receive (or transmit) checksum offloading on the interface. The feature can be turned off selectively per protocol family. Use .Fl rxcsum6 , txcsum6 for .Xr ip6 4 or .Fl rxcsum , txcsum otherwise. These settings may not always be independent of each other. .It Cm tso If the driver supports .Xr tcp 4 segmentation offloading, enable TSO on the interface. Some drivers may not be able to support TSO for .Xr ip 4 and .Xr ip6 4 packets, so they may enable only one of them. .It Fl tso If the driver supports .Xr tcp 4 segmentation offloading, disable TSO on the interface. It will always disable TSO for .Xr ip 4 and .Xr ip6 4 . .It Cm tso6 , tso4 If the driver supports .Xr tcp 4 segmentation offloading for .Xr ip6 4 or .Xr ip 4 use one of these to selectively enabled it only for one protocol family. .It Fl tso6 , tso4 If the driver supports .Xr tcp 4 segmentation offloading for .Xr ip6 4 or .Xr ip 4 use one of these to selectively disable it only for one protocol family. .It Cm lro If the driver supports .Xr tcp 4 large receive offloading, enable LRO on the interface. .It Fl lro If the driver supports .Xr tcp 4 large receive offloading, disable LRO on the interface. .It Cm txtls Transmit TLS offload encrypts Transport Layer Security (TLS) records and segments the encrypted record into one or more .Xr tcp 4 segments over either .Xr ip 4 or .Xr ip6 4 . If the driver supports transmit TLS offload, enable transmit TLS offload on the interface. Some drivers may not be able to support transmit TLS offload for .Xr ip 4 and .Xr ip6 4 packets, so they may enable only one of them. .It Fl txtls If the driver supports transmit TLS offload, disable transmit TLS offload on the interface. It will always disable TLS for .Xr ip 4 and .Xr ip6 4 . .It Cm txtlsrtlmt Enable use of rate limiting (packet pacing) for TLS offload. .It Fl txtlsrtlmt Disable use of rate limiting for TLS offload. .It Cm mextpg If the driver supports extended multi-page .Xr mbuf 9 buffers, enable them on the interface. .It Fl mextpg If the driver supports extended multi-page .Xr mbuf 9 biffers, disable them on the interface. .It Cm wol , wol_ucast , wol_mcast , wol_magic Enable Wake On Lan (WOL) support, if available. WOL is a facility whereby a machine in a low power state may be woken in response to a received packet. There are three types of packets that may wake a system: ucast (directed solely to the machine's mac address), mcast (directed to a broadcast or multicast address), or magic .Po unicast or multicast frames with a .Dq magic contents .Pc . Not all devices support WOL, those that do indicate the mechanisms they support in their capabilities. .Cm wol is a synonym for enabling all available WOL mechanisms. To disable WOL use .Fl wol . .It Cm vlanmtu , vlanhwtag , vlanhwfilter , vlanhwcsum , vlanhwtso If the driver offers user-configurable VLAN support, enable reception of extended frames, tag processing in hardware, frame filtering in hardware, checksum offloading, or TSO on VLAN, respectively. Note that this must be configured on a physical interface associated with .Xr vlan 4 , not on a .Xr vlan 4 interface itself. .It Fl vlanmtu , vlanhwtag , vlanhwfilter , vlanhwcsum , vlanhwtso If the driver offers user-configurable VLAN support, disable reception of extended frames, tag processing in hardware, frame filtering in hardware, checksum offloading, or TSO on VLAN, respectively. .It Cm vxlanhwcsum , vxlanhwtso If the driver offers user-configurable VXLAN support, enable inner checksum offloading (receive and transmit) or TSO on VXLAN, respectively. Note that this must be configured on a physical interface associated with .Xr vxlan 4 , not on a .Xr vxlan 4 interface itself. The physical interface is either the interface specified as the vxlandev or the interface hosting the vxlanlocal address. The driver will offload as much checksum work and TSO as it can reliably support, the exact level of offloading may vary between drivers. .It Fl vxlanhwcsum , vxlanhwtso If the driver offers user-configurable VXLAN support, disable checksum offloading (receive and transmit) or TSO on VXLAN, respectively. .It Cm vnet Ar jail Move the interface to the .Xr jail 8 , specified by name or JID. If the jail has a virtual network stack, the interface will disappear from the current environment and become visible to the jail. .It Fl vnet Ar jail Reclaim the interface from the .Xr jail 8 , specified by name or JID. If the jail has a virtual network stack, the interface will disappear from the jail, and become visible to the current network environment. .It Cm polling Turn on .Xr polling 4 feature and disable interrupts on the interface, if driver supports this mode. .It Fl polling Turn off .Xr polling 4 feature and enable interrupt mode on the interface. .It Cm create Create the specified network pseudo-device. If the interface is given without a unit number, try to create a new device with an arbitrary unit number. If creation of an arbitrary device is successful, the new device name is printed to standard output unless the interface is renamed or destroyed in the same .Nm invocation. .It Cm destroy Destroy the specified network pseudo-device. .It Cm plumb Another name for the .Cm create parameter. Included for Solaris compatibility. .It Cm unplumb Another name for the .Cm destroy parameter. Included for Solaris compatibility. .It Cm metric Ar n Set the routing metric of the interface to .Ar n , default 0. The routing metric is used by the routing protocol .Pq Xr routed 8 . Higher metrics have the effect of making a route less favorable; metrics are counted as additional hops to the destination network or host. .It Cm mtu Ar n Set the maximum transmission unit of the interface to .Ar n , default is interface specific. The MTU is used to limit the size of packets that are transmitted on an interface. Not all interfaces support setting the MTU, and some interfaces have range restrictions. .It Cm netmask Ar mask .\" (Inet and ISO.) (Inet only.) Specify how much of the address to reserve for subdividing networks into sub-networks. The mask includes the network part of the local address and the subnet part, which is taken from the host field of the address. The mask can be specified as a single hexadecimal number with a leading .Ql 0x , with a dot-notation Internet address, or with a pseudo-network name listed in the network table .Xr networks 5 . The mask contains 1's for the bit positions in the 32-bit address which are to be used for the network and subnet parts, and 0's for the host part. The mask should contain at least the standard network portion, and the subnet field should be contiguous with the network portion. .Pp The netmask can also be specified in CIDR notation after the address. See the .Ar address option above for more information. .It Cm prefixlen Ar len (Inet6 only.) Specify that .Ar len bits are reserved for subdividing networks into sub-networks. The .Ar len must be integer, and for syntactical reason it must be between 0 to 128. It is almost always 64 under the current IPv6 assignment rule. If the parameter is omitted, 64 is used. .Pp The prefix can also be specified using the slash notation after the address. See the .Ar address option above for more information. .It Cm remove Another name for the .Fl alias parameter. Introduced for compatibility with .Bsx . .Sm off .It Cm link Op Cm 0 No - Cm 2 .Sm on Enable special processing of the link level of the interface. These three options are interface specific in actual effect, however, they are in general used to select special modes of operation. An example of this is to enable SLIP compression, or to select the connector type for some Ethernet cards. Refer to the man page for the specific driver for more information. .Sm off .It Fl link Op Cm 0 No - Cm 2 .Sm on Disable special processing at the link level with the specified interface. .It Cm monitor Put the interface in monitor mode. No packets are transmitted, and received packets are discarded after .Xr bpf 4 processing. .It Fl monitor Take the interface out of monitor mode. .It Cm pcp Ar priority_code_point Priority code point .Pq Dv PCP is an 3-bit field which refers to the IEEE 802.1p class of service and maps to the frame priority level. .It Fl pcp Stop tagging packets on the interface w/ the priority code point. .It Cm up Mark an interface .Dq up . This may be used to enable an interface after an .Dq Nm Cm down . It happens automatically when setting the first address on an interface. If the interface was reset when previously marked down, the hardware will be re-initialized. .El .Ss ICMPv6 Neighbor Discovery Protocol Parameters The following parameters are for ICMPv6 Neighbor Discovery Protocol. Note that the address family keyword .Dq Li inet6 is needed for them: .Bl -tag -width indent .It Cm accept_rtadv Set a flag to enable accepting ICMPv6 Router Advertisement messages. The .Xr sysctl 8 variable .Va net.inet6.ip6.accept_rtadv controls whether this flag is set by default or not. .It Cm -accept_rtadv Clear a flag .Cm accept_rtadv . .It Cm no_radr Set a flag to control whether routers from which the system accepts Router Advertisement messages will be added to the Default Router List or not. When the .Cm accept_rtadv flag is disabled, this flag has no effect. The .Xr sysctl 8 variable .Va net.inet6.ip6.no_radr controls whether this flag is set by default or not. .It Cm -no_radr Clear a flag .Cm no_radr . .It Cm auto_linklocal Set a flag to perform automatic link-local address configuration when the interface becomes available. The .Xr sysctl 8 variable .Va net.inet6.ip6.auto_linklocal controls whether this flag is set by default or not. .It Cm -auto_linklocal Clear a flag .Cm auto_linklocal . .It Cm defaultif Set the specified interface as the default route when there is no default router. .It Cm -defaultif Clear a flag .Cm defaultif . .It Cm ifdisabled Set a flag to disable all of IPv6 network communications on the specified interface. Note that if there are already configured IPv6 addresses on that interface, all of them are marked as .Dq tentative and DAD will be performed when this flag is cleared. .It Cm -ifdisabled Clear a flag .Cm ifdisabled . When this flag is cleared and .Cm auto_linklocal flag is enabled, automatic configuration of a link-local address is performed. .It Cm nud Set a flag to enable Neighbor Unreachability Detection. .It Cm -nud Clear a flag .Cm nud . .It Cm no_prefer_iface Set a flag to not honor rule 5 of source address selection in RFC 3484. In practice this means the address on the outgoing interface will not be preferred, effectively yielding the decision to the address selection policy table, configurable with .Xr ip6addrctl 8 . .It Cm -no_prefer_iface Clear a flag .Cm no_prefer_iface . .It Cm no_dad Set a flag to disable Duplicate Address Detection. .It Cm -no_dad Clear a flag .Cm no_dad . .El .Ss IPv6 Parameters The following parameters are specific for IPv6 addresses. Note that the address family keyword .Dq Li inet6 is needed for them: .Bl -tag -width indent .It Cm autoconf Set the IPv6 autoconfigured address bit. .It Fl autoconf Clear the IPv6 autoconfigured address bit. .It Cm deprecated Set the IPv6 deprecated address bit. .It Fl deprecated Clear the IPv6 deprecated address bit. .It Cm pltime Ar n Set preferred lifetime for the address. .It Cm prefer_source Set a flag to prefer address as a candidate of the source address for outgoing packets. .It Cm -prefer_source Clear a flag .Cm prefer_source . .It Cm vltime Ar n Set valid lifetime for the address. .El .Ss IEEE 802.11 Wireless Interfaces Cloning Parameters The following parameters are specific to cloning IEEE 802.11 wireless interfaces with the .Cm create request: .Bl -tag -width indent .It Cm wlandev Ar device Use .Ar device as the parent for the cloned device. .It Cm wlanmode Ar mode Specify the operating mode for this cloned device. .Ar mode is one of .Cm sta , .Cm ahdemo (or .Cm adhoc-demo ) , .Cm ibss (or .Cm adhoc ) , .Cm ap (or .Cm hostap ) , .Cm wds , .Cm tdma , .Cm mesh , and .Cm monitor . The operating mode of a cloned interface cannot be changed. The .Cm tdma mode is actually implemented as an .Cm adhoc-demo interface with special properties. .It Cm wlanbssid Ar bssid The 802.11 mac address to use for the bssid. This must be specified at create time for a legacy .Cm wds device. .It Cm wlanaddr Ar address The local mac address. If this is not specified then a mac address will automatically be assigned to the cloned device. Typically this address is the same as the address of the parent device but if the .Cm bssid parameter is specified then the driver will craft a unique address for the device (if supported). .It Cm wdslegacy Mark a .Cm wds device as operating in .Dq legacy mode . Legacy .Cm wds devices have a fixed peer relationship and do not, for example, roam if their peer stops communicating. For completeness a Dynamic WDS (DWDS) interface may marked as .Fl wdslegacy . .It Cm bssid Request a unique local mac address for the cloned device. This is only possible if the device supports multiple mac addresses. To force use of the parent's mac address use .Fl bssid . .It Cm beacons Mark the cloned interface as depending on hardware support to track received beacons. To have beacons tracked in software use .Fl beacons . For .Cm hostap mode .Fl beacons can also be used to indicate no beacons should be transmitted; this can be useful when creating a WDS configuration but .Cm wds interfaces can only be created as companions to an access point. .El .Ss Cloned IEEE 802.11 Wireless Interface Parameters The following parameters are specific to IEEE 802.11 wireless interfaces cloned with a .Cm create operation: .Bl -tag -width indent .It Cm ampdu Enable sending and receiving AMPDU frames when using 802.11n (default). The 802.11n specification states a compliant station must be capable of receiving AMPDU frames but transmission is optional. Use .Fl ampdu to disable all use of AMPDU with 802.11n. For testing and/or to work around interoperability problems one can use .Cm ampdutx and .Cm ampdurx to control use of AMPDU in one direction. .It Cm ampdudensity Ar density Set the AMPDU density parameter used when operating with 802.11n. This parameter controls the inter-packet gap for AMPDU frames. The sending device normally controls this setting but a receiving station may request wider gaps. Legal values for .Ar density are 0, .25, .5, 1, 2, 4, 8, and 16 (microseconds). A value of .Cm - is treated the same as 0. .It Cm ampdulimit Ar limit Set the limit on packet size for receiving AMPDU frames when operating with 802.11n. Legal values for .Ar limit are 8192, 16384, 32768, and 65536 but one can also specify just the unique prefix: 8, 16, 32, 64. Note the sender may limit the size of AMPDU frames to be less than the maximum specified by the receiving station. .It Cm amsdu Enable sending and receiving AMSDU frames when using 802.11n. By default AMSDU is received but not transmitted. Use .Fl amsdu to disable all use of AMSDU with 802.11n. For testing and/or to work around interoperability problems one can use .Cm amsdutx and .Cm amsdurx to control use of AMSDU in one direction. .It Cm amsdulimit Ar limit Set the limit on packet size for sending and receiving AMSDU frames when operating with 802.11n. Legal values for .Ar limit are 7935 and 3839 (bytes). Note the sender may limit the size of AMSDU frames to be less than the maximum specified by the receiving station. Note also that devices are not required to support the 7935 limit, only 3839 is required by the specification and the larger value may require more memory to be dedicated to support functionality that is rarely used. .It Cm apbridge When operating as an access point, pass packets between wireless clients directly (default). To instead let them pass up through the system and be forwarded using some other mechanism, use .Fl apbridge . Disabling the internal bridging is useful when traffic is to be processed with packet filtering. .It Cm authmode Ar mode Set the desired authentication mode in infrastructure mode. Not all adapters support all modes. The set of valid modes is .Cm none , open , shared (shared key), .Cm 8021x (IEEE 802.1x), and .Cm wpa (IEEE WPA/WPA2/802.11i). The .Cm 8021x and .Cm wpa modes are only useful when using an authentication service (a supplicant for client operation or an authenticator when operating as an access point). Modes are case insensitive. .It Cm bgscan Enable background scanning when operating as a station. Background scanning is a technique whereby a station associated to an access point will temporarily leave the channel to scan for neighboring stations. This allows a station to maintain a cache of nearby access points so that roaming between access points can be done without a lengthy scan operation. Background scanning is done only when a station is not busy and any outbound traffic will cancel a scan operation. Background scanning should never cause packets to be lost though there may be some small latency if outbound traffic interrupts a scan operation. By default background scanning is enabled if the device is capable. To disable background scanning, use .Fl bgscan . Background scanning is controlled by the .Cm bgscanidle and .Cm bgscanintvl parameters. Background scanning must be enabled for roaming; this is an artifact of the current implementation and may not be required in the future. .It Cm bgscanidle Ar idletime Set the minimum time a station must be idle (not transmitting or receiving frames) before a background scan is initiated. The .Ar idletime parameter is specified in milliseconds. By default a station must be idle at least 250 milliseconds before a background scan is initiated. The idle time may not be set to less than 100 milliseconds. .It Cm bgscanintvl Ar interval Set the interval at which background scanning is attempted. The .Ar interval parameter is specified in seconds. By default a background scan is considered every 300 seconds (5 minutes). The .Ar interval may not be set to less than 15 seconds. .It Cm bintval Ar interval Set the interval at which beacon frames are sent when operating in ad-hoc or ap mode. The .Ar interval parameter is specified in TU's (1024 usecs). By default beacon frames are transmitted every 100 TU's. .It Cm bmissthreshold Ar count Set the number of consecutive missed beacons at which the station will attempt to roam (i.e., search for a new access point). The .Ar count parameter must be in the range 1 to 255; though the upper bound may be reduced according to device capabilities. The default threshold is 7 consecutive missed beacons; but this may be overridden by the device driver. Another name for the .Cm bmissthreshold parameter is .Cm bmiss . .It Cm bssid Ar address Specify the MAC address of the access point to use when operating as a station in a BSS network. This overrides any automatic selection done by the system. To disable a previously selected access point, supply .Cm any , none , or .Cm - for the address. This option is useful when more than one access point uses the same SSID. Another name for the .Cm bssid parameter is .Cm ap . .It Cm burst Enable packet bursting. Packet bursting is a transmission technique whereby the wireless medium is acquired once to send multiple frames and the interframe spacing is reduced. This technique can significantly increase throughput by reducing transmission overhead. Packet bursting is supported by the 802.11e QoS specification and some devices that do not support QoS may still be capable. By default packet bursting is enabled if a device is capable of doing it. To disable packet bursting, use .Fl burst . .It Cm chanlist Ar channels Set the desired channels to use when scanning for access points, neighbors in an IBSS network, or looking for unoccupied channels when operating as an access point. The set of channels is specified as a comma-separated list with each element in the list representing either a single channel number or a range of the form .Dq Li a-b . Channel numbers must be in the range 1 to 255 and be permissible according to the operating characteristics of the device. .It Cm channel Ar number Set a single desired channel. Channels range from 1 to 255, but the exact selection available depends on the region your adaptor was manufactured for. Setting the channel to .Cm any , or .Dq Cm - will clear any desired channel and, if the device is marked up, force a scan for a channel to operate on. Alternatively the frequency, in megahertz, may be specified instead of the channel number. .Pp When there are several ways to use a channel the channel number/frequency may be appended with attributes to clarify. For example, if a device is capable of operating on channel 6 with 802.11n and 802.11g then one can specify that g-only use should be used by specifying .Cm 6:g . Similarly the channel width can be specified by appending it with .Dq Cm \&/ ; e.g., .Cm 6/40 specifies a 40MHz wide channel. These attributes can be combined as in: .Cm 6:ht/40 . .Pp The full set of flags specified following a .Dq Cm \&: are: .Pp .Bl -tag -compact .It Cm a 802.11a .It Cm b 802.11b .It Cm d Atheros Dynamic Turbo mode .It Cm g 802.11g .It Cm h Same as .Cm n .It Cm n 802.11n aka HT .It Cm s Atheros Static Turbo mode .It Cm t Atheros Dynamic Turbo mode, or appended to .Cm st and .Cm dt .El .Pp The full set of channel widths following a .Cm \&/ are: .Pp .Bl -tag -compact .It Cm 5 5MHz aka quarter-rate channel .It Cm 10 10MHz aka half-rate channel .It Cm 20 20MHz mostly for use in specifying .Cm ht20 .It Cm 40 40MHz mostly for use in specifying .Cm ht40 .El .Pp In addition, a 40MHz HT channel specification may include the location of the extension channel by appending .Dq Cm \&+ or .Dq Cm \&- for above and below, respectively; e.g., .Cm 2437:ht/40+ specifies 40MHz wide HT operation with the center channel at frequency 2437 and the extension channel above. .It Cm country Ar name Set the country code to use in calculating the regulatory constraints for operation. In particular the set of available channels, how the wireless device will operation on the channels, and the maximum transmit power that can be used on a channel are defined by this setting. Country/Region codes are specified as a 2-character abbreviation defined by ISO 3166 or using a longer, but possibly ambiguous, spelling; e.g., "ES" and "Spain". The set of country codes are taken from .Pa /etc/regdomain.xml and can also be viewed with the .Cm list countries request. Note that not all devices support changing the country code from a default setting; typically stored in EEPROM. See also .Cm regdomain , .Cm indoor , .Cm outdoor , and .Cm anywhere . .It Cm dfs Enable Dynamic Frequency Selection (DFS) as specified in 802.11h. DFS embodies several facilities including detection of overlapping radar signals, dynamic transmit power control, and channel selection according to a least-congested criteria. DFS support is mandatory for some 5GHz frequencies in certain locales (e.g., ETSI). By default DFS is enabled according to the regulatory definitions specified in .Pa /etc/regdomain.xml and the current country code, regdomain, and channel. Note the underlying device (and driver) must support radar detection for full DFS support to work. To be fully compliant with the local regulatory agency frequencies that require DFS should not be used unless it is fully supported. Use .Fl dfs to disable this functionality for testing. .It Cm dotd Enable support for the 802.11d specification (default). When this support is enabled in station mode, beacon frames that advertise a country code different than the currently configured country code will cause an event to be dispatched to user applications. This event can be used by the station to adopt that country code and operate according to the associated regulatory constraints. When operating as an access point with 802.11d enabled the beacon and probe response frames transmitted will advertise the current regulatory domain settings. To disable 802.11d use .Fl dotd . .It Cm doth Enable 802.11h support including spectrum management. When 802.11h is enabled beacon and probe response frames will have the SpectrumMgt bit set in the capabilities field and country and power constraint information elements will be present. 802.11h support also includes handling Channel Switch Announcements (CSA) which are a mechanism to coordinate channel changes by an access point. By default 802.11h is enabled if the device is capable. To disable 802.11h use .Fl doth . .It Cm deftxkey Ar index Set the default key to use for transmission. Typically this is only set when using WEP encryption. Note that you must set a default transmit key for the system to know which key to use in encrypting outbound traffic. The .Cm weptxkey is an alias for this request; it is provided for backwards compatibility. .It Cm dtimperiod Ar period Set the DTIM period for transmitting buffered multicast data frames when operating in ap mode. The .Ar period specifies the number of beacon intervals between DTIM and must be in the range 1 to 15. By default DTIM is 1 (i.e., DTIM occurs at each beacon). .It Cm quiet Enable the use of quiet IE. Hostap will use this to silence other stations to reduce interference for radar detection when operating on 5GHz frequency and doth support is enabled. Use .Fl quiet to disable this functionality. .It Cm quiet_period Ar period Set the QUIET .Ar period to the number of beacon intervals between the start of regularly scheduled quiet intervals defined by Quiet element. .It Cm quiet_count Ar count Set the QUIET .Ar count to the number of TBTTs until the beacon interval during which the next quiet interval shall start. A value of 1 indicates the quiet interval will start during the beacon interval starting at the next TBTT. A value 0 is reserved. .It Cm quiet_offset Ar offset Set the QUIET .Ar offset to the offset of the start of the quiet interval from the TBTT specified by the Quiet count, expressed in TUs. The value of the .Ar offset shall be less than one beacon interval. .It Cm quiet_duration Ar dur Set the QUIET .Ar dur to the duration of the Quiet interval, expressed in TUs. The value should be less than beacon interval. .It Cm dturbo Enable the use of Atheros Dynamic Turbo mode when communicating with another Dynamic Turbo-capable station. Dynamic Turbo mode is an Atheros-specific mechanism by which stations switch between normal 802.11 operation and a .Dq boosted mode in which a 40MHz wide channel is used for communication. Stations using Dynamic Turbo mode operate boosted only when the channel is free of non-dturbo stations; when a non-dturbo station is identified on the channel all stations will automatically drop back to normal operation. By default, Dynamic Turbo mode is not enabled, even if the device is capable. Note that turbo mode (dynamic or static) is only allowed on some channels depending on the regulatory constraints; use the .Cm list chan command to identify the channels where turbo mode may be used. To disable Dynamic Turbo mode use .Fl dturbo . .It Cm dwds Enable Dynamic WDS (DWDS) support. DWDS is a facility by which 4-address traffic can be carried between stations operating in infrastructure mode. A station first associates to an access point and authenticates using normal procedures (e.g., WPA). Then 4-address frames are passed to carry traffic for stations operating on either side of the wireless link. DWDS extends the normal WDS mechanism by leveraging existing security protocols and eliminating static binding. .Pp When DWDS is enabled on an access point 4-address frames received from an authorized station will generate a .Dq DWDS discovery event to user applications. This event should be used to create a WDS interface that is bound to the remote station (and usually plumbed into a bridge). Once the WDS interface is up and running 4-address traffic then logically flows through that interface. .Pp When DWDS is enabled on a station, traffic with a destination address different from the peer station are encapsulated in a 4-address frame and transmitted to the peer. All 4-address traffic uses the security information of the stations (e.g., cryptographic keys). A station is associated using 802.11n facilities may transport 4-address traffic using these same mechanisms; this depends on available resources and capabilities of the device. The DWDS implementation guards against layer 2 routing loops of multicast traffic. .It Cm ff Enable the use of Atheros Fast Frames when communicating with another Fast Frames-capable station. Fast Frames are an encapsulation technique by which two 802.3 frames are transmitted in a single 802.11 frame. This can noticeably improve throughput but requires that the receiving station understand how to decapsulate the frame. Fast frame use is negotiated using the Atheros 802.11 vendor-specific protocol extension so enabling use is safe when communicating with non-Atheros devices. By default, use of fast frames is enabled if the device is capable. To explicitly disable fast frames, use .Fl ff . .It Cm fragthreshold Ar length Set the threshold for which transmitted frames are broken into fragments. The .Ar length argument is the frame size in bytes and must be in the range 256 to 2346. Setting .Ar length to .Li 2346 , .Cm any , or .Cm - disables transmit fragmentation. Not all adapters honor the fragmentation threshold. .It Cm hidessid When operating as an access point, do not broadcast the SSID in beacon frames or respond to probe request frames unless they are directed to the ap (i.e., they include the ap's SSID). By default, the SSID is included in beacon frames and undirected probe request frames are answered. To re-enable the broadcast of the SSID etc., use .Fl hidessid . .It Cm ht Enable use of High Throughput (HT) when using 802.11n (default). The 802.11n specification includes mechanisms for operation on 20MHz and 40MHz wide channels using different signalling mechanisms than specified in 802.11b, 802.11g, and 802.11a. Stations negotiate use of these facilities, termed HT20 and HT40, when they associate. To disable all use of 802.11n use .Fl ht . To disable use of HT20 (e.g., to force only HT40 use) use .Fl ht20 . To disable use of HT40 use .Fl ht40 . .Pp HT configuration is used to .Dq auto promote operation when several choices are available. For example, if a station associates to an 11n-capable access point it controls whether the station uses legacy operation, HT20, or HT40. When an 11n-capable device is setup as an access point and Auto Channel Selection is used to locate a channel to operate on, HT configuration controls whether legacy, HT20, or HT40 operation is setup on the selected channel. If a fixed channel is specified for a station then HT configuration can be given as part of the channel specification; e.g., 6:ht/20 to setup HT20 operation on channel 6. .It Cm htcompat Enable use of compatibility support for pre-802.11n devices (default). The 802.11n protocol specification went through several incompatible iterations. Some vendors implemented 11n support to older specifications that will not interoperate with a purely 11n-compliant station. In particular the information elements included in management frames for old devices are different. When compatibility support is enabled both standard and compatible data will be provided. Stations that associate using the compatibility mechanisms are flagged in .Cm list sta . To disable compatibility support use .Fl htcompat . .It Cm htprotmode Ar technique For interfaces operating in 802.11n, use the specified .Ar technique for protecting HT frames in a mixed legacy/HT network. The set of valid techniques is .Cm off , and .Cm rts (RTS/CTS, default). Technique names are case insensitive. .It Cm inact Enable inactivity processing for stations associated to an access point (default). When operating as an access point the 802.11 layer monitors the activity of each associated station. When a station is inactive for 5 minutes it will send several .Dq probe frames to see if the station is still present. If no response is received then the station is deauthenticated. Applications that prefer to handle this work can disable this facility by using .Fl inact . .It Cm indoor Set the location to use in calculating regulatory constraints. The location is also advertised in beacon and probe response frames when 802.11d is enabled with .Cm dotd . See also .Cm outdoor , .Cm anywhere , .Cm country , and .Cm regdomain . .It Cm list active Display the list of channels available for use taking into account any restrictions set with the .Cm chanlist directive. See the description of .Cm list chan for more information. .It Cm list caps Display the adaptor's capabilities, including the operating modes supported. .It Cm list chan Display the list of channels available for use. Channels are shown with their IEEE channel number, equivalent frequency, and usage modes. Channels identified as .Ql 11g are also usable in .Ql 11b mode. Channels identified as .Ql 11a Turbo may be used only for Atheros' Static Turbo mode (specified with . Cm mediaopt turbo ) . Channels marked with a .Ql * have a regulatory constraint that they be passively scanned. This means a station is not permitted to transmit on the channel until it identifies the channel is being used for 802.11 communication; typically by hearing a beacon frame from an access point operating on the channel. .Cm list freq is another way of requesting this information. By default a compacted list of channels is displayed; if the .Fl v option is specified then all channels are shown. .It Cm list countries Display the set of country codes and regulatory domains that can be used in regulatory configuration. .It Cm list mac Display the current MAC Access Control List state. Each address is prefixed with a character that indicates the current policy applied to it: .Ql + indicates the address is allowed access, .Ql - indicates the address is denied access, .Ql * indicates the address is present but the current policy open (so the ACL is not consulted). .It Cm list mesh Displays the mesh routing table, used for forwarding packets on a mesh network. .It Cm list regdomain Display the current regulatory settings including the available channels and transmit power caps. .It Cm list roam Display the parameters that govern roaming operation. .It Cm list txparam Display the parameters that govern transmit operation. .It Cm list txpower Display the transmit power caps for each channel. .It Cm list scan Display the access points and/or ad-hoc neighbors located in the vicinity. This information may be updated automatically by the adapter with a .Cm scan request or through background scanning. Depending on the capabilities of the stations the following flags (capability codes) can be included in the output: .Bl -tag -width 3n .It Li A Channel agility. .It Li B PBCC modulation. .It Li C Poll request capability. .It Li D DSSS/OFDM capability. .It Li E Extended Service Set (ESS). Indicates that the station is part of an infrastructure network rather than an IBSS/ad-hoc network. .It Li I Independent Basic Service Set (IBSS). Indicates that the station is part of an ad-hoc network rather than an ESS network. .It Li P Privacy capability. The station requires authentication and encryption for all data frames exchanged within the BSS using cryptographic means such as WEP, TKIP, or AES-CCMP. .It Li R Robust Secure Network (RSN). .It Li S Short Preamble. Indicates that the network is using short preambles, defined in 802.11b High Rate/DSSS PHY, and utilizes a 56 bit sync field rather than the 128 bit field used in long preamble mode. Short preambles are used to optionally improve throughput performance with 802.11g and 802.11b. .It Li c Pollable capability. .It Li s Short slot time capability. Indicates that the 802.11g network is using a short slot time because there are no legacy (802.11b) stations present. .El .Pp By default interesting information elements captured from the neighboring stations are displayed at the end of each row. Possible elements include: .Cm WME (station supports WME), .Cm WPA (station supports WPA), .Cm WPS (station supports WPS), .Cm RSN (station supports 802.11i/RSN), .Cm HTCAP (station supports 802.11n/HT communication), .Cm ATH (station supports Atheros protocol extensions), .Cm VEN (station supports unknown vendor-specific extensions). If the .Fl v flag is used all the information elements and their contents will be shown. Specifying the .Fl v flag also enables display of long SSIDs. The .Cm list ap command is another way of requesting this information. .It Cm list sta When operating as an access point display the stations that are currently associated. When operating in ad-hoc mode display stations identified as neighbors in the IBSS. When operating in mesh mode display stations identified as neighbors in the MBSS. When operating in station mode display the access point. Capabilities advertised by the stations are described under the .Cm scan request. The following flags can be included in the output: .Bl -tag -width 3n .It Li A Authorized. Indicates that the station is permitted to send/receive data frames. .It Li E Extended Rate Phy (ERP). Indicates that the station is operating in an 802.11g network using extended transmit rates. .It Li H High Throughput (HT). Indicates that the station is using HT transmit rates. If a .Sq Li + follows immediately after then the station associated using deprecated mechanisms supported only when .Cm htcompat is enabled. .It Li P Power Save. Indicates that the station is operating in power save mode. .It Li Q Quality of Service (QoS). Indicates that the station is using QoS encapsulation for data frame. QoS encapsulation is enabled only when WME mode is enabled. .It Li S Short GI in HT 40MHz mode enabled. If a .Sq Li + follows immediately after then short GI in HT 20MHz mode is enabled as well. .It Li T Transitional Security Network (TSN). Indicates that the station associated using TSN; see also .Cm tsn below. .It Li W Wi-Fi Protected Setup (WPS). Indicates that the station associated using WPS. .It Li s Short GI in HT 20MHz mode enabled. .El .Pp By default information elements received from associated stations are displayed in a short form; the .Fl v flag causes this information to be displayed symbolically. .It Cm list wme Display the current channel parameters to use when operating in WME mode. If the .Fl v option is specified then both channel and BSS parameters are displayed for each AC (first channel, then BSS). When WME mode is enabled for an adaptor this information will be displayed with the regular status; this command is mostly useful for examining parameters when WME mode is disabled. See the description of the .Cm wme directive for information on the various parameters. .It Cm maxretry Ar count Set the maximum number of tries to use in sending unicast frames. The default setting is 6 but drivers may override this with a value they choose. .It Cm mcastrate Ar rate Set the rate for transmitting multicast/broadcast frames. Rates are specified as megabits/second in decimal; e.g.,\& 5.5 for 5.5 Mb/s. This rate should be valid for the current operating conditions; if an invalid rate is specified drivers are free to chose an appropriate rate. .It Cm mgtrate Ar rate Set the rate for transmitting management and/or control frames. Rates are specified as megabits/second in decimal; e.g.,\& 5.5 for 5.5 Mb/s. .It Cm outdoor Set the location to use in calculating regulatory constraints. The location is also advertised in beacon and probe response frames when 802.11d is enabled with .Cm dotd . See also .Cm anywhere , .Cm country , .Cm indoor , and .Cm regdomain . .It Cm powersave Enable powersave operation. When operating as a client, the station will conserve power by periodically turning off the radio and listening for messages from the access point telling it there are packets waiting. The station must then retrieve the packets. Not all devices support power save operation as a client. The 802.11 specification requires that all access points support power save but some drivers do not. Use .Fl powersave to disable powersave operation when operating as a client. .It Cm powersavesleep Ar sleep Set the desired max powersave sleep time in TU's (1024 usecs). By default the max powersave sleep time is 100 TU's. .It Cm protmode Ar technique For interfaces operating in 802.11g, use the specified .Ar technique for protecting OFDM frames in a mixed 11b/11g network. The set of valid techniques is .Cm off , cts (CTS to self), and .Cm rtscts (RTS/CTS). Technique names are case insensitive. Not all devices support .Cm cts as a protection technique. .It Cm pureg When operating as an access point in 802.11g mode allow only 11g-capable stations to associate (11b-only stations are not permitted to associate). To allow both 11g and 11b-only stations to associate, use .Fl pureg . .It Cm puren When operating as an access point in 802.11n mode allow only HT-capable stations to associate (legacy stations are not permitted to associate). To allow both HT and legacy stations to associate, use .Fl puren . .It Cm regdomain Ar sku Set the regulatory domain to use in calculating the regulatory constraints for operation. In particular the set of available channels, how the wireless device will operation on the channels, and the maximum transmit power that can be used on a channel are defined by this setting. Regdomain codes (SKU's) are taken from .Pa /etc/regdomain.xml and can also be viewed with the .Cm list countries request. Note that not all devices support changing the regdomain from a default setting; typically stored in EEPROM. See also .Cm country , .Cm indoor , .Cm outdoor , and .Cm anywhere . .It Cm rifs Enable use of Reduced InterFrame Spacing (RIFS) when operating in 802.11n on an HT channel. Note that RIFS must be supported by both the station and access point for it to be used. To disable RIFS use .Fl rifs . .It Cm roam:rate Ar rate Set the threshold for controlling roaming when operating in a BSS. The .Ar rate parameter specifies the transmit rate in megabits at which roaming should be considered. If the current transmit rate drops below this setting and background scanning is enabled, then the system will check if a more desirable access point is available and switch over to it. The current scan cache contents are used if they are considered valid according to the .Cm scanvalid parameter; otherwise a background scan operation is triggered before any selection occurs. Each channel type has a separate rate threshold; the default values are: 12 Mb/s (11a), 2 Mb/s (11b), 2 Mb/s (11g), MCS 1 (11na, 11ng). .It Cm roam:rssi Ar rssi Set the threshold for controlling roaming when operating in a BSS. The .Ar rssi parameter specifies the receive signal strength in dBm units at which roaming should be considered. If the current rssi drops below this setting and background scanning is enabled, then the system will check if a more desirable access point is available and switch over to it. The current scan cache contents are used if they are considered valid according to the .Cm scanvalid parameter; otherwise a background scan operation is triggered before any selection occurs. Each channel type has a separate rssi threshold; the default values are all 7 dBm. .It Cm roaming Ar mode When operating as a station, control how the system will behave when communication with the current access point is broken. The .Ar mode argument may be one of .Cm device (leave it to the hardware device to decide), .Cm auto (handle either in the device or the operating system\[em]as appropriate), .Cm manual (do nothing until explicitly instructed). By default, the device is left to handle this if it is capable; otherwise, the operating system will automatically attempt to reestablish communication. Manual mode is used by applications such as .Xr wpa_supplicant 8 that want to control the selection of an access point. .It Cm rtsthreshold Ar length Set the threshold for which transmitted frames are preceded by transmission of an RTS control frame. The .Ar length argument is the frame size in bytes and must be in the range 1 to 2346. Setting .Ar length to .Li 2346 , .Cm any , or .Cm - disables transmission of RTS frames. Not all adapters support setting the RTS threshold. .It Cm scan Initiate a scan of neighboring stations, wait for it to complete, and display all stations found. Only the super-user can initiate a scan. See .Cm list scan for information on the display. By default a background scan is done; otherwise a foreground scan is done and the station may roam to a different access point. The .Cm list scan request can be used to show recent scan results without initiating a new scan. .It Cm scanvalid Ar threshold Set the maximum time the scan cache contents are considered valid; i.e., will be used without first triggering a scan operation to refresh the data. The .Ar threshold parameter is specified in seconds and defaults to 60 seconds. The minimum setting for .Ar threshold is 10 seconds. One should take care setting this threshold; if it is set too low then attempts to roam to another access point may trigger unnecessary background scan operations. .It Cm shortgi Enable use of Short Guard Interval when operating in 802.11n on an HT channel. NB: this currently enables Short GI on both HT40 and HT20 channels. To disable Short GI use .Fl shortgi . .It Cm smps Enable use of Static Spatial Multiplexing Power Save (SMPS) when operating in 802.11n. A station operating with Static SMPS maintains only a single receive chain active (this can significantly reduce power consumption). To disable SMPS use .Fl smps . .It Cm smpsdyn Enable use of Dynamic Spatial Multiplexing Power Save (SMPS) when operating in 802.11n. A station operating with Dynamic SMPS maintains only a single receive chain active but switches to multiple receive chains when it receives an RTS frame (this can significantly reduce power consumption). Note that stations cannot distinguish between RTS/CTS intended to enable multiple receive chains and those used for other purposes. To disable SMPS use .Fl smps . .It Cm ssid Ar ssid Set the desired Service Set Identifier (aka network name). The SSID is a string up to 32 characters in length and may be specified as either a normal string or in hexadecimal when preceded by .Ql 0x . Additionally, the SSID may be cleared by setting it to .Ql - . .It Cm tdmaslot Ar slot When operating with TDMA, use the specified .Ar slot configuration. The .Ar slot is a number between 0 and the maximum number of slots in the BSS. Note that a station configured as slot 0 is a master and will broadcast beacon frames advertising the BSS; stations configured to use other slots will always scan to locate a master before they ever transmit. By default .Cm tdmaslot is set to 1. .It Cm tdmaslotcnt Ar cnt When operating with TDMA, setup a BSS with .Ar cnt slots. The slot count may be at most 8. The current implementation is only tested with two stations (i.e., point to point applications). This setting is only meaningful when a station is configured as slot 0; other stations adopt this setting from the BSS they join. By default .Cm tdmaslotcnt is set to 2. .It Cm tdmaslotlen Ar len When operating with TDMA, setup a BSS such that each station has a slot .Ar len microseconds long. The slot length must be at least 150 microseconds (1/8 TU) and no more than 65 milliseconds. Note that setting too small a slot length may result in poor channel bandwidth utilization due to factors such as timer granularity and guard time. This setting is only meaningful when a station is configured as slot 0; other stations adopt this setting from the BSS they join. By default .Cm tdmaslotlen is set to 10 milliseconds. .It Cm tdmabintval Ar intval When operating with TDMA, setup a BSS such that beacons are transmitted every .Ar intval superframes to synchronize the TDMA slot timing. A superframe is defined as the number of slots times the slot length; e.g., a BSS with two slots of 10 milliseconds has a 20 millisecond superframe. The beacon interval may not be zero. A lower setting of .Cm tdmabintval causes the timers to be resynchronized more often; this can be help if significant timer drift is observed. By default .Cm tdmabintval is set to 5. .It Cm tsn When operating as an access point with WPA/802.11i allow legacy stations to associate using static key WEP and open authentication. To disallow legacy station use of WEP, use .Fl tsn . .It Cm txpower Ar power Set the power used to transmit frames. The .Ar power argument is specified in .5 dBm units. Out of range values are truncated. Typically only a few discrete power settings are available and the driver will use the setting closest to the specified value. Not all adapters support changing the transmit power. .It Cm ucastrate Ar rate Set a fixed rate for transmitting unicast frames. Rates are specified as megabits/second in decimal; e.g.,\& 5.5 for 5.5 Mb/s. This rate should be valid for the current operating conditions; if an invalid rate is specified drivers are free to chose an appropriate rate. .It Cm wepmode Ar mode Set the desired WEP mode. Not all adapters support all modes. The set of valid modes is .Cm off , on , and .Cm mixed . The .Cm mixed mode explicitly tells the adaptor to allow association with access points which allow both encrypted and unencrypted traffic. On these adapters, .Cm on means that the access point must only allow encrypted connections. On other adapters, .Cm on is generally another name for .Cm mixed . Modes are case insensitive. .It Cm weptxkey Ar index Set the WEP key to be used for transmission. This is the same as setting the default transmission key with .Cm deftxkey . .It Cm wepkey Ar key Ns | Ns Ar index : Ns Ar key Set the selected WEP key. If an .Ar index is not given, key 1 is set. A WEP key will be either 5 or 13 characters (40 or 104 bits) depending on the local network and the capabilities of the adaptor. It may be specified either as a plain string or as a string of hexadecimal digits preceded by .Ql 0x . For maximum portability, hex keys are recommended; the mapping of text keys to WEP encryption is usually driver-specific. In particular, the Windows drivers do this mapping differently to .Fx . A key may be cleared by setting it to .Ql - . If WEP is supported then there are at least four keys. Some adapters support more than four keys. If that is the case, then the first four keys (1-4) will be the standard temporary keys and any others will be adaptor specific keys such as permanent keys stored in NVRAM. .Pp Note that you must set a default transmit key with .Cm deftxkey for the system to know which key to use in encrypting outbound traffic. .It Cm wme Enable Wireless Multimedia Extensions (WME) support, if available, for the specified interface. WME is a subset of the IEEE 802.11e standard to support the efficient communication of realtime and multimedia data. To disable WME support, use .Fl wme . Another name for this parameter is .Cm wmm . .Pp The following parameters are meaningful only when WME support is in use. Parameters are specified per-AC (Access Category) and split into those that are used by a station when acting as an access point and those for client stations in the BSS. The latter are received from the access point and may not be changed (at the station). The following Access Categories are recognized: .Pp .Bl -tag -width ".Cm AC_BK" -compact .It Cm AC_BE (or .Cm BE ) best effort delivery, .It Cm AC_BK (or .Cm BK ) background traffic, .It Cm AC_VI (or .Cm VI ) video traffic, .It Cm AC_VO (or .Cm VO ) voice traffic. .El .Pp AC parameters are case-insensitive. Traffic classification is done in the operating system using the vlan priority associated with data frames or the ToS (Type of Service) indication in IP-encapsulated frames. If neither information is present, traffic is assigned to the Best Effort (BE) category. .Bl -tag -width indent .It Cm ack Ar ac Set the ACK policy for QoS transmissions by the local station; this controls whether or not data frames transmitted by a station require an ACK response from the receiving station. To disable waiting for an ACK use .Fl ack . This parameter is applied only to the local station. .It Cm acm Ar ac Enable the Admission Control Mandatory (ACM) mechanism for transmissions by the local station. To disable the ACM use .Fl acm . On stations in a BSS this parameter is read-only and indicates the setting received from the access point. NB: ACM is not supported right now. .It Cm aifs Ar ac Ar count Set the Arbitration Inter Frame Spacing (AIFS) channel access parameter to use for transmissions by the local station. On stations in a BSS this parameter is read-only and indicates the setting received from the access point. .It Cm cwmin Ar ac Ar count Set the CWmin channel access parameter to use for transmissions by the local station. On stations in a BSS this parameter is read-only and indicates the setting received from the access point. .It Cm cwmax Ar ac Ar count Set the CWmax channel access parameter to use for transmissions by the local station. On stations in a BSS this parameter is read-only and indicates the setting received from the access point. .It Cm txoplimit Ar ac Ar limit Set the Transmission Opportunity Limit channel access parameter to use for transmissions by the local station. This parameter defines an interval of time when a WME station has the right to initiate transmissions onto the wireless medium. On stations in a BSS this parameter is read-only and indicates the setting received from the access point. .It Cm bss:aifs Ar ac Ar count Set the AIFS channel access parameter to send to stations in a BSS. This parameter is meaningful only when operating in ap mode. .It Cm bss:cwmin Ar ac Ar count Set the CWmin channel access parameter to send to stations in a BSS. This parameter is meaningful only when operating in ap mode. .It Cm bss:cwmax Ar ac Ar count Set the CWmax channel access parameter to send to stations in a BSS. This parameter is meaningful only when operating in ap mode. .It Cm bss:txoplimit Ar ac Ar limit Set the TxOpLimit channel access parameter to send to stations in a BSS. This parameter is meaningful only when operating in ap mode. .El .It Cm wps Enable Wireless Privacy Subscriber support. Note that WPS support requires a WPS-capable supplicant. To disable this function use .Fl wps . .El .Ss MAC-Based Access Control List Parameters The following parameters support an optional access control list feature available with some adapters when operating in ap mode; see .Xr wlan_acl 4 . This facility allows an access point to accept/deny association requests based on the MAC address of the station. Note that this feature does not significantly enhance security as MAC address spoofing is easy to do. .Bl -tag -width indent .It Cm mac:add Ar address Add the specified MAC address to the database. Depending on the policy setting association requests from the specified station will be allowed or denied. .It Cm mac:allow Set the ACL policy to permit association only by stations registered in the database. .It Cm mac:del Ar address Delete the specified MAC address from the database. .It Cm mac:deny Set the ACL policy to deny association only by stations registered in the database. .It Cm mac:kick Ar address Force the specified station to be deauthenticated. This typically is done to block a station after updating the address database. .It Cm mac:open Set the ACL policy to allow all stations to associate. .It Cm mac:flush Delete all entries in the database. .It Cm mac:radius Set the ACL policy to permit association only by stations approved by a RADIUS server. Note that this feature requires the .Xr hostapd 8 program be configured to do the right thing as it handles the RADIUS processing (and marks stations as authorized). .El .Ss Mesh Mode Wireless Interface Parameters The following parameters are related to a wireless interface operating in mesh mode: .Bl -tag -width indent .It Cm meshid Ar meshid Set the desired Mesh Identifier. The Mesh ID is a string up to 32 characters in length. A mesh interface must have a Mesh Identifier specified to reach an operational state. .It Cm meshttl Ar ttl Set the desired .Dq time to live for mesh forwarded packets; this is the number of hops a packet may be forwarded before it is discarded. The default setting for .Cm meshttl is 31. .It Cm meshpeering Enable or disable peering with neighbor mesh stations. Stations must peer before any data packets can be exchanged. By default .Cm meshpeering is enabled. .It Cm meshforward Enable or disable forwarding packets by a mesh interface. By default .Cm meshforward is enabled. .It Cm meshgate This attribute specifies whether or not the mesh STA activates mesh gate announcements. By default .Cm meshgate is disabled. .It Cm meshmetric Ar protocol Set the specified .Ar protocol as the link metric protocol used on a mesh network. The default protocol is called .Ar AIRTIME . The mesh interface will restart after changing this setting. .It Cm meshpath Ar protocol Set the specified .Ar protocol as the path selection protocol used on a mesh network. The only available protocol at the moment is called .Ar HWMP (Hybrid Wireless Mesh Protocol). The mesh interface will restart after changing this setting. .It Cm hwmprootmode Ar mode Stations on a mesh network can operate as .Dq root nodes . Root nodes try to find paths to all mesh nodes and advertise themselves regularly. When there is a root mesh node on a network, other mesh nodes can setup paths between themselves faster because they can use the root node to find the destination. This path may not be the best, but on-demand routing will eventually find the best path. The following modes are recognized: .Pp .Bl -tag -width ".Cm PROACTIVE" -compact .It Cm DISABLED Disable root mode. .It Cm NORMAL Send broadcast path requests every two seconds. Nodes on the mesh without a path to this root mesh station with try to discover a path to us. .It Cm PROACTIVE Send broadcast path requests every two seconds and every node must reply with a path reply even if it already has a path to this root mesh station. .It Cm RANN Send broadcast root announcement (RANN) frames. Nodes on the mesh without a path to this root mesh station with try to discover a path to us. .El By default .Cm hwmprootmode is set to .Ar DISABLED . .It Cm hwmpmaxhops Ar cnt Set the maximum number of hops allowed in an HMWP path to .Ar cnt . The default setting for .Cm hwmpmaxhops is 31. .El .Ss Compatibility Parameters The following parameters are for compatibility with other systems: .Bl -tag -width indent .It Cm nwid Ar ssid Another name for the .Cm ssid parameter. Included for .Nx compatibility. .It Cm stationname Ar name Set the name of this station. The station name is not part of the IEEE 802.11 protocol though some interfaces support it. As such it only seems to be meaningful to identical or virtually identical equipment. Setting the station name is identical in syntax to setting the SSID. One can also use .Cm station for .Bsx compatibility. .It Cm wep Another way of saying .Cm wepmode on . Included for .Bsx compatibility. .It Fl wep Another way of saying .Cm wepmode off . Included for .Bsx compatibility. .It Cm nwkey key Another way of saying: .Dq Li "wepmode on weptxkey 1 wepkey 1:key wepkey 2:- wepkey 3:- wepkey 4:-" . Included for .Nx compatibility. .It Cm nwkey Xo .Sm off .Ar n : k1 , k2 , k3 , k4 .Sm on .Xc Another way of saying .Dq Li "wepmode on weptxkey n wepkey 1:k1 wepkey 2:k2 wepkey 3:k3 wepkey 4:k4" . Included for .Nx compatibility. .It Fl nwkey Another way of saying .Cm wepmode off . Included for .Nx compatibility. .El .Ss Bridge Interface Parameters The following parameters are specific to bridge interfaces: .Bl -tag -width indent .It Cm addm Ar interface Add the interface named by .Ar interface as a member of the bridge. The interface is put into promiscuous mode so that it can receive every packet sent on the network. .It Cm deletem Ar interface Remove the interface named by .Ar interface from the bridge. Promiscuous mode is disabled on the interface when it is removed from the bridge. .It Cm maxaddr Ar size Set the size of the bridge address cache to .Ar size . The default is 2000 entries. .It Cm timeout Ar seconds Set the timeout of address cache entries to .Ar seconds seconds. If .Ar seconds is zero, then address cache entries will not be expired. The default is 1200 seconds. .It Cm addr Display the addresses that have been learned by the bridge. .It Cm static Ar interface-name Ar address Add a static entry into the address cache pointing to .Ar interface-name . Static entries are never aged out of the cache or re-placed, even if the address is seen on a different interface. .It Cm deladdr Ar address Delete .Ar address from the address cache. .It Cm flush Delete all dynamically-learned addresses from the address cache. .It Cm flushall Delete all addresses, including static addresses, from the address cache. .It Cm discover Ar interface Mark an interface as a .Dq discovering interface. When the bridge has no address cache entry (either dynamic or static) for the destination address of a packet, the bridge will forward the packet to all member interfaces marked as .Dq discovering . This is the default for all interfaces added to a bridge. .It Cm -discover Ar interface Clear the .Dq discovering attribute on a member interface. For packets without the .Dq discovering attribute, the only packets forwarded on the interface are broadcast or multicast packets and packets for which the destination address is known to be on the interface's segment. .It Cm learn Ar interface Mark an interface as a .Dq learning interface. When a packet arrives on such an interface, the source address of the packet is entered into the address cache as being a destination address on the interface's segment. This is the default for all interfaces added to a bridge. .It Cm -learn Ar interface Clear the .Dq learning attribute on a member interface. .It Cm sticky Ar interface Mark an interface as a .Dq sticky interface. Dynamically learned address entries are treated at static once entered into the cache. Sticky entries are never aged out of the cache or replaced, even if the address is seen on a different interface. .It Cm -sticky Ar interface Clear the .Dq sticky attribute on a member interface. .It Cm private Ar interface Mark an interface as a .Dq private interface. A private interface does not forward any traffic to any other port that is also a private interface. .It Cm -private Ar interface Clear the .Dq private attribute on a member interface. .It Cm span Ar interface Add the interface named by .Ar interface as a span port on the bridge. Span ports transmit a copy of every frame received by the bridge. This is most useful for snooping a bridged network passively on another host connected to one of the span ports of the bridge. .It Cm -span Ar interface Delete the interface named by .Ar interface from the list of span ports of the bridge. .It Cm stp Ar interface Enable Spanning Tree protocol on .Ar interface . The .Xr if_bridge 4 driver has support for the IEEE 802.1D Spanning Tree protocol (STP). Spanning Tree is used to detect and remove loops in a network topology. .It Cm -stp Ar interface Disable Spanning Tree protocol on .Ar interface . This is the default for all interfaces added to a bridge. .It Cm edge Ar interface Set .Ar interface as an edge port. An edge port connects directly to end stations cannot create bridging loops in the network, this allows it to transition straight to forwarding. .It Cm -edge Ar interface Disable edge status on .Ar interface . .It Cm autoedge Ar interface Allow .Ar interface to automatically detect edge status. This is the default for all interfaces added to a bridge. .It Cm -autoedge Ar interface Disable automatic edge status on .Ar interface . .It Cm ptp Ar interface Set the .Ar interface as a point to point link. This is required for straight transitions to forwarding and should be enabled on a direct link to another RSTP capable switch. .It Cm -ptp Ar interface Disable point to point link status on .Ar interface . This should be disabled for a half duplex link and for an interface connected to a shared network segment, like a hub or a wireless network. .It Cm autoptp Ar interface Automatically detect the point to point status on .Ar interface by checking the full duplex link status. This is the default for interfaces added to the bridge. .It Cm -autoptp Ar interface Disable automatic point to point link detection on .Ar interface . .It Cm maxage Ar seconds Set the time that a Spanning Tree protocol configuration is valid. The default is 20 seconds. The minimum is 6 seconds and the maximum is 40 seconds. .It Cm fwddelay Ar seconds Set the time that must pass before an interface begins forwarding packets when Spanning Tree is enabled. The default is 15 seconds. The minimum is 4 seconds and the maximum is 30 seconds. .It Cm hellotime Ar seconds Set the time between broadcasting of Spanning Tree protocol configuration messages. The hello time may only be changed when operating in legacy stp mode. The default is 2 seconds. The minimum is 1 second and the maximum is 2 seconds. .It Cm priority Ar value Set the bridge priority for Spanning Tree. The default is 32768. The minimum is 0 and the maximum is 61440. .It Cm proto Ar value Set the Spanning Tree protocol. The default is rstp. The available options are stp and rstp. .It Cm holdcnt Ar value Set the transmit hold count for Spanning Tree. This is the number of packets transmitted before being rate limited. The default is 6. The minimum is 1 and the maximum is 10. .It Cm ifpriority Ar interface Ar value Set the Spanning Tree priority of .Ar interface to .Ar value . The default is 128. The minimum is 0 and the maximum is 240. .It Cm ifpathcost Ar interface Ar value Set the Spanning Tree path cost of .Ar interface to .Ar value . The default is calculated from the link speed. To change a previously selected path cost back to automatic, set the cost to 0. The minimum is 1 and the maximum is 200000000. .It Cm ifmaxaddr Ar interface Ar size Set the maximum number of hosts allowed from an interface, packets with unknown source addresses are dropped until an existing host cache entry expires or is removed. Set to 0 to disable. .El .Ss Link Aggregation and Link Failover Parameters The following parameters are specific to lagg interfaces: .Bl -tag -width indent .It Cm laggtype Ar type When creating a lagg interface the type can be specified as either .Cm ethernet or .Cm infiniband . If not specified ethernet is the default lagg type. .It Cm laggport Ar interface Add the interface named by .Ar interface as a port of the aggregation interface. .It Cm -laggport Ar interface Remove the interface named by .Ar interface from the aggregation interface. .It Cm laggproto Ar proto Set the aggregation protocol. The default is .Li failover . The available options are .Li failover , .Li lacp , .Li loadbalance , .Li roundrobin , .Li broadcast and .Li none . .It Cm lagghash Ar option Ns Oo , Ns Ar option Oc Set the packet layers to hash for aggregation protocols which load balance. The default is .Dq l2,l3,l4 . The options can be combined using commas. .Pp .Bl -tag -width ".Cm l2" -compact .It Cm l2 src/dst mac address and optional vlan number. .It Cm l3 src/dst address for IPv4 or IPv6. .It Cm l4 src/dst port for TCP/UDP/SCTP. .El .It Cm -use_flowid Enable local hash computation for RSS hash on the interface. The .Li loadbalance and .Li lacp modes will use the RSS hash from the network card if available to avoid computing one, this may give poor traffic distribution if the hash is invalid or uses less of the protocol header information. .Cm -use_flowid disables use of RSS hash from the network card. The default value can be set via the .Va net.link.lagg.default_use_flowid .Xr sysctl 8 variable. .Li 0 means .Dq disabled and .Li 1 means .Dq enabled . .It Cm use_flowid Use the RSS hash from the network card if available. .It Cm flowid_shift Ar number Set a shift parameter for RSS local hash computation. Hash is calculated by using flowid bits in a packet header mbuf which are shifted by the number of this parameter. .It Cm use_numa Enable selection of egress ports based on the native .Xr numa 4 domain for the packets being transmitted. This is currently only implemented for lacp mode. This works only on .Xr numa 4 hardware, running a kernel compiled with the .Xr numa 4 option, and when interfaces from multiple .Xr numa 4 domains are ports of the aggregation interface. .It Cm -use_numa Disable selection of egress ports based on the native .Xr numa 4 domain for the packets being transmitted. .It Cm lacp_fast_timeout Enable lacp fast-timeout on the interface. .It Cm -lacp_fast_timeout Disable lacp fast-timeout on the interface. .It Cm lacp_strict Enable lacp strict compliance on the interface. The default value can be set via the .Va net.link.lagg.lacp.default_strict_mode .Xr sysctl 8 variable. .Li 0 means .Dq disabled and .Li 1 means .Dq enabled . .It Cm -lacp_strict Disable lacp strict compliance on the interface. .It Cm rr_limit Ar number Configure a stride for an interface in round-robin mode. The default stride is 1. .El .Ss Generic IP Tunnel Parameters The following parameters apply to IP tunnel interfaces, .Xr gif 4 : .Bl -tag -width indent .It Cm tunnel Ar src_addr dest_addr Configure the physical source and destination address for IP tunnel interfaces. The arguments .Ar src_addr and .Ar dest_addr are interpreted as the outer source/destination for the encapsulating IPv4/IPv6 header. .It Fl tunnel Unconfigure the physical source and destination address for IP tunnel interfaces previously configured with .Cm tunnel . .It Cm deletetunnel Another name for the .Fl tunnel parameter. .It Cm accept_rev_ethip_ver Set a flag to accept both correct EtherIP packets and ones with reversed version field. Enabled by default. This is for backward compatibility with .Fx 6.1 , 6.2, 6.3, 7.0, and 7.1. .It Cm -accept_rev_ethip_ver Clear a flag .Cm accept_rev_ethip_ver . .It Cm ignore_source Set a flag to accept encapsulated packets destined to this host independently from source address. This may be useful for hosts, that receive encapsulated packets from the load balancers. .It Cm -ignore_source Clear a flag .Cm ignore_source . .It Cm send_rev_ethip_ver Set a flag to send EtherIP packets with reversed version field intentionally. Disabled by default. This is for backward compatibility with .Fx 6.1 , 6.2, 6.3, 7.0, and 7.1. .It Cm -send_rev_ethip_ver Clear a flag .Cm send_rev_ethip_ver . .El .Ss GRE Tunnel Parameters The following parameters apply to GRE tunnel interfaces, .Xr gre 4 : .Bl -tag -width indent .It Cm tunnel Ar src_addr dest_addr Configure the physical source and destination address for GRE tunnel interfaces. The arguments .Ar src_addr and .Ar dest_addr are interpreted as the outer source/destination for the encapsulating IPv4/IPv6 header. .It Fl tunnel Unconfigure the physical source and destination address for GRE tunnel interfaces previously configured with .Cm tunnel . .It Cm deletetunnel Another name for the .Fl tunnel parameter. .It Cm grekey Ar key Configure the GRE key to be used for outgoing packets. Note that .Xr gre 4 will always accept GRE packets with invalid or absent keys. This command will result in a four byte MTU reduction on the interface. .El .Ss Packet Filter State Table Sychronisation Parameters The following parameters are specific to .Xr pfsync 4 interfaces: .Bl -tag -width indent .It Cm syncdev Ar iface Use the specified interface to send and receive pfsync state synchronisation messages. .It Fl syncdev Stop sending pfsync state synchronisation messages over the network. .It Cm syncpeer Ar peer_address Set the destination address for the state synchronization messages sent. The .Ar peer_address is normally the IPv4 or IPv6 address of the other host taking part in the pfsync cluster. .Pp When the .Ar peer_address is set to a unicast IP address, the pfsync link will behave as point-to-point rather than using multicast to broadcast the messages. .Pp When the .Ar peer_address is set to ff12::f0, the state synchronization messages will be broadcast using multicast over IPv6. .It Fl syncpeer Unset the syncpeer. Packets will then be broadcast using multicast over IPv4. .It Cm maxupd Ar n Set the maximum number of updates for a single state which can be collapsed into one. This is an 8-bit number; the default value is 128. .It Cm defer Defer transmission of the first packet in a state until a peer has acknowledged that the associated state has been inserted. .It Fl defer Do not defer the first packet in a state. This is the default. .It Fl version Ar n Configure message format for compatibility with older versions of FreeBSD. Refer to .Xr pfsync 4 for details. .El .Ss VLAN Parameters The following parameters are specific to .Xr vlan 4 interfaces: .Bl -tag -width indent .It Cm vlan Ar vlan_tag Set the VLAN tag value to .Ar vlan_tag . This value is a 12-bit VLAN Identifier (VID) which is used to create an 802.1Q or 802.1ad VLAN header for packets sent from the .Xr vlan 4 interface. Note that .Cm vlan and .Cm vlandev must both be set at the same time. .It Cm vlanproto Ar vlan_proto Set the VLAN encapsulation protocol to .Ar vlan_proto . Supported encapsulation protocols are currently: .Bl -tag .It Cm 802.1Q Default. .It Cm 802.1ad .It Cm QinQ Same as .Cm 802.1ad . .El .It Cm vlanpcp Ar priority_code_point Priority code point .Pq Dv PCP is an 3-bit field which refers to the IEEE 802.1p class of service and maps to the frame priority level. .Pp Values in order of priority are: .Cm 1 .Pq Dv Background (lowest) , .Cm 0 .Pq Dv Best effort (default) , .Cm 2 .Pq Dv Excellent effort , .Cm 3 .Pq Dv Critical applications , .Cm 4 .Pq Dv Video, < 100ms latency and jitter , .Cm 5 .Pq Dv Voice, < 10ms latency and jitter , .Cm 6 .Pq Dv Internetwork control , .Cm 7 .Pq Dv Network control (highest) . .It Cm vlandev Ar iface Associate the physical interface .Ar iface with a .Xr vlan 4 interface. Packets transmitted through the .Xr vlan 4 interface will be diverted to the specified physical interface .Ar iface with 802.1Q VLAN encapsulation. Packets with 802.1Q encapsulation received by the parent interface with the correct VLAN Identifier will be diverted to the associated .Xr vlan 4 pseudo-interface. The .Xr vlan 4 interface is assigned a copy of the parent interface's flags and the parent's Ethernet address. The .Cm vlandev and .Cm vlan must both be set at the same time. If the .Xr vlan 4 interface already has a physical interface associated with it, this command will fail. To change the association to another physical interface, the existing association must be cleared first. .Pp Note: if the hardware tagging capability is set on the parent interface, the .Xr vlan 4 pseudo interface's behavior changes: the .Xr vlan 4 interface recognizes that the parent interface supports insertion and extraction of VLAN tags on its own (usually in firmware) and that it should pass packets to and from the parent unaltered. .It Fl vlandev Op Ar iface If the driver is a .Xr vlan 4 pseudo device, disassociate the parent interface from it. This breaks the link between the .Xr vlan 4 interface and its parent, clears its VLAN Identifier, flags and its link address and shuts the interface down. The .Ar iface argument is useless and hence deprecated. .El .Ss Virtual eXtensible LAN Parameters The following parameters are used to configure .Xr vxlan 4 interfaces. .Bl -tag -width indent .It Cm vxlanid Ar identifier This value is a 24-bit VXLAN Network Identifier (VNI) that identifies the virtual network segment membership of the interface. .It Cm vxlanlocal Ar address The source address used in the encapsulating IPv4/IPv6 header. The address should already be assigned to an existing interface. When the interface is configured in unicast mode, the listening socket is bound to this address. .It Cm vxlanremote Ar address The interface can be configured in a unicast, or point-to-point, mode to create a tunnel between two hosts. This is the IP address of the remote end of the tunnel. .It Cm vxlangroup Ar address The interface can be configured in a multicast mode to create a virtual network of hosts. This is the IP multicast group address the interface will join. .It Cm vxlanlocalport Ar port The port number the interface will listen on. The default port number is 4789. .It Cm vxlanremoteport Ar port The destination port number used in the encapsulating IPv4/IPv6 header. The remote host should be listening on this port. The default port number is 4789. Note some other implementations, such as Linux, do not default to the IANA assigned port, but instead listen on port 8472. .It Cm vxlanportrange Ar low high The range of source ports used in the encapsulating IPv4/IPv6 header. The port selected within the range is based on a hash of the inner frame. A range is useful to provide entropy within the outer IP header for more effective load balancing. The default range is between the .Xr sysctl 8 variables .Va net.inet.ip.portrange.first and .Va net.inet.ip.portrange.last .It Cm vxlantimeout Ar timeout The maximum time, in seconds, before an entry in the forwarding table is pruned. The default is 1200 seconds (20 minutes). .It Cm vxlanmaxaddr Ar max The maximum number of entries in the forwarding table. The default is 2000. .It Cm vxlandev Ar dev When the interface is configured in multicast mode, the .Cm dev interface is used to transmit IP multicast packets. .It Cm vxlanttl Ar ttl The TTL used in the encapsulating IPv4/IPv6 header. The default is 64. .It Cm vxlanlearn The source IP address and inner source Ethernet MAC address of received packets are used to dynamically populate the forwarding table. When in multicast mode, an entry in the forwarding table allows the interface to send the frame directly to the remote host instead of broadcasting the frame to the multicast group. This is the default. .It Fl vxlanlearn The forwarding table is not populated by received packets. .It Cm vxlanflush Delete all dynamically-learned addresses from the forwarding table. .It Cm vxlanflushall Delete all addresses, including static addresses, from the forwarding table. .El .Ss CARP Parameters The following parameters are used to configure .Xr carp 4 protocol on an interface: .Bl -tag -width indent .It Cm vhid Ar n Set the virtual host ID. This is a required setting to initiate .Xr carp 4 . If the virtual host ID does not exist yet, it is created and attached to the interface, otherwise configuration of an existing vhid is adjusted. If the .Cm vhid keyword is supplied along with an .Dq inet6 or .Dq inet address, then this address is configured to be run under control of the specified vhid. Whenever a last address that refers to a particular vhid is removed from an interface, the vhid is automatically removed from interface and destroyed. Any other configuration parameters for the .Xr carp 4 protocol should be supplied along with the .Cm vhid keyword. Acceptable values for vhid are 1 to 255. .It Cm advbase Ar seconds Specifies the base of the advertisement interval in seconds. The acceptable values are 1 to 255. The default value is 1. .It Cm advskew Ar interval Specifies the skew to add to the base advertisement interval to make one host advertise slower than another host. It is specified in 1/256 of seconds. The acceptable values are 1 to 254. The default value is 0. .It Cm pass Ar phrase Set the authentication key to .Ar phrase . .It Cm state Ar state Forcibly change state of a given vhid. The following states are recognized: .Cm MASTER and .Cm BACKUP . .It Cm peer Ar address Set the address to send (IPv4) .Xr carp 4 announcements to. .It Cm mcast Restore the default destination address for (IPv4) .Xr carp 4 announcements, which is 224.0.0.18. .It Cm peer6 Ar address Set the address to send (IPv6) .Xr carp 4 announcements to. .It Cm mcast6 Restore the default destination address for (IPv4) .Xr carp 4 announcements, which is ff02::12. .El .Sh ENVIRONMENT The following environment variables affect the execution of .Nm : .Bl -tag -width IFCONFIG_FORMAT .It Ev IFCONFIG_FORMAT This variable can contain a specification of the output format. See the description of the .Fl f flag for more details. .El .Sh EXAMPLES Assign the IPv4 address .Li 192.0.2.10 , with a network mask of .Li 255.255.255.0 , to the interface .Li em0 : .Dl # ifconfig em0 inet 192.0.2.10 netmask 255.255.255.0 .Pp Add the IPv4 address .Li 192.0.2.45 , with the CIDR network prefix .Li /28 , to the interface .Li em0 : .Dl # ifconfig em0 inet 192.0.2.45/28 alias .Pp Remove the IPv4 address .Li 192.0.2.45 from the interface .Li em0 : .Dl # ifconfig em0 inet 192.0.2.45 -alias .Pp Enable IPv6 functionality of the interface: .Dl # ifconfig em0 inet6 -ifdisabled .Pp Add the IPv6 address .Li 2001:DB8:DBDB::123/48 to the interface .Li em0 : .Dl # ifconfig em0 inet6 2001:db8:bdbd::123 prefixlen 48 alias Note that lower case hexadecimal IPv6 addresses are acceptable. .Pp Remove the IPv6 address added in the above example, using the .Li / character as shorthand for the network prefix: .Dl # ifconfig em0 inet6 2001:db8:bdbd::123/48 -alias .Pp Configure a single CARP redundant address on igb0, and then switch it to be master: .Bd -literal -offset indent -compact # ifconfig igb0 vhid 1 10.0.0.1/24 pass foobar up # ifconfig igb0 vhid 1 state master .Ed .Pp Configure the interface .Li xl0 , to use 100baseTX, full duplex Ethernet media options: .Dl # ifconfig xl0 media 100baseTX mediaopt full-duplex .Pp Label the em0 interface as an uplink: .Dl # ifconfig em0 description \&"Uplink to Gigabit Switch 2\&" .Pp Create the software network interface .Li gif1 : .Dl # ifconfig gif1 create .Pp Destroy the software network interface .Li gif1 : .Dl # ifconfig gif1 destroy .Pp Display available wireless networks using .Li wlan0 : .Dl # ifconfig wlan0 list scan .Pp Display inet and inet6 address subnet masks in CIDR notation .Dl # ifconfig -f inet:cidr,inet6:cidr .Pp Display interfaces that are up with the exception of loopback .Dl # ifconfig -a -u -G lo .Pp Display a list of interface names beloning to the wlan group: .Bd -literal -offset indent -compact # ifconfig -g wlan wlan0 wlan1 .Ed .Pp Display details about the interfaces belonging to the wlan group: .Bd -literal -offset indent -compact # ifconfig -a -g wlan wlan0: flags=8843 metric 0 mtu 1500 ether 75:4c:61:6b:7a:73 inet6 fe80::4c75:636a:616e:ffd8%wlan0 prefixlen 64 scopeid 0x3 inet6 2001:5761:6e64:6152:6f6d:616e:fea4:ffe2 prefixlen 64 autoconf inet 192.168.10.5 netmask 0xffffff00 broadcast 192.168.10.255 groups: wlan ssid "Hotspot" channel 11 (2462 MHz 11g) bssid 12:34:ff:ff:43:21 regdomain ETSI country DE authmode WPA2/802.11i privacy ON deftxkey UNDEF AES-CCM 2:128-bit AES-CCM 3:128-bit txpower 30 bmiss 10 scanvalid 60 protmode CTS wme roaming MANUAL parent interface: iwm0 media: IEEE 802.11 Wireless Ethernet DS/2Mbps mode 11g status: associated nd6 options=23 wlan1: flags=8843 metric 0 mtu 1500 ether 00:50:69:6f:74:72 groups: wlan ssid "" channel 2 (2417 MHz 11g) regdomain FCC country US authmode OPEN privacy OFF txpower 30 bmiss 7 scanvalid 60 bgscan bgscanintvl 300 bgscanidle 250 roam:rssi 7 roam:rate 5 protmode CTS wme bintval 0 parent interface: rum0 media: IEEE 802.11 Wireless Ethernet autoselect (autoselect) status: no carrier nd6 options=29 .Ed .Pp Set a randomly-generated MAC address on tap0: .Dl # ifconfig tap0 ether random .Sh DIAGNOSTICS Messages indicating the specified interface does not exist, the requested address is unknown, or the user is not privileged and tried to alter an interface's configuration. .Sh SEE ALSO .Xr netstat 1 , .Xr carp 4 , .Xr gif 4 , .Xr netintro 4 , .Xr pfsync 4 , .Xr polling 4 , .Xr vlan 4 , .Xr vxlan 4 , .Xr devd.conf 5 , .Xr devd 8 , .Xr jail 8 , .Xr rc 8 , .Xr routed 8 , .Xr sysctl 8 .Sh HISTORY The .Nm utility appeared in .Bx 4.2 . .Sh BUGS Basic IPv6 node operation requires a link-local address on each interface configured for IPv6. Normally, such an address is automatically configured by the kernel on each interface added to the system or enabled; this behavior may be disabled by setting per-interface flag .Cm -auto_linklocal . The default value of this flag is 1 and can be disabled by using the sysctl MIB variable .Va net.inet6.ip6.auto_linklocal . .Pp Do not configure IPv6 addresses with no link-local address by using .Nm . It can result in unexpected behaviors of the kernel. diff --git a/sbin/ifconfig/ifconfig.c b/sbin/ifconfig/ifconfig.c index 4e2f8e782de9..cd91cf7991bc 100644 --- a/sbin/ifconfig/ifconfig.c +++ b/sbin/ifconfig/ifconfig.c @@ -1,2105 +1,2102 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1983, 1993 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #ifndef lint static const char copyright[] = "@(#) Copyright (c) 1983, 1993\n\ The Regents of the University of California. All rights reserved.\n"; -#if 0 -static char sccsid[] = "@(#)ifconfig.c 8.2 (Berkeley) 2/16/94"; -#endif #endif /* not lint */ #include #include #ifdef JAIL #include #endif #include #include #include #include #include #include #include #include #include #include #include #include /* IP */ #include #include #include #include #include #include #include #include #include #include #ifdef JAIL #include #endif #include #include #include #include #include #include #include "ifconfig.h" ifconfig_handle_t *lifh; #ifdef WITHOUT_NETLINK static char *descr = NULL; static size_t descrlen = 64; #endif static int setaddr; static int setmask; static int doalias; static int clearaddr; static int newaddr = 1; int exit_code = 0; static char ifname_to_print[IFNAMSIZ]; /* Helper for printifnamemaybe() */ /* Formatter Strings */ char *f_inet, *f_inet6, *f_ether, *f_addr; #ifdef WITHOUT_NETLINK static void list_interfaces_ioctl(if_ctx *ctx); static void status(if_ctx *ctx, const struct sockaddr_dl *sdl, struct ifaddrs *ifa); #endif static _Noreturn void usage(void); static void Perrorc(const char *cmd, int error); static int getifflags(const char *ifname, int us, bool err_ok); static struct afswtch *af_getbyname(const char *name); static struct option *opts = NULL; struct ifa_order_elt { int if_order; int af_orders[255]; struct ifaddrs *ifa; TAILQ_ENTRY(ifa_order_elt) link; }; TAILQ_HEAD(ifa_queue, ifa_order_elt); static struct module_map_entry { const char *ifname; const char *kldname; } module_map[] = { { .ifname = "tun", .kldname = "if_tuntap", }, { .ifname = "tap", .kldname = "if_tuntap", }, { .ifname = "vmnet", .kldname = "if_tuntap", }, { .ifname = "ipsec", .kldname = "ipsec", }, { /* * This mapping exists because there is a conflicting enc module * in CAM. ifconfig's guessing behavior will attempt to match * the ifname to a module as well as if_${ifname} and clash with * CAM enc. This is an assertion of the correct module to load. */ .ifname = "enc", .kldname = "if_enc", }, }; void opt_register(struct option *p) { p->next = opts; opts = p; } static void usage(void) { char options[1024]; struct option *p; /* XXX not right but close enough for now */ options[0] = '\0'; for (p = opts; p != NULL; p = p->next) { strlcat(options, p->opt_usage, sizeof(options)); strlcat(options, " ", sizeof(options)); } fprintf(stderr, "usage: ifconfig [-j jail] [-f type:format] %sinterface address_family\n" " [address [dest_address]] [parameters]\n" " ifconfig [-j jail] interface create\n" " ifconfig [-j jail] -a %s[-d] [-m] [-u] [-v] [address_family]\n" " ifconfig [-j jail] -l [-d] [-u] [address_family]\n" " ifconfig [-j jail] %s[-d] [-m] [-u] [-v]\n", options, options, options); exit(1); } static void ifname_update(if_ctx *ctx, const char *name) { strlcpy(ctx->_ifname_storage_ioctl, name, sizeof(ctx->_ifname_storage_ioctl)); ctx->ifname = ctx->_ifname_storage_ioctl; strlcpy(ifname_to_print, name, sizeof(ifname_to_print)); } static void ifr_set_name(struct ifreq *ifr, const char *name) { strlcpy(ifr->ifr_name, name, sizeof(ifr->ifr_name)); } int ioctl_ctx_ifr(if_ctx *ctx, unsigned long cmd, struct ifreq *ifr) { ifr_set_name(ifr, ctx->ifname); return (ioctl_ctx(ctx, cmd, ifr)); } void ifcreate_ioctl(if_ctx *ctx, struct ifreq *ifr) { char ifname_orig[IFNAMSIZ]; strlcpy(ifname_orig, ifr->ifr_name, sizeof(ifname_orig)); if (ioctl(ctx->io_s, SIOCIFCREATE2, ifr) < 0) { switch (errno) { case EEXIST: errx(1, "interface %s already exists", ifr->ifr_name); default: err(1, "SIOCIFCREATE2 (%s)", ifr->ifr_name); } } if (strncmp(ifname_orig, ifr->ifr_name, sizeof(ifname_orig)) != 0) ifname_update(ctx, ifr->ifr_name); } #ifdef WITHOUT_NETLINK static int calcorders(struct ifaddrs *ifa, struct ifa_queue *q) { struct ifaddrs *prev; struct ifa_order_elt *cur; unsigned int ord, af, ifa_ord; prev = NULL; cur = NULL; ord = 0; ifa_ord = 0; while (ifa != NULL) { if (prev == NULL || strcmp(ifa->ifa_name, prev->ifa_name) != 0) { cur = calloc(1, sizeof(*cur)); if (cur == NULL) return (-1); TAILQ_INSERT_TAIL(q, cur, link); cur->if_order = ifa_ord ++; cur->ifa = ifa; ord = 0; } if (ifa->ifa_addr) { af = ifa->ifa_addr->sa_family; if (af < nitems(cur->af_orders) && cur->af_orders[af] == 0) cur->af_orders[af] = ++ord; } prev = ifa; ifa = ifa->ifa_next; } return (0); } static int cmpifaddrs(struct ifaddrs *a, struct ifaddrs *b, struct ifa_queue *q) { struct ifa_order_elt *cur, *e1, *e2; unsigned int af1, af2; int ret; e1 = e2 = NULL; ret = strcmp(a->ifa_name, b->ifa_name); if (ret != 0) { TAILQ_FOREACH(cur, q, link) { if (e1 && e2) break; if (strcmp(cur->ifa->ifa_name, a->ifa_name) == 0) e1 = cur; else if (strcmp(cur->ifa->ifa_name, b->ifa_name) == 0) e2 = cur; } if (!e1 || !e2) return (0); else return (e1->if_order - e2->if_order); } else if (a->ifa_addr != NULL && b->ifa_addr != NULL) { TAILQ_FOREACH(cur, q, link) { if (strcmp(cur->ifa->ifa_name, a->ifa_name) == 0) { e1 = cur; break; } } if (!e1) return (0); af1 = a->ifa_addr->sa_family; af2 = b->ifa_addr->sa_family; if (af1 < nitems(e1->af_orders) && af2 < nitems(e1->af_orders)) return (e1->af_orders[af1] - e1->af_orders[af2]); } return (0); } #endif static void freeformat(void) { if (f_inet != NULL) free(f_inet); if (f_inet6 != NULL) free(f_inet6); if (f_ether != NULL) free(f_ether); if (f_addr != NULL) free(f_addr); } static void setformat(char *input) { char *formatstr, *category, *modifier; formatstr = strdup(input); while ((category = strsep(&formatstr, ",")) != NULL) { modifier = strchr(category, ':'); if (modifier == NULL || modifier[1] == '\0') { warnx("Skipping invalid format specification: %s\n", category); continue; } /* Split the string on the separator, then seek past it */ modifier[0] = '\0'; modifier++; if (strcmp(category, "addr") == 0) f_addr = strdup(modifier); else if (strcmp(category, "ether") == 0) f_ether = strdup(modifier); else if (strcmp(category, "inet") == 0) f_inet = strdup(modifier); else if (strcmp(category, "inet6") == 0) f_inet6 = strdup(modifier); } free(formatstr); } #ifdef WITHOUT_NETLINK static struct ifaddrs * sortifaddrs(struct ifaddrs *list, int (*compare)(struct ifaddrs *, struct ifaddrs *, struct ifa_queue *), struct ifa_queue *q) { struct ifaddrs *right, *temp, *last, *result, *next, *tail; right = list; temp = list; last = list; result = NULL; next = NULL; tail = NULL; if (!list || !list->ifa_next) return (list); while (temp && temp->ifa_next) { last = right; right = right->ifa_next; temp = temp->ifa_next->ifa_next; } last->ifa_next = NULL; list = sortifaddrs(list, compare, q); right = sortifaddrs(right, compare, q); while (list || right) { if (!right) { next = list; list = list->ifa_next; } else if (!list) { next = right; right = right->ifa_next; } else if (compare(list, right, q) <= 0) { next = list; list = list->ifa_next; } else { next = right; right = right->ifa_next; } if (!result) result = next; else tail->ifa_next = next; tail = next; } return (result); } #endif static void printifnamemaybe(void) { if (ifname_to_print[0] != '\0') printf("%s\n", ifname_to_print); } static void list_interfaces(if_ctx *ctx) { #ifdef WITHOUT_NETLINK list_interfaces_ioctl(ctx); #else list_interfaces_nl(ctx->args); #endif } static char * args_peek(struct ifconfig_args *args) { if (args->argc > 0) return (args->argv[0]); return (NULL); } static char * args_pop(struct ifconfig_args *args) { if (args->argc == 0) return (NULL); char *arg = args->argv[0]; args->argc--; args->argv++; return (arg); } static void args_parse(struct ifconfig_args *args, int argc, char *argv[]) { char options[1024]; struct option *p; int c; /* Parse leading line options */ strlcpy(options, "G:adf:j:klmnuv", sizeof(options)); for (p = opts; p != NULL; p = p->next) strlcat(options, p->opt, sizeof(options)); while ((c = getopt(argc, argv, options)) != -1) { switch (c) { case 'a': /* scan all interfaces */ args->all = true; break; case 'd': /* restrict scan to "down" interfaces */ args->downonly = true; break; case 'f': if (optarg == NULL) usage(); setformat(optarg); break; case 'G': if (optarg == NULL || args->all == 0) usage(); args->nogroup = optarg; break; case 'j': #ifdef JAIL if (optarg == NULL) usage(); args->jail_name = optarg; #else Perror("not built with jail support"); #endif break; case 'k': args->printkeys = true; break; case 'l': /* scan interface names only */ args->namesonly = true; break; case 'm': /* show media choices in status */ args->supmedia = true; break; case 'n': /* suppress module loading */ args->noload = true; break; case 'u': /* restrict scan to "up" interfaces */ args->uponly = true; break; case 'v': args->verbose++; break; case 'g': if (args->all) { if (optarg == NULL) usage(); args->matchgroup = optarg; break; } /* FALLTHROUGH */ default: for (p = opts; p != NULL; p = p->next) if (p->opt[0] == c) { p->cb(optarg); break; } if (p == NULL) usage(); break; } } argc -= optind; argv += optind; /* -l cannot be used with -a or -m */ if (args->namesonly && (args->all || args->supmedia)) usage(); /* nonsense.. */ if (args->uponly && args->downonly) usage(); /* no arguments is equivalent to '-a' */ if (!args->namesonly && argc < 1) args->all = 1; /* -a and -l allow an address family arg to limit the output */ if (args->all || args->namesonly) { if (argc > 1) usage(); if (argc == 1) { const struct afswtch *afp = af_getbyname(*argv); if (afp == NULL) { warnx("Address family '%s' unknown.", *argv); usage(); } if (afp->af_name != NULL) argc--, argv++; /* leave with afp non-zero */ args->afp = afp; } } else { /* not listing, need an argument */ if (argc < 1) usage(); } args->argc = argc; args->argv = argv; } static int ifconfig(if_ctx *ctx, int iscreate, const struct afswtch *uafp) { #ifdef WITHOUT_NETLINK return (ifconfig_ioctl(ctx, iscreate, uafp)); #else return (ifconfig_nl(ctx, iscreate, uafp)); #endif } static bool isargcreate(const char *arg) { if (arg == NULL) return (false); if (strcmp(arg, "create") == 0 || strcmp(arg, "plumb") == 0) return (true); return (false); } static bool isnametoolong(const char *ifname) { return (strlen(ifname) >= IFNAMSIZ); } int main(int ac, char *av[]) { char *envformat; int flags; #ifdef JAIL int jid; #endif struct ifconfig_args _args = {}; struct ifconfig_args *args = &_args; struct ifconfig_context ctx = { .args = args, .io_s = -1, }; f_inet = f_inet6 = f_ether = f_addr = NULL; lifh = ifconfig_open(); if (lifh == NULL) err(EXIT_FAILURE, "ifconfig_open"); envformat = getenv("IFCONFIG_FORMAT"); if (envformat != NULL) setformat(envformat); /* * Ensure we print interface name when expected to, * even if we terminate early due to error. */ atexit(printifnamemaybe); args_parse(args, ac, av); #ifdef JAIL if (args->jail_name) { jid = jail_getid(args->jail_name); if (jid == -1) Perror("jail not found"); if (jail_attach(jid) != 0) Perror("cannot attach to jail"); } #endif if (!args->all && !args->namesonly) { /* not listing, need an argument */ args->ifname = args_pop(args); ctx.ifname = args->ifname; /* check and maybe load support for this interface */ ifmaybeload(args, args->ifname); char *arg = args_peek(args); if (if_nametoindex(args->ifname) == 0) { /* * NOTE: We must special-case the `create' command * right here as we would otherwise fail when trying * to find the interface. */ if (isargcreate(arg)) { if (isnametoolong(args->ifname)) errx(1, "%s: cloning name too long", args->ifname); ifconfig(&ctx, 1, NULL); exit(exit_code); } #ifdef JAIL /* * NOTE: We have to special-case the `-vnet' command * right here as we would otherwise fail when trying * to find the interface as it lives in another vnet. */ if (arg != NULL && (strcmp(arg, "-vnet") == 0)) { if (isnametoolong(args->ifname)) errx(1, "%s: interface name too long", args->ifname); ifconfig(&ctx, 0, NULL); exit(exit_code); } #endif errx(1, "interface %s does not exist", args->ifname); } else { /* * Do not allow use `create` command as hostname if * address family is not specified. */ if (isargcreate(arg)) { if (args->argc == 1) errx(1, "interface %s already exists", args->ifname); args_pop(args); } } } /* Check for address family */ if (args->argc > 0) { args->afp = af_getbyname(args_peek(args)); if (args->afp != NULL) args_pop(args); } /* * Check for a requested configuration action on a single interface, * which doesn't require building, sorting, and searching the entire * system address list */ if ((args->argc > 0) && (args->ifname != NULL)) { if (isnametoolong(args->ifname)) warnx("%s: interface name too long, skipping", args->ifname); else { flags = getifflags(args->ifname, -1, false); if (!(((flags & IFF_CANTCONFIG) != 0) || (args->downonly && (flags & IFF_UP) != 0) || (args->uponly && (flags & IFF_UP) == 0))) ifconfig(&ctx, 0, args->afp); } goto done; } args->allfamilies = args->afp == NULL; list_interfaces(&ctx); done: freeformat(); ifconfig_close(lifh); exit(exit_code); } bool match_ether(const struct sockaddr_dl *sdl) { switch (sdl->sdl_type) { case IFT_ETHER: case IFT_L2VLAN: case IFT_BRIDGE: if (sdl->sdl_alen == ETHER_ADDR_LEN) return (true); default: return (false); } } bool match_if_flags(struct ifconfig_args *args, int if_flags) { if ((if_flags & IFF_CANTCONFIG) != 0) return (false); if (args->downonly && (if_flags & IFF_UP) != 0) return (false); if (args->uponly && (if_flags & IFF_UP) == 0) return (false); return (true); } #ifdef WITHOUT_NETLINK static bool match_afp(const struct afswtch *afp, int sa_family, const struct sockaddr_dl *sdl) { if (afp == NULL) return (true); /* special case for "ether" address family */ if (!strcmp(afp->af_name, "ether")) { if (sdl == NULL || !match_ether(sdl)) return (false); return (true); } return (afp->af_af == sa_family); } static void list_interfaces_ioctl(if_ctx *ctx) { struct ifa_queue q = TAILQ_HEAD_INITIALIZER(q); struct ifaddrs *ifap, *sifap, *ifa; struct ifa_order_elt *cur, *tmp; char *namecp = NULL; int ifindex; struct ifconfig_args *args = ctx->args; if (getifaddrs(&ifap) != 0) err(EXIT_FAILURE, "getifaddrs"); char *cp = NULL; if (calcorders(ifap, &q) != 0) err(EXIT_FAILURE, "calcorders"); sifap = sortifaddrs(ifap, cmpifaddrs, &q); TAILQ_FOREACH_SAFE(cur, &q, link, tmp) free(cur); ifindex = 0; for (ifa = sifap; ifa; ifa = ifa->ifa_next) { struct ifreq paifr = {}; const struct sockaddr_dl *sdl; strlcpy(paifr.ifr_name, ifa->ifa_name, sizeof(paifr.ifr_name)); if (sizeof(paifr.ifr_addr) >= ifa->ifa_addr->sa_len) { memcpy(&paifr.ifr_addr, ifa->ifa_addr, ifa->ifa_addr->sa_len); } if (args->ifname != NULL && strcmp(args->ifname, ifa->ifa_name) != 0) continue; if (ifa->ifa_addr->sa_family == AF_LINK) sdl = satosdl_c(ifa->ifa_addr); else sdl = NULL; if (cp != NULL && strcmp(cp, ifa->ifa_name) == 0 && !args->namesonly) continue; if (isnametoolong(ifa->ifa_name)) { warnx("%s: interface name too long, skipping", ifa->ifa_name); continue; } cp = ifa->ifa_name; if (!match_if_flags(args, ifa->ifa_flags)) continue; if (!group_member(ifa->ifa_name, args->matchgroup, args->nogroup)) continue; ctx->ifname = cp; /* * Are we just listing the interfaces? */ if (args->namesonly) { if (namecp == cp) continue; if (!match_afp(args->afp, ifa->ifa_addr->sa_family, sdl)) continue; namecp = cp; ifindex++; if (ifindex > 1) printf(" "); fputs(cp, stdout); continue; } ifindex++; if (args->argc > 0) ifconfig(ctx, 0, args->afp); else status(ctx, sdl, ifa); } if (args->namesonly) printf("\n"); freeifaddrs(ifap); } #endif /* * Returns true if an interface should be listed because any its groups * matches shell pattern "match" and none of groups matches pattern "nomatch". * If any pattern is NULL, corresponding condition is skipped. */ bool group_member(const char *ifname, const char *match, const char *nomatch) { static int sock = -1; struct ifgroupreq ifgr; struct ifg_req *ifg; unsigned int len; bool matched, nomatched; /* Sanity checks. */ if (match == NULL && nomatch == NULL) return (true); if (ifname == NULL) return (false); memset(&ifgr, 0, sizeof(ifgr)); strlcpy(ifgr.ifgr_name, ifname, IFNAMSIZ); /* The socket is opened once. Let _exit() close it. */ if (sock == -1) { sock = socket(AF_LOCAL, SOCK_DGRAM, 0); if (sock == -1) errx(1, "%s: socket(AF_LOCAL,SOCK_DGRAM)", __func__); } /* Determine amount of memory for the list of groups. */ if (ioctl(sock, SIOCGIFGROUP, (caddr_t)&ifgr) == -1) { if (errno == EINVAL || errno == ENOTTY) return (false); else errx(1, "%s: SIOCGIFGROUP", __func__); } /* Obtain the list of groups. */ len = ifgr.ifgr_len; ifgr.ifgr_groups = (struct ifg_req *)calloc(len / sizeof(*ifg), sizeof(*ifg)); if (ifgr.ifgr_groups == NULL) errx(1, "%s: no memory", __func__); if (ioctl(sock, SIOCGIFGROUP, (caddr_t)&ifgr) == -1) errx(1, "%s: SIOCGIFGROUP", __func__); /* Perform matching. */ matched = false; nomatched = true; for (ifg = ifgr.ifgr_groups; ifg && len >= sizeof(*ifg); ifg++) { len -= sizeof(*ifg); if (match && !matched) matched = !fnmatch(match, ifg->ifgrq_group, 0); if (nomatch && nomatched) nomatched = fnmatch(nomatch, ifg->ifgrq_group, 0); } free(ifgr.ifgr_groups); if (match && !nomatch) return (matched); if (!match && nomatch) return (nomatched); return (matched && nomatched); } static struct afswtch *afs = NULL; void af_register(struct afswtch *p) { p->af_next = afs; afs = p; } static struct afswtch * af_getbyname(const char *name) { struct afswtch *afp; for (afp = afs; afp != NULL; afp = afp->af_next) if (strcmp(afp->af_name, name) == 0) return afp; return NULL; } struct afswtch * af_getbyfamily(int af) { struct afswtch *afp; for (afp = afs; afp != NULL; afp = afp->af_next) if (afp->af_af == af) return afp; return NULL; } void af_other_status(if_ctx *ctx) { struct afswtch *afp; uint8_t afmask[howmany(AF_MAX, NBBY)]; memset(afmask, 0, sizeof(afmask)); for (afp = afs; afp != NULL; afp = afp->af_next) { if (afp->af_other_status == NULL) continue; if (afp->af_af != AF_UNSPEC && isset(afmask, afp->af_af)) continue; afp->af_other_status(ctx); setbit(afmask, afp->af_af); } } static void af_all_tunnel_status(if_ctx *ctx) { struct afswtch *afp; uint8_t afmask[howmany(AF_MAX, NBBY)]; memset(afmask, 0, sizeof(afmask)); for (afp = afs; afp != NULL; afp = afp->af_next) { if (afp->af_status_tunnel == NULL) continue; if (afp->af_af != AF_UNSPEC && isset(afmask, afp->af_af)) continue; afp->af_status_tunnel(ctx); setbit(afmask, afp->af_af); } } static struct cmd *cmds = NULL; void cmd_register(struct cmd *p) { p->c_next = cmds; cmds = p; } static const struct cmd * cmd_lookup(const char *name, int iscreate) { const struct cmd *p; for (p = cmds; p != NULL; p = p->c_next) if (strcmp(name, p->c_name) == 0) { if (iscreate) { if (p->c_iscloneop) return p; } else { if (!p->c_iscloneop) return p; } } return NULL; } struct callback { callback_func *cb_func; void *cb_arg; struct callback *cb_next; }; static struct callback *callbacks = NULL; void callback_register(callback_func *func, void *arg) { struct callback *cb; cb = malloc(sizeof(struct callback)); if (cb == NULL) errx(1, "unable to allocate memory for callback"); cb->cb_func = func; cb->cb_arg = arg; cb->cb_next = callbacks; callbacks = cb; } /* specially-handled commands */ static void setifaddr(if_ctx *ctx, const char *addr, int param); static const struct cmd setifaddr_cmd = DEF_CMD("ifaddr", 0, setifaddr); static void setifdstaddr(if_ctx *ctx, const char *addr, int param __unused); static const struct cmd setifdstaddr_cmd = DEF_CMD("ifdstaddr", 0, setifdstaddr); int af_exec_ioctl(if_ctx *ctx, unsigned long action, void *data) { struct ifreq *req = (struct ifreq *)data; strlcpy(req->ifr_name, ctx->ifname, sizeof(req->ifr_name)); if (ioctl_ctx(ctx, action, req) == 0) return (0); return (errno); } static void delifaddr(if_ctx *ctx, const struct afswtch *afp) { int error; if (afp->af_exec == NULL) { warnx("interface %s cannot change %s addresses!", ctx->ifname, afp->af_name); clearaddr = 0; return; } error = afp->af_exec(ctx, afp->af_difaddr, afp->af_ridreq); if (error != 0) { if (error == EADDRNOTAVAIL && (doalias >= 0)) { /* means no previous address for interface */ } else Perrorc("ioctl (SIOCDIFADDR)", error); } } static void addifaddr(if_ctx *ctx, const struct afswtch *afp) { if (afp->af_exec == NULL) { warnx("interface %s cannot change %s addresses!", ctx->ifname, afp->af_name); newaddr = 0; return; } if (setaddr || setmask) { int error = afp->af_exec(ctx, afp->af_aifaddr, afp->af_addreq); if (error != 0) Perrorc("ioctl (SIOCAIFADDR)", error); } } int ifconfig_ioctl(if_ctx *orig_ctx, int iscreate, const struct afswtch *uafp) { const struct afswtch *afp, *nafp; const struct cmd *p; struct callback *cb; int s; int argc = orig_ctx->args->argc; char *const *argv = orig_ctx->args->argv; struct ifconfig_context _ctx = { .args = orig_ctx->args, .io_ss = orig_ctx->io_ss, .ifname = orig_ctx->ifname, }; struct ifconfig_context *ctx = &_ctx; struct ifreq ifr = {}; strlcpy(ifr.ifr_name, ctx->ifname, sizeof ifr.ifr_name); afp = NULL; if (uafp != NULL) afp = uafp; /* * This is the historical "accident" allowing users to configure IPv4 * addresses without the "inet" keyword which while a nice feature has * proven to complicate other things. We cannot remove this but only * make sure we will never have a similar implicit default for IPv6 or * any other address familiy. We need a fallback though for * ifconfig IF up/down etc. to work without INET support as people * never used ifconfig IF link up/down, etc. either. */ #ifndef RESCUE #ifdef INET if (afp == NULL && feature_present("inet")) afp = af_getbyname("inet"); #endif #endif if (afp == NULL) afp = af_getbyname("link"); if (afp == NULL) { warnx("Please specify an address_family."); usage(); } top: ifr.ifr_addr.sa_family = afp->af_af == AF_LINK || afp->af_af == AF_UNSPEC ? AF_LOCAL : afp->af_af; if ((s = socket(ifr.ifr_addr.sa_family, SOCK_DGRAM, 0)) < 0 && (uafp != NULL || errno != EAFNOSUPPORT || (s = socket(AF_LOCAL, SOCK_DGRAM, 0)) < 0)) err(1, "socket(family %u,SOCK_DGRAM)", ifr.ifr_addr.sa_family); ctx->io_s = s; ctx->afp = afp; while (argc > 0) { p = cmd_lookup(*argv, iscreate); if (iscreate && p == NULL) { /* * Push the clone create callback so the new * device is created and can be used for any * remaining arguments. */ cb = callbacks; if (cb == NULL) errx(1, "internal error, no callback"); callbacks = cb->cb_next; cb->cb_func(ctx, cb->cb_arg); iscreate = 0; /* * Handle any address family spec that * immediately follows and potentially * recreate the socket. */ nafp = af_getbyname(*argv); if (nafp != NULL) { argc--, argv++; if (nafp != afp) { close(s); afp = nafp; goto top; } } /* * Look for a normal parameter. */ continue; } if (p == NULL) { /* * Not a recognized command, choose between setting * the interface address and the dst address. */ p = (setaddr ? &setifdstaddr_cmd : &setifaddr_cmd); } if (p->c_parameter == NEXTARG && p->c_u.c_func) { if (argv[1] == NULL) errx(1, "'%s' requires argument", p->c_name); p->c_u.c_func(ctx, argv[1], 0); argc--, argv++; } else if (p->c_parameter == OPTARG && p->c_u.c_func) { p->c_u.c_func(ctx, argv[1], 0); if (argv[1] != NULL) argc--, argv++; } else if (p->c_parameter == NEXTARG2 && p->c_u.c_func2) { if (argc < 3) errx(1, "'%s' requires 2 arguments", p->c_name); p->c_u.c_func2(ctx, argv[1], argv[2]); argc -= 2, argv += 2; } else if (p->c_parameter == SPARAM && p->c_u.c_func3) { p->c_u.c_func3(ctx, *argv, p->c_sparameter); } else if (p->c_u.c_func) p->c_u.c_func(ctx, *argv, p->c_parameter); argc--, argv++; } /* * Do any post argument processing required by the address family. */ if (afp->af_postproc != NULL) afp->af_postproc(ctx, newaddr, getifflags(ctx->ifname, s, true)); /* * Do deferred callbacks registered while processing * command-line arguments. */ for (cb = callbacks; cb != NULL; cb = cb->cb_next) cb->cb_func(ctx, cb->cb_arg); /* * Do deferred operations. */ if (clearaddr) delifaddr(ctx, afp); if (newaddr) addifaddr(ctx, afp); close(s); return(0); } static void setifaddr(if_ctx *ctx, const char *addr, int param __unused) { const struct afswtch *afp = ctx->afp; if (afp->af_getaddr == NULL) return; /* * Delay the ioctl to set the interface addr until flags are all set. * The address interpretation may depend on the flags, * and the flags may change when the address is set. */ setaddr++; if (doalias == 0 && afp->af_af != AF_LINK) clearaddr = 1; afp->af_getaddr(addr, (doalias >= 0 ? ADDR : RIDADDR)); } static void settunnel(if_ctx *ctx, const char *src, const char *dst) { const struct afswtch *afp = ctx->afp; struct addrinfo *srcres, *dstres; int ecode; if (afp->af_settunnel == NULL) { warn("address family %s does not support tunnel setup", afp->af_name); return; } if ((ecode = getaddrinfo(src, NULL, NULL, &srcres)) != 0) errx(1, "error in parsing address string: %s", gai_strerror(ecode)); if ((ecode = getaddrinfo(dst, NULL, NULL, &dstres)) != 0) errx(1, "error in parsing address string: %s", gai_strerror(ecode)); if (srcres->ai_addr->sa_family != dstres->ai_addr->sa_family) errx(1, "source and destination address families do not match"); afp->af_settunnel(ctx, srcres, dstres); freeaddrinfo(srcres); freeaddrinfo(dstres); } static void deletetunnel(if_ctx *ctx, const char *vname __unused, int param __unused) { struct ifreq ifr = {}; if (ioctl_ctx_ifr(ctx, SIOCDIFPHYADDR, &ifr) < 0) err(1, "SIOCDIFPHYADDR"); } #ifdef JAIL static void setifvnet(if_ctx *ctx, const char *jname, int dummy __unused) { struct ifreq ifr = {}; ifr.ifr_jid = jail_getid(jname); if (ifr.ifr_jid < 0) errx(1, "%s", jail_errmsg); if (ioctl_ctx_ifr(ctx, SIOCSIFVNET, &ifr) < 0) err(1, "SIOCSIFVNET"); } static void setifrvnet(if_ctx *ctx, const char *jname, int dummy __unused) { struct ifreq ifr = {}; ifr.ifr_jid = jail_getid(jname); if (ifr.ifr_jid < 0) errx(1, "%s", jail_errmsg); if (ioctl_ctx_ifr(ctx, SIOCSIFRVNET, &ifr) < 0) err(1, "SIOCSIFRVNET(%d, %s)", ifr.ifr_jid, ifr.ifr_name); } #endif static void setifnetmask(if_ctx *ctx, const char *addr, int dummy __unused) { const struct afswtch *afp = ctx->afp; if (afp->af_getaddr != NULL) { setmask++; afp->af_getaddr(addr, MASK); } } static void setifbroadaddr(if_ctx *ctx, const char *addr, int dummy __unused) { const struct afswtch *afp = ctx->afp; if (afp->af_getaddr != NULL) afp->af_getaddr(addr, BRDADDR); } static void notealias(if_ctx *ctx, const char *addr __unused, int param) { const struct afswtch *afp = ctx->afp; if (setaddr && doalias == 0 && param < 0) { if (afp->af_copyaddr != NULL) afp->af_copyaddr(ctx, RIDADDR, ADDR); } doalias = param; if (param < 0) { clearaddr = 1; newaddr = 0; } else clearaddr = 0; } static void setifdstaddr(if_ctx *ctx, const char *addr, int param __unused) { const struct afswtch *afp = ctx->afp; if (afp->af_getaddr != NULL) afp->af_getaddr(addr, DSTADDR); } static int getifflags(const char *ifname, int us, bool err_ok) { struct ifreq my_ifr; int s; memset(&my_ifr, 0, sizeof(my_ifr)); (void) strlcpy(my_ifr.ifr_name, ifname, sizeof(my_ifr.ifr_name)); if (us < 0) { if ((s = socket(AF_LOCAL, SOCK_DGRAM, 0)) < 0) err(1, "socket(family AF_LOCAL,SOCK_DGRAM"); } else s = us; if (ioctl(s, SIOCGIFFLAGS, (caddr_t)&my_ifr) < 0) { if (!err_ok) { Perror("ioctl (SIOCGIFFLAGS)"); exit(1); } } if (us < 0) close(s); return ((my_ifr.ifr_flags & 0xffff) | (my_ifr.ifr_flagshigh << 16)); } /* * Note: doing an SIOCIGIFFLAGS scribbles on the union portion * of the ifreq structure, which may confuse other parts of ifconfig. * Make a private copy so we can avoid that. */ static void clearifflags(if_ctx *ctx, const char *vname, int value) { struct ifreq my_ifr; int flags; flags = getifflags(ctx->ifname, ctx->io_s, false); flags &= ~value; memset(&my_ifr, 0, sizeof(my_ifr)); strlcpy(my_ifr.ifr_name, ctx->ifname, sizeof(my_ifr.ifr_name)); my_ifr.ifr_flags = flags & 0xffff; my_ifr.ifr_flagshigh = flags >> 16; if (ioctl(ctx->io_s, SIOCSIFFLAGS, (caddr_t)&my_ifr) < 0) Perror(vname); } static void setifflags(if_ctx *ctx, const char *vname, int value) { struct ifreq my_ifr; int flags; flags = getifflags(ctx->ifname, ctx->io_s, false); flags |= value; memset(&my_ifr, 0, sizeof(my_ifr)); strlcpy(my_ifr.ifr_name, ctx->ifname, sizeof(my_ifr.ifr_name)); my_ifr.ifr_flags = flags & 0xffff; my_ifr.ifr_flagshigh = flags >> 16; if (ioctl(ctx->io_s, SIOCSIFFLAGS, (caddr_t)&my_ifr) < 0) Perror(vname); } void clearifcap(if_ctx *ctx, const char *vname, int value) { struct ifreq ifr = {}; int flags; if (ioctl_ctx_ifr(ctx, SIOCGIFCAP, &ifr) < 0) { Perror("ioctl (SIOCGIFCAP)"); exit(1); } flags = ifr.ifr_curcap; flags &= ~value; flags &= ifr.ifr_reqcap; /* Check for no change in capabilities. */ if (ifr.ifr_curcap == flags) return; ifr.ifr_reqcap = flags; if (ioctl_ctx(ctx, SIOCSIFCAP, &ifr) < 0) Perror(vname); } void setifcap(if_ctx *ctx, const char *vname, int value) { struct ifreq ifr = {}; int flags; if (ioctl_ctx_ifr(ctx, SIOCGIFCAP, &ifr) < 0) { Perror("ioctl (SIOCGIFCAP)"); exit(1); } flags = ifr.ifr_curcap; flags |= value; flags &= ifr.ifr_reqcap; /* Check for no change in capabilities. */ if (ifr.ifr_curcap == flags) return; ifr.ifr_reqcap = flags; if (ioctl_ctx(ctx, SIOCSIFCAP, &ifr) < 0) Perror(vname); } void setifcapnv(if_ctx *ctx, const char *vname, const char *arg) { nvlist_t *nvcap; void *buf; char *marg, *mopt; size_t nvbuflen; bool neg; struct ifreq ifr = {}; if (ioctl_ctx_ifr(ctx, SIOCGIFCAP, &ifr) < 0) Perror("ioctl (SIOCGIFCAP)"); if ((ifr.ifr_curcap & IFCAP_NV) == 0) { warnx("IFCAP_NV not supported"); return; /* Not exit() */ } marg = strdup(arg); if (marg == NULL) Perror("strdup"); nvcap = nvlist_create(0); if (nvcap == NULL) Perror("nvlist_create"); while ((mopt = strsep(&marg, ",")) != NULL) { neg = *mopt == '-'; if (neg) mopt++; if (strcmp(mopt, "rxtls") == 0) { nvlist_add_bool(nvcap, "rxtls4", !neg); nvlist_add_bool(nvcap, "rxtls6", !neg); } else { nvlist_add_bool(nvcap, mopt, !neg); } } buf = nvlist_pack(nvcap, &nvbuflen); if (buf == NULL) { errx(1, "nvlist_pack error"); exit(1); } ifr.ifr_cap_nv.buf_length = ifr.ifr_cap_nv.length = nvbuflen; ifr.ifr_cap_nv.buffer = buf; if (ioctl_ctx(ctx, SIOCSIFCAPNV, (caddr_t)&ifr) < 0) Perror(vname); free(buf); nvlist_destroy(nvcap); free(marg); } static void setifmetric(if_ctx *ctx, const char *val, int dummy __unused) { struct ifreq ifr = {}; ifr.ifr_metric = atoi(val); if (ioctl_ctx_ifr(ctx, SIOCSIFMETRIC, &ifr) < 0) err(1, "ioctl SIOCSIFMETRIC (set metric)"); } static void setifmtu(if_ctx *ctx, const char *val, int dummy __unused) { struct ifreq ifr = {}; ifr.ifr_mtu = atoi(val); if (ioctl_ctx_ifr(ctx, SIOCSIFMTU, &ifr) < 0) err(1, "ioctl SIOCSIFMTU (set mtu)"); } static void setifpcp(if_ctx *ctx, const char *val, int arg __unused) { struct ifreq ifr = {}; u_long ul; char *endp; ul = strtoul(val, &endp, 0); if (*endp != '\0') errx(1, "invalid value for pcp"); if (ul > 7) errx(1, "value for pcp out of range"); ifr.ifr_lan_pcp = ul; if (ioctl_ctx_ifr(ctx, SIOCSLANPCP, &ifr) == -1) err(1, "SIOCSLANPCP"); } static void disableifpcp(if_ctx *ctx, const char *val __unused, int arg __unused) { struct ifreq ifr = {}; ifr.ifr_lan_pcp = IFNET_PCP_NONE; if (ioctl_ctx_ifr(ctx, SIOCSLANPCP, &ifr) == -1) err(1, "SIOCSLANPCP"); } static void setifname(if_ctx *ctx, const char *val, int dummy __unused) { struct ifreq ifr = {}; char *newname; ifr_set_name(&ifr, ctx->ifname); newname = strdup(val); if (newname == NULL) err(1, "no memory to set ifname"); ifr.ifr_data = newname; if (ioctl_ctx(ctx, SIOCSIFNAME, (caddr_t)&ifr) < 0) { free(newname); err(1, "ioctl SIOCSIFNAME (set name)"); } ifname_update(ctx, newname); free(newname); } static void setifdescr(if_ctx *ctx, const char *val, int dummy __unused) { struct ifreq ifr = {}; char *newdescr; ifr.ifr_buffer.length = strlen(val) + 1; if (ifr.ifr_buffer.length == 1) { ifr.ifr_buffer.buffer = newdescr = NULL; ifr.ifr_buffer.length = 0; } else { newdescr = strdup(val); ifr.ifr_buffer.buffer = newdescr; if (newdescr == NULL) { warn("no memory to set ifdescr"); return; } } if (ioctl_ctx_ifr(ctx, SIOCSIFDESCR, &ifr) < 0) err(1, "ioctl SIOCSIFDESCR (set descr)"); free(newdescr); } static void unsetifdescr(if_ctx *ctx, const char *val __unused, int value __unused) { setifdescr(ctx, "", 0); } #ifdef WITHOUT_NETLINK #define IFFBITS \ "\020\1UP\2BROADCAST\3DEBUG\4LOOPBACK\5POINTOPOINT\7RUNNING" \ "\10NOARP\11PROMISC\12ALLMULTI\13OACTIVE\14SIMPLEX\15LINK0\16LINK1\17LINK2" \ "\20MULTICAST\22PPROMISC\23MONITOR\24STATICARP\25STICKYARP" #define IFCAPBITS \ "\020\1RXCSUM\2TXCSUM\3NETCONS\4VLAN_MTU\5VLAN_HWTAGGING\6JUMBO_MTU\7POLLING" \ "\10VLAN_HWCSUM\11TSO4\12TSO6\13LRO\14WOL_UCAST\15WOL_MCAST\16WOL_MAGIC" \ "\17TOE4\20TOE6\21VLAN_HWFILTER\23VLAN_HWTSO\24LINKSTATE\25NETMAP" \ "\26RXCSUM_IPV6\27TXCSUM_IPV6\31TXRTLMT\32HWRXTSTMP\33NOMAP\34TXTLS4\35TXTLS6" \ "\36VXLAN_HWCSUM\37VXLAN_HWTSO\40TXTLS_RTLMT" static void print_ifcap_nv(if_ctx *ctx) { struct ifreq ifr = {}; nvlist_t *nvcap; const char *nvname; void *buf, *cookie; bool first, val; int type; buf = malloc(IFR_CAP_NV_MAXBUFSIZE); if (buf == NULL) Perror("malloc"); ifr.ifr_cap_nv.buffer = buf; ifr.ifr_cap_nv.buf_length = IFR_CAP_NV_MAXBUFSIZE; if (ioctl_ctx_ifr(ctx, SIOCGIFCAPNV, &ifr) != 0) Perror("ioctl (SIOCGIFCAPNV)"); nvcap = nvlist_unpack(ifr.ifr_cap_nv.buffer, ifr.ifr_cap_nv.length, 0); if (nvcap == NULL) Perror("nvlist_unpack"); printf("\toptions"); cookie = NULL; for (first = true;; first = false) { nvname = nvlist_next(nvcap, &type, &cookie); if (nvname == NULL) { printf("\n"); break; } if (type == NV_TYPE_BOOL) { val = nvlist_get_bool(nvcap, nvname); if (val) { printf("%c%s", first ? ' ' : ',', nvname); } } } if (ctx->args->supmedia) { printf("\tcapabilities"); cookie = NULL; for (first = true;; first = false) { nvname = nvlist_next(nvcap, &type, &cookie); if (nvname == NULL) { printf("\n"); break; } if (type == NV_TYPE_BOOL) printf("%c%s", first ? ' ' : ',', nvname); } } nvlist_destroy(nvcap); free(buf); if (ioctl_ctx(ctx, SIOCGIFCAP, (caddr_t)&ifr) != 0) Perror("ioctl (SIOCGIFCAP)"); } static void print_ifcap(if_ctx *ctx) { struct ifreq ifr = {}; if (ioctl_ctx_ifr(ctx, SIOCGIFCAP, &ifr) != 0) return; if ((ifr.ifr_curcap & IFCAP_NV) != 0) print_ifcap_nv(ctx); else { printb("\toptions", ifr.ifr_curcap, IFCAPBITS); putchar('\n'); if (ctx->args->supmedia && ifr.ifr_reqcap != 0) { printb("\tcapabilities", ifr.ifr_reqcap, IFCAPBITS); putchar('\n'); } } } #endif void print_ifstatus(if_ctx *ctx) { struct ifstat ifs; strlcpy(ifs.ifs_name, ctx->ifname, sizeof ifs.ifs_name); if (ioctl_ctx(ctx, SIOCGIFSTATUS, &ifs) == 0) printf("%s", ifs.ascii); } void print_metric(if_ctx *ctx) { struct ifreq ifr = {}; if (ioctl_ctx_ifr(ctx, SIOCGIFMETRIC, &ifr) != -1) printf(" metric %d", ifr.ifr_metric); } #ifdef WITHOUT_NETLINK static void print_mtu(if_ctx *ctx) { struct ifreq ifr = {}; if (ioctl_ctx_ifr(ctx, SIOCGIFMTU, &ifr) != -1) printf(" mtu %d", ifr.ifr_mtu); } static void print_description(if_ctx *ctx) { struct ifreq ifr = {}; ifr_set_name(&ifr, ctx->ifname); for (;;) { if ((descr = reallocf(descr, descrlen)) != NULL) { ifr.ifr_buffer.buffer = descr; ifr.ifr_buffer.length = descrlen; if (ioctl_ctx(ctx, SIOCGIFDESCR, &ifr) == 0) { if (ifr.ifr_buffer.buffer == descr) { if (strlen(descr) > 0) printf("\tdescription: %s\n", descr); } else if (ifr.ifr_buffer.length > descrlen) { descrlen = ifr.ifr_buffer.length; continue; } } } else warn("unable to allocate memory for interface" "description"); break; } } /* * Print the status of the interface. If an address family was * specified, show only it; otherwise, show them all. */ static void status(if_ctx *ctx, const struct sockaddr_dl *sdl __unused, struct ifaddrs *ifa) { struct ifaddrs *ift; int s, old_s; struct ifconfig_args *args = ctx->args; bool allfamilies = args->afp == NULL; struct ifreq ifr = {}; if (args->afp == NULL) ifr.ifr_addr.sa_family = AF_LOCAL; else ifr.ifr_addr.sa_family = args->afp->af_af == AF_LINK ? AF_LOCAL : args->afp->af_af; s = socket(ifr.ifr_addr.sa_family, SOCK_DGRAM, 0); if (s < 0) err(1, "socket(family %u,SOCK_DGRAM)", ifr.ifr_addr.sa_family); old_s = ctx->io_s; ctx->io_s = s; printf("%s: ", ctx->ifname); printb("flags", ifa->ifa_flags, IFFBITS); print_metric(ctx); print_mtu(ctx); putchar('\n'); print_description(ctx); print_ifcap(ctx); tunnel_status(ctx); for (ift = ifa; ift != NULL; ift = ift->ifa_next) { if (ift->ifa_addr == NULL) continue; if (strcmp(ifa->ifa_name, ift->ifa_name) != 0) continue; if (allfamilies) { const struct afswtch *p; p = af_getbyfamily(ift->ifa_addr->sa_family); if (p != NULL && p->af_status != NULL) p->af_status(ctx, ift); } else if (args->afp->af_af == ift->ifa_addr->sa_family) args->afp->af_status(ctx, ift); } #if 0 if (allfamilies || afp->af_af == AF_LINK) { const struct afswtch *lafp; /* * Hack; the link level address is received separately * from the routing information so any address is not * handled above. Cobble together an entry and invoke * the status method specially. */ lafp = af_getbyname("lladdr"); if (lafp != NULL) { info.rti_info[RTAX_IFA] = (struct sockaddr *)sdl; lafp->af_status(s, &info); } } #endif if (allfamilies) af_other_status(ctx); else if (args->afp->af_other_status != NULL) args->afp->af_other_status(ctx); print_ifstatus(ctx); if (args->verbose > 0) sfp_status(ctx); close(s); ctx->io_s = old_s; return; } #endif void tunnel_status(if_ctx *ctx) { af_all_tunnel_status(ctx); } static void Perrorc(const char *cmd, int error) { switch (errno) { case ENXIO: errx(1, "%s: no such interface", cmd); break; case EPERM: errx(1, "%s: permission denied", cmd); break; default: errc(1, error, "%s", cmd); } } void Perror(const char *cmd) { Perrorc(cmd, errno); } /* * Print a value a la the %b format of the kernel's printf */ void printb(const char *s, unsigned v, const char *bits) { int i, any = 0; char c; if (bits && *bits == 8) printf("%s=%o", s, v); else printf("%s=%x", s, v); if (bits) { bits++; putchar('<'); while ((i = *bits++) != '\0') { if (v & (1u << (i-1))) { if (any) putchar(','); any = 1; for (; (c = *bits) > 32; bits++) putchar(c); } else for (; *bits > 32; bits++) ; } putchar('>'); } } void print_vhid(const struct ifaddrs *ifa) { struct if_data *ifd; if (ifa->ifa_data == NULL) return; ifd = ifa->ifa_data; if (ifd->ifi_vhid == 0) return; printf(" vhid %d", ifd->ifi_vhid); } void ifmaybeload(struct ifconfig_args *args, const char *name) { #define MOD_PREFIX_LEN 3 /* "if_" */ struct module_stat mstat; int fileid, modid; char ifkind[IFNAMSIZ + MOD_PREFIX_LEN], ifname[IFNAMSIZ], *dp; const char *cp; struct module_map_entry *mme; bool found; /* loading suppressed by the user */ if (args->noload) return; /* trim the interface number off the end */ strlcpy(ifname, name, sizeof(ifname)); dp = ifname + strlen(ifname) - 1; for (; dp > ifname; dp--) { if (isdigit(*dp)) *dp = '\0'; else break; } /* Either derive it from the map or guess otherwise */ *ifkind = '\0'; found = false; for (unsigned i = 0; i < nitems(module_map); ++i) { mme = &module_map[i]; if (strcmp(mme->ifname, ifname) == 0) { strlcpy(ifkind, mme->kldname, sizeof(ifkind)); found = true; break; } } /* We didn't have an alias for it... we'll guess. */ if (!found) { /* turn interface and unit into module name */ strlcpy(ifkind, "if_", sizeof(ifkind)); strlcat(ifkind, ifname, sizeof(ifkind)); } /* scan files in kernel */ mstat.version = sizeof(struct module_stat); for (fileid = kldnext(0); fileid > 0; fileid = kldnext(fileid)) { /* scan modules in file */ for (modid = kldfirstmod(fileid); modid > 0; modid = modfnext(modid)) { if (modstat(modid, &mstat) < 0) continue; /* strip bus name if present */ if ((cp = strchr(mstat.name, '/')) != NULL) { cp++; } else { cp = mstat.name; } /* * Is it already loaded? Don't compare with ifname if * we were specifically told which kld to use. Doing * so could lead to conflicts not trivially solved. */ if ((!found && strcmp(ifname, cp) == 0) || strcmp(ifkind, cp) == 0) return; } } /* * Try to load the module. But ignore failures, because ifconfig can't * infer the names of all drivers (eg mlx4en(4)). */ (void) kldload(ifkind); } static struct cmd basic_cmds[] = { DEF_CMD("up", IFF_UP, setifflags), DEF_CMD("down", IFF_UP, clearifflags), DEF_CMD("arp", IFF_NOARP, clearifflags), DEF_CMD("-arp", IFF_NOARP, setifflags), DEF_CMD("debug", IFF_DEBUG, setifflags), DEF_CMD("-debug", IFF_DEBUG, clearifflags), DEF_CMD_ARG("description", setifdescr), DEF_CMD_ARG("descr", setifdescr), DEF_CMD("-description", 0, unsetifdescr), DEF_CMD("-descr", 0, unsetifdescr), DEF_CMD("promisc", IFF_PPROMISC, setifflags), DEF_CMD("-promisc", IFF_PPROMISC, clearifflags), DEF_CMD("add", IFF_UP, notealias), DEF_CMD("alias", IFF_UP, notealias), DEF_CMD("-alias", -IFF_UP, notealias), DEF_CMD("delete", -IFF_UP, notealias), DEF_CMD("remove", -IFF_UP, notealias), #ifdef notdef #define EN_SWABIPS 0x1000 DEF_CMD("swabips", EN_SWABIPS, setifflags), DEF_CMD("-swabips", EN_SWABIPS, clearifflags), #endif DEF_CMD_ARG("netmask", setifnetmask), DEF_CMD_ARG("metric", setifmetric), DEF_CMD_ARG("broadcast", setifbroadaddr), DEF_CMD_ARG2("tunnel", settunnel), DEF_CMD("-tunnel", 0, deletetunnel), DEF_CMD("deletetunnel", 0, deletetunnel), #ifdef JAIL DEF_CMD_ARG("vnet", setifvnet), DEF_CMD_ARG("-vnet", setifrvnet), #endif DEF_CMD("link0", IFF_LINK0, setifflags), DEF_CMD("-link0", IFF_LINK0, clearifflags), DEF_CMD("link1", IFF_LINK1, setifflags), DEF_CMD("-link1", IFF_LINK1, clearifflags), DEF_CMD("link2", IFF_LINK2, setifflags), DEF_CMD("-link2", IFF_LINK2, clearifflags), DEF_CMD("monitor", IFF_MONITOR, setifflags), DEF_CMD("-monitor", IFF_MONITOR, clearifflags), DEF_CMD("mextpg", IFCAP_MEXTPG, setifcap), DEF_CMD("-mextpg", IFCAP_MEXTPG, clearifcap), DEF_CMD("staticarp", IFF_STATICARP, setifflags), DEF_CMD("-staticarp", IFF_STATICARP, clearifflags), DEF_CMD("stickyarp", IFF_STICKYARP, setifflags), DEF_CMD("-stickyarp", IFF_STICKYARP, clearifflags), DEF_CMD("rxcsum6", IFCAP_RXCSUM_IPV6, setifcap), DEF_CMD("-rxcsum6", IFCAP_RXCSUM_IPV6, clearifcap), DEF_CMD("txcsum6", IFCAP_TXCSUM_IPV6, setifcap), DEF_CMD("-txcsum6", IFCAP_TXCSUM_IPV6, clearifcap), DEF_CMD("rxcsum", IFCAP_RXCSUM, setifcap), DEF_CMD("-rxcsum", IFCAP_RXCSUM, clearifcap), DEF_CMD("txcsum", IFCAP_TXCSUM, setifcap), DEF_CMD("-txcsum", IFCAP_TXCSUM, clearifcap), DEF_CMD("netcons", IFCAP_NETCONS, setifcap), DEF_CMD("-netcons", IFCAP_NETCONS, clearifcap), DEF_CMD_ARG("pcp", setifpcp), DEF_CMD("-pcp", 0, disableifpcp), DEF_CMD("polling", IFCAP_POLLING, setifcap), DEF_CMD("-polling", IFCAP_POLLING, clearifcap), DEF_CMD("tso6", IFCAP_TSO6, setifcap), DEF_CMD("-tso6", IFCAP_TSO6, clearifcap), DEF_CMD("tso4", IFCAP_TSO4, setifcap), DEF_CMD("-tso4", IFCAP_TSO4, clearifcap), DEF_CMD("tso", IFCAP_TSO, setifcap), DEF_CMD("-tso", IFCAP_TSO, clearifcap), DEF_CMD("toe", IFCAP_TOE, setifcap), DEF_CMD("-toe", IFCAP_TOE, clearifcap), DEF_CMD("lro", IFCAP_LRO, setifcap), DEF_CMD("-lro", IFCAP_LRO, clearifcap), DEF_CMD("txtls", IFCAP_TXTLS, setifcap), DEF_CMD("-txtls", IFCAP_TXTLS, clearifcap), DEF_CMD_SARG("rxtls", IFCAP2_RXTLS4_NAME "," IFCAP2_RXTLS6_NAME, setifcapnv), DEF_CMD_SARG("-rxtls", "-"IFCAP2_RXTLS4_NAME ",-" IFCAP2_RXTLS6_NAME, setifcapnv), DEF_CMD("wol", IFCAP_WOL, setifcap), DEF_CMD("-wol", IFCAP_WOL, clearifcap), DEF_CMD("wol_ucast", IFCAP_WOL_UCAST, setifcap), DEF_CMD("-wol_ucast", IFCAP_WOL_UCAST, clearifcap), DEF_CMD("wol_mcast", IFCAP_WOL_MCAST, setifcap), DEF_CMD("-wol_mcast", IFCAP_WOL_MCAST, clearifcap), DEF_CMD("wol_magic", IFCAP_WOL_MAGIC, setifcap), DEF_CMD("-wol_magic", IFCAP_WOL_MAGIC, clearifcap), DEF_CMD("txrtlmt", IFCAP_TXRTLMT, setifcap), DEF_CMD("-txrtlmt", IFCAP_TXRTLMT, clearifcap), DEF_CMD("txtlsrtlmt", IFCAP_TXTLS_RTLMT, setifcap), DEF_CMD("-txtlsrtlmt", IFCAP_TXTLS_RTLMT, clearifcap), DEF_CMD("hwrxtstmp", IFCAP_HWRXTSTMP, setifcap), DEF_CMD("-hwrxtstmp", IFCAP_HWRXTSTMP, clearifcap), DEF_CMD("normal", IFF_LINK0, clearifflags), DEF_CMD("compress", IFF_LINK0, setifflags), DEF_CMD("noicmp", IFF_LINK1, setifflags), DEF_CMD_ARG("mtu", setifmtu), DEF_CMD_ARG("name", setifname), }; static __constructor void ifconfig_ctor(void) { size_t i; for (i = 0; i < nitems(basic_cmds); i++) cmd_register(&basic_cmds[i]); } diff --git a/sbin/init/Makefile b/sbin/init/Makefile index 79ccaf149ace..965608065291 100644 --- a/sbin/init/Makefile +++ b/sbin/init/Makefile @@ -1,23 +1,22 @@ -# @(#)Makefile 8.1 (Berkeley) 7/19/93 CONFGROUPS= CONFTTYS PACKAGE=runtime PROG= init SRCS= init.c getmntopts.c MAN= init.8 PRECIOUSPROG= INSTALLFLAGS=-b -B.bak CFLAGS+=-DDEBUGSHELL -DSECURE -DLOGIN_CAP -DCOMPAT_SYSV_INIT LIBADD= util crypt CONFTTYSNAME= ttys CONFTTYS+= ttys # Needed for getmntopts.c MOUNT= ${SRCTOP}/sbin/mount CFLAGS+=-I${MOUNT} .PATH: ${MOUNT} NO_SHARED?= YES .include diff --git a/sbin/init/init.8 b/sbin/init/init.8 index 88d663a1afe8..4f988438cd35 100644 --- a/sbin/init/init.8 +++ b/sbin/init/init.8 @@ -1,468 +1,466 @@ .\" Copyright (c) 1980, 1991, 1993 .\" The Regents of the University of California. All rights reserved. .\" .\" This code is derived from software contributed to Berkeley by .\" Donn Seeley at Berkeley Software Design, Inc. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: .\" 1. Redistributions of source code must retain the above copyright .\" notice, this list of conditions and the following disclaimer. .\" 2. Redistributions in binary form must reproduce the above copyright .\" notice, this list of conditions and the following disclaimer in the .\" documentation and/or other materials provided with the distribution. .\" 3. Neither the name of the University nor the names of its contributors .\" may be used to endorse or promote products derived from this software .\" without specific prior written permission. .\" .\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE .\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" @(#)init.8 8.3 (Berkeley) 4/18/94 -.\" .Dd July 22, 2021 .Dt INIT 8 .Os .Sh NAME .Nm init .Nd process control initialization .Sh SYNOPSIS .Nm .Nm .Oo .Cm 0 | 1 | 6 | .Cm c | q .Oc .Sh DESCRIPTION The .Nm utility is the last stage of the boot process. It normally runs the automatic reboot sequence as described in .Xr rc 8 , and if this succeeds, begins multi-user operation. If the reboot scripts fail, .Nm commences single-user operation by giving the super-user a shell on the console. The .Nm utility may be passed parameters from the boot program to prevent the system from going multi-user and to instead execute a single-user shell without starting the normal daemons. The system is then quiescent for maintenance work and may later be made to go to multi-user by exiting the single-user shell (with ^D). This causes .Nm to run the .Pa /etc/rc start up command file in fastboot mode (skipping disk checks). .Pp If the .Em console entry in the .Xr ttys 5 file is marked .Dq insecure , then .Nm will require that the super-user password be entered before the system will start a single-user shell. The password check is skipped if the .Em console is marked as .Dq secure . Note that the password check does not protect from variables such as .Va init_script being set from the .Xr loader 8 command line; see the .Sx SECURITY section of .Xr loader 8 . .Pp If the system security level (see .Xr security 7 ) is initially nonzero, then .Nm leaves it unchanged. Otherwise, .Nm raises the level to 1 before going multi-user for the first time. Since the level cannot be reduced, it will be at least 1 for subsequent operation, even on return to single-user. If a level higher than 1 is desired while running multi-user, it can be set before going multi-user, e.g., by the startup script .Xr rc 8 , using .Xr sysctl 8 to set the .Va kern.securelevel variable to the required security level. .Pp If .Nm is run in a jail, the security level of the .Dq host system will not be affected. Part of the information set up in the kernel to support a jail is a per-jail security level. This allows running a higher security level inside of a jail than that of the host system. See .Xr jail 8 for more information about jails. .Pp In multi-user operation, .Nm maintains processes for the terminal ports found in the file .Xr ttys 5 . The .Nm utility reads this file and executes the command found in the second field, unless the first field refers to a device in .Pa /dev which is not configured. The first field is supplied as the final argument to the command. This command is usually .Xr getty 8 ; .Nm getty opens and initializes the tty line and executes the .Xr login 1 program. The .Nm login program, when a valid user logs in, executes a shell for that user. When this shell dies, either because the user logged out or an abnormal termination occurred (a signal), the cycle is restarted by executing a new .Nm getty for the line. .Pp The .Nm utility can also be used to keep arbitrary daemons running, automatically restarting them if they die. In this case, the first field in the .Xr ttys 5 file must not reference the path to a configured device node and will be passed to the daemon as the final argument on its command line. This is similar to the facility offered in the .At V .Pa /etc/inittab . .Pp Line status (on, off, secure, getty, or window information) may be changed in the .Xr ttys 5 file without a reboot by sending the signal .Dv SIGHUP to .Nm with the command .Dq Li "kill -HUP 1" . On receipt of this signal, .Nm re-reads the .Xr ttys 5 file. When a line is turned off in .Xr ttys 5 , .Nm will send a SIGHUP signal to the controlling process for the session associated with the line. For any lines that were previously turned off in the .Xr ttys 5 file and are now on, .Nm executes the command specified in the second field. If the command or window field for a line is changed, the change takes effect at the end of the current login session (e.g., the next time .Nm starts a process on the line). If a line is commented out or deleted from .Xr ttys 5 , .Nm will not do anything at all to that line. .Pp The .Nm utility will terminate multi-user operations and resume single-user mode if sent a terminate .Pq Dv TERM signal, for example, .Dq Li "kill \-TERM 1" . If there are processes outstanding that are deadlocked (because of hardware or software failure), .Nm will not wait for them all to die (which might take forever), but will time out after 30 seconds and print a warning message. .Pp The .Nm utility will cease creating new processes and allow the system to slowly die away, if it is sent a terminal stop .Pq Dv TSTP signal, i.e.\& .Dq Li "kill \-TSTP 1" . A later hangup will resume full multi-user operations, or a terminate will start a single-user shell. This hook is used by .Xr reboot 8 and .Xr halt 8 . .Pp The .Nm utility will terminate all possible processes (again, it will not wait for deadlocked processes) and reboot the machine if sent the interrupt .Pq Dv INT signal, i.e.\& .Dq Li "kill \-INT 1". This is useful for shutting the machine down cleanly from inside the kernel or from X when the machine appears to be hung. .Pp The .Nm utility will do the same, except it will halt the machine if sent the user defined signal 1 .Pq Dv USR1 , or will halt and turn the power off (if hardware permits) if sent the user defined signal 2 .Pq Dv USR2 . .Pp When shutting down the machine, .Nm will try to run the .Pa /etc/rc.shutdown script. This script can be used to cleanly terminate specific programs such as .Nm innd (the InterNetNews server). If this script does not terminate within 120 seconds, .Nm will terminate it. The timeout can be configured via the .Xr sysctl 8 variable .Va kern.init_shutdown_timeout . .Pp .Nm init passes .Dq Li single as the argument to the shutdown script if return to single-user mode is requested. Otherwise, .Dq Li reboot argument is used. .Pp After all user processes have been terminated, .Nm will try to run the .Pa /etc/rc.final script. This script can be used to finally prepare and unmount filesystems that may have been needed during shutdown, for instance. .Pp The role of .Nm is so critical that if it dies, the system will reboot itself automatically. If, at bootstrap time, the .Nm process cannot be located, the system will panic with the message .Dq "panic: init died (signal %d, exit %d)" . .Pp If run as a user process as shown in the second synopsis line, .Nm will emulate .At V behavior, i.e., super-user can specify the desired .Em run-level on a command line, and .Nm will signal the original (PID 1) .Nm as follows: .Bl -column Run-level SIGTERM .It Sy "Run-level Signal Action" .It Cm 0 Ta Dv SIGUSR1 Ta "Halt" .It Cm 0 Ta Dv SIGUSR2 Ta "Halt and turn the power off" .It Cm 0 Ta Dv SIGWINCH Ta "Halt and turn the power off and then back on" .It Cm 1 Ta Dv SIGTERM Ta "Go to single-user mode" .It Cm 6 Ta Dv SIGINT Ta "Reboot the machine" .It Cm c Ta Dv SIGTSTP Ta "Block further logins" .It Cm q Ta Dv SIGHUP Ta Rescan the .Xr ttys 5 file .El .Sh KERNEL ENVIRONMENT VARIABLES The following .Xr kenv 2 variables are available as .Xr loader 8 tunables: .Bl -tag -width indent .It Va init_chroot If set to a valid directory in the root file system, it causes .Nm to perform a .Xr chroot 2 operation on that directory, making it the new root directory. That happens before entering single-user mode or multi-user mode (but after executing the .Va init_script if enabled). This functionality has generally been eclipsed by rerooting. See .Xr reboot 8 .Fl r for details. .It Va init_exec If set to a valid file name in the root file system, instructs .Nm to directly execute that file as the very first action, replacing .Nm as PID 1. .It Va init_script If set to a valid file name in the root file system, instructs .Nm to run that script as the very first action, before doing anything else. Signal handling and exit code interpretation is similar to running the .Pa /etc/rc script. In particular, single-user operation is enforced if the script terminates with a non-zero exit code, or if a SIGTERM is delivered to the .Nm process (PID 1). This functionality has generally been eclipsed by rerooting. See .Xr reboot 8 .Fl r for details. .It Va init_shell Defines the shell binary to be used for executing the various shell scripts. The default is .Dq Li /bin/sh . It is used for running the .Va init_exec or .Va init_script if set, as well as for the .Pa /etc/rc , .Pa /etc/rc.shutdown , and .Pa /etc/rc.final scripts. The value of the corresponding .Xr kenv 2 variable is evaluated every time .Nm calls a shell script, so it can be changed later on using the .Xr kenv 1 utility. In particular, if a non-default shell is used for running an .Va init_script , it might be desirable to have that script reset the value of .Va init_shell back to the default, so that the .Pa /etc/rc script is executed with the standard shell .Pa /bin/sh . .Sh FILES .Bl -tag -width /var/log/init.log -compact .It Pa /dev/console system console device .It Pa /dev/tty* terminal ports found in .Xr ttys 5 .It Pa /etc/ttys the terminal initialization information file .It Pa /etc/rc system startup commands .It Pa /etc/rc.shutdown system shutdown commands .It Pa /etc/rc.final system shutdown commands (after process termination) .It Pa /var/log/init.log log of .Xr rc 8 output if the system console device is not available .El .Sh DIAGNOSTICS .Bl -diag .It "getty repeating too quickly on port %s, sleeping." A process being started to service a line is exiting quickly each time it is started. This is often caused by a ringing or noisy terminal line. .Bf -emphasis Init will sleep for 30 seconds, then continue trying to start the process. .Ef .It "some processes would not die; ps axl advised." A process is hung and could not be killed when the system was shutting down. This condition is usually caused by a process that is stuck in a device driver because of a persistent device error condition. .El .Sh SEE ALSO .Xr kill 1 , .Xr login 1 , .Xr sh 1 , .Xr ttys 5 , .Xr security 7 , .Xr getty 8 , .Xr halt 8 , .Xr jail 8 , .Xr rc 8 , .Xr reboot 8 , .Xr shutdown 8 , .Xr sysctl 8 .Sh HISTORY An .Nm utility appeared in .At v1 . .Sh CAVEATS Systems without .Xr sysctl 8 behave as though they have security level \-1. .Pp Setting the security level above 1 too early in the boot sequence can prevent .Xr fsck 8 from repairing inconsistent file systems. The preferred location to set the security level is at the end of .Pa /etc/rc after all multi-user startup actions are complete. diff --git a/sbin/init/init.c b/sbin/init/init.c index d5200e4cfe35..a78bfac073da 100644 --- a/sbin/init/init.c +++ b/sbin/init/init.c @@ -1,2167 +1,2164 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1991, 1993 * The Regents of the University of California. All rights reserved. * * This code is derived from software contributed to Berkeley by * Donn Seeley at Berkeley Software Design, Inc. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #ifndef lint static const char copyright[] = "@(#) Copyright (c) 1991, 1993\n\ The Regents of the University of California. All rights reserved.\n"; #endif /* not lint */ #ifndef lint -#if 0 -static char sccsid[] = "@(#)init.c 8.1 (Berkeley) 7/15/93"; -#endif #endif /* not lint */ #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #ifdef SECURE #include #endif #ifdef LOGIN_CAP #include #endif #include "mntopts.h" #include "pathnames.h" /* * Sleep times; used to prevent thrashing. */ #define GETTY_SPACING 5 /* N secs minimum getty spacing */ #define GETTY_SLEEP 30 /* sleep N secs after spacing problem */ #define GETTY_NSPACE 3 /* max. spacing count to bring reaction */ #define WINDOW_WAIT 3 /* wait N secs after starting window */ #define STALL_TIMEOUT 30 /* wait N secs after warning */ #define DEATH_WATCH 10 /* wait N secs for procs to die */ #define DEATH_SCRIPT 120 /* wait for 2min for /etc/rc.shutdown */ #define RESOURCE_RC "daemon" #define RESOURCE_WINDOW "default" #define RESOURCE_GETTY "default" #define SCRIPT_ARGV_SIZE 3 /* size of argv passed to execute_script, can be increased if needed */ static void handle(sig_t, ...); static void delset(sigset_t *, ...); static void stall(const char *, ...) __printflike(1, 2); static void warning(const char *, ...) __printflike(1, 2); static void emergency(const char *, ...) __printflike(1, 2); static void disaster(int); static void revoke_ttys(void); static int runshutdown(void); static char *strk(char *); static void runfinal(void); /* * We really need a recursive typedef... * The following at least guarantees that the return type of (*state_t)() * is sufficiently wide to hold a function pointer. */ typedef long (*state_func_t)(void); typedef state_func_t (*state_t)(void); static state_func_t single_user(void); static state_func_t runcom(void); static state_func_t read_ttys(void); static state_func_t multi_user(void); static state_func_t clean_ttys(void); static state_func_t catatonia(void); static state_func_t death(void); static state_func_t death_single(void); static state_func_t reroot(void); static state_func_t reroot_phase_two(void); static state_func_t run_script(const char *); static enum { AUTOBOOT, FASTBOOT } runcom_mode = AUTOBOOT; static bool Reboot = false; static int howto = RB_AUTOBOOT; static bool devfs = false; static char *init_path_argv0; static void transition(state_t); static state_t requested_transition; static state_t current_state = death_single; static void execute_script(char *argv[]); static void open_console(void); static const char *get_shell(void); static void replace_init(char *path); static void write_stderr(const char *message); typedef struct init_session { pid_t se_process; /* controlling process */ time_t se_started; /* used to avoid thrashing */ int se_flags; /* status of session */ #define SE_SHUTDOWN 0x1 /* session won't be restarted */ #define SE_PRESENT 0x2 /* session is in /etc/ttys */ #define SE_IFEXISTS 0x4 /* session defined as "onifexists" */ #define SE_IFCONSOLE 0x8 /* session defined as "onifconsole" */ int se_nspace; /* spacing count */ char *se_device; /* filename of port */ char *se_getty; /* what to run on that port */ char *se_getty_argv_space; /* pre-parsed argument array space */ char **se_getty_argv; /* pre-parsed argument array */ char *se_window; /* window system (started only once) */ char *se_window_argv_space; /* pre-parsed argument array space */ char **se_window_argv; /* pre-parsed argument array */ char *se_type; /* default terminal type */ struct init_session *se_prev; struct init_session *se_next; } session_t; static void free_session(session_t *); static session_t *new_session(session_t *, struct ttyent *); static session_t *sessions; static char **construct_argv(char *); static void start_window_system(session_t *); static void collect_child(pid_t); static pid_t start_getty(session_t *); static void transition_handler(int); static void alrm_handler(int); static void setsecuritylevel(int); static int getsecuritylevel(void); static int setupargv(session_t *, struct ttyent *); #ifdef LOGIN_CAP static void setprocresources(const char *); #endif static bool clang; static int start_session_db(void); static void add_session(session_t *); static void del_session(session_t *); static session_t *find_session(pid_t); static DB *session_db; /* * The mother of all processes. */ int main(int argc, char *argv[]) { state_t initial_transition = runcom; char kenv_value[PATH_MAX]; int c, error; struct sigaction sa; sigset_t mask; /* Dispose of random users. */ if (getuid() != 0) errx(1, "%s", strerror(EPERM)); BOOTTRACE("init(8) starting..."); /* System V users like to reexec init. */ if (getpid() != 1) { #ifdef COMPAT_SYSV_INIT /* So give them what they want */ if (argc > 1) { if (strlen(argv[1]) == 1) { char runlevel = *argv[1]; int sig; switch (runlevel) { case '0': /* halt + poweroff */ sig = SIGUSR2; break; case '1': /* single-user */ sig = SIGTERM; break; case '6': /* reboot */ sig = SIGINT; break; case 'c': /* block further logins */ sig = SIGTSTP; break; case 'q': /* rescan /etc/ttys */ sig = SIGHUP; break; case 'r': /* remount root */ sig = SIGEMT; break; default: goto invalid; } kill(1, sig); _exit(0); } else invalid: errx(1, "invalid run-level ``%s''", argv[1]); } else #endif errx(1, "already running"); } init_path_argv0 = strdup(argv[0]); if (init_path_argv0 == NULL) err(1, "strdup"); /* * Note that this does NOT open a file... * Does 'init' deserve its own facility number? */ openlog("init", LOG_CONS, LOG_AUTH); /* * Create an initial session. */ if (setsid() < 0 && (errno != EPERM || getsid(0) != 1)) warning("initial setsid() failed: %m"); /* * Establish an initial user so that programs running * single user do not freak out and die (like passwd). */ if (setlogin("root") < 0) warning("setlogin() failed: %m"); /* * This code assumes that we always get arguments through flags, * never through bits set in some random machine register. */ while ((c = getopt(argc, argv, "dsfr")) != -1) switch (c) { case 'd': devfs = true; break; case 's': initial_transition = single_user; break; case 'f': runcom_mode = FASTBOOT; break; case 'r': initial_transition = reroot_phase_two; break; default: warning("unrecognized flag '-%c'", c); break; } if (optind != argc) warning("ignoring excess arguments"); /* * We catch or block signals rather than ignore them, * so that they get reset on exec. */ handle(disaster, SIGABRT, SIGFPE, SIGILL, SIGSEGV, SIGBUS, SIGSYS, SIGXCPU, SIGXFSZ, 0); handle(transition_handler, SIGHUP, SIGINT, SIGEMT, SIGTERM, SIGTSTP, SIGUSR1, SIGUSR2, SIGWINCH, 0); handle(alrm_handler, SIGALRM, 0); sigfillset(&mask); delset(&mask, SIGABRT, SIGFPE, SIGILL, SIGSEGV, SIGBUS, SIGSYS, SIGXCPU, SIGXFSZ, SIGHUP, SIGINT, SIGEMT, SIGTERM, SIGTSTP, SIGALRM, SIGUSR1, SIGUSR2, SIGWINCH, 0); sigprocmask(SIG_SETMASK, &mask, NULL); sigemptyset(&sa.sa_mask); sa.sa_flags = 0; sa.sa_handler = SIG_IGN; sigaction(SIGTTIN, &sa, NULL); sigaction(SIGTTOU, &sa, NULL); /* * Paranoia. */ close(0); close(1); close(2); if (kenv(KENV_GET, "init_exec", kenv_value, sizeof(kenv_value)) > 0) { replace_init(kenv_value); _exit(0); /* reboot */ } if (kenv(KENV_GET, "init_script", kenv_value, sizeof(kenv_value)) > 0) { state_func_t next_transition; if ((next_transition = run_script(kenv_value)) != NULL) initial_transition = (state_t) next_transition; } if (kenv(KENV_GET, "init_chroot", kenv_value, sizeof(kenv_value)) > 0) { if (chdir(kenv_value) != 0 || chroot(".") != 0) warning("Can't chroot to %s: %m", kenv_value); } /* * Additional check if devfs needs to be mounted: * If "/" and "/dev" have the same device number, * then it hasn't been mounted yet. */ if (!devfs) { struct stat stst; dev_t root_devno; stat("/", &stst); root_devno = stst.st_dev; if (stat("/dev", &stst) != 0) warning("Can't stat /dev: %m"); else if (stst.st_dev == root_devno) devfs = true; } if (devfs) { struct iovec iov[4]; char *s; int i; char _fstype[] = "fstype"; char _devfs[] = "devfs"; char _fspath[] = "fspath"; char _path_dev[]= _PATH_DEV; iov[0].iov_base = _fstype; iov[0].iov_len = sizeof(_fstype); iov[1].iov_base = _devfs; iov[1].iov_len = sizeof(_devfs); iov[2].iov_base = _fspath; iov[2].iov_len = sizeof(_fspath); /* * Try to avoid the trailing slash in _PATH_DEV. * Be *very* defensive. */ s = strdup(_PATH_DEV); if (s != NULL) { i = strlen(s); if (i > 0 && s[i - 1] == '/') s[i - 1] = '\0'; iov[3].iov_base = s; iov[3].iov_len = strlen(s) + 1; } else { iov[3].iov_base = _path_dev; iov[3].iov_len = sizeof(_path_dev); } nmount(iov, 4, 0); if (s != NULL) free(s); } if (initial_transition != reroot_phase_two) { /* * Unmount reroot leftovers. This runs after init(8) * gets reexecuted after reroot_phase_two() is done. */ error = unmount(_PATH_REROOT, MNT_FORCE); if (error != 0 && errno != EINVAL) warning("Cannot unmount %s: %m", _PATH_REROOT); } /* * Start the state machine. */ transition(initial_transition); /* * Should never reach here. */ return 1; } /* * Associate a function with a signal handler. */ static void handle(sig_t handler, ...) { int sig; struct sigaction sa; sigset_t mask_everything; va_list ap; va_start(ap, handler); sa.sa_handler = handler; sigfillset(&mask_everything); while ((sig = va_arg(ap, int)) != 0) { sa.sa_mask = mask_everything; /* XXX SA_RESTART? */ sa.sa_flags = sig == SIGCHLD ? SA_NOCLDSTOP : 0; sigaction(sig, &sa, NULL); } va_end(ap); } /* * Delete a set of signals from a mask. */ static void delset(sigset_t *maskp, ...) { int sig; va_list ap; va_start(ap, maskp); while ((sig = va_arg(ap, int)) != 0) sigdelset(maskp, sig); va_end(ap); } /* * Log a message and sleep for a while (to give someone an opportunity * to read it and to save log or hardcopy output if the problem is chronic). * NB: should send a message to the session logger to avoid blocking. */ static void stall(const char *message, ...) { va_list ap; va_start(ap, message); vsyslog(LOG_ALERT, message, ap); va_end(ap); sleep(STALL_TIMEOUT); } /* * Like stall(), but doesn't sleep. * If cpp had variadic macros, the two functions could be #defines for another. * NB: should send a message to the session logger to avoid blocking. */ static void warning(const char *message, ...) { va_list ap; va_start(ap, message); vsyslog(LOG_ALERT, message, ap); va_end(ap); } /* * Log an emergency message. * NB: should send a message to the session logger to avoid blocking. */ static void emergency(const char *message, ...) { va_list ap; va_start(ap, message); vsyslog(LOG_EMERG, message, ap); va_end(ap); } /* * Catch an unexpected signal. */ static void disaster(int sig) { emergency("fatal signal: %s", (unsigned)sig < NSIG ? sys_siglist[sig] : "unknown signal"); sleep(STALL_TIMEOUT); _exit(sig); /* reboot */ } /* * Get the security level of the kernel. */ static int getsecuritylevel(void) { #ifdef KERN_SECURELVL int name[2], curlevel; size_t len; name[0] = CTL_KERN; name[1] = KERN_SECURELVL; len = sizeof curlevel; if (sysctl(name, 2, &curlevel, &len, NULL, 0) == -1) { emergency("cannot get kernel security level: %m"); return (-1); } return (curlevel); #else return (-1); #endif } /* * Set the security level of the kernel. */ static void setsecuritylevel(int newlevel) { #ifdef KERN_SECURELVL int name[2], curlevel; curlevel = getsecuritylevel(); if (newlevel == curlevel) return; name[0] = CTL_KERN; name[1] = KERN_SECURELVL; if (sysctl(name, 2, NULL, NULL, &newlevel, sizeof newlevel) == -1) { emergency( "cannot change kernel security level from %d to %d: %m", curlevel, newlevel); return; } #ifdef SECURE warning("kernel security level changed from %d to %d", curlevel, newlevel); #endif #endif } /* * Change states in the finite state machine. * The initial state is passed as an argument. */ static void transition(state_t s) { current_state = s; for (;;) current_state = (state_t) (*current_state)(); } /* * Start a session and allocate a controlling terminal. * Only called by children of init after forking. */ static void open_console(void) { int fd; /* * Try to open /dev/console. Open the device with O_NONBLOCK to * prevent potential blocking on a carrier. */ revoke(_PATH_CONSOLE); if ((fd = open(_PATH_CONSOLE, O_RDWR | O_NONBLOCK)) != -1) { (void)fcntl(fd, F_SETFL, fcntl(fd, F_GETFL) & ~O_NONBLOCK); if (login_tty(fd) == 0) return; close(fd); } /* No luck. Log output to file if possible. */ if ((fd = open(_PATH_DEVNULL, O_RDWR)) == -1) { stall("cannot open null device."); _exit(1); } if (fd != STDIN_FILENO) { dup2(fd, STDIN_FILENO); close(fd); } fd = open(_PATH_INITLOG, O_WRONLY | O_APPEND | O_CREAT, 0644); if (fd == -1) dup2(STDIN_FILENO, STDOUT_FILENO); else if (fd != STDOUT_FILENO) { dup2(fd, STDOUT_FILENO); close(fd); } dup2(STDOUT_FILENO, STDERR_FILENO); } static const char * get_shell(void) { static char kenv_value[PATH_MAX]; if (kenv(KENV_GET, "init_shell", kenv_value, sizeof(kenv_value)) > 0) return kenv_value; else return _PATH_BSHELL; } static void write_stderr(const char *message) { write(STDERR_FILENO, message, strlen(message)); } static int read_file(const char *path, void **bufp, size_t *bufsizep) { struct stat sb; size_t bufsize; void *buf; ssize_t nbytes; int error, fd; fd = open(path, O_RDONLY); if (fd < 0) { emergency("%s: %m", path); return (-1); } error = fstat(fd, &sb); if (error != 0) { emergency("fstat: %m"); close(fd); return (error); } bufsize = sb.st_size; buf = malloc(bufsize); if (buf == NULL) { emergency("malloc: %m"); close(fd); return (error); } nbytes = read(fd, buf, bufsize); if (nbytes != (ssize_t)bufsize) { emergency("read: %m"); close(fd); free(buf); return (error); } error = close(fd); if (error != 0) { emergency("close: %m"); free(buf); return (error); } *bufp = buf; *bufsizep = bufsize; return (0); } static int create_file(const char *path, const void *buf, size_t bufsize) { ssize_t nbytes; int error, fd; fd = open(path, O_WRONLY | O_CREAT | O_EXCL, 0700); if (fd < 0) { emergency("%s: %m", path); return (-1); } nbytes = write(fd, buf, bufsize); if (nbytes != (ssize_t)bufsize) { emergency("write: %m"); close(fd); return (-1); } error = close(fd); if (error != 0) { emergency("close: %m"); return (-1); } return (0); } static int mount_tmpfs(const char *fspath) { struct iovec *iov; char errmsg[255]; int error, iovlen; iov = NULL; iovlen = 0; memset(errmsg, 0, sizeof(errmsg)); build_iovec(&iov, &iovlen, "fstype", __DECONST(void *, "tmpfs"), (size_t)-1); build_iovec(&iov, &iovlen, "fspath", __DECONST(void *, fspath), (size_t)-1); build_iovec(&iov, &iovlen, "errmsg", errmsg, sizeof(errmsg)); error = nmount(iov, iovlen, 0); if (error != 0) { if (*errmsg != '\0') { emergency("cannot mount tmpfs on %s: %s: %m", fspath, errmsg); } else { emergency("cannot mount tmpfs on %s: %m", fspath); } return (error); } return (0); } static state_func_t reroot(void) { void *buf; size_t bufsize; int error; buf = NULL; bufsize = 0; revoke_ttys(); runshutdown(); /* * Make sure nobody can interfere with our scheme. * Ignore ESRCH, which can apparently happen when * there are no processes to kill. */ error = kill(-1, SIGKILL); if (error != 0 && errno != ESRCH) { emergency("kill(2) failed: %m"); goto out; } /* * Copy the init binary into tmpfs, so that we can unmount * the old rootfs without committing suicide. */ error = read_file(init_path_argv0, &buf, &bufsize); if (error != 0) goto out; error = mount_tmpfs(_PATH_REROOT); if (error != 0) goto out; error = create_file(_PATH_REROOT_INIT, buf, bufsize); if (error != 0) goto out; /* * Execute the temporary init. */ execl(_PATH_REROOT_INIT, _PATH_REROOT_INIT, "-r", NULL); emergency("cannot exec %s: %m", _PATH_REROOT_INIT); out: emergency("reroot failed; going to single user mode"); free(buf); return (state_func_t) single_user; } static state_func_t reroot_phase_two(void) { char init_path[PATH_MAX], *path, *path_component; size_t init_path_len; int nbytes, error; /* * Ask the kernel to mount the new rootfs. */ error = reboot(RB_REROOT); if (error != 0) { emergency("RB_REBOOT failed: %m"); goto out; } /* * Figure out where the destination init(8) binary is. Note that * the path could be different than what we've started with. Use * the value from kenv, if set, or the one from sysctl otherwise. * The latter defaults to a hardcoded value, but can be overridden * by a build time option. */ nbytes = kenv(KENV_GET, "init_path", init_path, sizeof(init_path)); if (nbytes <= 0) { init_path_len = sizeof(init_path); error = sysctlbyname("kern.init_path", init_path, &init_path_len, NULL, 0); if (error != 0) { emergency("failed to retrieve kern.init_path: %m"); goto out; } } /* * Repeat the init search logic from sys/kern/init_path.c */ path_component = init_path; while ((path = strsep(&path_component, ":")) != NULL) { /* * Execute init(8) from the new rootfs. */ execl(path, path, NULL); } emergency("cannot exec init from %s: %m", init_path); out: emergency("reroot failed; going to single user mode"); return (state_func_t) single_user; } /* * Bring the system up single user. */ static state_func_t single_user(void) { pid_t pid, wpid; int status; sigset_t mask; const char *shell; char *argv[2]; struct timeval tv, tn; #ifdef SECURE struct ttyent *typ; struct passwd *pp; static const char banner[] = "Enter root password, or ^D to go multi-user\n"; char *clear, *password; #endif #ifdef DEBUGSHELL char altshell[128]; #endif if (Reboot) { /* Instead of going single user, let's reboot the machine */ BOOTTRACE("shutting down the system"); sync(); /* Run scripts after all processes have been terminated. */ runfinal(); if (reboot(howto) == -1) { emergency("reboot(%#x) failed, %m", howto); _exit(1); /* panic and reboot */ } warning("reboot(%#x) returned", howto); _exit(0); /* panic as well */ } BOOTTRACE("going to single user mode"); shell = get_shell(); if ((pid = fork()) == 0) { /* * Start the single user session. */ open_console(); #ifdef SECURE /* * Check the root password. * We don't care if the console is 'on' by default; * it's the only tty that can be 'off' and 'secure'. */ typ = getttynam("console"); pp = getpwnam("root"); if (typ && (typ->ty_status & TTY_SECURE) == 0 && pp && *pp->pw_passwd) { write_stderr(banner); for (;;) { clear = getpass("Password:"); if (clear == NULL || *clear == '\0') _exit(0); password = crypt(clear, pp->pw_passwd); explicit_bzero(clear, _PASSWORD_LEN); if (password != NULL && strcmp(password, pp->pw_passwd) == 0) break; warning("single-user login failed\n"); } } endttyent(); endpwent(); #endif /* SECURE */ #ifdef DEBUGSHELL { char *cp = altshell; int num; #define SHREQUEST "Enter full pathname of shell or RETURN for " write_stderr(SHREQUEST); write_stderr(shell); write_stderr(": "); while ((num = read(STDIN_FILENO, cp, 1)) != -1 && num != 0 && *cp != '\n' && cp < &altshell[127]) cp++; *cp = '\0'; if (altshell[0] != '\0') shell = altshell; } #endif /* DEBUGSHELL */ /* * Unblock signals. * We catch all the interesting ones, * and those are reset to SIG_DFL on exec. */ sigemptyset(&mask); sigprocmask(SIG_SETMASK, &mask, NULL); /* * Fire off a shell. * If the default one doesn't work, try the Bourne shell. */ char name[] = "-sh"; argv[0] = name; argv[1] = NULL; execv(shell, argv); emergency("can't exec %s for single user: %m", shell); execv(_PATH_BSHELL, argv); emergency("can't exec %s for single user: %m", _PATH_BSHELL); sleep(STALL_TIMEOUT); _exit(1); } if (pid == -1) { /* * We are seriously hosed. Do our best. */ emergency("can't fork single-user shell, trying again"); while (waitpid(-1, (int *) 0, WNOHANG) > 0) continue; return (state_func_t) single_user; } requested_transition = 0; do { if ((wpid = waitpid(-1, &status, WUNTRACED)) != -1) collect_child(wpid); if (wpid == -1) { if (errno == EINTR) continue; warning("wait for single-user shell failed: %m; restarting"); return (state_func_t) single_user; } if (wpid == pid && WIFSTOPPED(status)) { warning("init: shell stopped, restarting\n"); kill(pid, SIGCONT); wpid = -1; } } while (wpid != pid && !requested_transition); if (requested_transition) return (state_func_t) requested_transition; if (!WIFEXITED(status)) { if (WTERMSIG(status) == SIGKILL) { /* * reboot(8) killed shell? */ warning("single user shell terminated."); gettimeofday(&tv, NULL); tn = tv; tv.tv_sec += STALL_TIMEOUT; while (tv.tv_sec > tn.tv_sec || (tv.tv_sec == tn.tv_sec && tv.tv_usec > tn.tv_usec)) { sleep(1); gettimeofday(&tn, NULL); } _exit(0); } else { warning("single user shell terminated, restarting"); return (state_func_t) single_user; } } runcom_mode = FASTBOOT; return (state_func_t) runcom; } /* * Run the system startup script. */ static state_func_t runcom(void) { state_func_t next_transition; BOOTTRACE("/etc/rc starting..."); if ((next_transition = run_script(_PATH_RUNCOM)) != NULL) return next_transition; BOOTTRACE("/etc/rc finished"); runcom_mode = AUTOBOOT; /* the default */ return (state_func_t) read_ttys; } static void execute_script(char *argv[]) { struct sigaction sa; char* sh_argv[3 + SCRIPT_ARGV_SIZE]; const char *shell, *script; int error, sh_argv_len, i; bzero(&sa, sizeof(sa)); sigemptyset(&sa.sa_mask); sa.sa_handler = SIG_IGN; sigaction(SIGTSTP, &sa, NULL); sigaction(SIGHUP, &sa, NULL); open_console(); sigprocmask(SIG_SETMASK, &sa.sa_mask, NULL); #ifdef LOGIN_CAP setprocresources(RESOURCE_RC); #endif /* * Try to directly execute the script first. If it * fails, try the old method of passing the script path * to sh(1). Don't complain if it fails because of * the missing execute bit. */ script = argv[0]; error = access(script, X_OK); if (error == 0) { execv(script, argv); warning("can't directly exec %s: %m", script); } else if (errno != EACCES) { warning("can't access %s: %m", script); } shell = get_shell(); sh_argv[0] = __DECONST(char*, shell); sh_argv_len = 1; #ifdef SECURE if (strcmp(shell, _PATH_BSHELL) == 0) { sh_argv[1] = __DECONST(char*, "-o"); sh_argv[2] = __DECONST(char*, "verify"); sh_argv_len = 3; } #endif for (i = 0; i != SCRIPT_ARGV_SIZE; ++i) sh_argv[i + sh_argv_len] = argv[i]; execv(shell, sh_argv); stall("can't exec %s for %s: %m", shell, script); } /* * Execute binary, replacing init(8) as PID 1. */ static void replace_init(char *path) { char *argv[SCRIPT_ARGV_SIZE]; argv[0] = path; argv[1] = NULL; execute_script(argv); } /* * Run a shell script. * Returns 0 on success, otherwise the next transition to enter: * - single_user if fork/execv/waitpid failed, or if the script * terminated with a signal or exit code != 0. * - death_single if a SIGTERM was delivered to init(8). */ static state_func_t run_script(const char *script) { pid_t pid, wpid; int status; char *argv[SCRIPT_ARGV_SIZE]; const char *shell; shell = get_shell(); if ((pid = fork()) == 0) { char _autoboot[] = "autoboot"; argv[0] = __DECONST(char *, script); argv[1] = runcom_mode == AUTOBOOT ? _autoboot : NULL; argv[2] = NULL; execute_script(argv); sleep(STALL_TIMEOUT); _exit(1); /* force single user mode */ } if (pid == -1) { emergency("can't fork for %s on %s: %m", shell, script); while (waitpid(-1, (int *) 0, WNOHANG) > 0) continue; sleep(STALL_TIMEOUT); return (state_func_t) single_user; } /* * Copied from single_user(). This is a bit paranoid. */ requested_transition = 0; do { if ((wpid = waitpid(-1, &status, WUNTRACED)) != -1) collect_child(wpid); if (requested_transition == death_single || requested_transition == reroot) return (state_func_t) requested_transition; if (wpid == -1) { if (errno == EINTR) continue; warning("wait for %s on %s failed: %m; going to " "single user mode", shell, script); return (state_func_t) single_user; } if (wpid == pid && WIFSTOPPED(status)) { warning("init: %s on %s stopped, restarting\n", shell, script); kill(pid, SIGCONT); wpid = -1; } } while (wpid != pid); if (WIFSIGNALED(status) && WTERMSIG(status) == SIGTERM && requested_transition == catatonia) { /* /etc/rc executed /sbin/reboot; wait for the end quietly */ sigset_t s; sigfillset(&s); for (;;) sigsuspend(&s); } if (!WIFEXITED(status)) { warning("%s on %s terminated abnormally, going to single " "user mode", shell, script); return (state_func_t) single_user; } if (WEXITSTATUS(status)) return (state_func_t) single_user; return (state_func_t) 0; } /* * Open the session database. * * NB: We could pass in the size here; is it necessary? */ static int start_session_db(void) { if (session_db && (*session_db->close)(session_db)) emergency("session database close: %m"); if ((session_db = dbopen(NULL, O_RDWR, 0, DB_HASH, NULL)) == NULL) { emergency("session database open: %m"); return (1); } return (0); } /* * Add a new login session. */ static void add_session(session_t *sp) { DBT key; DBT data; key.data = &sp->se_process; key.size = sizeof sp->se_process; data.data = &sp; data.size = sizeof sp; if ((*session_db->put)(session_db, &key, &data, 0)) emergency("insert %d: %m", sp->se_process); } /* * Delete an old login session. */ static void del_session(session_t *sp) { DBT key; key.data = &sp->se_process; key.size = sizeof sp->se_process; if ((*session_db->del)(session_db, &key, 0)) emergency("delete %d: %m", sp->se_process); } /* * Look up a login session by pid. */ static session_t * find_session(pid_t pid) { DBT key; DBT data; session_t *ret; key.data = &pid; key.size = sizeof pid; if ((*session_db->get)(session_db, &key, &data, 0) != 0) return 0; bcopy(data.data, (char *)&ret, sizeof(ret)); return ret; } /* * Construct an argument vector from a command line. */ static char ** construct_argv(char *command) { int argc = 0; char **argv = (char **) malloc(((strlen(command) + 1) / 2 + 1) * sizeof (char *)); if ((argv[argc++] = strk(command)) == NULL) { free(argv); return (NULL); } while ((argv[argc++] = strk((char *) 0)) != NULL) continue; return argv; } /* * Deallocate a session descriptor. */ static void free_session(session_t *sp) { free(sp->se_device); if (sp->se_getty) { free(sp->se_getty); free(sp->se_getty_argv_space); free(sp->se_getty_argv); } if (sp->se_window) { free(sp->se_window); free(sp->se_window_argv_space); free(sp->se_window_argv); } if (sp->se_type) free(sp->se_type); free(sp); } /* * Allocate a new session descriptor. * Mark it SE_PRESENT. */ static session_t * new_session(session_t *sprev, struct ttyent *typ) { session_t *sp; if ((typ->ty_status & TTY_ON) == 0 || typ->ty_name == 0 || typ->ty_getty == 0) return 0; sp = (session_t *) calloc(1, sizeof (session_t)); sp->se_flags |= SE_PRESENT; if ((typ->ty_status & TTY_IFEXISTS) != 0) sp->se_flags |= SE_IFEXISTS; if ((typ->ty_status & TTY_IFCONSOLE) != 0) sp->se_flags |= SE_IFCONSOLE; if (asprintf(&sp->se_device, "%s%s", _PATH_DEV, typ->ty_name) < 0) err(1, "asprintf"); if (setupargv(sp, typ) == 0) { free_session(sp); return (0); } sp->se_next = 0; if (sprev == NULL) { sessions = sp; sp->se_prev = 0; } else { sprev->se_next = sp; sp->se_prev = sprev; } return sp; } /* * Calculate getty and if useful window argv vectors. */ static int setupargv(session_t *sp, struct ttyent *typ) { if (sp->se_getty) { free(sp->se_getty); free(sp->se_getty_argv_space); free(sp->se_getty_argv); } if (asprintf(&sp->se_getty, "%s %s", typ->ty_getty, typ->ty_name) < 0) err(1, "asprintf"); sp->se_getty_argv_space = strdup(sp->se_getty); sp->se_getty_argv = construct_argv(sp->se_getty_argv_space); if (sp->se_getty_argv == NULL) { warning("can't parse getty for port %s", sp->se_device); free(sp->se_getty); free(sp->se_getty_argv_space); sp->se_getty = sp->se_getty_argv_space = 0; return (0); } if (sp->se_window) { free(sp->se_window); free(sp->se_window_argv_space); free(sp->se_window_argv); } sp->se_window = sp->se_window_argv_space = 0; sp->se_window_argv = 0; if (typ->ty_window) { sp->se_window = strdup(typ->ty_window); sp->se_window_argv_space = strdup(sp->se_window); sp->se_window_argv = construct_argv(sp->se_window_argv_space); if (sp->se_window_argv == NULL) { warning("can't parse window for port %s", sp->se_device); free(sp->se_window_argv_space); free(sp->se_window); sp->se_window = sp->se_window_argv_space = 0; return (0); } } if (sp->se_type) free(sp->se_type); sp->se_type = typ->ty_type ? strdup(typ->ty_type) : 0; return (1); } /* * Walk the list of ttys and create sessions for each active line. */ static state_func_t read_ttys(void) { session_t *sp, *snext; struct ttyent *typ; /* * Destroy any previous session state. * There shouldn't be any, but just in case... */ for (sp = sessions; sp; sp = snext) { snext = sp->se_next; free_session(sp); } sessions = 0; if (start_session_db()) return (state_func_t) single_user; /* * Allocate a session entry for each active port. * Note that sp starts at 0. */ while ((typ = getttyent()) != NULL) if ((snext = new_session(sp, typ)) != NULL) sp = snext; endttyent(); return (state_func_t) multi_user; } /* * Start a window system running. */ static void start_window_system(session_t *sp) { pid_t pid; sigset_t mask; char term[64], *env[2]; int status; if ((pid = fork()) == -1) { emergency("can't fork for window system on port %s: %m", sp->se_device); /* hope that getty fails and we can try again */ return; } if (pid) { waitpid(-1, &status, 0); return; } /* reparent window process to the init to not make a zombie on exit */ if ((pid = fork()) == -1) { emergency("can't fork for window system on port %s: %m", sp->se_device); _exit(1); } if (pid) _exit(0); sigemptyset(&mask); sigprocmask(SIG_SETMASK, &mask, NULL); if (setsid() < 0) emergency("setsid failed (window) %m"); #ifdef LOGIN_CAP setprocresources(RESOURCE_WINDOW); #endif if (sp->se_type) { /* Don't use malloc after fork */ strcpy(term, "TERM="); strlcat(term, sp->se_type, sizeof(term)); env[0] = term; env[1] = NULL; } else env[0] = NULL; execve(sp->se_window_argv[0], sp->se_window_argv, env); stall("can't exec window system '%s' for port %s: %m", sp->se_window_argv[0], sp->se_device); _exit(1); } /* * Start a login session running. */ static pid_t start_getty(session_t *sp) { pid_t pid; sigset_t mask; time_t current_time = time((time_t *) 0); int too_quick = 0; char term[64], *env[2]; if (current_time >= sp->se_started && current_time - sp->se_started < GETTY_SPACING) { if (++sp->se_nspace > GETTY_NSPACE) { sp->se_nspace = 0; too_quick = 1; } } else sp->se_nspace = 0; /* * fork(), not vfork() -- we can't afford to block. */ if ((pid = fork()) == -1) { emergency("can't fork for getty on port %s: %m", sp->se_device); return -1; } if (pid) return pid; if (too_quick) { warning("getty repeating too quickly on port %s, sleeping %d secs", sp->se_device, GETTY_SLEEP); sleep((unsigned) GETTY_SLEEP); } if (sp->se_window) { start_window_system(sp); sleep(WINDOW_WAIT); } sigemptyset(&mask); sigprocmask(SIG_SETMASK, &mask, NULL); #ifdef LOGIN_CAP setprocresources(RESOURCE_GETTY); #endif if (sp->se_type) { /* Don't use malloc after fork */ strcpy(term, "TERM="); strlcat(term, sp->se_type, sizeof(term)); env[0] = term; env[1] = NULL; } else env[0] = NULL; execve(sp->se_getty_argv[0], sp->se_getty_argv, env); stall("can't exec getty '%s' for port %s: %m", sp->se_getty_argv[0], sp->se_device); _exit(1); } /* * Return 1 if the session is defined as "onifexists" * or "onifconsole" and the device node does not exist. */ static int session_has_no_tty(session_t *sp) { int fd; if ((sp->se_flags & SE_IFEXISTS) == 0 && (sp->se_flags & SE_IFCONSOLE) == 0) return (0); fd = open(sp->se_device, O_RDONLY | O_NONBLOCK, 0); if (fd < 0) { if (errno == ENOENT) return (1); return (0); } close(fd); return (0); } /* * Collect exit status for a child. * If an exiting login, start a new login running. */ static void collect_child(pid_t pid) { session_t *sp, *sprev, *snext; if (! sessions) return; if (! (sp = find_session(pid))) return; del_session(sp); sp->se_process = 0; if (sp->se_flags & SE_SHUTDOWN || session_has_no_tty(sp)) { if ((sprev = sp->se_prev) != NULL) sprev->se_next = sp->se_next; else sessions = sp->se_next; if ((snext = sp->se_next) != NULL) snext->se_prev = sp->se_prev; free_session(sp); return; } if ((pid = start_getty(sp)) == -1) { /* serious trouble */ requested_transition = clean_ttys; return; } sp->se_process = pid; sp->se_started = time((time_t *) 0); add_session(sp); } static const char * get_current_state(void) { if (current_state == single_user) return ("single-user"); if (current_state == runcom) return ("runcom"); if (current_state == read_ttys) return ("read-ttys"); if (current_state == multi_user) return ("multi-user"); if (current_state == clean_ttys) return ("clean-ttys"); if (current_state == catatonia) return ("catatonia"); if (current_state == death) return ("death"); if (current_state == death_single) return ("death-single"); return ("unknown"); } static void boottrace_transition(int sig) { const char *action; switch (sig) { case SIGUSR2: action = "halt & poweroff"; break; case SIGUSR1: action = "halt"; break; case SIGINT: action = "reboot"; break; case SIGWINCH: action = "powercycle"; break; case SIGTERM: action = Reboot ? "reboot" : "single-user"; break; default: BOOTTRACE("signal %d from %s", sig, get_current_state()); return; } /* Trace the shutdown reason. */ SHUTTRACE("%s from %s", action, get_current_state()); } /* * Catch a signal and request a state transition. */ static void transition_handler(int sig) { boottrace_transition(sig); switch (sig) { case SIGHUP: if (current_state == read_ttys || current_state == multi_user || current_state == clean_ttys || current_state == catatonia) requested_transition = clean_ttys; break; case SIGUSR2: howto = RB_POWEROFF; case SIGUSR1: howto |= RB_HALT; case SIGWINCH: case SIGINT: if (sig == SIGWINCH) howto |= RB_POWERCYCLE; Reboot = true; case SIGTERM: if (current_state == read_ttys || current_state == multi_user || current_state == clean_ttys || current_state == catatonia) requested_transition = death; else requested_transition = death_single; break; case SIGTSTP: if (current_state == runcom || current_state == read_ttys || current_state == clean_ttys || current_state == multi_user || current_state == catatonia) requested_transition = catatonia; break; case SIGEMT: requested_transition = reroot; break; default: requested_transition = 0; break; } } /* * Take the system multiuser. */ static state_func_t multi_user(void) { static bool inmultiuser = false; pid_t pid; session_t *sp; requested_transition = 0; /* * If the administrator has not set the security level to -1 * to indicate that the kernel should not run multiuser in secure * mode, and the run script has not set a higher level of security * than level 1, then put the kernel into secure mode. */ if (getsecuritylevel() == 0) setsecuritylevel(1); for (sp = sessions; sp; sp = sp->se_next) { if (sp->se_process) continue; if (session_has_no_tty(sp)) continue; if ((pid = start_getty(sp)) == -1) { /* serious trouble */ requested_transition = clean_ttys; break; } sp->se_process = pid; sp->se_started = time((time_t *) 0); add_session(sp); } if (requested_transition == 0 && !inmultiuser) { inmultiuser = true; /* This marks the change from boot-time tracing to run-time. */ RUNTRACE("multi-user start"); } while (!requested_transition) if ((pid = waitpid(-1, (int *) 0, 0)) != -1) collect_child(pid); return (state_func_t) requested_transition; } /* * This is an (n*2)+(n^2) algorithm. We hope it isn't run often... */ static state_func_t clean_ttys(void) { session_t *sp, *sprev; struct ttyent *typ; int devlen; char *old_getty, *old_window, *old_type; /* * mark all sessions for death, (!SE_PRESENT) * as we find or create new ones they'll be marked as keepers, * we'll later nuke all the ones not found in /etc/ttys */ for (sp = sessions; sp != NULL; sp = sp->se_next) sp->se_flags &= ~SE_PRESENT; devlen = sizeof(_PATH_DEV) - 1; while ((typ = getttyent()) != NULL) { for (sprev = 0, sp = sessions; sp; sprev = sp, sp = sp->se_next) if (strcmp(typ->ty_name, sp->se_device + devlen) == 0) break; if (sp) { /* we want this one to live */ sp->se_flags |= SE_PRESENT; if ((typ->ty_status & TTY_ON) == 0 || typ->ty_getty == 0) { sp->se_flags |= SE_SHUTDOWN; kill(sp->se_process, SIGHUP); continue; } sp->se_flags &= ~SE_SHUTDOWN; old_getty = sp->se_getty ? strdup(sp->se_getty) : 0; old_window = sp->se_window ? strdup(sp->se_window) : 0; old_type = sp->se_type ? strdup(sp->se_type) : 0; if (setupargv(sp, typ) == 0) { warning("can't parse getty for port %s", sp->se_device); sp->se_flags |= SE_SHUTDOWN; kill(sp->se_process, SIGHUP); } else if ( !old_getty || (!old_type && sp->se_type) || (old_type && !sp->se_type) || (!old_window && sp->se_window) || (old_window && !sp->se_window) || (strcmp(old_getty, sp->se_getty) != 0) || (old_window && strcmp(old_window, sp->se_window) != 0) || (old_type && strcmp(old_type, sp->se_type) != 0) ) { /* Don't set SE_SHUTDOWN here */ sp->se_nspace = 0; sp->se_started = 0; kill(sp->se_process, SIGHUP); } if (old_getty) free(old_getty); if (old_window) free(old_window); if (old_type) free(old_type); continue; } new_session(sprev, typ); } endttyent(); /* * sweep through and kill all deleted sessions * ones who's /etc/ttys line was deleted (SE_PRESENT unset) */ for (sp = sessions; sp != NULL; sp = sp->se_next) { if ((sp->se_flags & SE_PRESENT) == 0) { sp->se_flags |= SE_SHUTDOWN; kill(sp->se_process, SIGHUP); } } return (state_func_t) multi_user; } /* * Block further logins. */ static state_func_t catatonia(void) { session_t *sp; for (sp = sessions; sp; sp = sp->se_next) sp->se_flags |= SE_SHUTDOWN; return (state_func_t) multi_user; } /* * Note SIGALRM. */ static void alrm_handler(int sig) { (void)sig; clang = true; } /* * Bring the system down to single user. */ static state_func_t death(void) { int block, blocked; size_t len; /* Temporarily block suspend. */ len = sizeof(blocked); block = 1; if (sysctlbyname("kern.suspend_blocked", &blocked, &len, &block, sizeof(block)) == -1) blocked = 0; /* * Also revoke the TTY here. Because runshutdown() may reopen * the TTY whose getty we're killing here, there is no guarantee * runshutdown() will perform the initial open() call, causing * the terminal attributes to be misconfigured. */ revoke_ttys(); /* Try to run the rc.shutdown script within a period of time */ runshutdown(); /* Unblock suspend if we blocked it. */ if (!blocked) sysctlbyname("kern.suspend_blocked", NULL, NULL, &blocked, sizeof(blocked)); return (state_func_t) death_single; } /* * Do what is necessary to reinitialize single user mode or reboot * from an incomplete state. */ static state_func_t death_single(void) { int i; pid_t pid; static const int death_sigs[2] = { SIGTERM, SIGKILL }; revoke(_PATH_CONSOLE); BOOTTRACE("start killing user processes"); for (i = 0; i < 2; ++i) { if (kill(-1, death_sigs[i]) == -1 && errno == ESRCH) return (state_func_t) single_user; clang = false; alarm(DEATH_WATCH); do if ((pid = waitpid(-1, (int *)0, 0)) != -1) collect_child(pid); while (!clang && errno != ECHILD); if (errno == ECHILD) return (state_func_t) single_user; } warning("some processes would not die; ps axl advised"); return (state_func_t) single_user; } static void revoke_ttys(void) { session_t *sp; for (sp = sessions; sp; sp = sp->se_next) { sp->se_flags |= SE_SHUTDOWN; kill(sp->se_process, SIGHUP); revoke(sp->se_device); } } /* * Run the system shutdown script. * * Exit codes: XXX I should document more * -2 shutdown script terminated abnormally * -1 fatal error - can't run script * 0 good. * >0 some error (exit code) */ static int runshutdown(void) { pid_t pid, wpid; int status; int shutdowntimeout; size_t len; char *argv[SCRIPT_ARGV_SIZE]; struct stat sb; BOOTTRACE("init(8): start rc.shutdown"); /* * rc.shutdown is optional, so to prevent any unnecessary * complaints from the shell we simply don't run it if the * file does not exist. If the stat() here fails for other * reasons, we'll let the shell complain. */ if (stat(_PATH_RUNDOWN, &sb) == -1 && errno == ENOENT) return 0; if ((pid = fork()) == 0) { char _reboot[] = "reboot"; char _single[] = "single"; char _path_rundown[] = _PATH_RUNDOWN; argv[0] = _path_rundown; argv[1] = Reboot ? _reboot : _single; argv[2] = NULL; execute_script(argv); _exit(1); /* force single user mode */ } if (pid == -1) { emergency("can't fork for %s: %m", _PATH_RUNDOWN); while (waitpid(-1, (int *) 0, WNOHANG) > 0) continue; sleep(STALL_TIMEOUT); return -1; } len = sizeof(shutdowntimeout); if (sysctlbyname("kern.init_shutdown_timeout", &shutdowntimeout, &len, NULL, 0) == -1 || shutdowntimeout < 2) shutdowntimeout = DEATH_SCRIPT; alarm(shutdowntimeout); clang = false; /* * Copied from single_user(). This is a bit paranoid. * Use the same ALRM handler. */ do { if ((wpid = waitpid(-1, &status, WUNTRACED)) != -1) collect_child(wpid); if (clang) { /* we were waiting for the sub-shell */ kill(wpid, SIGTERM); warning("timeout expired for %s: %m; going to " "single user mode", _PATH_RUNDOWN); BOOTTRACE("rc.shutdown's %d sec timeout expired", shutdowntimeout); return -1; } if (wpid == -1) { if (errno == EINTR) continue; warning("wait for %s failed: %m; going to " "single user mode", _PATH_RUNDOWN); return -1; } if (wpid == pid && WIFSTOPPED(status)) { warning("init: %s stopped, restarting\n", _PATH_RUNDOWN); kill(pid, SIGCONT); wpid = -1; } } while (wpid != pid && !clang); /* Turn off the alarm */ alarm(0); if (WIFSIGNALED(status) && WTERMSIG(status) == SIGTERM && requested_transition == catatonia) { /* * /etc/rc.shutdown executed /sbin/reboot; * wait for the end quietly */ sigset_t s; sigfillset(&s); for (;;) sigsuspend(&s); } if (!WIFEXITED(status)) { warning("%s terminated abnormally, going to " "single user mode", _PATH_RUNDOWN); return -2; } if ((status = WEXITSTATUS(status)) != 0) warning("%s returned status %d", _PATH_RUNDOWN, status); return status; } static char * strk(char *p) { static char *t; char *q; int c; if (p) t = p; if (!t) return 0; c = *t; while (c == ' ' || c == '\t' ) c = *++t; if (!c) { t = 0; return 0; } q = t; if (c == '\'') { c = *++t; q = t; while (c && c != '\'') c = *++t; if (!c) /* unterminated string */ q = t = 0; else *t++ = 0; } else { while (c && c != ' ' && c != '\t' ) c = *++t; *t++ = 0; if (!c) t = 0; } return q; } #ifdef LOGIN_CAP static void setprocresources(const char *cname) { login_cap_t *lc; if ((lc = login_getclassbyname(cname, NULL)) != NULL) { setusercontext(lc, (struct passwd*)NULL, 0, LOGIN_SETENV | LOGIN_SETPRIORITY | LOGIN_SETRESOURCES | LOGIN_SETLOGINCLASS | LOGIN_SETCPUMASK); login_close(lc); } } #endif /* * Run /etc/rc.final to execute scripts after all user processes have been * terminated. */ static void runfinal(void) { struct stat sb; pid_t other_pid, pid; sigset_t mask; /* Avoid any surprises. */ alarm(0); /* rc.final is optional. */ if (stat(_PATH_RUNFINAL, &sb) == -1 && errno == ENOENT) return; if (access(_PATH_RUNFINAL, X_OK) != 0) { warning("%s exists, but not executable", _PATH_RUNFINAL); return; } pid = fork(); if (pid == 0) { /* * Reopen stdin/stdout/stderr so that scripts can write to * console. */ close(0); open(_PATH_DEVNULL, O_RDONLY); close(1); close(2); open_console(); dup2(1, 2); sigemptyset(&mask); sigprocmask(SIG_SETMASK, &mask, NULL); signal(SIGCHLD, SIG_DFL); execl(_PATH_RUNFINAL, _PATH_RUNFINAL, NULL); perror("execl(" _PATH_RUNFINAL ") failed"); exit(1); } /* Wait for rc.final script to exit */ while ((other_pid = waitpid(-1, NULL, 0)) != pid && other_pid > 0) { continue; } } diff --git a/sbin/init/pathnames.h b/sbin/init/pathnames.h index e385aed648b4..c04155a901ae 100644 --- a/sbin/init/pathnames.h +++ b/sbin/init/pathnames.h @@ -1,45 +1,43 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1991, 1993 * The Regents of the University of California. All rights reserved. * * This code is derived from software contributed to Berkeley by * Donn Seeley at Berkeley Software Design, Inc. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. - * - * @(#)pathnames.h 8.1 (Berkeley) 6/5/93 */ #include #define _PATH_INITLOG "/var/log/init.log" #define _PATH_SLOGGER "/sbin/session_logger" #define _PATH_RUNCOM "/etc/rc" #define _PATH_RUNDOWN "/etc/rc.shutdown" #define _PATH_RUNFINAL "/etc/rc.final" #define _PATH_REROOT "/dev/reroot" #define _PATH_REROOT_INIT _PATH_REROOT "/init" diff --git a/sbin/init/ttys b/sbin/init/ttys index f5cfe4118da6..d3ac4546d9be 100644 --- a/sbin/init/ttys +++ b/sbin/init/ttys @@ -1,52 +1,49 @@ -# -# @(#)ttys 5.1 (Berkeley) 4/17/89 -# # This file specifies various information about terminals on the system. # It is used by several different programs. Common entries for the # various columns include: # # name The name of the terminal device. # # getty The program to start running on the terminal. Typically a # getty program, as the name implies. Other common entries # include none, when no getty is needed, and xdm, to start the # X Window System. # # type The initial terminal type for this port. For hardwired # terminal lines, this will contain the type of terminal used. # For virtual consoles, the correct type is typically xterm. # Other common values include dialup for incoming modem ports, and # unknown when the terminal type cannot be predetermined. # # status Must be on or off. If on, init will run the getty program on # the specified port. If the word "secure" appears, this tty # allows root login. # # name getty type status comments # # If console is marked "insecure", then init will ask for the root password # when going to single-user mode. console none unknown off secure # ttyv0 "/usr/libexec/getty Pc" xterm onifexists secure # Virtual terminals ttyv1 "/usr/libexec/getty Pc" xterm onifexists secure ttyv2 "/usr/libexec/getty Pc" xterm onifexists secure ttyv3 "/usr/libexec/getty Pc" xterm onifexists secure ttyv4 "/usr/libexec/getty Pc" xterm onifexists secure ttyv5 "/usr/libexec/getty Pc" xterm onifexists secure ttyv6 "/usr/libexec/getty Pc" xterm onifexists secure ttyv7 "/usr/libexec/getty Pc" xterm onifexists secure ttyv8 "/usr/local/bin/xdm -nodaemon" xterm off secure # Serial terminals # The 'dialup' keyword identifies dialin lines to login, fingerd etc. ttyu0 "/usr/libexec/getty 3wire" vt100 onifconsole secure ttyu1 "/usr/libexec/getty 3wire" vt100 onifconsole secure ttyu2 "/usr/libexec/getty 3wire" vt100 onifconsole secure ttyu3 "/usr/libexec/getty 3wire" vt100 onifconsole secure # Dumb console dcons "/usr/libexec/getty std.115200" vt100 off secure # Xen Virtual console xc0 "/usr/libexec/getty Pc" xterm onifconsole secure # RISC-V HTIF console rcons "/usr/libexec/getty std.115200" vt100 onifconsole secure diff --git a/sbin/ipf/common/ipf.h b/sbin/ipf/common/ipf.h index c672c53cb56d..20a0087ed5a1 100644 --- a/sbin/ipf/common/ipf.h +++ b/sbin/ipf/common/ipf.h @@ -1,372 +1,370 @@ /* * Copyright (C) 2012 by Darren Reed. * * See the IPFILTER.LICENCE file for details on licencing. - * - * @(#)ipf.h 1.12 6/5/96 * $Id$ */ #ifndef __IPF_H__ #define __IPF_H__ #include #include #include /* * This is a workaround for troubles on FreeBSD, HPUX, OpenBSD. * Needed here because on some systems gets included by things * like */ #ifndef _KERNEL # define ADD_KERNEL # define _KERNEL # define KERNEL #endif #include #ifdef ADD_KERNEL # undef _KERNEL # undef KERNEL #endif #include #include #include #include #include #include #include # include #include #include #include #include #include #include #include #include #include #if !defined(__SVR4) && !defined(__svr4__) && defined(sun) # include #endif #include #include #include "netinet/ip_compat.h" #include "netinet/ip_fil.h" #include "netinet/ip_nat.h" #include "netinet/ip_frag.h" #include "netinet/ip_state.h" #include "netinet/ip_proxy.h" #include "netinet/ip_auth.h" #include "netinet/ip_lookup.h" #include "netinet/ip_pool.h" #include "netinet/ip_scan.h" #include "netinet/ip_htable.h" #include "netinet/ip_sync.h" #include "netinet/ip_dstlist.h" #include "opts.h" #ifndef __P # define __P(x) x #endif #ifndef U_32_T # define U_32_T 1 # if defined(__NetBSD__) || defined(__OpenBSD__) || defined(__FreeBSD__) || \ defined(__sgi) typedef u_int32_t u_32_t; # else # if defined(__alpha__) || defined(__alpha) || defined(_LP64) typedef unsigned int u_32_t; # else # if SOLARIS2 >= 6 typedef uint32_t u_32_t; # else typedef unsigned int u_32_t; # endif # endif # endif /* __NetBSD__ || __OpenBSD__ || __FreeBSD__ || __sgi */ #endif /* U_32_T */ #ifndef MAXHOSTNAMELEN # define MAXHOSTNAMELEN 256 #endif #define MAX_ICMPCODE 16 #define MAX_ICMPTYPE 19 #define PRINTF (void)printf #define FPRINTF (void)fprintf #define FORMAT_IF(_a) (_a != NULL ? _a : "(null)") struct ipopt_names { int on_value; int on_bit; int on_siz; char *on_name; }; typedef struct alist_s { struct alist_s *al_next; int al_not; int al_family; i6addr_t al_i6addr; i6addr_t al_i6mask; } alist_t; #define al_addr al_i6addr.in4_addr #define al_mask al_i6mask.in4_addr #define al_1 al_addr #define al_2 al_mask typedef struct plist_s { struct plist_s *pl_next; int pl_compare; u_short pl_port1; u_short pl_port2; } plist_t; typedef struct { u_short fb_c; u_char fb_t; u_char fb_f; u_32_t fb_k; } fakebpf_t; typedef struct { char *it_name; int it_v4; int it_v6; } icmptype_t; typedef struct wordtab { char *w_word; int w_value; } wordtab_t; typedef struct namelist { struct namelist *na_next; char *na_name; int na_value; } namelist_t; typedef struct proxyrule { struct proxyrule *pr_next; char *pr_proxy; char *pr_conf; namelist_t *pr_names; int pr_proto; } proxyrule_t; typedef int (* ioctlfunc_t)(int, ioctlcmd_t, ...); typedef int (* addfunc_t)(int, ioctlfunc_t, void *); typedef int (* copyfunc_t)(void *, void *, size_t); extern char thishost[MAXHOSTNAMELEN]; extern char flagset[]; extern u_char flags[]; extern struct ipopt_names ionames[]; extern struct ipopt_names secclass[]; extern char *icmpcodes[MAX_ICMPCODE + 1]; extern char *icmptypes[MAX_ICMPTYPE + 1]; extern int use_inet6; extern int lineNum; extern int debuglevel; extern struct ipopt_names v6ionames[]; extern icmptype_t icmptypelist[]; extern wordtab_t statefields[]; extern wordtab_t natfields[]; extern wordtab_t poolfields[]; extern int addicmp(char ***, struct frentry *, int); extern int addipopt(char *, struct ipopt_names *, int, char *); extern int addkeep(char ***, struct frentry *, int); extern alist_t *alist_new(int, char *); extern void alist_free(alist_t *); extern void assigndefined(char *); extern void binprint(void *, size_t); extern u_32_t buildopts(char *, char *, int); extern int checkrev(char *); extern int connecttcp(char *, int); extern int count6bits(u_32_t *); extern int count4bits(u_32_t); extern char *fac_toname(int); extern int fac_findname(char *); extern const char *familyname(const int); extern void fill6bits(int, u_int *); extern wordtab_t *findword(wordtab_t *, char *); extern int ftov(int); extern char *ipf_geterror(int, ioctlfunc_t *); extern int genmask(int, char *, i6addr_t *); extern int gethost(int, char *, i6addr_t *); extern int geticmptype(int, char *); extern int getport(struct frentry *, char *, u_short *, char *); extern int getportproto(char *, int); extern int getproto(char *); extern char *getnattype(struct nat *); extern char *getsumd(u_32_t); extern u_32_t getoptbyname(char *); extern u_32_t getoptbyvalue(int); extern u_32_t getv6optbyname(char *); extern u_32_t getv6optbyvalue(int); extern char *icmptypename(int, int); extern void initparse(void); extern void ipf_dotuning(int, char *, ioctlfunc_t); extern int ipf_addrule(int, ioctlfunc_t, void *); extern void ipf_mutex_clean(void); extern int ipf_parsefile(int, addfunc_t, ioctlfunc_t *, char *); extern int ipf_parsesome(int, addfunc_t, ioctlfunc_t *, FILE *); extern void ipf_perror(int, char *); extern int ipf_perror_fd( int, ioctlfunc_t, char *); extern void ipf_rwlock_clean(void); extern char *ipf_strerror(int); extern void ipferror(int, char *); extern int ipmon_parsefile(char *); extern int ipmon_parsesome(FILE *); extern int ipnat_addrule(int, ioctlfunc_t, void *); extern int ipnat_parsefile(int, addfunc_t, ioctlfunc_t, char *); extern int ipnat_parsesome(int, addfunc_t, ioctlfunc_t, FILE *); extern int ippool_parsefile(int, char *, ioctlfunc_t); extern int ippool_parsesome(int, FILE *, ioctlfunc_t); extern int kmemcpywrap(void *, void *, size_t); extern char *kvatoname(ipfunc_t, ioctlfunc_t); extern int load_dstlist(struct ippool_dst *, ioctlfunc_t, ipf_dstnode_t *); extern int load_dstlistnode(int, char *, struct ipf_dstnode *, ioctlfunc_t); extern alist_t *load_file(char *); extern int load_hash(struct iphtable_s *, struct iphtent_s *, ioctlfunc_t); extern int load_hashnode(int, char *, struct iphtent_s *, int, ioctlfunc_t); extern alist_t *load_http(char *); extern int load_pool(struct ip_pool_s *list, ioctlfunc_t); extern int load_poolnode(int, char *, ip_pool_node_t *, int, ioctlfunc_t); extern alist_t *load_url(char *); extern alist_t *make_range(int, struct in_addr, struct in_addr); extern void mb_hexdump(mb_t *, FILE *); extern ipfunc_t nametokva(char *, ioctlfunc_t); extern void nat_setgroupmap(struct ipnat *); extern int ntomask(int, int, u_32_t *); extern u_32_t optname(char ***, u_short *, int); extern wordtab_t *parsefields(wordtab_t *, char *); extern int *parseipfexpr(char *, char **); extern int parsewhoisline(char *, addrfamily_t *, addrfamily_t *); extern void pool_close(void); extern int pool_fd(void); extern int pool_ioctl(ioctlfunc_t, ioctlcmd_t, void *); extern int pool_open(void); extern char *portname(int, int); extern int pri_findname(char *); extern char *pri_toname(int); extern void print_toif(int, char *, char *, struct frdest *); extern void printaps(ap_session_t *, int, int); extern void printaddr(int, int, char *, int, u_32_t *, u_32_t *); extern void printbuf(char *, int, int); extern void printfieldhdr(wordtab_t *, wordtab_t *); extern void printfr(struct frentry *, ioctlfunc_t); extern struct iphtable_s *printhash(struct iphtable_s *, copyfunc_t, char *, int, wordtab_t *); extern struct iphtable_s *printhash_live(iphtable_t *, int, char *, int, wordtab_t *); extern ippool_dst_t *printdstl_live(ippool_dst_t *, int, char *, int, wordtab_t *); extern void printhashdata(iphtable_t *, int); extern struct iphtent_s *printhashnode(struct iphtable_s *, struct iphtent_s *, copyfunc_t, int, wordtab_t *); extern void printhost(int, u_32_t *); extern void printhostmask(int, u_32_t *, u_32_t *); extern void printip(int, u_32_t *); extern void printlog(struct frentry *); extern void printlookup(char *, i6addr_t *addr, i6addr_t *mask); extern void printmask(int, u_32_t *); extern void printnataddr(int, char *, nat_addr_t *, int); extern void printnatfield(nat_t *, int); extern void printnatside(char *, nat_stat_side_t *); extern void printpacket(int, mb_t *); extern void printpacket6(int, mb_t *); extern struct ippool_dst *printdstlist(struct ippool_dst *, copyfunc_t, char *, int, ipf_dstnode_t *, wordtab_t *); extern void printdstlistdata(ippool_dst_t *, int); extern ipf_dstnode_t *printdstlistnode(ipf_dstnode_t *, copyfunc_t, int, wordtab_t *); extern void printdstlistpolicy(ippool_policy_t); extern struct ip_pool_s *printpool(struct ip_pool_s *, copyfunc_t, char *, int, wordtab_t *); extern void printpool_live(struct ip_pool_s *, int, char *, int, wordtab_t *); extern void printpooldata(ip_pool_t *, int); extern void printpoolfield(void *, int, int); extern struct ip_pool_node *printpoolnode(struct ip_pool_node *, int, wordtab_t *); extern void printproto(struct protoent *, int, struct ipnat *); extern void printportcmp(int, struct frpcmp *); extern void printstatefield(ipstate_t *, int); extern void printtqtable(ipftq_t *); extern void printtunable(ipftune_t *); extern void printunit(int); extern void optprint(u_short *, u_long, u_long); #ifdef USE_INET6 extern void optprintv6(u_short *, u_long, u_long); #endif extern int remove_hash(struct iphtable_s *, ioctlfunc_t); extern int remove_hashnode(int, char *, struct iphtent_s *, ioctlfunc_t); extern int remove_pool(ip_pool_t *, ioctlfunc_t); extern int remove_poolnode(int, char *, ip_pool_node_t *, ioctlfunc_t); extern u_char tcpflags(char *); extern void printc(struct frentry *); extern void printC(int); extern void emit(int, int, void *, struct frentry *); extern u_char secbit(int); extern u_char seclevel(char *); extern void printfraginfo(char *, struct ipfr *); extern void printifname(char *, char *, void *); extern char *hostname(int, void *); extern struct ipstate *printstate(struct ipstate *, int, u_long); extern void printsbuf(char *); extern void printnat(struct ipnat *, int); extern void printactiveaddress(int, char *, i6addr_t *, char *); extern void printactivenat(struct nat *, int, u_long); extern void printhostmap(struct hostmap *, u_int); extern void printtcpflags(u_32_t, u_32_t); extern void printipfexpr(int *); extern void printstatefield(ipstate_t *, int); extern void printstatefieldhdr(int); extern int sendtrap_v1_0(int, char *, char *, int, time_t); extern int sendtrap_v2_0(int, char *, char *, int); extern int vtof(int); extern void set_variable(char *, char *); extern char *get_variable(char *, char **, int); extern void resetlexer(void); extern void debug(int, char *, ...); extern void verbose(int, char *, ...); extern void ipfkdebug(char *, ...); extern void ipfkverbose(char *, ...); #if SOLARIS extern int gethostname(char *, int ); extern void sync(void); #endif #endif /* __IPF_H__ */ diff --git a/sbin/ipf/common/ipmon.h b/sbin/ipf/common/ipmon.h index 8caf20fdf725..4d377027eb3d 100644 --- a/sbin/ipf/common/ipmon.h +++ b/sbin/ipf/common/ipmon.h @@ -1,141 +1,139 @@ /* * Copyright (C) 2012 by Darren Reed. * * See the IPFILTER.LICENCE file for details on licencing. - * - * @(#)ip_fil.h 1.35 6/5/96 * $Id$ */ typedef struct ipmon_msg_s { int imm_msglen; char *imm_msg; int imm_dsize; void *imm_data; time_t imm_when; int imm_loglevel; } ipmon_msg_t; typedef void (*ims_destroy_func_t)(void *); typedef void *(*ims_dup_func_t)(void *); typedef int (*ims_match_func_t)(void *, void *); typedef void *(*ims_parse_func_t)(char **); typedef void (*ims_print_func_t)(void *); typedef int (*ims_store_func_t)(void *, ipmon_msg_t *); typedef struct ipmon_saver_s { char *ims_name; ims_destroy_func_t ims_destroy; ims_dup_func_t ims_dup; ims_match_func_t ims_match; ims_parse_func_t ims_parse; ims_print_func_t ims_print; ims_store_func_t ims_store; } ipmon_saver_t; typedef struct ipmon_saver_int_s { struct ipmon_saver_int_s *imsi_next; ipmon_saver_t *imsi_stor; void *imsi_handle; } ipmon_saver_int_t; typedef struct ipmon_doing_s { struct ipmon_doing_s *ipmd_next; void *ipmd_token; ipmon_saver_t *ipmd_saver; /* * ipmd_store is "cached" in this structure to avoid a double * deref when doing saves.... */ int (*ipmd_store)(void *, ipmon_msg_t *); } ipmon_doing_t; typedef struct ipmon_action { struct ipmon_action *ac_next; int ac_mflag; /* collection of things to compare */ int ac_dflag; /* flags to compliment the doing fields */ int ac_logpri; int ac_direction; char ac_group[FR_GROUPLEN]; char ac_nattag[16]; u_32_t ac_logtag; int ac_type; /* nat/state/ipf */ int ac_proto; int ac_rule; int ac_packet; int ac_second; int ac_result; u_32_t ac_sip; u_32_t ac_smsk; u_32_t ac_dip; u_32_t ac_dmsk; u_short ac_sport; u_short ac_dport; char *ac_iface; /* * used with ac_packet/ac_second */ struct timeval ac_last; int ac_pktcnt; /* * What to do with matches */ ipmon_doing_t *ac_doing; } ipmon_action_t; #define ac_lastsec ac_last.tv_sec #define ac_lastusec ac_last.tv_usec /* * Flags indicating what fields to do matching upon (ac_mflag). */ #define IPMAC_DIRECTION 0x0001 #define IPMAC_DSTIP 0x0002 #define IPMAC_DSTPORT 0x0004 #define IPMAC_EVERY 0x0008 #define IPMAC_GROUP 0x0010 #define IPMAC_INTERFACE 0x0020 #define IPMAC_LOGTAG 0x0040 #define IPMAC_NATTAG 0x0080 #define IPMAC_PROTOCOL 0x0100 #define IPMAC_RESULT 0x0200 #define IPMAC_RULE 0x0400 #define IPMAC_SRCIP 0x0800 #define IPMAC_SRCPORT 0x1000 #define IPMAC_TYPE 0x2000 #define IPMAC_WITH 0x4000 #define IPMR_BLOCK 1 #define IPMR_PASS 2 #define IPMR_NOMATCH 3 #define IPMR_LOG 4 #define IPMON_SYSLOG 0x001 #define IPMON_RESOLVE 0x002 #define IPMON_HEXBODY 0x004 #define IPMON_HEXHDR 0x010 #define IPMON_TAIL 0x020 #define IPMON_VERBOSE 0x040 #define IPMON_NAT 0x080 #define IPMON_STATE 0x100 #define IPMON_FILTER 0x200 #define IPMON_PORTNUM 0x400 #define IPMON_LOGALL (IPMON_NAT|IPMON_STATE|IPMON_FILTER) #define IPMON_LOGBODY 0x800 #define HOSTNAME_V4(a,b) hostname((a), 4, (u_32_t *)&(b)) #ifndef LOGFAC #define LOGFAC LOG_LOCAL0 #endif extern void dump_config(void); extern int load_config(char *); extern void unload_config(void); extern void dumphex(FILE *, int, char *, int); extern int check_action(char *, char *, int, int); extern char *getword(int); extern void *add_doing(ipmon_saver_t *); diff --git a/sbin/ipf/ipf/bpf-ipf.h b/sbin/ipf/ipf/bpf-ipf.h index 1c3032150377..7bc299d57256 100644 --- a/sbin/ipf/ipf/bpf-ipf.h +++ b/sbin/ipf/ipf/bpf-ipf.h @@ -1,439 +1,435 @@ /*- * Copyright (c) 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997 * The Regents of the University of California. All rights reserved. * * This code is derived from the Stanford/CMU enet packet filter, * (net/enet.c) distributed as part of 4.3BSD, and code contributed * to Berkeley by Steven McCanne and Van Jacobson both of Lawrence * Berkeley Laboratory. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. All advertising materials mentioning features or use of this software * must display the following acknowledgement: * This product includes software developed by the University of * California, Berkeley and its contributors. * 4. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. - * - * @(#)bpf.h 7.1 (Berkeley) 5/7/91 - * - * @(#) $Header: /devel/CVS/IP-Filter/bpf-ipf.h,v 2.1 2002/10/26 12:14:26 darrenr Exp $ (LBL) */ #ifndef BPF_MAJOR_VERSION #ifdef __cplusplus extern "C" { #endif /* BSD style release date */ #define BPF_RELEASE 199606 typedef int bpf_int32; typedef u_int bpf_u_int32; /* * Alignment macros. BPF_WORDALIGN rounds up to the next * even multiple of BPF_ALIGNMENT. */ #ifndef __NetBSD__ #define BPF_ALIGNMENT sizeof(bpf_int32) #else #define BPF_ALIGNMENT sizeof(long) #endif #define BPF_WORDALIGN(x) (((x)+(BPF_ALIGNMENT-1))&~(BPF_ALIGNMENT-1)) #define BPF_MAXINSNS 512 #define BPF_MAXBUFSIZE 0x8000 #define BPF_MINBUFSIZE 32 /* * Structure for BIOCSETF. */ struct bpf_program { u_int bf_len; struct bpf_insn *bf_insns; }; /* * Struct returned by BIOCGSTATS. */ struct bpf_stat { u_int bs_recv; /* number of packets received */ u_int bs_drop; /* number of packets dropped */ }; /* * Struct return by BIOCVERSION. This represents the version number of * the filter language described by the instruction encodings below. * bpf understands a program iff kernel_major == filter_major && * kernel_minor >= filter_minor, that is, if the value returned by the * running kernel has the same major number and a minor number equal * equal to or less than the filter being downloaded. Otherwise, the * results are undefined, meaning an error may be returned or packets * may be accepted haphazardly. * It has nothing to do with the source code version. */ struct bpf_version { u_short bv_major; u_short bv_minor; }; /* Current version number of filter architecture. */ #define BPF_MAJOR_VERSION 1 #define BPF_MINOR_VERSION 1 /* * BPF ioctls * * The first set is for compatibility with Sun's pcc style * header files. If your using gcc, we assume that you * have run fixincludes so the latter set should work. */ #if (defined(sun) || defined(ibm032)) && !defined(__GNUC__) #define BIOCGBLEN _IOR(B,102, u_int) #define BIOCSBLEN _IOWR(B,102, u_int) #define BIOCSETF _IOW(B,103, struct bpf_program) #define BIOCFLUSH _IO(B,104) #define BIOCPROMISC _IO(B,105) #define BIOCGDLT _IOR(B,106, u_int) #define BIOCGETIF _IOR(B,107, struct ifreq) #define BIOCSETIF _IOW(B,108, struct ifreq) #define BIOCSRTIMEOUT _IOW(B,109, struct timeval) #define BIOCGRTIMEOUT _IOR(B,110, struct timeval) #define BIOCGSTATS _IOR(B,111, struct bpf_stat) #define BIOCIMMEDIATE _IOW(B,112, u_int) #define BIOCVERSION _IOR(B,113, struct bpf_version) #define BIOCSTCPF _IOW(B,114, struct bpf_program) #define BIOCSUDPF _IOW(B,115, struct bpf_program) #else #define BIOCGBLEN _IOR('B',102, u_int) #define BIOCSBLEN _IOWR('B',102, u_int) #define BIOCSETF _IOW('B',103, struct bpf_program) #define BIOCFLUSH _IO('B',104) #define BIOCPROMISC _IO('B',105) #define BIOCGDLT _IOR('B',106, u_int) #define BIOCGETIF _IOR('B',107, struct ifreq) #define BIOCSETIF _IOW('B',108, struct ifreq) #define BIOCSRTIMEOUT _IOW('B',109, struct timeval) #define BIOCGRTIMEOUT _IOR('B',110, struct timeval) #define BIOCGSTATS _IOR('B',111, struct bpf_stat) #define BIOCIMMEDIATE _IOW('B',112, u_int) #define BIOCVERSION _IOR('B',113, struct bpf_version) #define BIOCSTCPF _IOW('B',114, struct bpf_program) #define BIOCSUDPF _IOW('B',115, struct bpf_program) #endif /* * Structure prepended to each packet. */ struct bpf_hdr { struct timeval bh_tstamp; /* time stamp */ bpf_u_int32 bh_caplen; /* length of captured portion */ bpf_u_int32 bh_datalen; /* original length of packet */ u_short bh_hdrlen; /* length of bpf header (this struct plus alignment padding) */ }; /* * Because the structure above is not a multiple of 4 bytes, some compilers * will insist on inserting padding; hence, sizeof(struct bpf_hdr) won't work. * Only the kernel needs to know about it; applications use bh_hdrlen. */ #if defined(KERNEL) || defined(_KERNEL) #define SIZEOF_BPF_HDR 18 #endif /* * Data-link level type codes. */ /* * These are the types that are the same on all platforms; on other * platforms, a should be supplied that defines the additional * DLT_* codes appropriately for that platform (the BSDs, for example, * should not just pick up this version of "bpf.h"; they should also define * the additional DLT_* codes used by their kernels, as well as the values * defined here - and, if the values they use for particular DLT_ types * differ from those here, they should use their values, not the ones * here). */ #define DLT_NULL 0 /* no link-layer encapsulation */ #define DLT_EN10MB 1 /* Ethernet (10Mb) */ #define DLT_EN3MB 2 /* Experimental Ethernet (3Mb) */ #define DLT_AX25 3 /* Amateur Radio AX.25 */ #define DLT_PRONET 4 /* Proteon ProNET Token Ring */ #define DLT_CHAOS 5 /* Chaos */ #define DLT_IEEE802 6 /* IEEE 802 Networks */ #define DLT_ARCNET 7 /* ARCNET */ #define DLT_SLIP 8 /* Serial Line IP */ #define DLT_PPP 9 /* Point-to-point Protocol */ #define DLT_FDDI 10 /* FDDI */ /* * These are values from the traditional libpcap "bpf.h". * Ports of this to particular platforms should replace these definitions * with the ones appropriate to that platform, if the values are * different on that platform. */ #define DLT_ATM_RFC1483 11 /* LLC/SNAP encapsulated atm */ #define DLT_RAW 12 /* raw IP */ /* * These are values from BSD/OS's "bpf.h". * These are not the same as the values from the traditional libpcap * "bpf.h"; however, these values shouldn't be generated by any * OS other than BSD/OS, so the correct values to use here are the * BSD/OS values. * * Platforms that have already assigned these values to other * DLT_ codes, however, should give these codes the values * from that platform, so that programs that use these codes will * continue to compile - even though they won't correctly read * files of these types. */ #ifdef __NetBSD__ #ifndef DLT_SLIP_BSDOS #define DLT_SLIP_BSDOS 13 /* BSD/OS Serial Line IP */ #define DLT_PPP_BSDOS 14 /* BSD/OS Point-to-point Protocol */ #endif #else #define DLT_SLIP_BSDOS 15 /* BSD/OS Serial Line IP */ #define DLT_PPP_BSDOS 16 /* BSD/OS Point-to-point Protocol */ #endif #define DLT_ATM_CLIP 19 /* Linux Classical-IP over ATM */ /* * These values are defined by NetBSD; other platforms should refrain from * using them for other purposes, so that NetBSD savefiles with link * types of 50 or 51 can be read as this type on all platforms. */ #define DLT_PPP_SERIAL 50 /* PPP over serial with HDLC encapsulation */ #define DLT_PPP_ETHER 51 /* PPP over Ethernet */ /* * Values between 100 and 103 are used in capture file headers as * link-layer types corresponding to DLT_ types that differ * between platforms; don't use those values for new DLT_ new types. */ /* * This value was defined by libpcap 0.5; platforms that have defined * it with a different value should define it here with that value - * a link type of 104 in a save file will be mapped to DLT_C_HDLC, * whatever value that happens to be, so programs will correctly * handle files with that link type regardless of the value of * DLT_C_HDLC. * * The name DLT_C_HDLC was used by BSD/OS; we use that name for source * compatibility with programs written for BSD/OS. * * libpcap 0.5 defined it as DLT_CHDLC; we define DLT_CHDLC as well, * for source compatibility with programs written for libpcap 0.5. */ #define DLT_C_HDLC 104 /* Cisco HDLC */ #define DLT_CHDLC DLT_C_HDLC #define DLT_IEEE802_11 105 /* IEEE 802.11 wireless */ /* * Values between 106 and 107 are used in capture file headers as * link-layer types corresponding to DLT_ types that might differ * between platforms; don't use those values for new DLT_ new types. */ /* * OpenBSD DLT_LOOP, for loopback devices; it's like DLT_NULL, except * that the AF_ type in the link-layer header is in network byte order. * * OpenBSD defines it as 12, but that collides with DLT_RAW, so we * define it as 108 here. If OpenBSD picks up this file, it should * define DLT_LOOP as 12 in its version, as per the comment above - * and should not use 108 as a DLT_ value. */ #define DLT_LOOP 108 /* * Values between 109 and 112 are used in capture file headers as * link-layer types corresponding to DLT_ types that might differ * between platforms; don't use those values for new DLT_ types * other than the corresponding DLT_ types. */ /* * This is for Linux cooked sockets. */ #define DLT_LINUX_SLL 113 /* * Apple LocalTalk hardware. */ #define DLT_LTALK 114 /* * Acorn Econet. */ #define DLT_ECONET 115 /* * Reserved for use with OpenBSD ipfilter. */ #define DLT_IPFILTER 116 /* * Reserved for use in capture-file headers as a link-layer type * corresponding to OpenBSD DLT_PFLOG; DLT_PFLOG is 17 in OpenBSD, * but that's DLT_LANE8023 in SuSE 6.3, so we can't use 17 for it * in capture-file headers. */ #define DLT_PFLOG 117 /* * Registered for Cisco-internal use. */ #define DLT_CISCO_IOS 118 /* * Reserved for 802.11 cards using the Prism II chips, with a link-layer * header including Prism monitor mode information plus an 802.11 * header. */ #define DLT_PRISM_HEADER 119 /* * Reserved for Aironet 802.11 cards, with an Aironet link-layer header * (see Doug Ambrisko's FreeBSD patches). */ #define DLT_AIRONET_HEADER 120 /* * Reserved for Siemens HiPath HDLC. */ #define DLT_HHDLC 121 /* * Reserved for RFC 2625 IP-over-Fibre Channel, as per a request from * Don Lee . * * This is not for use with raw Fibre Channel, where the link-layer * header starts with a Fibre Channel frame header; it's for IP-over-FC, * where the link-layer header starts with an RFC 2625 Network_Header * field. */ #define DLT_IP_OVER_FC 122 /* * The instruction encodings. */ /* instruction classes */ #define BPF_CLASS(code) ((code) & 0x07) #define BPF_LD 0x00 #define BPF_LDX 0x01 #define BPF_ST 0x02 #define BPF_STX 0x03 #define BPF_ALU 0x04 #define BPF_JMP 0x05 #define BPF_RET 0x06 #define BPF_MISC 0x07 /* ld/ldx fields */ #define BPF_SIZE(code) ((code) & 0x18) #define BPF_W 0x00 #define BPF_H 0x08 #define BPF_B 0x10 #define BPF_MODE(code) ((code) & 0xe0) #define BPF_IMM 0x00 #define BPF_ABS 0x20 #define BPF_IND 0x40 #define BPF_MEM 0x60 #define BPF_LEN 0x80 #define BPF_MSH 0xa0 /* alu/jmp fields */ #define BPF_OP(code) ((code) & 0xf0) #define BPF_ADD 0x00 #define BPF_SUB 0x10 #define BPF_MUL 0x20 #define BPF_DIV 0x30 #define BPF_OR 0x40 #define BPF_AND 0x50 #define BPF_LSH 0x60 #define BPF_RSH 0x70 #define BPF_NEG 0x80 #define BPF_JA 0x00 #define BPF_JEQ 0x10 #define BPF_JGT 0x20 #define BPF_JGE 0x30 #define BPF_JSET 0x40 #define BPF_SRC(code) ((code) & 0x08) #define BPF_K 0x00 #define BPF_X 0x08 /* ret - BPF_K and BPF_X also apply */ #define BPF_RVAL(code) ((code) & 0x18) #define BPF_A 0x10 /* misc */ #define BPF_MISCOP(code) ((code) & 0xf8) #define BPF_TAX 0x00 #define BPF_TXA 0x80 /* * The instruction data structure. */ struct bpf_insn { u_short code; u_char jt; u_char jf; bpf_int32 k; }; /* * Macros for insn array initializers. */ #define BPF_STMT(code, k) { (u_short)(code), 0, 0, k } #define BPF_JUMP(code, k, jt, jf) { (u_short)(code), jt, jf, k } #if defined(BSD) && (defined(KERNEL) || defined(_KERNEL)) /* * Systems based on non-BSD kernels don't have ifnet's (or they don't mean * anything if it is in ) and won't work like this. */ extern void bpf_tap(struct ifnet *, u_char *, u_int); extern void bpf_mtap(struct ifnet *, struct mbuf *); extern void bpfattach(struct ifnet *, u_int, u_int); extern void bpfilterattach(int); #endif /* BSD && (_KERNEL || KERNEL) */ extern int bpf_validate(struct bpf_insn *, int); extern u_int bpf_filter(struct bpf_insn *, u_char *, u_int, u_int); /* * Number of scratch memory words (for BPF_LD|BPF_MEM and BPF_ST). */ #define BPF_MEMWORDS 16 #ifdef __cplusplus } #endif #endif diff --git a/sbin/ipf/ipf/bpf_filter.c b/sbin/ipf/ipf/bpf_filter.c index ff7c93576d1e..b380eb8e20ee 100644 --- a/sbin/ipf/ipf/bpf_filter.c +++ b/sbin/ipf/ipf/bpf_filter.c @@ -1,584 +1,582 @@ /*- * Copyright (c) 1990, 1991, 1992, 1993, 1994, 1995, 1996, 1997 * The Regents of the University of California. All rights reserved. * * This code is derived from the Stanford/CMU enet packet filter, * (net/enet.c) distributed as part of 4.3BSD, and code contributed * to Berkeley by Steven McCanne and Van Jacobson both of Lawrence * Berkeley Laboratory. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. All advertising materials mentioning features or use of this software * must display the following acknowledgement: * This product includes software developed by the University of * California, Berkeley and its contributors. * 4. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. - * - * @(#)bpf.c 7.5 (Berkeley) 7/15/91 */ #if !(defined(lint) || defined(KERNEL) || defined(_KERNEL)) static const char rcsid[] = "@(#) $Header: /devel/CVS/IP-Filter/bpf_filter.c,v 2.2.2.3 2006/10/03 11:25:56 darrenr Exp $ (LBL)"; #endif #include #include #include #include #include #include #include "netinet/ip_compat.h" #include "bpf-ipf.h" #if (defined(__hpux) || SOLARIS) && (defined(_KERNEL) || defined(KERNEL)) # include # include #endif #include "pcap-ipf.h" #if !defined(KERNEL) && !defined(_KERNEL) #include #endif #define int32 bpf_int32 #define u_int32 bpf_u_int32 static int m_xword(mb_t *, int, int *); static int m_xhalf(mb_t *, int, int *); #ifndef LBL_ALIGN /* * XXX - IA-64? If not, this probably won't work on Win64 IA-64 * systems, unless LBL_ALIGN is defined elsewhere for them. * XXX - SuperH? If not, this probably won't work on WinCE SuperH * systems, unless LBL_ALIGN is defined elsewhere for them. */ #if defined(sparc) || defined(__sparc__) || defined(mips) || \ defined(ibm032) || defined(__alpha) || defined(__hpux) || \ defined(__arm__) #define LBL_ALIGN #endif #endif #ifndef LBL_ALIGN #define EXTRACT_SHORT(p) ((u_short)ntohs(*(u_short *)p)) #define EXTRACT_LONG(p) (ntohl(*(u_int32 *)p)) #else #define EXTRACT_SHORT(p)\ ((u_short)\ ((u_short)*((u_char *)p+0)<<8|\ (u_short)*((u_char *)p+1)<<0)) #define EXTRACT_LONG(p)\ ((u_int32)*((u_char *)p+0)<<24|\ (u_int32)*((u_char *)p+1)<<16|\ (u_int32)*((u_char *)p+2)<<8|\ (u_int32)*((u_char *)p+3)<<0) #endif #define MINDEX(len, _m, _k) \ { \ len = M_LEN(m); \ while ((_k) >= len) { \ (_k) -= len; \ (_m) = (_m)->m_next; \ if ((_m) == 0) \ return (0); \ len = M_LEN(m); \ } \ } static int m_xword(mb_t *m, int k, int *err) { register int len; register u_char *cp, *np; register mb_t *m0; MINDEX(len, m, k); cp = MTOD(m, u_char *) + k; if (len - k >= 4) { *err = 0; return (EXTRACT_LONG(cp)); } m0 = m->m_next; if (m0 == NULL || M_LEN(m0) + len - k < 4) goto bad; *err = 0; np = MTOD(m0, u_char *); switch (len - k) { case 1: return (cp[0] << 24) | (np[0] << 16) | (np[1] << 8) | np[2]; case 2: return (cp[0] << 24) | (cp[1] << 16) | (np[0] << 8) | np[1]; default: return (cp[0] << 24) | (cp[1] << 16) | (cp[2] << 8) | np[0]; } bad: *err = 1; return (0); } static int m_xhalf(mb_t *m, int k, int *err) { register int len; register u_char *cp; register mb_t *m0; MINDEX(len, m, k); cp = MTOD(m, u_char *) + k; if (len - k >= 2) { *err = 0; return (EXTRACT_SHORT(cp)); } m0 = m->m_next; if (m0 == NULL) goto bad; *err = 0; return (cp[0] << 8) | MTOD(m0, u_char *)[0]; bad: *err = 1; return (0); } /* * Execute the filter program starting at pc on the packet p * wirelen is the length of the original packet * buflen is the amount of data present * For the kernel, p is assumed to be a pointer to an mbuf if buflen is 0, * in all other cases, p is a pointer to a buffer and buflen is its size. */ u_int bpf_filter(struct bpf_insn *pc, u_char *p, u_int wirelen, u_int buflen) { register u_int32 A, X; register int k; int32 mem[BPF_MEMWORDS]; mb_t *m, *n; int merr = 0; /* XXX: GCC */ int len; if (buflen == 0) { m = (mb_t *)p; p = MTOD(m, u_char *); buflen = M_LEN(m); } else m = NULL; if (pc == NULL) /* * No filter means accept all. */ return (u_int)-1; A = 0; X = 0; --pc; while (1) { ++pc; switch (pc->code) { default: return (0); case BPF_RET|BPF_K: return (u_int)pc->k; case BPF_RET|BPF_A: return (u_int)A; case BPF_LD|BPF_W|BPF_ABS: k = pc->k; if (k + sizeof(int32) > buflen) { if (m == NULL) return (0); A = m_xword(m, k, &merr); if (merr != 0) return (0); continue; } A = EXTRACT_LONG(&p[k]); continue; case BPF_LD|BPF_H|BPF_ABS: k = pc->k; if (k + sizeof(short) > buflen) { if (m == NULL) return (0); A = m_xhalf(m, k, &merr); if (merr != 0) return (0); continue; } A = EXTRACT_SHORT(&p[k]); continue; case BPF_LD|BPF_B|BPF_ABS: k = pc->k; if (k >= buflen) { if (m == NULL) return (0); n = m; MINDEX(len, n, k); A = MTOD(n, u_char *)[k]; continue; } A = p[k]; continue; case BPF_LD|BPF_W|BPF_LEN: A = wirelen; continue; case BPF_LDX|BPF_W|BPF_LEN: X = wirelen; continue; case BPF_LD|BPF_W|BPF_IND: k = X + pc->k; if (k + sizeof(int32) > buflen) { if (m == NULL) return (0); A = m_xword(m, k, &merr); if (merr != 0) return (0); continue; } A = EXTRACT_LONG(&p[k]); continue; case BPF_LD|BPF_H|BPF_IND: k = X + pc->k; if (k + sizeof(short) > buflen) { if (m == NULL) return (0); A = m_xhalf(m, k, &merr); if (merr != 0) return (0); continue; } A = EXTRACT_SHORT(&p[k]); continue; case BPF_LD|BPF_B|BPF_IND: k = X + pc->k; if (k >= buflen) { if (m == NULL) return (0); n = m; MINDEX(len, n, k); A = MTOD(n, u_char *)[k]; continue; } A = p[k]; continue; case BPF_LDX|BPF_MSH|BPF_B: k = pc->k; if (k >= buflen) { if (m == NULL) return (0); n = m; MINDEX(len, n, k); X = (MTOD(n, char *)[k] & 0xf) << 2; continue; } X = (p[pc->k] & 0xf) << 2; continue; case BPF_LD|BPF_IMM: A = pc->k; continue; case BPF_LDX|BPF_IMM: X = pc->k; continue; case BPF_LD|BPF_MEM: A = mem[pc->k]; continue; case BPF_LDX|BPF_MEM: X = mem[pc->k]; continue; case BPF_ST: mem[pc->k] = A; continue; case BPF_STX: mem[pc->k] = X; continue; case BPF_JMP|BPF_JA: pc += pc->k; continue; case BPF_JMP|BPF_JGT|BPF_K: pc += (A > pc->k) ? pc->jt : pc->jf; continue; case BPF_JMP|BPF_JGE|BPF_K: pc += (A >= pc->k) ? pc->jt : pc->jf; continue; case BPF_JMP|BPF_JEQ|BPF_K: pc += (A == pc->k) ? pc->jt : pc->jf; continue; case BPF_JMP|BPF_JSET|BPF_K: pc += (A & pc->k) ? pc->jt : pc->jf; continue; case BPF_JMP|BPF_JGT|BPF_X: pc += (A > X) ? pc->jt : pc->jf; continue; case BPF_JMP|BPF_JGE|BPF_X: pc += (A >= X) ? pc->jt : pc->jf; continue; case BPF_JMP|BPF_JEQ|BPF_X: pc += (A == X) ? pc->jt : pc->jf; continue; case BPF_JMP|BPF_JSET|BPF_X: pc += (A & X) ? pc->jt : pc->jf; continue; case BPF_ALU|BPF_ADD|BPF_X: A += X; continue; case BPF_ALU|BPF_SUB|BPF_X: A -= X; continue; case BPF_ALU|BPF_MUL|BPF_X: A *= X; continue; case BPF_ALU|BPF_DIV|BPF_X: if (X == 0) return (0); A /= X; continue; case BPF_ALU|BPF_AND|BPF_X: A &= X; continue; case BPF_ALU|BPF_OR|BPF_X: A |= X; continue; case BPF_ALU|BPF_LSH|BPF_X: A <<= X; continue; case BPF_ALU|BPF_RSH|BPF_X: A >>= X; continue; case BPF_ALU|BPF_ADD|BPF_K: A += pc->k; continue; case BPF_ALU|BPF_SUB|BPF_K: A -= pc->k; continue; case BPF_ALU|BPF_MUL|BPF_K: A *= pc->k; continue; case BPF_ALU|BPF_DIV|BPF_K: A /= pc->k; continue; case BPF_ALU|BPF_AND|BPF_K: A &= pc->k; continue; case BPF_ALU|BPF_OR|BPF_K: A |= pc->k; continue; case BPF_ALU|BPF_LSH|BPF_K: A <<= pc->k; continue; case BPF_ALU|BPF_RSH|BPF_K: A >>= pc->k; continue; case BPF_ALU|BPF_NEG: A = -A; continue; case BPF_MISC|BPF_TAX: X = A; continue; case BPF_MISC|BPF_TXA: A = X; continue; } } } /* * Return true if the 'fcode' is a valid filter program. * The constraints are that each jump be forward and to a valid * code, that memory accesses are within valid ranges (to the * extent that this can be checked statically; loads of packet * data have to be, and are, also checked at run time), and that * the code terminates with either an accept or reject. * * The kernel needs to be able to verify an application's filter code. * Otherwise, a bogus program could easily crash the system. */ int bpf_validate(struct bpf_insn *f, int len) { u_int i, from; const struct bpf_insn *p; if (len == 0) return (1); if (len < 1 || len > BPF_MAXINSNS) return (0); for (i = 0; i < len; ++i) { p = &f[i]; switch (BPF_CLASS(p->code)) { /* * Check that memory operations use valid addresses. */ case BPF_LD: case BPF_LDX: switch (BPF_MODE(p->code)) { case BPF_IMM: break; case BPF_ABS: case BPF_IND: case BPF_MSH: /* * More strict check with actual packet length * is done runtime. */ #if 0 if (p->k >= bpf_maxbufsize) return (0); #endif break; case BPF_MEM: if (p->k >= BPF_MEMWORDS) return (0); break; case BPF_LEN: break; default: return (0); } break; case BPF_ST: case BPF_STX: if (p->k >= BPF_MEMWORDS) return (0); break; case BPF_ALU: switch (BPF_OP(p->code)) { case BPF_ADD: case BPF_SUB: case BPF_OR: case BPF_AND: case BPF_LSH: case BPF_RSH: case BPF_NEG: break; case BPF_DIV: /* * Check for constant division by 0. */ if (BPF_RVAL(p->code) == BPF_K && p->k == 0) return (0); default: return (0); } break; case BPF_JMP: /* * Check that jumps are within the code block, * and that unconditional branches don't go * backwards as a result of an overflow. * Unconditional branches have a 32-bit offset, * so they could overflow; we check to make * sure they don't. Conditional branches have * an 8-bit offset, and the from address is <= * BPF_MAXINSNS, and we assume that BPF_MAXINSNS * is sufficiently small that adding 255 to it * won't overflow. * * We know that len is <= BPF_MAXINSNS, and we * assume that BPF_MAXINSNS is < the maximum size * of a u_int, so that i + 1 doesn't overflow. */ from = i + 1; switch (BPF_OP(p->code)) { case BPF_JA: if (from + p->k < from || from + p->k >= len) return (0); break; case BPF_JEQ: case BPF_JGT: case BPF_JGE: case BPF_JSET: if (from + p->jt >= len || from + p->jf >= len) return (0); break; default: return (0); } break; case BPF_RET: break; case BPF_MISC: break; default: return (0); } } return (BPF_CLASS(f[len - 1].code) == BPF_RET); } diff --git a/sbin/ipf/ipf/ipf.c b/sbin/ipf/ipf/ipf.c index fb40371fefd3..cf14c06ee829 100644 --- a/sbin/ipf/ipf/ipf.c +++ b/sbin/ipf/ipf/ipf.c @@ -1,577 +1,573 @@ /* * Copyright (C) 2012 by Darren Reed. * * See the IPFILTER.LICENCE file for details on licencing. */ #include "ipf.h" #include #include #include #include "netinet/ipl.h" -#if !defined(lint) -static const char sccsid[] = "@(#)ipf.c 1.23 6/5/96 (C) 1993-2000 Darren Reed"; -static const char rcsid[] = "@(#)$Id$"; -#endif #if !defined(__SVR4) && defined(__GNUC__) extern char *index(const char *, int); #endif extern char *optarg; extern int optind; extern frentry_t *frtop; void ipf_frsync(void); void zerostats(void); int main(int, char *[]); int opts = 0; int outputc = 0; int use_inet6 = 0; int exitstatus = 0; static void procfile(char *); static void flushfilter(char *, int *); static void set_state(u_int); static void showstats(friostat_t *); static void packetlogon(char *); static void swapactive(void); static int opendevice(char *, int); static void closedevice(void); static char *ipfname = IPL_NAME; static void usage(void); static int showversion(void); static int get_flags(void); static int ipf_interceptadd(int, ioctlfunc_t, void *); static int fd = -1; static ioctlfunc_t iocfunctions[IPL_LOGSIZE] = { ioctl, ioctl, ioctl, ioctl, ioctl, ioctl, ioctl, ioctl }; /* XXX The following was added to satisfy a rescue/rescue/ build XXX requirement. */ int nohdrfields; static void usage() { fprintf(stderr, "usage: ipf [-6AdDEInoPrRsvVyzZ] %s %s %s\n", "[-l block|pass|nomatch|state|nat]", "[-cc] [-F i|o|a|s|S|u]", "[-f filename] [-T ]"); exit(1); } int main(int argc, char *argv[]) { int c, *filter = NULL; if (argc < 2) usage(); assigndefined(getenv("IPF_PREDEFINED")); while ((c = getopt(argc, argv, "46Ac:dDEf:F:Il:m:noPrRsT:vVyzZ")) != -1) { switch (c) { case '?' : usage(); break; case '4' : use_inet6 = -1; break; case '6' : use_inet6 = 1; break; case 'A' : opts &= ~OPT_INACTIVE; break; case 'c' : if (strcmp(optarg, "c") == 0) outputc = 1; break; case 'E' : set_state((u_int)1); break; case 'D' : set_state((u_int)0); break; case 'd' : opts ^= OPT_DEBUG; break; case 'f' : procfile(optarg); break; case 'F' : flushfilter(optarg, filter); break; case 'I' : opts ^= OPT_INACTIVE; break; case 'l' : packetlogon(optarg); break; case 'm' : filter = parseipfexpr(optarg, NULL); break; case 'n' : opts ^= OPT_DONOTHING|OPT_DONTOPEN; break; case 'o' : break; case 'P' : ipfname = IPAUTH_NAME; break; case 'R' : opts ^= OPT_NORESOLVE; break; case 'r' : opts ^= OPT_REMOVE; break; case 's' : swapactive(); break; case 'T' : if (opendevice(ipfname, 1) >= 0) ipf_dotuning(fd, optarg, ioctl); break; case 'v' : opts += OPT_VERBOSE; break; case 'V' : if (showversion()) exit(1); break; case 'y' : ipf_frsync(); break; case 'z' : opts ^= OPT_ZERORULEST; break; case 'Z' : zerostats(); break; } } if (optind < 2) usage(); if (fd != -1) (void) close(fd); return (exitstatus); /* NOTREACHED */ } static int opendevice(char *ipfdev, int check) { if (opts & OPT_DONOTHING) return (-2); if (check && checkrev(ipfname) == -1) { fprintf(stderr, "User/kernel version check failed\n"); return (-2); } if (!ipfdev) ipfdev = ipfname; if (fd == -1) if ((fd = open(ipfdev, O_RDWR)) == -1) if ((fd = open(ipfdev, O_RDONLY)) == -1) ipferror(fd, "open device"); return (fd); } static void closedevice(void) { close(fd); fd = -1; } static int get_flags(void) { int i = 0; if ((opendevice(ipfname, 1) != -2) && (ioctl(fd, SIOCGETFF, &i) == -1)) { ipferror(fd, "SIOCGETFF"); return (0); } return (i); } static void set_state(u_int enable) { if (opendevice(ipfname, 0) != -2) { if (ioctl(fd, SIOCFRENB, &enable) == -1) { if (errno == EBUSY) { fprintf(stderr, "IP FIlter: already initialized\n"); } else { ipferror(fd, "SIOCFRENB"); } } } return; } static void procfile(char *file) { (void) opendevice(ipfname, 1); initparse(); ipf_parsefile(fd, ipf_interceptadd, iocfunctions, file); if (outputc) { printC(0); printC(1); emit(-1, -1, NULL, NULL); } } static int ipf_interceptadd(int fd, ioctlfunc_t ioctlfunc, void *ptr) { if (outputc) printc(ptr); if (ipf_addrule(fd, ioctlfunc, ptr) != 0) exitstatus = 1; return (0); } static void packetlogon(char *opt) { int flag, xfd, logopt, change = 0; flag = get_flags(); if (flag != 0) { if ((opts & (OPT_DONOTHING|OPT_VERBOSE)) == OPT_VERBOSE) printf("log flag is currently %#x\n", flag); } flag &= ~(FF_LOGPASS|FF_LOGNOMATCH|FF_LOGBLOCK); if (strstr(opt, "pass")) { flag |= FF_LOGPASS; if (opts & OPT_VERBOSE) printf("set log flag: pass\n"); change = 1; } if (strstr(opt, "nomatch")) { flag |= FF_LOGNOMATCH; if (opts & OPT_VERBOSE) printf("set log flag: nomatch\n"); change = 1; } if (strstr(opt, "block") || strchr(opt, 'd')) { flag |= FF_LOGBLOCK; if (opts & OPT_VERBOSE) printf("set log flag: block\n"); change = 1; } if (strstr(opt, "none")) { if (opts & OPT_VERBOSE) printf("disable all log flags\n"); change = 1; } if (change == 1) { if (opendevice(ipfname, 1) != -2 && (ioctl(fd, SIOCSETFF, &flag) != 0)) ipferror(fd, "ioctl(SIOCSETFF)"); } if ((opts & (OPT_DONOTHING|OPT_VERBOSE)) == OPT_VERBOSE) { flag = get_flags(); printf("log flags are now %#x\n", flag); } if (strstr(opt, "state")) { if (opts & OPT_VERBOSE) printf("set state log flag\n"); xfd = open(IPSTATE_NAME, O_RDWR); if (xfd >= 0) { logopt = 0; if (ioctl(xfd, SIOCGETLG, &logopt)) ipferror(fd, "ioctl(SIOCGETLG)"); else { logopt = 1 - logopt; if (ioctl(xfd, SIOCSETLG, &logopt)) ipferror(xfd, "ioctl(SIOCSETLG)"); } close(xfd); } } if (strstr(opt, "nat")) { if (opts & OPT_VERBOSE) printf("set nat log flag\n"); xfd = open(IPNAT_NAME, O_RDWR); if (xfd >= 0) { logopt = 0; if (ioctl(xfd, SIOCGETLG, &logopt)) ipferror(xfd, "ioctl(SIOCGETLG)"); else { logopt = 1 - logopt; if (ioctl(xfd, SIOCSETLG, &logopt)) ipferror(xfd, "ioctl(SIOCSETLG)"); } close(xfd); } } } static void flushfilter(char *arg, int *filter) { int fl = 0, rem; if (!arg || !*arg) return; if (!strcmp(arg, "s") || !strcmp(arg, "S") || ISDIGIT(*arg)) { if (*arg == 'S') fl = 0; else if (*arg == 's') fl = 1; else fl = atoi(arg); rem = fl; closedevice(); if (opendevice(IPSTATE_NAME, 1) == -2) exit(1); if (!(opts & OPT_DONOTHING)) { if (use_inet6) { fprintf(stderr, "IPv6 rules are no longer separate\n"); } else if (filter != NULL) { ipfobj_t obj; obj.ipfo_rev = IPFILTER_VERSION; obj.ipfo_size = filter[0] * sizeof(int); obj.ipfo_type = IPFOBJ_IPFEXPR; obj.ipfo_ptr = filter; if (ioctl(fd, SIOCMATCHFLUSH, &obj) == -1) { ipferror(fd, "ioctl(SIOCMATCHFLUSH)"); fl = -1; } else { fl = obj.ipfo_retval; } } else { if (ioctl(fd, SIOCIPFFL, &fl) == -1) { ipferror(fd, "ioctl(SIOCIPFFL)"); exit(1); } } } if ((opts & (OPT_DONOTHING|OPT_DEBUG)) == OPT_DEBUG) { printf("remove flags %s (%d)\n", arg, rem); } if ((opts & (OPT_DONOTHING|OPT_VERBOSE)) == OPT_VERBOSE) { printf("%d state entries removed\n", fl); } closedevice(); return; } else if (strchr(arg, 'i') || strchr(arg, 'I')) fl = FR_INQUE; else if (strchr(arg, 'o') || strchr(arg, 'O')) fl = FR_OUTQUE; else if (strchr(arg, 'a') || strchr(arg, 'A')) fl = FR_OUTQUE|FR_INQUE; else { fprintf(stderr, "Incorrect flush argument: %s\n", arg); usage(); } if (opts & OPT_INACTIVE) fl |= FR_INACTIVE; rem = fl; if (opendevice(ipfname, 1) == -2) exit(1); if (!(opts & OPT_DONOTHING)) { if (use_inet6) { if (ioctl(fd, SIOCIPFL6, &fl) == -1) { ipferror(fd, "ioctl(SIOCIPFL6)"); exit(1); } } else { if (ioctl(fd, SIOCIPFFL, &fl) == -1) { ipferror(fd, "ioctl(SIOCIPFFL)"); exit(1); } } } if ((opts & (OPT_DONOTHING|OPT_DEBUG)) == OPT_DEBUG) { printf("remove flags %s%s (%d)\n", (rem & FR_INQUE) ? "I" : "", (rem & FR_OUTQUE) ? "O" : "", rem); } if ((opts & (OPT_DONOTHING|OPT_VERBOSE)) == OPT_VERBOSE) { printf("%d filter rules removed\n", fl); } return; } static void swapactive(void) { int in = 2; if (opendevice(ipfname, 1) != -2 && ioctl(fd, SIOCSWAPA, &in) == -1) ipferror(fd, "ioctl(SIOCSWAPA)"); else printf("Set %d now inactive\n", in); } void ipf_frsync(void) { int frsyn = 0; if (opendevice(ipfname, 1) != -2 && ioctl(fd, SIOCFRSYN, &frsyn) == -1) ipferror(fd, "SIOCFRSYN"); else printf("filter sync'd\n"); } void zerostats(void) { ipfobj_t obj; friostat_t fio; obj.ipfo_rev = IPFILTER_VERSION; obj.ipfo_type = IPFOBJ_IPFSTAT; obj.ipfo_size = sizeof(fio); obj.ipfo_ptr = &fio; obj.ipfo_offset = 0; if (opendevice(ipfname, 1) != -2) { if (ioctl(fd, SIOCFRZST, &obj) == -1) { ipferror(fd, "ioctl(SIOCFRZST)"); exit(-1); } showstats(&fio); } } /* * read the kernel stats for packets blocked and passed */ static void showstats(friostat_t *fp) { printf("bad packets:\t\tin %lu\tout %lu\n", fp->f_st[0].fr_bad, fp->f_st[1].fr_bad); printf(" input packets:\t\tblocked %lu passed %lu nomatch %lu", fp->f_st[0].fr_block, fp->f_st[0].fr_pass, fp->f_st[0].fr_nom); printf(" counted %lu\n", fp->f_st[0].fr_acct); printf("output packets:\t\tblocked %lu passed %lu nomatch %lu", fp->f_st[1].fr_block, fp->f_st[1].fr_pass, fp->f_st[1].fr_nom); printf(" counted %lu\n", fp->f_st[0].fr_acct); printf(" input packets logged:\tblocked %lu passed %lu\n", fp->f_st[0].fr_bpkl, fp->f_st[0].fr_ppkl); printf("output packets logged:\tblocked %lu passed %lu\n", fp->f_st[1].fr_bpkl, fp->f_st[1].fr_ppkl); } static int showversion(void) { struct friostat fio; ipfobj_t ipfo; u_32_t flags; char *s; int vfd; bzero((caddr_t)&ipfo, sizeof(ipfo)); ipfo.ipfo_rev = IPFILTER_VERSION; ipfo.ipfo_size = sizeof(fio); ipfo.ipfo_ptr = (void *)&fio; ipfo.ipfo_type = IPFOBJ_IPFSTAT; printf("ipf: %s (%d)\n", IPL_VERSION, (int)sizeof(frentry_t)); if ((vfd = open(ipfname, O_RDONLY)) == -1) { perror("open device"); return (1); } if (ioctl(vfd, SIOCGETFS, &ipfo)) { ipferror(vfd, "ioctl(SIOCGETFS)"); close(vfd); return (1); } close(vfd); flags = get_flags(); printf("Kernel: %-*.*s\n", (int)sizeof(fio.f_version), (int)sizeof(fio.f_version), fio.f_version); printf("Running: %s\n", (fio.f_running > 0) ? "yes" : "no"); printf("Log Flags: %#x = ", flags); s = ""; if (flags & FF_LOGPASS) { printf("pass"); s = ", "; } if (flags & FF_LOGBLOCK) { printf("%sblock", s); s = ", "; } if (flags & FF_LOGNOMATCH) { printf("%snomatch", s); s = ", "; } if (flags & FF_BLOCKNONIP) { printf("%snonip", s); s = ", "; } if (!*s) printf("none set"); putchar('\n'); printf("Default: "); if (FR_ISPASS(fio.f_defpass)) s = "pass"; else if (FR_ISBLOCK(fio.f_defpass)) s = "block"; else s = "nomatch -> block"; printf("%s all, Logging: %savailable\n", s, fio.f_logging ? "" : "un"); printf("Active list: %d\n", fio.f_active); printf("Feature mask: %#x\n", fio.f_features); return (0); } diff --git a/sbin/ipf/ipf/ipfcomp.c b/sbin/ipf/ipf/ipfcomp.c index 47094e01ab2f..da4f270333c7 100644 --- a/sbin/ipf/ipf/ipfcomp.c +++ b/sbin/ipf/ipf/ipfcomp.c @@ -1,1354 +1,1350 @@ /* * Copyright (C) 2012 by Darren Reed. * * See the IPFILTER.LICENCE file for details on licencing. */ -#if !defined(lint) -static const char sccsid[] = "@(#)ip_fil.c 2.41 6/5/96 (C) 1993-2000 Darren Reed"; -static const char rcsid[] = "@(#)$Id$"; -#endif #include "ipf.h" typedef struct { int c; int e; int n; int p; int s; } mc_t; static char *portcmp[] = { "*", "==", "!=", "<", ">", "<=", ">=", "**", "***" }; static int count = 0; int intcmp(const void *, const void *); static void indent(FILE *, int); static void printeq(FILE *, char *, int, int, int); static void printipeq(FILE *, char *, int, int, int); static void addrule(FILE *, frentry_t *); static void printhooks(FILE *, int, int, frgroup_t *); static void emitheader(frgroup_t *, u_int, u_int); static void emitGroup(int, int, void *, frentry_t *, char *, u_int, u_int); static void emittail(void); static void printCgroup(int, frentry_t *, mc_t *, char *); #define FRC_IFN 0 #define FRC_V 1 #define FRC_P 2 #define FRC_FL 3 #define FRC_TOS 4 #define FRC_TTL 5 #define FRC_SRC 6 #define FRC_DST 7 #define FRC_TCP 8 #define FRC_SP 9 #define FRC_DP 10 #define FRC_OPT 11 #define FRC_SEC 12 #define FRC_ATH 13 #define FRC_ICT 14 #define FRC_ICC 15 #define FRC_MAX 16 static FILE *cfile = NULL; /* * This is called once per filter rule being loaded to emit data structures * required. */ void printc(frentry_t *fr) { u_long *ulp; char *and; FILE *fp; int i; if (fr->fr_family == 6) return; if ((fr->fr_type != FR_T_IPF) && (fr->fr_type != FR_T_NONE)) return; if ((fr->fr_type == FR_T_IPF) && ((fr->fr_datype != FRI_NORMAL) || (fr->fr_satype != FRI_NORMAL))) return; if (cfile == NULL) cfile = fopen("ip_rules.c", "w"); if (cfile == NULL) return; fp = cfile; if (count == 0) { fprintf(fp, "/*\n"); fprintf(fp, "* Copyright (C) 2012 by Darren Reed.\n"); fprintf(fp, "*\n"); fprintf(fp, "* Redistribution and use in source and binary forms are permitted\n"); fprintf(fp, "* provided that this notice is preserved and due credit is given\n"); fprintf(fp, "* to the original author and the contributors.\n"); fprintf(fp, "*/\n\n"); fprintf(fp, "#include \n"); fprintf(fp, "#include \n"); fprintf(fp, "#include \n"); fprintf(fp, "#include \n"); fprintf(fp, "#if (__FreeBSD_version >= 40000)\n"); fprintf(fp, "# if defined(_KERNEL)\n"); fprintf(fp, "# include \n"); fprintf(fp, "# else\n"); fprintf(fp, "# include \n"); fprintf(fp, "# endif\n"); fprintf(fp, "#endif\n"); fprintf(fp, "#if (__NetBSD_Version__ >= 399000000)\n"); fprintf(fp, "#else\n"); fprintf(fp, "# if !defined(__FreeBSD__) && !defined(__OpenBSD__) && !defined(__sgi)\n"); fprintf(fp, "# include \n"); fprintf(fp, "# endif\n"); fprintf(fp, "#endif\n"); fprintf(fp, "#include \n"); fprintf(fp, "#include \n"); fprintf(fp, "#if !defined(__SVR4) && !defined(__svr4__) && !defined(__hpux)\n"); fprintf(fp, "# include \n"); fprintf(fp, "#endif\n"); fprintf(fp, "#if defined(__FreeBSD__) && (__FreeBSD_version > 220000)\n"); fprintf(fp, "# include \n"); fprintf(fp, "#else\n"); fprintf(fp, "# include \n"); fprintf(fp, "#endif /* FreeBSD */\n"); fprintf(fp, "#include \n"); fprintf(fp, "#include \n"); fprintf(fp, "#include \n"); fprintf(fp, "#include \n"); fprintf(fp, "#include \n"); fprintf(fp, "#include \"netinet/ip_compat.h\"\n"); fprintf(fp, "#include \"netinet/ip_fil.h\"\n\n"); fprintf(fp, "#include \"netinet/ip_rules.h\"\n\n"); fprintf(fp, "#ifndef _KERNEL\n"); fprintf(fp, "# include \n"); fprintf(fp, "#endif /* _KERNEL */\n"); fprintf(fp, "\n"); fprintf(fp, "#ifdef IPFILTER_COMPILED\n"); fprintf(fp, "\n"); fprintf(fp, "extern ipf_main_softc_t ipfmain;\n"); fprintf(fp, "\n"); } addrule(fp, fr); fr->fr_type |= FR_T_BUILTIN; and = ""; fr->fr_ref = 1; i = sizeof(*fr); if (i & -(1 - sizeof(*ulp))) i += sizeof(u_long); for (i /= sizeof(u_long), ulp = (u_long *)fr; i > 0; i--) { fprintf(fp, "%s%#lx", and, *ulp++); and = ", "; } fprintf(fp, "\n};\n"); fr->fr_type &= ~FR_T_BUILTIN; count++; fflush(fp); } static frgroup_t *groups = NULL; static void addrule(FILE *fp, frentry_t *fr) { frentry_t *f, **fpp; frgroup_t *g; u_long *ulp; char *ghead; char *gname; char *and; int i; f = (frentry_t *)malloc(sizeof(*f)); bcopy((char *)fr, (char *)f, sizeof(*fr)); if (fr->fr_ipf) { f->fr_ipf = (fripf_t *)malloc(sizeof(*f->fr_ipf)); bcopy((char *)fr->fr_ipf, (char *)f->fr_ipf, sizeof(*fr->fr_ipf)); } f->fr_next = NULL; gname = FR_NAME(fr, fr_group); for (g = groups; g != NULL; g = g->fg_next) if ((strncmp(g->fg_name, gname, FR_GROUPLEN) == 0) && (g->fg_flags == (f->fr_flags & FR_INOUT))) break; if (g == NULL) { g = (frgroup_t *)calloc(1, sizeof(*g)); g->fg_next = groups; groups = g; g->fg_head = f; strncpy(g->fg_name, gname, FR_GROUPLEN); g->fg_ref = 0; g->fg_flags = f->fr_flags & FR_INOUT; } for (fpp = &g->fg_start; *fpp != NULL; ) fpp = &((*fpp)->fr_next); *fpp = f; if (fr->fr_dsize > 0) { fprintf(fp, "\ static u_long ipf%s_rule_data_%s_%u[] = {\n", f->fr_flags & FR_INQUE ? "in" : "out", g->fg_name, g->fg_ref); and = ""; i = fr->fr_dsize; ulp = fr->fr_data; for (i /= sizeof(u_long); i > 0; i--) { fprintf(fp, "%s%#lx", and, *ulp++); and = ", "; } fprintf(fp, "\n};\n"); } fprintf(fp, "\nstatic u_long %s_rule_%s_%d[] = {\n", f->fr_flags & FR_INQUE ? "in" : "out", g->fg_name, g->fg_ref); g->fg_ref++; if (f->fr_grhead != -1) { ghead = FR_NAME(f, fr_grhead); for (g = groups; g != NULL; g = g->fg_next) if ((strncmp(g->fg_name, ghead, FR_GROUPLEN) == 0) && g->fg_flags == (f->fr_flags & FR_INOUT)) break; if (g == NULL) { g = (frgroup_t *)calloc(1, sizeof(*g)); g->fg_next = groups; groups = g; g->fg_head = f; strncpy(g->fg_name, ghead, FR_GROUPLEN); g->fg_ref = 0; g->fg_flags = f->fr_flags & FR_INOUT; } } } int intcmp(const void *c1, const void *c2) { const mc_t *i1 = (const mc_t *)c1, *i2 = (const mc_t *)c2; if (i1->n == i2->n) { return (i1->c - i2->c); } return (i2->n - i1->n); } static void indent(FILE *fp, int in) { for (; in; in--) fputc('\t', fp); } static void printeq(FILE *fp, char *var, int m, int max, int v) { if (m == max) fprintf(fp, "%s == %#x) {\n", var, v); else fprintf(fp, "(%s & %#x) == %#x) {\n", var, m, v); } /* * Parameters: var - IP# being compared * fl - 0 for positive match, 1 for negative match * m - netmask * v - required address */ static void printipeq(FILE *fp, char *var, int fl, int m, int v) { if (m == 0xffffffff) fprintf(fp, "%s ", var); else fprintf(fp, "(%s & %#x) ", var, m); fprintf(fp, "%c", fl ? '!' : '='); fprintf(fp, "= %#x) {\n", v); } void emit(int num, int dir, void *v, frentry_t *fr) { u_int incnt, outcnt; frgroup_t *g; frentry_t *f; for (g = groups; g != NULL; g = g->fg_next) { if (dir == 0 || dir == -1) { if ((g->fg_flags & FR_INQUE) == 0) continue; for (incnt = 0, f = g->fg_start; f != NULL; f = f->fr_next) incnt++; emitGroup(num, dir, v, fr, g->fg_name, incnt, 0); } if (dir == 1 || dir == -1) { if ((g->fg_flags & FR_OUTQUE) == 0) continue; for (outcnt = 0, f = g->fg_start; f != NULL; f = f->fr_next) outcnt++; emitGroup(num, dir, v, fr, g->fg_name, 0, outcnt); } } if (num == -1 && dir == -1) { for (g = groups; g != NULL; g = g->fg_next) { if ((g->fg_flags & FR_INQUE) != 0) { for (incnt = 0, f = g->fg_start; f != NULL; f = f->fr_next) incnt++; if (incnt > 0) emitheader(g, incnt, 0); } if ((g->fg_flags & FR_OUTQUE) != 0) { for (outcnt = 0, f = g->fg_start; f != NULL; f = f->fr_next) outcnt++; if (outcnt > 0) emitheader(g, 0, outcnt); } } emittail(); fprintf(cfile, "#endif /* IPFILTER_COMPILED */\n"); } } static void emitheader(frgroup_t *grp, u_int incount, u_int outcount) { static FILE *fph = NULL; frgroup_t *g; if (fph == NULL) { fph = fopen("ip_rules.h", "w"); if (fph == NULL) return; fprintf(fph, "extern int ipfrule_add(void));\n"); fprintf(fph, "extern int ipfrule_remove(void));\n"); } printhooks(cfile, incount, outcount, grp); if (incount) { fprintf(fph, "\n\ extern frentry_t *ipfrule_match_in_%s(fr_info_t *, u_32_t *));\n\ extern frentry_t *ipf_rules_in_%s[%d];\n", grp->fg_name, grp->fg_name, incount); for (g = groups; g != grp; g = g->fg_next) if ((strncmp(g->fg_name, grp->fg_name, FR_GROUPLEN) == 0) && g->fg_flags == grp->fg_flags) break; if (g == grp) { fprintf(fph, "\n\ extern int ipfrule_add_in_%s(void));\n\ extern int ipfrule_remove_in_%s(void));\n", grp->fg_name, grp->fg_name); } } if (outcount) { fprintf(fph, "\n\ extern frentry_t *ipfrule_match_out_%s(fr_info_t *, u_32_t *));\n\ extern frentry_t *ipf_rules_out_%s[%d];\n", grp->fg_name, grp->fg_name, outcount); for (g = groups; g != grp; g = g->fg_next) if ((strncmp(g->fg_name, grp->fg_name, FR_GROUPLEN) == 0) && g->fg_flags == grp->fg_flags) break; if (g == grp) { fprintf(fph, "\n\ extern int ipfrule_add_out_%s(void));\n\ extern int ipfrule_remove_out_%s(void));\n", grp->fg_name, grp->fg_name); } } } static void emittail(void) { frgroup_t *g; fprintf(cfile, "\n\ int ipfrule_add()\n\ {\n\ int err;\n\ \n"); for (g = groups; g != NULL; g = g->fg_next) fprintf(cfile, "\ err = ipfrule_add_%s_%s();\n\ if (err != 0)\n\ return (err);\n", (g->fg_flags & FR_INQUE) ? "in" : "out", g->fg_name); fprintf(cfile, "\ return (0);\n"); fprintf(cfile, "}\n\ \n"); fprintf(cfile, "\n\ int ipfrule_remove()\n\ {\n\ int err;\n\ \n"); for (g = groups; g != NULL; g = g->fg_next) fprintf(cfile, "\ err = ipfrule_remove_%s_%s();\n\ if (err != 0)\n\ return (err);\n", (g->fg_flags & FR_INQUE) ? "in" : "out", g->fg_name); fprintf(cfile, "\ return (0);\n"); fprintf(cfile, "}\n"); } static void emitGroup(int num, int dir, void *v, frentry_t *fr, char *group, u_int incount, u_int outcount) { static FILE *fp = NULL; static int header[2] = { 0, 0 }; static char egroup[FR_GROUPLEN] = {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}; static int openfunc = 0; static mc_t *n = NULL; static int sin = 0; frentry_t *f; frgroup_t *g; fripf_t *ipf; int i, in, j; mc_t *m = v; if (fp == NULL) fp = cfile; if (fp == NULL) return; if (strncmp(egroup, group, FR_GROUPLEN)) { for (sin--; sin > 0; sin--) { indent(fp, sin); fprintf(fp, "}\n"); } if (openfunc == 1) { fprintf(fp, "\treturn (fr);\n}\n"); openfunc = 0; if (n != NULL) { free(n); n = NULL; } } sin = 0; header[0] = 0; header[1] = 0; strncpy(egroup, group, FR_GROUPLEN); } else if (openfunc == 1 && num < 0) { if (n != NULL) { free(n); n = NULL; } for (sin--; sin > 0; sin--) { indent(fp, sin); fprintf(fp, "}\n"); } if (openfunc == 1) { fprintf(fp, "\treturn (fr);\n}\n"); openfunc = 0; } } if (dir == -1) return; for (g = groups; g != NULL; g = g->fg_next) { if (dir == 0 && (g->fg_flags & FR_INQUE) == 0) continue; else if (dir == 1 && (g->fg_flags & FR_OUTQUE) == 0) continue; if (strncmp(g->fg_name, group, FR_GROUPLEN) != 0) continue; break; } /* * Output the array of pointers to rules for this group. */ if (g != NULL && num == -2 && dir == 0 && header[0] == 0 && incount != 0) { fprintf(fp, "\nfrentry_t *ipf_rules_in_%s[%d] = {", group, incount); for (f = g->fg_start, i = 0; f != NULL; f = f->fr_next) { if ((f->fr_flags & FR_INQUE) == 0) continue; if ((i & 1) == 0) { fprintf(fp, "\n\t"); } fprintf(fp, "(frentry_t *)&in_rule_%s_%d", FR_NAME(f, fr_group), i); if (i + 1 < incount) fprintf(fp, ", "); i++; } fprintf(fp, "\n};\n"); } if (g != NULL && num == -2 && dir == 1 && header[0] == 0 && outcount != 0) { fprintf(fp, "\nfrentry_t *ipf_rules_out_%s[%d] = {", group, outcount); for (f = g->fg_start, i = 0; f != NULL; f = f->fr_next) { if ((f->fr_flags & FR_OUTQUE) == 0) continue; if ((i & 1) == 0) { fprintf(fp, "\n\t"); } fprintf(fp, "(frentry_t *)&out_rule_%s_%d", FR_NAME(f, fr_group), i); if (i + 1 < outcount) fprintf(fp, ", "); i++; } fprintf(fp, "\n};\n"); fp = NULL; } if (num < 0) return; in = 0; ipf = fr->fr_ipf; /* * If the function header has not been printed then print it now. */ if (g != NULL && header[dir] == 0) { int pdst = 0, psrc = 0; openfunc = 1; fprintf(fp, "\nfrentry_t *ipfrule_match_%s_%s(fin, passp)\n", (dir == 0) ? "in" : "out", group); fprintf(fp, "fr_info_t *fin;\n"); fprintf(fp, "u_32_t *passp;\n"); fprintf(fp, "{\n"); fprintf(fp, "\tfrentry_t *fr = NULL;\n"); /* * Print out any variables that need to be declared. */ for (f = g->fg_start, i = 0; f != NULL; f = f->fr_next) { if (incount + outcount > m[FRC_SRC].e + 1) psrc = 1; if (incount + outcount > m[FRC_DST].e + 1) pdst = 1; } if (psrc == 1) fprintf(fp, "\tu_32_t src = ntohl(%s);\n", "fin->fin_fi.fi_saddr"); if (pdst == 1) fprintf(fp, "\tu_32_t dst = ntohl(%s);\n", "fin->fin_fi.fi_daddr"); } for (i = 0; i < FRC_MAX; i++) { switch(m[i].c) { case FRC_IFN : if (fr->fr_ifnames[0] != -1) m[i].s = 1; break; case FRC_V : if (ipf != NULL && ipf->fri_mip.fi_v != 0) m[i].s = 1; break; case FRC_FL : if (ipf != NULL && ipf->fri_mip.fi_flx != 0) m[i].s = 1; break; case FRC_P : if (ipf != NULL && ipf->fri_mip.fi_p != 0) m[i].s = 1; break; case FRC_TTL : if (ipf != NULL && ipf->fri_mip.fi_ttl != 0) m[i].s = 1; break; case FRC_TOS : if (ipf != NULL && ipf->fri_mip.fi_tos != 0) m[i].s = 1; break; case FRC_TCP : if (ipf == NULL) break; if ((ipf->fri_ip.fi_p == IPPROTO_TCP) && fr->fr_tcpfm != 0) m[i].s = 1; break; case FRC_SP : if (ipf == NULL) break; if (fr->fr_scmp == FR_INRANGE) m[i].s = 1; else if (fr->fr_scmp == FR_OUTRANGE) m[i].s = 1; else if (fr->fr_scmp != 0) m[i].s = 1; break; case FRC_DP : if (ipf == NULL) break; if (fr->fr_dcmp == FR_INRANGE) m[i].s = 1; else if (fr->fr_dcmp == FR_OUTRANGE) m[i].s = 1; else if (fr->fr_dcmp != 0) m[i].s = 1; break; case FRC_SRC : if (ipf == NULL) break; if (fr->fr_satype == FRI_LOOKUP) { ; } else if ((fr->fr_smask != 0) || (fr->fr_flags & FR_NOTSRCIP) != 0) m[i].s = 1; break; case FRC_DST : if (ipf == NULL) break; if (fr->fr_datype == FRI_LOOKUP) { ; } else if ((fr->fr_dmask != 0) || (fr->fr_flags & FR_NOTDSTIP) != 0) m[i].s = 1; break; case FRC_OPT : if (ipf == NULL) break; if (fr->fr_optmask != 0) m[i].s = 1; break; case FRC_SEC : if (ipf == NULL) break; if (fr->fr_secmask != 0) m[i].s = 1; break; case FRC_ATH : if (ipf == NULL) break; if (fr->fr_authmask != 0) m[i].s = 1; break; case FRC_ICT : if (ipf == NULL) break; if ((fr->fr_icmpm & 0xff00) != 0) m[i].s = 1; break; case FRC_ICC : if (ipf == NULL) break; if ((fr->fr_icmpm & 0xff) != 0) m[i].s = 1; break; } } if (!header[dir]) { fprintf(fp, "\n"); header[dir] = 1; sin = 0; } qsort(m, FRC_MAX, sizeof(mc_t), intcmp); if (n) { /* * Calculate the indentation interval upto the last common * common comparison being made. */ for (i = 0, in = 1; i < FRC_MAX; i++) { if (n[i].c != m[i].c) break; if (n[i].s != m[i].s) break; if (n[i].s) { if (n[i].n && (n[i].n > n[i].e)) { m[i].p++; in += m[i].p; break; } if (n[i].e > 0) { in++; } else break; } } if (sin != in) { for (j = sin - 1; j >= in; j--) { indent(fp, j); fprintf(fp, "}\n"); } } } else { in = 1; i = 0; } /* * print out C code that implements a filter rule. */ for (; i < FRC_MAX; i++) { switch(m[i].c) { case FRC_IFN : if (m[i].s) { indent(fp, in); fprintf(fp, "if (fin->fin_ifp == "); fprintf(fp, "ipf_rules_%s_%s[%d]->fr_ifa) {\n", dir ? "out" : "in", group, num); in++; } break; case FRC_V : if (m[i].s) { indent(fp, in); fprintf(fp, "if (fin->fin_v == %d) {\n", ipf->fri_ip.fi_v); in++; } break; case FRC_FL : if (m[i].s) { indent(fp, in); fprintf(fp, "if ("); printeq(fp, "fin->fin_flx", ipf->fri_mip.fi_flx, 0xf, ipf->fri_ip.fi_flx); in++; } break; case FRC_P : if (m[i].s) { indent(fp, in); fprintf(fp, "if (fin->fin_p == %d) {\n", ipf->fri_ip.fi_p); in++; } break; case FRC_TTL : if (m[i].s) { indent(fp, in); fprintf(fp, "if ("); printeq(fp, "fin->fin_ttl", ipf->fri_mip.fi_ttl, 0xff, ipf->fri_ip.fi_ttl); in++; } break; case FRC_TOS : if (m[i].s) { indent(fp, in); fprintf(fp, "if (fin->fin_tos"); printeq(fp, "fin->fin_tos", ipf->fri_mip.fi_tos, 0xff, ipf->fri_ip.fi_tos); in++; } break; case FRC_TCP : if (m[i].s) { indent(fp, in); fprintf(fp, "if ("); printeq(fp, "fin->fin_tcpf", fr->fr_tcpfm, 0xff, fr->fr_tcpf); in++; } break; case FRC_SP : if (!m[i].s) break; if (fr->fr_scmp == FR_INRANGE) { indent(fp, in); fprintf(fp, "if ((fin->fin_data[0] > %d) && ", fr->fr_sport); fprintf(fp, "(fin->fin_data[0] < %d)", fr->fr_stop); fprintf(fp, ") {\n"); in++; } else if (fr->fr_scmp == FR_OUTRANGE) { indent(fp, in); fprintf(fp, "if ((fin->fin_data[0] < %d) || ", fr->fr_sport); fprintf(fp, "(fin->fin_data[0] > %d)", fr->fr_stop); fprintf(fp, ") {\n"); in++; } else if (fr->fr_scmp) { indent(fp, in); fprintf(fp, "if (fin->fin_data[0] %s %d)", portcmp[fr->fr_scmp], fr->fr_sport); fprintf(fp, " {\n"); in++; } break; case FRC_DP : if (!m[i].s) break; if (fr->fr_dcmp == FR_INRANGE) { indent(fp, in); fprintf(fp, "if ((fin->fin_data[1] > %d) && ", fr->fr_dport); fprintf(fp, "(fin->fin_data[1] < %d)", fr->fr_dtop); fprintf(fp, ") {\n"); in++; } else if (fr->fr_dcmp == FR_OUTRANGE) { indent(fp, in); fprintf(fp, "if ((fin->fin_data[1] < %d) || ", fr->fr_dport); fprintf(fp, "(fin->fin_data[1] > %d)", fr->fr_dtop); fprintf(fp, ") {\n"); in++; } else if (fr->fr_dcmp) { indent(fp, in); fprintf(fp, "if (fin->fin_data[1] %s %d)", portcmp[fr->fr_dcmp], fr->fr_dport); fprintf(fp, " {\n"); in++; } break; case FRC_SRC : if (!m[i].s) break; if (fr->fr_satype == FRI_LOOKUP) { ; } else if ((fr->fr_smask != 0) || (fr->fr_flags & FR_NOTSRCIP) != 0) { indent(fp, in); fprintf(fp, "if ("); printipeq(fp, "src", fr->fr_flags & FR_NOTSRCIP, fr->fr_smask, fr->fr_saddr); in++; } break; case FRC_DST : if (!m[i].s) break; if (fr->fr_datype == FRI_LOOKUP) { ; } else if ((fr->fr_dmask != 0) || (fr->fr_flags & FR_NOTDSTIP) != 0) { indent(fp, in); fprintf(fp, "if ("); printipeq(fp, "dst", fr->fr_flags & FR_NOTDSTIP, fr->fr_dmask, fr->fr_daddr); in++; } break; case FRC_OPT : if (m[i].s) { indent(fp, in); fprintf(fp, "if ("); printeq(fp, "fin->fin_fi.fi_optmsk", fr->fr_optmask, 0xffffffff, fr->fr_optbits); in++; } break; case FRC_SEC : if (m[i].s) { indent(fp, in); fprintf(fp, "if ("); printeq(fp, "fin->fin_fi.fi_secmsk", fr->fr_secmask, 0xffff, fr->fr_secbits); in++; } break; case FRC_ATH : if (m[i].s) { indent(fp, in); fprintf(fp, "if ("); printeq(fp, "fin->fin_fi.fi_authmsk", fr->fr_authmask, 0xffff, fr->fr_authbits); in++; } break; case FRC_ICT : if (m[i].s) { indent(fp, in); fprintf(fp, "if ("); printeq(fp, "fin->fin_data[0]", fr->fr_icmpm & 0xff00, 0xffff, fr->fr_icmp & 0xff00); in++; } break; case FRC_ICC : if (m[i].s) { indent(fp, in); fprintf(fp, "if ("); printeq(fp, "fin->fin_data[0]", fr->fr_icmpm & 0xff, 0xffff, fr->fr_icmp & 0xff); in++; } break; } } indent(fp, in); if (fr->fr_flags & FR_QUICK) { fprintf(fp, "return ((frentry_t *)&%s_rule_%s_%d);\n", fr->fr_flags & FR_INQUE ? "in" : "out", FR_NAME(fr, fr_group), num); } else { fprintf(fp, "fr = (frentry_t *)&%s_rule_%s_%d;\n", fr->fr_flags & FR_INQUE ? "in" : "out", FR_NAME(fr, fr_group), num); } if (n == NULL) n = (mc_t *)malloc(sizeof(*n) * FRC_MAX); bcopy((char *)m, (char *)n, sizeof(*n) * FRC_MAX); sin = in; } void printC(int dir) { static mc_t *m = NULL; frgroup_t *g; if (m == NULL) m = (mc_t *)calloc(FRC_MAX, sizeof(*m)); for (g = groups; g != NULL; g = g->fg_next) { if ((dir == 0) && ((g->fg_flags & FR_INQUE) != 0)) printCgroup(dir, g->fg_start, m, g->fg_name); if ((dir == 1) && ((g->fg_flags & FR_OUTQUE) != 0)) printCgroup(dir, g->fg_start, m, g->fg_name); } emit(-1, dir, m, NULL); } /* * Now print out code to implement all of the rules. */ static void printCgroup(int dir, frentry_t *top, mc_t *m, char *group) { frentry_t *fr, *fr1; int i, n, rn; u_int count; for (count = 0, fr1 = top; fr1 != NULL; fr1 = fr1->fr_next) { if ((dir == 0) && ((fr1->fr_flags & FR_INQUE) != 0)) count++; else if ((dir == 1) && ((fr1->fr_flags & FR_OUTQUE) != 0)) count++; } if (dir == 0) emitGroup(-2, dir, m, fr1, group, count, 0); else if (dir == 1) emitGroup(-2, dir, m, fr1, group, 0, count); /* * Before printing each rule, check to see how many of its fields are * matched by subsequent rules. */ for (fr1 = top, rn = 0; fr1 != NULL; fr1 = fr1->fr_next, rn++) { if (!dir && !(fr1->fr_flags & FR_INQUE)) continue; if (dir && !(fr1->fr_flags & FR_OUTQUE)) continue; n = 0xfffffff; for (i = 0; i < FRC_MAX; i++) m[i].e = 0; qsort(m, FRC_MAX, sizeof(mc_t), intcmp); for (i = 0; i < FRC_MAX; i++) { m[i].c = i; m[i].e = 0; m[i].n = 0; m[i].s = 0; } for (fr = fr1->fr_next; fr; fr = fr->fr_next) { if (!dir && !(fr->fr_flags & FR_INQUE)) continue; if (dir && !(fr->fr_flags & FR_OUTQUE)) continue; if ((n & 0x0001) && !strcmp(fr1->fr_names + fr1->fr_ifnames[0], fr->fr_names + fr->fr_ifnames[0])) { m[FRC_IFN].e++; m[FRC_IFN].n++; } else n &= ~0x0001; if ((n & 0x0002) && (fr1->fr_family == fr->fr_family)) { m[FRC_V].e++; m[FRC_V].n++; } else n &= ~0x0002; if ((n & 0x0004) && (fr->fr_type == fr1->fr_type) && (fr->fr_type == FR_T_IPF) && (fr1->fr_mip.fi_flx == fr->fr_mip.fi_flx) && (fr1->fr_ip.fi_flx == fr->fr_ip.fi_flx)) { m[FRC_FL].e++; m[FRC_FL].n++; } else n &= ~0x0004; if ((n & 0x0008) && (fr->fr_type == fr1->fr_type) && (fr->fr_type == FR_T_IPF) && (fr1->fr_proto == fr->fr_proto)) { m[FRC_P].e++; m[FRC_P].n++; } else n &= ~0x0008; if ((n & 0x0010) && (fr->fr_type == fr1->fr_type) && (fr->fr_type == FR_T_IPF) && (fr1->fr_ttl == fr->fr_ttl)) { m[FRC_TTL].e++; m[FRC_TTL].n++; } else n &= ~0x0010; if ((n & 0x0020) && (fr->fr_type == fr1->fr_type) && (fr->fr_type == FR_T_IPF) && (fr1->fr_tos == fr->fr_tos)) { m[FRC_TOS].e++; m[FRC_TOS].n++; } else n &= ~0x0020; if ((n & 0x0040) && (fr->fr_type == fr1->fr_type) && (fr->fr_type == FR_T_IPF) && ((fr1->fr_tcpfm == fr->fr_tcpfm) && (fr1->fr_tcpf == fr->fr_tcpf))) { m[FRC_TCP].e++; m[FRC_TCP].n++; } else n &= ~0x0040; if ((n & 0x0080) && (fr->fr_type == fr1->fr_type) && (fr->fr_type == FR_T_IPF) && ((fr1->fr_scmp == fr->fr_scmp) && (fr1->fr_stop == fr->fr_stop) && (fr1->fr_sport == fr->fr_sport))) { m[FRC_SP].e++; m[FRC_SP].n++; } else n &= ~0x0080; if ((n & 0x0100) && (fr->fr_type == fr1->fr_type) && (fr->fr_type == FR_T_IPF) && ((fr1->fr_dcmp == fr->fr_dcmp) && (fr1->fr_dtop == fr->fr_dtop) && (fr1->fr_dport == fr->fr_dport))) { m[FRC_DP].e++; m[FRC_DP].n++; } else n &= ~0x0100; if ((n & 0x0200) && (fr->fr_type == fr1->fr_type) && (fr->fr_type == FR_T_IPF) && ((fr1->fr_satype == FRI_LOOKUP) && (fr->fr_satype == FRI_LOOKUP) && (fr1->fr_srcnum == fr->fr_srcnum))) { m[FRC_SRC].e++; m[FRC_SRC].n++; } else if ((n & 0x0200) && (fr->fr_type == fr1->fr_type) && (fr->fr_type == FR_T_IPF) && (((fr1->fr_flags & FR_NOTSRCIP) == (fr->fr_flags & FR_NOTSRCIP)))) { if ((fr1->fr_smask == fr->fr_smask) && (fr1->fr_saddr == fr->fr_saddr)) m[FRC_SRC].e++; else n &= ~0x0200; if (fr1->fr_smask && (fr1->fr_saddr & fr1->fr_smask) == (fr->fr_saddr & fr1->fr_smask)) { m[FRC_SRC].n++; n |= 0x0200; } } else { n &= ~0x0200; } if ((n & 0x0400) && (fr->fr_type == fr1->fr_type) && (fr->fr_type == FR_T_IPF) && ((fr1->fr_datype == FRI_LOOKUP) && (fr->fr_datype == FRI_LOOKUP) && (fr1->fr_dstnum == fr->fr_dstnum))) { m[FRC_DST].e++; m[FRC_DST].n++; } else if ((n & 0x0400) && (fr->fr_type == fr1->fr_type) && (fr->fr_type == FR_T_IPF) && (((fr1->fr_flags & FR_NOTDSTIP) == (fr->fr_flags & FR_NOTDSTIP)))) { if ((fr1->fr_dmask == fr->fr_dmask) && (fr1->fr_daddr == fr->fr_daddr)) m[FRC_DST].e++; else n &= ~0x0400; if (fr1->fr_dmask && (fr1->fr_daddr & fr1->fr_dmask) == (fr->fr_daddr & fr1->fr_dmask)) { m[FRC_DST].n++; n |= 0x0400; } } else { n &= ~0x0400; } if ((n & 0x0800) && (fr->fr_type == fr1->fr_type) && (fr->fr_type == FR_T_IPF) && (fr1->fr_optmask == fr->fr_optmask) && (fr1->fr_optbits == fr->fr_optbits)) { m[FRC_OPT].e++; m[FRC_OPT].n++; } else n &= ~0x0800; if ((n & 0x1000) && (fr->fr_type == fr1->fr_type) && (fr->fr_type == FR_T_IPF) && (fr1->fr_secmask == fr->fr_secmask) && (fr1->fr_secbits == fr->fr_secbits)) { m[FRC_SEC].e++; m[FRC_SEC].n++; } else n &= ~0x1000; if ((n & 0x10000) && (fr->fr_type == fr1->fr_type) && (fr->fr_type == FR_T_IPF) && (fr1->fr_authmask == fr->fr_authmask) && (fr1->fr_authbits == fr->fr_authbits)) { m[FRC_ATH].e++; m[FRC_ATH].n++; } else n &= ~0x10000; if ((n & 0x20000) && (fr->fr_type == fr1->fr_type) && (fr->fr_type == FR_T_IPF) && ((fr1->fr_icmpm & 0xff00) == (fr->fr_icmpm & 0xff00)) && ((fr1->fr_icmp & 0xff00) == (fr->fr_icmp & 0xff00))) { m[FRC_ICT].e++; m[FRC_ICT].n++; } else n &= ~0x20000; if ((n & 0x40000) && (fr->fr_type == fr1->fr_type) && (fr->fr_type == FR_T_IPF) && ((fr1->fr_icmpm & 0xff) == (fr->fr_icmpm & 0xff)) && ((fr1->fr_icmp & 0xff) == (fr->fr_icmp & 0xff))) { m[FRC_ICC].e++; m[FRC_ICC].n++; } else n &= ~0x40000; } /*msort(m);*/ if (dir == 0) emitGroup(rn, dir, m, fr1, group, count, 0); else if (dir == 1) emitGroup(rn, dir, m, fr1, group, 0, count); } } static void printhooks(FILE *fp, int in, int out, frgroup_t *grp) { frentry_t *fr; char *group; int dogrp, i; char *instr; group = grp->fg_name; dogrp = 0; if (in && out) { fprintf(stderr, "printhooks called with both in and out set\n"); exit(1); } if (in) { instr = "in"; } else if (out) { instr = "out"; } else { instr = "???"; } fprintf(fp, "static frentry_t ipfrule_%s_%s;\n", instr, group); fprintf(fp, "\ \n\ int ipfrule_add_%s_%s()\n", instr, group); fprintf(fp, "\ {\n\ int i, j, err = 0, max;\n\ frentry_t *fp;\n"); if (dogrp) fprintf(fp, "\ frgroup_t *fg;\n"); fprintf(fp, "\n"); for (i = 0, fr = grp->fg_start; fr != NULL; i++, fr = fr->fr_next) if (fr->fr_dsize > 0) { fprintf(fp, "\ ipf_rules_%s_%s[%d]->fr_data = &ipf%s_rule_data_%s_%u;\n", instr, grp->fg_name, i, instr, grp->fg_name, i); } fprintf(fp, "\ max = sizeof(ipf_rules_%s_%s)/sizeof(frentry_t *);\n\ for (i = 0; i < max; i++) {\n\ fp = ipf_rules_%s_%s[i];\n\ fp->fr_next = NULL;\n", instr, group, instr, group); fprintf(fp, "\ for (j = i + 1; j < max; j++)\n\ if (strncmp(fp->fr_names + fp->fr_group,\n\ ipf_rules_%s_%s[j]->fr_names +\n\ ipf_rules_%s_%s[j]->fr_group,\n\ FR_GROUPLEN) == 0) {\n\ if (ipf_rules_%s_%s[j] != NULL)\n\ ipf_rules_%s_%s[j]->fr_pnext =\n\ &fp->fr_next;\n\ fp->fr_pnext = &ipf_rules_%s_%s[j];\n\ fp->fr_next = ipf_rules_%s_%s[j];\n\ break;\n\ }\n", instr, group, instr, group, instr, group, instr, group, instr, group, instr, group); if (dogrp) fprintf(fp, "\ \n\ if (fp->fr_grhead != -1) {\n\ fg = fr_addgroup(fp->fr_names + fp->fr_grhead,\n\ fp, FR_INQUE, IPL_LOGIPF, 0);\n\ if (fg != NULL)\n\ fp->fr_grp = &fg->fg_start;\n\ }\n"); fprintf(fp, "\ }\n\ \n\ fp = &ipfrule_%s_%s;\n", instr, group); fprintf(fp, "\ bzero((char *)fp, sizeof(*fp));\n\ fp->fr_type = FR_T_CALLFUNC_BUILTIN;\n\ fp->fr_flags = FR_%sQUE|FR_NOMATCH;\n\ fp->fr_data = (void *)ipf_rules_%s_%s[0];\n", (in != 0) ? "IN" : "OUT", instr, group); fprintf(fp, "\ fp->fr_dsize = sizeof(ipf_rules_%s_%s[0]);\n", instr, group); fprintf(fp, "\ fp->fr_family = AF_INET;\n\ fp->fr_func = (ipfunc_t)ipfrule_match_%s_%s;\n\ err = frrequest(&ipfmain, IPL_LOGIPF, SIOCADDFR, (caddr_t)fp,\n\ ipfmain.ipf_active, 0);\n", instr, group); fprintf(fp, "\treturn (err);\n}\n"); fprintf(fp, "\n\n\ int ipfrule_remove_%s_%s()\n", instr, group); fprintf(fp, "\ {\n\ int err = 0, i;\n\ frentry_t *fp;\n\ \n\ /*\n\ * Try to remove the %sbound rule.\n", instr); fprintf(fp, "\ */\n\ if (ipfrule_%s_%s.fr_ref > 0) {\n", instr, group); fprintf(fp, "\ err = EBUSY;\n\ } else {\n"); fprintf(fp, "\ i = sizeof(ipf_rules_%s_%s)/sizeof(frentry_t *) - 1;\n\ for (; i >= 0; i--) {\n\ fp = ipf_rules_%s_%s[i];\n\ if (fp->fr_ref > 1) {\n\ err = EBUSY;\n\ break;\n\ }\n\ }\n\ }\n\ if (err == 0)\n\ err = frrequest(&ipfmain, IPL_LOGIPF, SIOCDELFR,\n\ (caddr_t)&ipfrule_%s_%s,\n\ ipfmain.ipf_active, 0);\n", instr, group, instr, group, instr, group); fprintf(fp, "\ if (err)\n\ return (err);\n\ \n\n"); fprintf(fp, "\treturn (err);\n}\n"); } diff --git a/sbin/ipf/ipfs/ipfs.c b/sbin/ipf/ipfs/ipfs.c index bb342cbb9319..6225c6e1154d 100644 --- a/sbin/ipf/ipfs/ipfs.c +++ b/sbin/ipf/ipfs/ipfs.c @@ -1,854 +1,851 @@ /* * Copyright (C) 2012 by Darren Reed. * * See the IPFILTER.LICENCE file for details on licencing. */ #include #include #include #include #include #if !defined(__SVR4) && !defined(__GNUC__) #include #endif #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include "ipf.h" #include "netinet/ipl.h" -#if !defined(lint) -static const char rcsid[] = "@(#)$Id$"; -#endif #ifndef IPF_SAVEDIR # define IPF_SAVEDIR "/var/db/ipf" #endif #ifndef IPF_NATFILE # define IPF_NATFILE "ipnat.ipf" #endif #ifndef IPF_STATEFILE # define IPF_STATEFILE "ipstate.ipf" #endif #if !defined(__SVR4) && defined(__GNUC__) extern char *index(const char *, int); #endif extern char *optarg; extern int optind; int main(int, char *[]); void usage(void); int changestateif(char *, char *); int changenatif(char *, char *); int readstate(int, char *); int readnat(int, char *); int writestate(int, char *); int opendevice(char *); void closedevice(int); int setlock(int, int); int writeall(char *); int readall(char *); int writenat(int, char *); int opts = 0; char *progname; void usage() { fprintf(stderr, "usage: %s [-nv] -l\n", progname); fprintf(stderr, "usage: %s [-nv] -u\n", progname); fprintf(stderr, "usage: %s [-nv] [-d ] -R\n", progname); fprintf(stderr, "usage: %s [-nv] [-d ] -W\n", progname); fprintf(stderr, "usage: %s [-nNSv] [-f ] -r\n", progname); fprintf(stderr, "usage: %s [-nNSv] [-f ] -w\n", progname); fprintf(stderr, "usage: %s [-nNSv] -f -i ,\n", progname); exit(1); } /* * Change interface names in state information saved out to disk. */ int changestateif(char *ifs, char *fname) { int fd, olen, nlen, rw; ipstate_save_t ips; off_t pos; char *s; s = strchr(ifs, ','); if (!s) usage(); *s++ = '\0'; nlen = strlen(s); olen = strlen(ifs); if (nlen >= sizeof(ips.ips_is.is_ifname) || olen >= sizeof(ips.ips_is.is_ifname)) usage(); fd = open(fname, O_RDWR); if (fd == -1) { perror("open"); exit(1); } for (pos = 0; read(fd, &ips, sizeof(ips)) == sizeof(ips); ) { rw = 0; if (!strncmp(ips.ips_is.is_ifname[0], ifs, olen + 1)) { strcpy(ips.ips_is.is_ifname[0], s); rw = 1; } if (!strncmp(ips.ips_is.is_ifname[1], ifs, olen + 1)) { strcpy(ips.ips_is.is_ifname[1], s); rw = 1; } if (!strncmp(ips.ips_is.is_ifname[2], ifs, olen + 1)) { strcpy(ips.ips_is.is_ifname[2], s); rw = 1; } if (!strncmp(ips.ips_is.is_ifname[3], ifs, olen + 1)) { strcpy(ips.ips_is.is_ifname[3], s); rw = 1; } if (rw == 1) { if (lseek(fd, pos, SEEK_SET) != pos) { perror("lseek"); exit(1); } if (write(fd, &ips, sizeof(ips)) != sizeof(ips)) { perror("write"); exit(1); } } pos = lseek(fd, 0, SEEK_CUR); } close(fd); return (0); } /* * Change interface names in NAT information saved out to disk. */ int changenatif(char *ifs, char *fname) { int fd, olen, nlen, rw; nat_save_t ipn; nat_t *nat; off_t pos; char *s; s = strchr(ifs, ','); if (!s) usage(); *s++ = '\0'; nlen = strlen(s); olen = strlen(ifs); nat = &ipn.ipn_nat; if (nlen >= sizeof(nat->nat_ifnames[0]) || olen >= sizeof(nat->nat_ifnames[0])) usage(); fd = open(fname, O_RDWR); if (fd == -1) { perror("open"); exit(1); } for (pos = 0; read(fd, &ipn, sizeof(ipn)) == sizeof(ipn); ) { rw = 0; if (!strncmp(nat->nat_ifnames[0], ifs, olen + 1)) { strcpy(nat->nat_ifnames[0], s); rw = 1; } if (!strncmp(nat->nat_ifnames[1], ifs, olen + 1)) { strcpy(nat->nat_ifnames[1], s); rw = 1; } if (rw == 1) { if (lseek(fd, pos, SEEK_SET) != pos) { perror("lseek"); exit(1); } if (write(fd, &ipn, sizeof(ipn)) != sizeof(ipn)) { perror("write"); exit(1); } } pos = lseek(fd, 0, SEEK_CUR); } close(fd); return (0); } int main(int argc, char *argv[]) { int c, lock = -1, devfd = -1, err = 0, rw = -1, ns = -1, set = 0; char *dirname = NULL, *filename = NULL, *ifs = NULL; progname = argv[0]; while ((c = getopt(argc, argv, "d:f:i:lNnSRruvWw")) != -1) switch (c) { case 'd' : if ((set == 0) && !dirname && !filename) dirname = optarg; else usage(); break; case 'f' : if ((set != 0) && !dirname && !filename) filename = optarg; else usage(); break; case 'i' : ifs = optarg; set = 1; break; case 'l' : if (filename || dirname || set) usage(); lock = 1; set = 1; break; case 'n' : opts |= OPT_DONOTHING; break; case 'N' : if ((ns >= 0) || dirname || (rw != -1) || set) usage(); ns = 0; set = 1; break; case 'r' : if (dirname || (rw != -1) || (ns == -1)) usage(); rw = 0; set = 1; break; case 'R' : rw = 2; set = 1; break; case 'S' : if ((ns >= 0) || dirname || (rw != -1) || set) usage(); ns = 1; set = 1; break; case 'u' : if (filename || dirname || set) usage(); lock = 0; set = 1; break; case 'v' : opts |= OPT_VERBOSE; break; case 'w' : if (dirname || (rw != -1) || (ns == -1)) usage(); rw = 1; set = 1; break; case 'W' : rw = 3; set = 1; break; case '?' : default : usage(); } if (ifs) { if (!filename || ns < 0) usage(); if (ns == 0) return (changenatif(ifs, filename)); else return (changestateif(ifs, filename)); } if ((ns >= 0) || (lock >= 0)) { if (lock >= 0) devfd = opendevice(NULL); else if (ns >= 0) { if (ns == 1) devfd = opendevice(IPSTATE_NAME); else if (ns == 0) devfd = opendevice(IPNAT_NAME); } if (devfd == -1) exit(1); } if (lock >= 0) err = setlock(devfd, lock); else if (rw >= 0) { if (rw & 1) { /* WRITE */ if (rw & 2) err = writeall(dirname); else { if (ns == 0) err = writenat(devfd, filename); else if (ns == 1) err = writestate(devfd, filename); } } else { if (rw & 2) err = readall(dirname); else { if (ns == 0) err = readnat(devfd, filename); else if (ns == 1) err = readstate(devfd, filename); } } } return (err); } int opendevice(char *ipfdev) { int fd = -1; if (opts & OPT_DONOTHING) return (-2); if (!ipfdev) ipfdev = IPL_NAME; if ((fd = open(ipfdev, O_RDWR)) == -1) if ((fd = open(ipfdev, O_RDONLY)) == -1) perror("open device"); return (fd); } void closedevice(int fd) { close(fd); } int setlock(int fd, int lock) { if (opts & OPT_VERBOSE) printf("Turn lock %s\n", lock ? "on" : "off"); if (!(opts & OPT_DONOTHING)) { if (ioctl(fd, SIOCSTLCK, &lock) == -1) { perror("SIOCSTLCK"); return (1); } if (opts & OPT_VERBOSE) printf("Lock now %s\n", lock ? "on" : "off"); } return (0); } int writestate(int fd, char *file) { ipstate_save_t ips, *ipsp; ipfobj_t obj; int wfd = -1; if (!file) file = IPF_STATEFILE; wfd = open(file, O_WRONLY|O_TRUNC|O_CREAT, 0600); if (wfd == -1) { fprintf(stderr, "%s ", file); perror("state:open"); return (1); } ipsp = &ips; bzero((char *)&obj, sizeof(obj)); bzero((char *)ipsp, sizeof(ips)); obj.ipfo_rev = IPFILTER_VERSION; obj.ipfo_size = sizeof(*ipsp); obj.ipfo_type = IPFOBJ_STATESAVE; obj.ipfo_ptr = ipsp; do { if (opts & OPT_VERBOSE) printf("Getting state from addr %p\n", ips.ips_next); if (ioctl(fd, SIOCSTGET, &obj)) { if (errno == ENOENT) break; perror("state:SIOCSTGET"); close(wfd); return (1); } if (opts & OPT_VERBOSE) printf("Got state next %p\n", ips.ips_next); if (write(wfd, ipsp, sizeof(ips)) != sizeof(ips)) { perror("state:write"); close(wfd); return (1); } } while (ips.ips_next != NULL); close(wfd); return (0); } int readstate(int fd, char *file) { ipstate_save_t ips, *is, *ipshead = NULL, *is1, *ipstail = NULL; int sfd = -1, i; ipfobj_t obj; if (!file) file = IPF_STATEFILE; sfd = open(file, O_RDONLY, 0600); if (sfd == -1) { fprintf(stderr, "%s ", file); perror("open"); return (1); } bzero((char *)&ips, sizeof(ips)); /* * 1. Read all state information in. */ do { i = read(sfd, &ips, sizeof(ips)); if (i == -1) { perror("read"); goto freeipshead; } if (i == 0) break; if (i != sizeof(ips)) { fprintf(stderr, "state:incomplete read: %d != %d\n", i, (int)sizeof(ips)); goto freeipshead; } is = (ipstate_save_t *)malloc(sizeof(*is)); if (is == NULL) { fprintf(stderr, "malloc failed\n"); goto freeipshead; } bcopy((char *)&ips, (char *)is, sizeof(ips)); /* * Check to see if this is the first state entry that will * reference a particular rule and if so, flag it as such * else just adjust the rule pointer to become a pointer to * the other. We do this so we have a means later for tracking * who is referencing us when we get back the real pointer * in is_rule after doing the ioctl. */ for (is1 = ipshead; is1 != NULL; is1 = is1->ips_next) if (is1->ips_rule == is->ips_rule) break; if (is1 == NULL) is->ips_is.is_flags |= SI_NEWFR; else is->ips_rule = (void *)&is1->ips_rule; /* * Use a tail-queue type list (add things to the end).. */ is->ips_next = NULL; if (!ipshead) ipshead = is; if (ipstail) ipstail->ips_next = is; ipstail = is; } while (1); close(sfd); obj.ipfo_rev = IPFILTER_VERSION; obj.ipfo_size = sizeof(*is); obj.ipfo_type = IPFOBJ_STATESAVE; while ((is = ipshead) != NULL) { if (opts & OPT_VERBOSE) printf("Loading new state table entry\n"); if (is->ips_is.is_flags & SI_NEWFR) { if (opts & OPT_VERBOSE) printf("Loading new filter rule\n"); } obj.ipfo_ptr = is; if (!(opts & OPT_DONOTHING)) if (ioctl(fd, SIOCSTPUT, &obj)) { perror("SIOCSTPUT"); goto freeipshead; } if (is->ips_is.is_flags & SI_NEWFR) { if (opts & OPT_VERBOSE) printf("Real rule addr %p\n", is->ips_rule); for (is1 = is->ips_next; is1; is1 = is1->ips_next) if (is1->ips_rule == (frentry_t *)&is->ips_rule) is1->ips_rule = is->ips_rule; } ipshead = is->ips_next; free(is); } return (0); freeipshead: while ((is = ipshead) != NULL) { ipshead = is->ips_next; free(is); } if (sfd != -1) close(sfd); return (1); } int readnat(int fd, char *file) { nat_save_t ipn, *in, *ipnhead = NULL, *in1, *ipntail = NULL; ipfobj_t obj; int nfd, i; nat_t *nat; char *s; int n; nfd = -1; in = NULL; ipnhead = NULL; ipntail = NULL; if (!file) file = IPF_NATFILE; nfd = open(file, O_RDONLY); if (nfd == -1) { fprintf(stderr, "%s ", file); perror("nat:open"); return (1); } bzero((char *)&ipn, sizeof(ipn)); /* * 1. Read all state information in. */ do { i = read(nfd, &ipn, sizeof(ipn)); if (i == -1) { perror("read"); goto freenathead; } if (i == 0) break; if (i != sizeof(ipn)) { fprintf(stderr, "nat:incomplete read: %d != %d\n", i, (int)sizeof(ipn)); goto freenathead; } in = (nat_save_t *)malloc(ipn.ipn_dsize); if (in == NULL) { fprintf(stderr, "nat:cannot malloc nat save atruct\n"); goto freenathead; } if (ipn.ipn_dsize > sizeof(ipn)) { n = ipn.ipn_dsize - sizeof(ipn); if (n > 0) { s = in->ipn_data + sizeof(in->ipn_data); i = read(nfd, s, n); if (i == 0) break; if (i != n) { fprintf(stderr, "nat:incomplete read: %d != %d\n", i, n); goto freenathead; } } } bcopy((char *)&ipn, (char *)in, sizeof(ipn)); /* * Check to see if this is the first NAT entry that will * reference a particular rule and if so, flag it as such * else just adjust the rule pointer to become a pointer to * the other. We do this so we have a means later for tracking * who is referencing us when we get back the real pointer * in is_rule after doing the ioctl. */ nat = &in->ipn_nat; if (nat->nat_fr != NULL) { for (in1 = ipnhead; in1 != NULL; in1 = in1->ipn_next) if (in1->ipn_rule == nat->nat_fr) break; if (in1 == NULL) nat->nat_flags |= SI_NEWFR; else nat->nat_fr = &in1->ipn_fr; } /* * Use a tail-queue type list (add things to the end).. */ in->ipn_next = NULL; if (!ipnhead) ipnhead = in; if (ipntail) ipntail->ipn_next = in; ipntail = in; } while (1); close(nfd); nfd = -1; obj.ipfo_rev = IPFILTER_VERSION; obj.ipfo_type = IPFOBJ_NATSAVE; while ((in = ipnhead) != NULL) { if (opts & OPT_VERBOSE) printf("Loading new NAT table entry\n"); nat = &in->ipn_nat; if (nat->nat_flags & SI_NEWFR) { if (opts & OPT_VERBOSE) printf("Loading new filter rule\n"); } obj.ipfo_ptr = in; obj.ipfo_size = in->ipn_dsize; if (!(opts & OPT_DONOTHING)) if (ioctl(fd, SIOCSTPUT, &obj)) { fprintf(stderr, "in=%p:", in); perror("SIOCSTPUT"); return (1); } if (nat->nat_flags & SI_NEWFR) { if (opts & OPT_VERBOSE) printf("Real rule addr %p\n", nat->nat_fr); for (in1 = in->ipn_next; in1; in1 = in1->ipn_next) if (in1->ipn_rule == &in->ipn_fr) in1->ipn_rule = nat->nat_fr; } ipnhead = in->ipn_next; free(in); } return (0); freenathead: while ((in = ipnhead) != NULL) { ipnhead = in->ipn_next; free(in); } if (nfd != -1) close(nfd); return (1); } int writenat(int fd, char *file) { nat_save_t *ipnp = NULL, *next = NULL; ipfobj_t obj; int nfd = -1; natget_t ng; if (!file) file = IPF_NATFILE; nfd = open(file, O_WRONLY|O_TRUNC|O_CREAT, 0600); if (nfd == -1) { fprintf(stderr, "%s ", file); perror("nat:open"); return (1); } obj.ipfo_rev = IPFILTER_VERSION; obj.ipfo_type = IPFOBJ_NATSAVE; do { if (opts & OPT_VERBOSE) printf("Getting nat from addr %p\n", ipnp); ng.ng_ptr = next; ng.ng_sz = 0; if (ioctl(fd, SIOCSTGSZ, &ng)) { perror("nat:SIOCSTGSZ"); close(nfd); if (ipnp != NULL) free(ipnp); return (1); } if (opts & OPT_VERBOSE) printf("NAT size %d from %p\n", ng.ng_sz, ng.ng_ptr); if (ng.ng_sz == 0) break; if (!ipnp) ipnp = malloc(ng.ng_sz); else ipnp = realloc((char *)ipnp, ng.ng_sz); if (!ipnp) { fprintf(stderr, "malloc for %d bytes failed\n", ng.ng_sz); break; } bzero((char *)ipnp, ng.ng_sz); obj.ipfo_size = ng.ng_sz; obj.ipfo_ptr = ipnp; ipnp->ipn_dsize = ng.ng_sz; ipnp->ipn_next = next; if (ioctl(fd, SIOCSTGET, &obj)) { if (errno == ENOENT) break; perror("nat:SIOCSTGET"); close(nfd); free(ipnp); return (1); } if (opts & OPT_VERBOSE) printf("Got nat next %p ipn_dsize %d ng_sz %d\n", ipnp->ipn_next, ipnp->ipn_dsize, ng.ng_sz); if (write(nfd, ipnp, ipnp->ipn_dsize) != ipnp->ipn_dsize) { perror("nat:write"); close(nfd); free(ipnp); return (1); } next = ipnp->ipn_next; } while (ipnp && next); if (ipnp != NULL) free(ipnp); close(nfd); return (0); } int writeall(char *dirname) { int fd, devfd; if (!dirname) dirname = IPF_SAVEDIR; if (chdir(dirname)) { fprintf(stderr, "IPF_SAVEDIR=%s: ", dirname); perror("chdir(IPF_SAVEDIR)"); return (1); } fd = opendevice(NULL); if (fd == -1) return (1); if (setlock(fd, 1)) { close(fd); return (1); } devfd = opendevice(IPSTATE_NAME); if (devfd == -1) goto bad; if (writestate(devfd, NULL)) goto bad; close(devfd); devfd = opendevice(IPNAT_NAME); if (devfd == -1) goto bad; if (writenat(devfd, NULL)) goto bad; close(devfd); if (setlock(fd, 0)) { close(fd); return (1); } close(fd); return (0); bad: setlock(fd, 0); close(fd); return (1); } int readall(char *dirname) { int fd, devfd; if (!dirname) dirname = IPF_SAVEDIR; if (chdir(dirname)) { perror("chdir(IPF_SAVEDIR)"); return (1); } fd = opendevice(NULL); if (fd == -1) return (1); if (setlock(fd, 1)) { close(fd); return (1); } devfd = opendevice(IPSTATE_NAME); if (devfd == -1) return (1); if (readstate(devfd, NULL)) return (1); close(devfd); devfd = opendevice(IPNAT_NAME); if (devfd == -1) return (1); if (readnat(devfd, NULL)) return (1); close(devfd); if (setlock(fd, 0)) { close(fd); return (1); } return (0); } diff --git a/sbin/ipf/ipfstat/ipfstat.c b/sbin/ipf/ipfstat/ipfstat.c index f9696bfce73d..ba9556f5421c 100644 --- a/sbin/ipf/ipfstat/ipfstat.c +++ b/sbin/ipf/ipfstat/ipfstat.c @@ -1,2314 +1,2310 @@ /* * Copyright (C) 2012 by Darren Reed. * * See the IPFILTER.LICENCE file for details on licencing. */ #include #include #include # include #include #if defined(sun) && defined(__SVR4) # include #endif #include "ipf.h" #include "netinet/ipl.h" #if defined(STATETOP) # if defined(sun) && defined(__SVR4) # include # endif # include # include # include # include # include # if SOLARIS || defined(__NetBSD__) # ifdef ERR # undef ERR # endif # include # else /* SOLARIS */ # include # endif /* SOLARIS */ #endif /* STATETOP */ #include "kmem.h" #if defined(__NetBSD__) # include #endif -#if !defined(lint) -static const char sccsid[] = "@(#)fils.c 1.21 4/20/96 (C) 1993-2000 Darren Reed"; -static const char rcsid[] = "@(#)$Id$"; -#endif extern char *optarg; extern int optind; extern int opterr; #define PRINTF (void)printf #define FPRINTF (void)fprintf static char *filters[4] = { "ipfilter(in)", "ipfilter(out)", "ipacct(in)", "ipacct(out)" }; static int state_logging = -1; static wordtab_t *state_fields = NULL; int nohdrfields = 0; int opts = 0; #ifdef USE_INET6 int use_inet4 = 0; int use_inet6 = 0; #endif int live_kernel = 1; int state_fd = -1; int ipf_fd = -1; int auth_fd = -1; int nat_fd = -1; frgroup_t *grtop = NULL; frgroup_t *grtail = NULL; char *blockreasons[FRB_MAX_VALUE + 1] = { "packet blocked", "log rule failure", "pps rate exceeded", "jumbogram", "makefrip failed", "cannot add state", "IP ID update failed", "log-or-block failed", "decapsulate failure", "cannot create new auth entry", "packet queued for auth", "buffer coalesce failure", "buffer pullup failure", "auth feedback", "bad fragment", "IPv4 NAT failure", "IPv6 NAT failure" }; #ifdef STATETOP #define STSTRSIZE 80 #define STGROWSIZE 16 #define HOSTNMLEN 40 #define STSORT_PR 0 #define STSORT_PKTS 1 #define STSORT_BYTES 2 #define STSORT_TTL 3 #define STSORT_SRCIP 4 #define STSORT_SRCPT 5 #define STSORT_DSTIP 6 #define STSORT_DSTPT 7 #define STSORT_MAX STSORT_DSTPT #define STSORT_DEFAULT STSORT_BYTES typedef struct statetop { i6addr_t st_src; i6addr_t st_dst; u_short st_sport; u_short st_dport; u_char st_p; u_char st_v; u_char st_state[2]; U_QUAD_T st_pkts; U_QUAD_T st_bytes; u_long st_age; } statetop_t; #endif int main(int, char *[]); static int fetchfrag(int, int, ipfr_t *); static void showstats(friostat_t *, u_32_t); static void showfrstates(ipfrstat_t *, u_long); static void showlist(friostat_t *); static void showstatestats(ips_stat_t *); static void showipstates(ips_stat_t *, int *); static void showauthstates(ipf_authstat_t *); static void showtqtable_live(int); static void showgroups(friostat_t *); static void usage(char *); static int state_matcharray(ipstate_t *, int *); static int printlivelist(friostat_t *, int, int, frentry_t *, char *, char *); static void printdeadlist(friostat_t *, int, int, frentry_t *, char *, char *); static void printside(char *, ipf_statistics_t *); static void parse_ipportstr(const char *, i6addr_t *, int *); static void ipfstate_live(char *, friostat_t **, ips_stat_t **, ipfrstat_t **, ipf_authstat_t **, u_32_t *); static void ipfstate_dead(char *, friostat_t **, ips_stat_t **, ipfrstat_t **, ipf_authstat_t **, u_32_t *); static ipstate_t *fetchstate(ipstate_t *, ipstate_t *); #ifdef STATETOP static void topipstates(i6addr_t, i6addr_t, int, int, int, int, int, int, int *); static void sig_break(int); static void sig_resize(int); static char *getip(int, i6addr_t *); static char *ttl_to_string(long); static int sort_p(const void *, const void *); static int sort_pkts(const void *, const void *); static int sort_bytes(const void *, const void *); static int sort_ttl(const void *, const void *); static int sort_srcip(const void *, const void *); static int sort_srcpt(const void *, const void *); static int sort_dstip(const void *, const void *); static int sort_dstpt(const void *, const void *); #endif static void usage(char *name) { #ifdef USE_INET6 fprintf(stderr, "Usage: %s [-46aAdfghIilnoRsv]\n", name); #else fprintf(stderr, "Usage: %s [-4aAdfghIilnoRsv]\n", name); #endif fprintf(stderr, " %s [-M corefile] [-N symbol-list]\n", name); #ifdef STATETOP #ifdef USE_INET6 fprintf(stderr, " %s -t [-46C] ", name); #else fprintf(stderr, " %s -t [-4C] ", name); #endif #endif fprintf(stderr, "[-D destination address] [-P protocol] [-S source address] [-T refresh time]\n"); exit(1); } int main(int argc, char *argv[]) { ipf_authstat_t frauthst; ipf_authstat_t *frauthstp = &frauthst; friostat_t fio; friostat_t *fiop = &fio; ips_stat_t ipsst; ips_stat_t *ipsstp = &ipsst; ipfrstat_t ifrst; ipfrstat_t *ifrstp = &ifrst; char *options; char *kern = NULL; char *memf = NULL; int c; int myoptind; int *filter = NULL; int protocol = -1; /* -1 = wild card for any protocol */ int refreshtime = 1; /* default update time */ int sport = -1; /* -1 = wild card for any source port */ int dport = -1; /* -1 = wild card for any dest port */ int topclosed = 0; /* do not show closed tcp sessions */ i6addr_t saddr, daddr; u_32_t frf; #ifdef USE_INET6 options = "46aACdfghIilnostvD:m:M:N:O:P:RS:T:"; #else options = "4aACdfghIilnostvD:m:M:N:O:P:RS:T:"; #endif saddr.in4.s_addr = INADDR_ANY; /* default any v4 source addr */ daddr.in4.s_addr = INADDR_ANY; /* default any v4 dest addr */ #ifdef USE_INET6 saddr.in6 = in6addr_any; /* default any v6 source addr */ daddr.in6 = in6addr_any; /* default any v6 dest addr */ #endif /* Don't warn about invalid flags when we run getopt for the 1st time */ opterr = 0; /* * Parse these two arguments now lest there be any buffer overflows * in the parsing of the rest. */ myoptind = optind; while ((c = getopt(argc, argv, options)) != -1) { switch (c) { case 'M' : memf = optarg; live_kernel = 0; break; case 'N' : kern = optarg; live_kernel = 0; break; } } optind = myoptind; if (live_kernel == 1) { if ((state_fd = open(IPSTATE_NAME, O_RDONLY)) == -1) { perror("open(IPSTATE_NAME)"); exit(-1); } if ((auth_fd = open(IPAUTH_NAME, O_RDONLY)) == -1) { perror("open(IPAUTH_NAME)"); exit(-1); } if ((nat_fd = open(IPNAT_NAME, O_RDONLY)) == -1) { perror("open(IPAUTH_NAME)"); exit(-1); } if ((ipf_fd = open(IPL_NAME, O_RDONLY)) == -1) { fprintf(stderr, "open(%s)", IPL_NAME); perror(""); exit(-1); } } if (kern != NULL || memf != NULL) { (void)setgid(getgid()); (void)setuid(getuid()); } if (live_kernel == 1) { (void) checkrev(IPL_NAME); } else { if (openkmem(kern, memf) == -1) exit(-1); } (void)setgid(getgid()); (void)setuid(getuid()); opterr = 1; while ((c = getopt(argc, argv, options)) != -1) { switch (c) { #ifdef USE_INET6 case '4' : use_inet4 = 1; break; case '6' : use_inet6 = 1; break; #endif case 'a' : opts |= OPT_ACCNT|OPT_SHOWLIST; break; case 'A' : opts |= OPT_AUTHSTATS; break; case 'C' : topclosed = 1; break; case 'd' : opts |= OPT_DEBUG; break; case 'D' : parse_ipportstr(optarg, &daddr, &dport); break; case 'f' : opts |= OPT_FRSTATES; break; case 'g' : opts |= OPT_GROUPS; break; case 'h' : opts |= OPT_HITS; break; case 'i' : opts |= OPT_INQUE|OPT_SHOWLIST; break; case 'I' : opts |= OPT_INACTIVE; break; case 'l' : opts |= OPT_SHOWLIST; break; case 'm' : filter = parseipfexpr(optarg, NULL); if (filter == NULL) { fprintf(stderr, "Error parseing '%s'\n", optarg); exit(1); } break; case 'M' : break; case 'N' : break; case 'n' : opts |= OPT_SHOWLINENO; break; case 'o' : opts |= OPT_OUTQUE|OPT_SHOWLIST; break; case 'O' : state_fields = parsefields(statefields, optarg); break; case 'P' : protocol = getproto(optarg); if (protocol == -1) { fprintf(stderr, "%s: Invalid protocol: %s\n", argv[0], optarg); exit(-2); } break; case 'R' : opts |= OPT_NORESOLVE; break; case 's' : opts |= OPT_IPSTATES; break; case 'S' : parse_ipportstr(optarg, &saddr, &sport); break; case 't' : #ifdef STATETOP opts |= OPT_STATETOP; break; #else fprintf(stderr, "%s: state top facility not compiled in\n", argv[0]); exit(-2); #endif case 'T' : if (!sscanf(optarg, "%d", &refreshtime) || (refreshtime <= 0)) { fprintf(stderr, "%s: Invalid refreshtime < 1 : %s\n", argv[0], optarg); exit(-2); } break; case 'v' : opts |= OPT_VERBOSE; break; default : usage(argv[0]); break; } } #ifdef USE_INET6 if ((use_inet4 || use_inet6) && !(opts & (OPT_INQUE | OPT_OUTQUE | OPT_STATETOP))) { #ifdef STATETOP FPRINTF(stderr, "No -i, -o, or -t given with -4 or -6\n"); #else FPRINTF(stderr, "No -i or -o given with -4 or -6\n"); #endif exit(-2); } if (use_inet4 == 0 && use_inet6 == 0) use_inet4 = use_inet6 = 1; #endif if (live_kernel == 1) { bzero((char *)&fio, sizeof(fio)); bzero((char *)&ipsst, sizeof(ipsst)); bzero((char *)&ifrst, sizeof(ifrst)); ipfstate_live(IPL_NAME, &fiop, &ipsstp, &ifrstp, &frauthstp, &frf); } else { ipfstate_dead(kern, &fiop, &ipsstp, &ifrstp, &frauthstp, &frf); } if (opts & OPT_IPSTATES) { showipstates(ipsstp, filter); } else if (opts & OPT_SHOWLIST) { showlist(fiop); if ((opts & OPT_OUTQUE) && (opts & OPT_INQUE)){ opts &= ~OPT_OUTQUE; showlist(fiop); } } else if (opts & OPT_FRSTATES) showfrstates(ifrstp, fiop->f_ticks); #ifdef STATETOP else if (opts & OPT_STATETOP) topipstates(saddr, daddr, sport, dport, protocol, #ifdef USE_INET6 use_inet6 && use_inet4 ? 0 : use_inet6 && !use_inet4 ? 6 : 4, #else 4, #endif #endif refreshtime, topclosed, filter); else if (opts & OPT_AUTHSTATS) showauthstates(frauthstp); else if (opts & OPT_GROUPS) showgroups(fiop); else showstats(fiop, frf); return (0); } /* * Fill in the stats structures from the live kernel, using a combination * of ioctl's and copying directly from kernel memory. */ static void ipfstate_live(char *device, friostat_t **fiopp, ips_stat_t **ipsstpp, ipfrstat_t **ifrstpp, ipf_authstat_t **frauthstpp, u_32_t *frfp) { ipfobj_t ipfo; if (checkrev(device) == -1) { fprintf(stderr, "User/kernel version check failed\n"); exit(1); } if ((opts & OPT_AUTHSTATS) == 0) { bzero((caddr_t)&ipfo, sizeof(ipfo)); ipfo.ipfo_rev = IPFILTER_VERSION; ipfo.ipfo_type = IPFOBJ_IPFSTAT; ipfo.ipfo_size = sizeof(friostat_t); ipfo.ipfo_ptr = (void *)*fiopp; if (ioctl(ipf_fd, SIOCGETFS, &ipfo) == -1) { ipferror(ipf_fd, "ioctl(ipf:SIOCGETFS)"); exit(-1); } if (ioctl(ipf_fd, SIOCGETFF, frfp) == -1) ipferror(ipf_fd, "ioctl(SIOCGETFF)"); } if ((opts & OPT_IPSTATES) != 0) { bzero((caddr_t)&ipfo, sizeof(ipfo)); ipfo.ipfo_rev = IPFILTER_VERSION; ipfo.ipfo_type = IPFOBJ_STATESTAT; ipfo.ipfo_size = sizeof(ips_stat_t); ipfo.ipfo_ptr = (void *)*ipsstpp; if ((ioctl(state_fd, SIOCGETFS, &ipfo) == -1)) { ipferror(state_fd, "ioctl(state:SIOCGETFS)"); exit(-1); } if (ioctl(state_fd, SIOCGETLG, &state_logging) == -1) { ipferror(state_fd, "ioctl(state:SIOCGETLG)"); exit(-1); } } if ((opts & OPT_FRSTATES) != 0) { bzero((caddr_t)&ipfo, sizeof(ipfo)); ipfo.ipfo_rev = IPFILTER_VERSION; ipfo.ipfo_type = IPFOBJ_FRAGSTAT; ipfo.ipfo_size = sizeof(ipfrstat_t); ipfo.ipfo_ptr = (void *)*ifrstpp; if (ioctl(ipf_fd, SIOCGFRST, &ipfo) == -1) { ipferror(ipf_fd, "ioctl(SIOCGFRST)"); exit(-1); } } if (opts & OPT_DEBUG) PRINTF("opts %#x name %s\n", opts, device); if ((opts & OPT_AUTHSTATS) != 0) { bzero((caddr_t)&ipfo, sizeof(ipfo)); ipfo.ipfo_rev = IPFILTER_VERSION; ipfo.ipfo_type = IPFOBJ_AUTHSTAT; ipfo.ipfo_size = sizeof(ipf_authstat_t); ipfo.ipfo_ptr = (void *)*frauthstpp; if (ioctl(auth_fd, SIOCATHST, &ipfo) == -1) { ipferror(auth_fd, "ioctl(SIOCATHST)"); exit(-1); } } } /* * Build up the stats structures from data held in the "core" memory. * This is mainly useful when looking at data in crash dumps and ioctl's * just won't work any more. */ static void ipfstate_dead( char *kernel, friostat_t **fiopp, ips_stat_t **ipsstpp, ipfrstat_t **ifrstpp, ipf_authstat_t **frauthstpp, u_32_t *frfp) { static ipf_authstat_t frauthst, *frauthstp; static ipftq_t ipstcptab[IPF_TCP_NSTATES]; static ips_stat_t ipsst, *ipsstp; static ipfrstat_t ifrst, *ifrstp; static friostat_t fio, *fiop; int temp; void *rules[2][2]; struct nlist deadlist[44] = { { "ipf_auth_stats", 0, 0, 0, 0 }, /* 0 */ { "fae_list", 0, 0, 0, 0 }, { "ipauth", 0, 0, 0, 0 }, { "ipf_auth_list", 0, 0, 0, 0 }, { "ipf_auth_start", 0, 0, 0, 0 }, { "ipf_auth_end", 0, 0, 0, 0 }, /* 5 */ { "ipf_auth_next", 0, 0, 0, 0 }, { "ipf_auth", 0, 0, 0, 0 }, { "ipf_auth_used", 0, 0, 0, 0 }, { "ipf_auth_size", 0, 0, 0, 0 }, { "ipf_auth_defaultage", 0, 0, 0, 0 }, /* 10 */ { "ipf_auth_pkts", 0, 0, 0, 0 }, { "ipf_auth_lock", 0, 0, 0, 0 }, { "frstats", 0, 0, 0, 0 }, { "ips_stats", 0, 0, 0, 0 }, { "ips_num", 0, 0, 0, 0 }, /* 15 */ { "ips_wild", 0, 0, 0, 0 }, { "ips_list", 0, 0, 0, 0 }, { "ips_table", 0, 0, 0, 0 }, { "ipf_state_max", 0, 0, 0, 0 }, { "ipf_state_size", 0, 0, 0, 0 }, /* 20 */ { "ipf_state_doflush", 0, 0, 0, 0 }, { "ipf_state_lock", 0, 0, 0, 0 }, { "ipfr_heads", 0, 0, 0, 0 }, { "ipfr_nattab", 0, 0, 0, 0 }, { "ipfr_stats", 0, 0, 0, 0 }, /* 25 */ { "ipfr_inuse", 0, 0, 0, 0 }, { "ipf_ipfrttl", 0, 0, 0, 0 }, { "ipf_frag_lock", 0, 0, 0, 0 }, { "ipfr_timer_id", 0, 0, 0, 0 }, { "ipf_nat_lock", 0, 0, 0, 0 }, /* 30 */ { "ipf_rules", 0, 0, 0, 0 }, { "ipf_acct", 0, 0, 0, 0 }, { "ipl_frouteok", 0, 0, 0, 0 }, { "ipf_running", 0, 0, 0, 0 }, { "ipf_groups", 0, 0, 0, 0 }, /* 35 */ { "ipf_active", 0, 0, 0, 0 }, { "ipf_pass", 0, 0, 0, 0 }, { "ipf_flags", 0, 0, 0, 0 }, { "ipf_state_logging", 0, 0, 0, 0 }, { "ips_tqtqb", 0, 0, 0, 0 }, /* 40 */ { NULL, 0, 0, 0, 0 } }; frauthstp = &frauthst; ipsstp = &ipsst; ifrstp = &ifrst; fiop = &fio; *frfp = 0; *fiopp = fiop; *ipsstpp = ipsstp; *ifrstpp = ifrstp; *frauthstpp = frauthstp; bzero((char *)fiop, sizeof(*fiop)); bzero((char *)ipsstp, sizeof(*ipsstp)); bzero((char *)ifrstp, sizeof(*ifrstp)); bzero((char *)frauthstp, sizeof(*frauthstp)); if (nlist(kernel, deadlist) == -1) { fprintf(stderr, "nlist error\n"); return; } /* * This is for SIOCGETFF. */ kmemcpy((char *)frfp, (u_long)deadlist[40].n_value, sizeof(*frfp)); /* * f_locks is a combination of the lock variable from each part of * ipfilter (state, auth, nat, fragments). */ kmemcpy((char *)fiop, (u_long)deadlist[13].n_value, sizeof(*fiop)); kmemcpy((char *)&fiop->f_locks[0], (u_long)deadlist[22].n_value, sizeof(fiop->f_locks[0])); kmemcpy((char *)&fiop->f_locks[0], (u_long)deadlist[30].n_value, sizeof(fiop->f_locks[1])); kmemcpy((char *)&fiop->f_locks[2], (u_long)deadlist[28].n_value, sizeof(fiop->f_locks[2])); kmemcpy((char *)&fiop->f_locks[3], (u_long)deadlist[12].n_value, sizeof(fiop->f_locks[3])); /* * Get pointers to each list of rules (active, inactive, in, out) */ kmemcpy((char *)&rules, (u_long)deadlist[31].n_value, sizeof(rules)); fiop->f_fin[0] = rules[0][0]; fiop->f_fin[1] = rules[0][1]; fiop->f_fout[0] = rules[1][0]; fiop->f_fout[1] = rules[1][1]; /* * Now get accounting rules pointers. */ kmemcpy((char *)&rules, (u_long)deadlist[33].n_value, sizeof(rules)); fiop->f_acctin[0] = rules[0][0]; fiop->f_acctin[1] = rules[0][1]; fiop->f_acctout[0] = rules[1][0]; fiop->f_acctout[1] = rules[1][1]; /* * A collection of "global" variables used inside the kernel which * are all collected in friostat_t via ioctl. */ kmemcpy((char *)&fiop->f_froute, (u_long)deadlist[33].n_value, sizeof(fiop->f_froute)); kmemcpy((char *)&fiop->f_running, (u_long)deadlist[34].n_value, sizeof(fiop->f_running)); kmemcpy((char *)&fiop->f_groups, (u_long)deadlist[35].n_value, sizeof(fiop->f_groups)); kmemcpy((char *)&fiop->f_active, (u_long)deadlist[36].n_value, sizeof(fiop->f_active)); kmemcpy((char *)&fiop->f_defpass, (u_long)deadlist[37].n_value, sizeof(fiop->f_defpass)); /* * Build up the state information stats structure. */ kmemcpy((char *)ipsstp, (u_long)deadlist[14].n_value, sizeof(*ipsstp)); kmemcpy((char *)&temp, (u_long)deadlist[15].n_value, sizeof(temp)); kmemcpy((char *)ipstcptab, (u_long)deadlist[40].n_value, sizeof(ipstcptab)); ipsstp->iss_active = temp; ipsstp->iss_table = (void *)deadlist[18].n_value; ipsstp->iss_list = (void *)deadlist[17].n_value; ipsstp->iss_tcptab = ipstcptab; /* * Build up the authentiation information stats structure. */ kmemcpy((char *)frauthstp, (u_long)deadlist[0].n_value, sizeof(*frauthstp)); frauthstp->fas_faelist = (void *)deadlist[1].n_value; /* * Build up the fragment information stats structure. */ kmemcpy((char *)ifrstp, (u_long)deadlist[25].n_value, sizeof(*ifrstp)); ifrstp->ifs_table = (void *)deadlist[23].n_value; ifrstp->ifs_nattab = (void *)deadlist[24].n_value; kmemcpy((char *)&ifrstp->ifs_inuse, (u_long)deadlist[26].n_value, sizeof(ifrstp->ifs_inuse)); /* * Get logging on/off switches */ kmemcpy((char *)&state_logging, (u_long)deadlist[41].n_value, sizeof(state_logging)); } static void printside(char *side, ipf_statistics_t *frs) { int i; PRINTF("%lu\t%s bad packets\n", frs->fr_bad, side); #ifdef USE_INET6 PRINTF("%lu\t%s IPv6 packets\n", frs->fr_ipv6, side); #endif PRINTF("%lu\t%s packets blocked\n", frs->fr_block, side); PRINTF("%lu\t%s packets passed\n", frs->fr_pass, side); PRINTF("%lu\t%s packets not matched\n", frs->fr_nom, side); PRINTF("%lu\t%s packets counted\n", frs->fr_acct, side); PRINTF("%lu\t%s packets short\n", frs->fr_short, side); PRINTF("%lu\t%s packets logged and blocked\n", frs->fr_bpkl, side); PRINTF("%lu\t%s packets logged and passed\n", frs->fr_ppkl, side); PRINTF("%lu\t%s fragment state kept\n", frs->fr_nfr, side); PRINTF("%lu\t%s fragment state lost\n", frs->fr_bnfr, side); PRINTF("%lu\t%s packet state kept\n", frs->fr_ads, side); PRINTF("%lu\t%s packet state lost\n", frs->fr_bads, side); PRINTF("%lu\t%s invalid source\n", frs->fr_v4_badsrc, side); PRINTF("%lu\t%s cache hits\n", frs->fr_chit, side); PRINTF("%lu\t%s cache misses\n", frs->fr_cmiss, side); PRINTF("%lu\t%s bad coalesces\n", frs->fr_badcoalesces, side); PRINTF("%lu\t%s pullups succeeded\n", frs->fr_pull[0], side); PRINTF("%lu\t%s pullups failed\n", frs->fr_pull[1], side); PRINTF("%lu\t%s TCP checksum failures\n", frs->fr_tcpbad, side); for (i = 0; i <= FRB_MAX_VALUE; i++) PRINTF("%lu\t%s block reason %s\n", frs->fr_blocked[i], side, blockreasons[i]); } /* * Display the kernel stats for packets blocked and passed and other * associated running totals which are kept. */ static void showstats( struct friostat *fp, u_32_t frf) { printside("input", &fp->f_st[0]); printside("output", &fp->f_st[1]); PRINTF("%lu\tpackets logged\n", fp->f_log_ok); PRINTF("%lu\tlog failures\n", fp->f_log_fail); PRINTF("%lu\tred-black no memory\n", fp->f_rb_no_mem); PRINTF("%lu\tred-black node maximum\n", fp->f_rb_node_max); PRINTF("%lu\tICMP replies sent\n", fp->f_st[0].fr_ret); PRINTF("%lu\tTCP RSTs sent\n", fp->f_st[1].fr_ret); PRINTF("%lu\tfastroute successes\n", fp->f_froute[0]); PRINTF("%lu\tfastroute failures\n", fp->f_froute[1]); PRINTF("%u\tIPF Ticks\n", fp->f_ticks); PRINTF("%x\tPacket log flags set:\n", frf); if (frf & FF_LOGPASS) PRINTF("\tpackets passed through filter\n"); if (frf & FF_LOGBLOCK) PRINTF("\tpackets blocked by filter\n"); if (frf & FF_LOGNOMATCH) PRINTF("\tpackets not matched by filter\n"); if (!frf) PRINTF("\tnone\n"); } /* * Print out a list of rules from the kernel, starting at the one passed. */ static int printlivelist( struct friostat *fiop, int out, int set, frentry_t *fp, char *group, char *comment) { struct frentry fb; ipfruleiter_t rule; frentry_t zero; frgroup_t *g; ipfobj_t obj; int rules; int num; rules = 0; rule.iri_inout = out; rule.iri_active = set; rule.iri_rule = &fb; rule.iri_nrules = 1; if (group != NULL) strncpy(rule.iri_group, group, FR_GROUPLEN); else rule.iri_group[0] = '\0'; bzero((char *)&zero, sizeof(zero)); bzero((char *)&obj, sizeof(obj)); obj.ipfo_rev = IPFILTER_VERSION; obj.ipfo_type = IPFOBJ_IPFITER; obj.ipfo_size = sizeof(rule); obj.ipfo_ptr = &rule; while (rule.iri_rule != NULL) { u_long array[1000]; memset(array, 0xff, sizeof(array)); fp = (frentry_t *)array; rule.iri_rule = fp; if (ioctl(ipf_fd, SIOCIPFITER, &obj) == -1) { ipferror(ipf_fd, "ioctl(SIOCIPFITER)"); num = IPFGENITER_IPF; (void) ioctl(ipf_fd,SIOCIPFDELTOK, &num); return (rules); } if (bcmp(fp, &zero, sizeof(zero)) == 0) break; if (rule.iri_rule == NULL) break; #ifdef USE_INET6 if (use_inet6 != 0 && use_inet4 == 0) { if (fp->fr_family != 0 && fp->fr_family != AF_INET6) continue; } else if (use_inet4 != 0 && use_inet6 == 0) { #endif if (fp->fr_family != 0 && fp->fr_family != AF_INET) continue; #ifdef USE_INET6 } else { if (fp->fr_family != 0 && fp->fr_family != AF_INET && fp->fr_family != AF_INET6) continue; } #endif if (fp->fr_data != NULL) fp->fr_data = (char *)fp + fp->fr_size; rules++; if (opts & (OPT_HITS|OPT_DEBUG)) #ifdef USE_QUAD_T PRINTF("%"PRIu64" ", (unsigned long long) fp->fr_hits); #else PRINTF("%lu ", fp->fr_hits); #endif if (opts & (OPT_ACCNT|OPT_DEBUG)) #ifdef USE_QUAD_T PRINTF("%"PRIu64" ", (unsigned long long) fp->fr_bytes); #else PRINTF("%lu ", fp->fr_bytes); #endif if (opts & OPT_SHOWLINENO) PRINTF("@%d ", rules); if (fp->fr_die != 0) fp->fr_die -= fiop->f_ticks; printfr(fp, ioctl); if (opts & OPT_DEBUG) { binprint(fp, fp->fr_size); if (fp->fr_data != NULL && fp->fr_dsize > 0) binprint(fp->fr_data, fp->fr_dsize); } if (fp->fr_grhead != -1) { for (g = grtop; g != NULL; g = g->fg_next) { if (!strncmp(fp->fr_names + fp->fr_grhead, g->fg_name, FR_GROUPLEN)) break; } if (g == NULL) { g = calloc(1, sizeof(*g)); if (g != NULL) { strncpy(g->fg_name, fp->fr_names + fp->fr_grhead, FR_GROUPLEN); if (grtop == NULL) { grtop = g; grtail = g; } else { grtail->fg_next = g; grtail = g; } } } } if (fp->fr_type == FR_T_CALLFUNC) { rules += printlivelist(fiop, out, set, fp->fr_data, group, "# callfunc: "); } } num = IPFGENITER_IPF; (void) ioctl(ipf_fd,SIOCIPFDELTOK, &num); return (rules); } static void printdeadlist(friostat_t *fiop, int out, int set, frentry_t *fp, char *group, char *comment) { frgroup_t *grtop, *grtail, *g; struct frentry fb; char *data; u_32_t type; int n; fb.fr_next = fp; n = 0; grtop = NULL; grtail = NULL; for (n = 1; fp; fp = fb.fr_next, n++) { if (kmemcpy((char *)&fb, (u_long)fb.fr_next, fb.fr_size) == -1) { perror("kmemcpy"); return; } fp = &fb; #ifdef USE_INET6 if (use_inet6 != 0 && use_inet4 == 0) { if (fp->fr_family != 0 && fp->fr_family != AF_INET6) continue; } else if (use_inet4 != 0 && use_inet6 == 0) { #endif if (fp->fr_family != 0 && fp->fr_family != AF_INET) continue; #ifdef USE_INET6 } else { if (fp->fr_family != 0 && fp->fr_family != AF_INET && fp->fr_family != AF_INET6) continue; } #endif data = NULL; type = fb.fr_type & ~FR_T_BUILTIN; if (type == FR_T_IPF || type == FR_T_BPFOPC) { if (fb.fr_dsize) { data = malloc(fb.fr_dsize); if (kmemcpy(data, (u_long)fb.fr_data, fb.fr_dsize) == -1) { perror("kmemcpy"); return; } fb.fr_data = data; } } if (opts & OPT_HITS) #ifdef USE_QUAD_T PRINTF("%"PRIu64" ", (unsigned long long) fb.fr_hits); #else PRINTF("%lu ", fb.fr_hits); #endif if (opts & OPT_ACCNT) #ifdef USE_QUAD_T PRINTF("%"PRIu64" ", (unsigned long long) fb.fr_bytes); #else PRINTF("%lu ", fb.fr_bytes); #endif if (opts & OPT_SHOWLINENO) PRINTF("@%d ", n); printfr(fp, ioctl); if (opts & OPT_DEBUG) { binprint(fp, fp->fr_size); if (fb.fr_data != NULL && fb.fr_dsize > 0) binprint(fb.fr_data, fb.fr_dsize); } if (data != NULL) free(data); if (fb.fr_grhead != -1) { g = calloc(1, sizeof(*g)); if (g != NULL) { strncpy(g->fg_name, fb.fr_names + fb.fr_grhead, FR_GROUPLEN); if (grtop == NULL) { grtop = g; grtail = g; } else { grtail->fg_next = g; grtail = g; } } } if (type == FR_T_CALLFUNC) { printdeadlist(fiop, out, set, fb.fr_data, group, "# callfunc: "); } } while ((g = grtop) != NULL) { printdeadlist(fiop, out, set, NULL, g->fg_name, comment); grtop = g->fg_next; free(g); } } /* * print out all of the asked for rule sets, using the stats struct as * the base from which to get the pointers. */ static void showlist(struct friostat *fiop) { struct frentry *fp = NULL; int i, set; set = fiop->f_active; if (opts & OPT_INACTIVE) set = 1 - set; if (opts & OPT_ACCNT) { if (opts & OPT_OUTQUE) { i = F_ACOUT; fp = (struct frentry *)fiop->f_acctout[set]; } else if (opts & OPT_INQUE) { i = F_ACIN; fp = (struct frentry *)fiop->f_acctin[set]; } else { FPRINTF(stderr, "No -i or -o given with -a\n"); return; } } else { if (opts & OPT_OUTQUE) { i = F_OUT; fp = (struct frentry *)fiop->f_fout[set]; } else if (opts & OPT_INQUE) { i = F_IN; fp = (struct frentry *)fiop->f_fin[set]; } else return; } if (opts & OPT_DEBUG) FPRINTF(stderr, "showlist:opts %#x i %d\n", opts, i); if (opts & OPT_DEBUG) PRINTF("fp %p set %d\n", fp, set); if (live_kernel == 1) { int printed; printed = printlivelist(fiop, i, set, fp, NULL, NULL); if (printed == 0) { FPRINTF(stderr, "# empty list for %s%s\n", (opts & OPT_INACTIVE) ? "inactive " : "", filters[i]); } } else { if (!fp) { FPRINTF(stderr, "# empty list for %s%s\n", (opts & OPT_INACTIVE) ? "inactive " : "", filters[i]); } else { printdeadlist(fiop, i, set, fp, NULL, NULL); } } } /* * Display ipfilter stateful filtering information */ static void showipstates(ips_stat_t *ipsp, int *filter) { ipstate_t *is; int i; /* * If a list of states hasn't been asked for, only print out stats */ if (!(opts & OPT_SHOWLIST)) { showstatestats(ipsp); return; } if ((state_fields != NULL) && (nohdrfields == 0)) { for (i = 0; state_fields[i].w_value != 0; i++) { printfieldhdr(statefields, state_fields + i); if (state_fields[i + 1].w_value != 0) printf("\t"); } printf("\n"); } /* * Print out all the state information currently held in the kernel. */ for (is = ipsp->iss_list; is != NULL; ) { ipstate_t ips; is = fetchstate(is, &ips); if (is == NULL) break; is = ips.is_next; if ((filter != NULL) && (state_matcharray(&ips, filter) == 0)) { continue; } if (state_fields != NULL) { for (i = 0; state_fields[i].w_value != 0; i++) { printstatefield(&ips, state_fields[i].w_value); if (state_fields[i + 1].w_value != 0) printf("\t"); } printf("\n"); } else { printstate(&ips, opts, ipsp->iss_ticks); } } } static void showstatestats(ips_stat_t *ipsp) { int minlen, maxlen, totallen; ipftable_t table; u_int *buckets; ipfobj_t obj; int i, sz; /* * If a list of states hasn't been asked for, only print out stats */ sz = sizeof(*buckets) * ipsp->iss_state_size; buckets = (u_int *)malloc(sz); obj.ipfo_rev = IPFILTER_VERSION; obj.ipfo_type = IPFOBJ_GTABLE; obj.ipfo_size = sizeof(table); obj.ipfo_ptr = &table; table.ita_type = IPFTABLE_BUCKETS; table.ita_table = buckets; if (live_kernel == 1) { if (ioctl(state_fd, SIOCGTABL, &obj) != 0) { free(buckets); return; } } else { if (kmemcpy((char *)buckets, (u_long)ipsp->iss_bucketlen, sz)) { free(buckets); return; } } PRINTF("%u\tactive state table entries\n",ipsp->iss_active); PRINTF("%lu\tadd bad\n", ipsp->iss_add_bad); PRINTF("%lu\tadd duplicate\n", ipsp->iss_add_dup); PRINTF("%lu\tadd locked\n", ipsp->iss_add_locked); PRINTF("%lu\tadd oow\n", ipsp->iss_add_oow); PRINTF("%lu\tbucket full\n", ipsp->iss_bucket_full); PRINTF("%lu\tcheck bad\n", ipsp->iss_check_bad); PRINTF("%lu\tcheck miss\n", ipsp->iss_check_miss); PRINTF("%lu\tcheck nattag\n", ipsp->iss_check_nattag); PRINTF("%lu\tclone nomem\n", ipsp->iss_clone_nomem); PRINTF("%lu\tcheck notag\n", ipsp->iss_check_notag); PRINTF("%lu\tcheck success\n", ipsp->iss_hits); PRINTF("%lu\tcloned\n", ipsp->iss_cloned); PRINTF("%lu\texpired\n", ipsp->iss_expire); PRINTF("%lu\tflush all\n", ipsp->iss_flush_all); PRINTF("%lu\tflush closing\n", ipsp->iss_flush_closing); PRINTF("%lu\tflush queue\n", ipsp->iss_flush_queue); PRINTF("%lu\tflush state\n", ipsp->iss_flush_state); PRINTF("%lu\tflush timeout\n", ipsp->iss_flush_timeout); PRINTF("%u\thash buckets in use\n", ipsp->iss_inuse); PRINTF("%lu\tICMP bad\n", ipsp->iss_icmp_bad); PRINTF("%lu\tICMP banned\n", ipsp->iss_icmp_banned); PRINTF("%lu\tICMP errors\n", ipsp->iss_icmp_icmperr); PRINTF("%lu\tICMP head block\n", ipsp->iss_icmp_headblock); PRINTF("%lu\tICMP hits\n", ipsp->iss_icmp_hits); PRINTF("%lu\tICMP not query\n", ipsp->iss_icmp_notquery); PRINTF("%lu\tICMP short\n", ipsp->iss_icmp_short); PRINTF("%lu\tICMP too many\n", ipsp->iss_icmp_toomany); PRINTF("%lu\tICMPv6 errors\n", ipsp->iss_icmp6_icmperr); PRINTF("%lu\tICMPv6 miss\n", ipsp->iss_icmp6_miss); PRINTF("%lu\tICMPv6 not info\n", ipsp->iss_icmp6_notinfo); PRINTF("%lu\tICMPv6 not query\n", ipsp->iss_icmp6_notquery); PRINTF("%lu\tlog fail\n", ipsp->iss_log_fail); PRINTF("%lu\tlog ok\n", ipsp->iss_log_ok); PRINTF("%lu\tlookup interface mismatch\n", ipsp->iss_lookup_badifp); PRINTF("%lu\tlookup mask mismatch\n", ipsp->iss_miss_mask); PRINTF("%lu\tlookup port mismatch\n", ipsp->iss_lookup_badport); PRINTF("%lu\tlookup miss\n", ipsp->iss_lookup_miss); PRINTF("%lu\tmaximum rule references\n", ipsp->iss_max_ref); PRINTF("%lu\tmaximum hosts per rule\n", ipsp->iss_max_track); PRINTF("%lu\tno memory\n", ipsp->iss_nomem); PRINTF("%lu\tout of window\n", ipsp->iss_oow); PRINTF("%lu\torphans\n", ipsp->iss_orphan); PRINTF("%lu\tscan block\n", ipsp->iss_scan_block); PRINTF("%lu\tstate table maximum reached\n", ipsp->iss_max); PRINTF("%lu\tTCP closing\n", ipsp->iss_tcp_closing); PRINTF("%lu\tTCP OOW\n", ipsp->iss_tcp_oow); PRINTF("%lu\tTCP RST add\n", ipsp->iss_tcp_rstadd); PRINTF("%lu\tTCP too small\n", ipsp->iss_tcp_toosmall); PRINTF("%lu\tTCP bad options\n", ipsp->iss_tcp_badopt); PRINTF("%lu\tTCP removed\n", ipsp->iss_fin); PRINTF("%lu\tTCP FSM\n", ipsp->iss_tcp_fsm); PRINTF("%lu\tTCP strict\n", ipsp->iss_tcp_strict); PRINTF("%lu\tTCP wild\n", ipsp->iss_wild); PRINTF("%lu\tMicrosoft Windows SACK\n", ipsp->iss_winsack); PRINTF("State logging %sabled\n", state_logging ? "en" : "dis"); PRINTF("IP states added:\n"); for (i = 0; i < 256; i++) { if (ipsp->iss_proto[i] != 0) { struct protoent *proto; proto = getprotobynumber(i); PRINTF("%lu", ipsp->iss_proto[i]); if (proto != NULL) PRINTF("\t%s\n", proto->p_name); else PRINTF("\t%d\n", i); } } PRINTF("\nState table bucket statistics:\n"); PRINTF("%u\tin use\n", ipsp->iss_inuse); minlen = ipsp->iss_max; totallen = 0; maxlen = 0; for (i = 0; i < ipsp->iss_state_size; i++) { if (buckets[i] > maxlen) maxlen = buckets[i]; if (buckets[i] < minlen) minlen = buckets[i]; totallen += buckets[i]; } PRINTF("%d\thash efficiency\n", totallen ? ipsp->iss_inuse * 100 / totallen : 0); PRINTF("%2.2f%%\tbucket usage\n%u\tminimal length\n", ((float)ipsp->iss_inuse / ipsp->iss_state_size) * 100.0, minlen); PRINTF("%u\tmaximal length\n%.3f\taverage length\n", maxlen, ipsp->iss_inuse ? (float) totallen/ ipsp->iss_inuse : 0.0); #define ENTRIES_PER_LINE 5 if (opts & OPT_VERBOSE) { PRINTF("\nCurrent bucket sizes :\n"); for (i = 0; i < ipsp->iss_state_size; i++) { if ((i % ENTRIES_PER_LINE) == 0) PRINTF("\t"); PRINTF("%4d -> %4u", i, buckets[i]); if ((i % ENTRIES_PER_LINE) == (ENTRIES_PER_LINE - 1)) PRINTF("\n"); else PRINTF(" "); } PRINTF("\n"); } PRINTF("\n"); free(buckets); if (live_kernel == 1) { showtqtable_live(state_fd); } else { printtqtable(ipsp->iss_tcptab); } } #ifdef STATETOP static int handle_resize = 0, handle_break = 0; static void topipstates(i6addr_t saddr, i6addr_t daddr, int sport, int dport, int protocol, int ver, int refreshtime, int topclosed, int *filter) { char str1[STSTRSIZE], str2[STSTRSIZE], str3[STSTRSIZE], str4[STSTRSIZE]; int maxtsentries = 0, reverse = 0, sorting = STSORT_DEFAULT; int i, j, winy, tsentry, maxx, maxy, redraw = 0, ret = 0; int len, srclen, dstlen, forward = 1, c = 0; ips_stat_t ipsst, *ipsstp = &ipsst; int token_type = IPFGENITER_STATE; statetop_t *tstable = NULL, *tp; const char *errstr = ""; ipstate_t ips; ipfobj_t ipfo; struct timeval selecttimeout; char hostnm[HOSTNMLEN]; struct protoent *proto; fd_set readfd; time_t t; /* install signal handlers */ signal(SIGINT, sig_break); signal(SIGQUIT, sig_break); signal(SIGTERM, sig_break); signal(SIGWINCH, sig_resize); /* init ncurses stuff */ initscr(); cbreak(); noecho(); curs_set(0); timeout(0); getmaxyx(stdscr, maxy, maxx); /* init hostname */ gethostname(hostnm, sizeof(hostnm) - 1); hostnm[sizeof(hostnm) - 1] = '\0'; /* init ipfobj_t stuff */ bzero((caddr_t)&ipfo, sizeof(ipfo)); ipfo.ipfo_rev = IPFILTER_VERSION; ipfo.ipfo_type = IPFOBJ_STATESTAT; ipfo.ipfo_size = sizeof(*ipsstp); ipfo.ipfo_ptr = (void *)ipsstp; /* repeat until user aborts */ while ( 1 ) { /* get state table */ bzero((char *)&ipsst, sizeof(ipsst)); if ((ioctl(state_fd, SIOCGETFS, &ipfo) == -1)) { errstr = "ioctl(SIOCGETFS)"; ret = -1; goto out; } /* clear the history */ tsentry = -1; /* reset max str len */ srclen = dstlen = 0; /* read the state table and store in tstable */ for (; ipsstp->iss_list; ipsstp->iss_list = ips.is_next) { ipsstp->iss_list = fetchstate(ipsstp->iss_list, &ips); if (ipsstp->iss_list == NULL) break; if (ver != 0 && ips.is_v != ver) continue; if ((filter != NULL) && (state_matcharray(&ips, filter) == 0)) continue; /* check v4 src/dest addresses */ if (ips.is_v == 4) { if ((saddr.in4.s_addr != INADDR_ANY && saddr.in4.s_addr != ips.is_saddr) || (daddr.in4.s_addr != INADDR_ANY && daddr.in4.s_addr != ips.is_daddr)) continue; } #ifdef USE_INET6 /* check v6 src/dest addresses */ if (ips.is_v == 6) { if ((IP6_NEQ(&saddr, &in6addr_any) && IP6_NEQ(&saddr, &ips.is_src)) || (IP6_NEQ(&daddr, &in6addr_any) && IP6_NEQ(&daddr, &ips.is_dst))) continue; } #endif /* check protocol */ if (protocol > 0 && protocol != ips.is_p) continue; /* check ports if protocol is TCP or UDP */ if (((ips.is_p == IPPROTO_TCP) || (ips.is_p == IPPROTO_UDP)) && (((sport > 0) && (htons(sport) != ips.is_sport)) || ((dport > 0) && (htons(dport) != ips.is_dport)))) continue; /* show closed TCP sessions ? */ if ((topclosed == 0) && (ips.is_p == IPPROTO_TCP) && (ips.is_state[0] >= IPF_TCPS_LAST_ACK) && (ips.is_state[1] >= IPF_TCPS_LAST_ACK)) continue; /* * if necessary make room for this state * entry */ tsentry++; if (!maxtsentries || tsentry == maxtsentries) { maxtsentries += STGROWSIZE; tstable = reallocarray(tstable, maxtsentries, sizeof(statetop_t)); if (tstable == NULL) { perror("realloc"); exit(-1); } } /* get max src/dest address string length */ len = strlen(getip(ips.is_v, &ips.is_src)); if (srclen < len) srclen = len; len = strlen(getip(ips.is_v, &ips.is_dst)); if (dstlen < len) dstlen = len; /* fill structure */ tp = tstable + tsentry; tp->st_src = ips.is_src; tp->st_dst = ips.is_dst; tp->st_p = ips.is_p; tp->st_v = ips.is_v; tp->st_state[0] = ips.is_state[0]; tp->st_state[1] = ips.is_state[1]; if (forward) { tp->st_pkts = ips.is_pkts[0]+ips.is_pkts[1]; tp->st_bytes = ips.is_bytes[0]+ips.is_bytes[1]; } else { tp->st_pkts = ips.is_pkts[2]+ips.is_pkts[3]; tp->st_bytes = ips.is_bytes[2]+ips.is_bytes[3]; } tp->st_age = ips.is_die - ipsstp->iss_ticks; if ((ips.is_p == IPPROTO_TCP) || (ips.is_p == IPPROTO_UDP)) { tp->st_sport = ips.is_sport; tp->st_dport = ips.is_dport; } } (void) ioctl(state_fd, SIOCIPFDELTOK, &token_type); /* sort the array */ if (tsentry != -1) { switch (sorting) { case STSORT_PR: qsort(tstable, tsentry + 1, sizeof(statetop_t), sort_p); break; case STSORT_PKTS: qsort(tstable, tsentry + 1, sizeof(statetop_t), sort_pkts); break; case STSORT_BYTES: qsort(tstable, tsentry + 1, sizeof(statetop_t), sort_bytes); break; case STSORT_TTL: qsort(tstable, tsentry + 1, sizeof(statetop_t), sort_ttl); break; case STSORT_SRCIP: qsort(tstable, tsentry + 1, sizeof(statetop_t), sort_srcip); break; case STSORT_SRCPT: qsort(tstable, tsentry +1, sizeof(statetop_t), sort_srcpt); break; case STSORT_DSTIP: qsort(tstable, tsentry + 1, sizeof(statetop_t), sort_dstip); break; case STSORT_DSTPT: qsort(tstable, tsentry + 1, sizeof(statetop_t), sort_dstpt); break; default: break; } } /* handle window resizes */ if (handle_resize) { endwin(); initscr(); cbreak(); noecho(); curs_set(0); timeout(0); getmaxyx(stdscr, maxy, maxx); redraw = 1; handle_resize = 0; } /* stop program? */ if (handle_break) break; /* print title */ erase(); attron(A_BOLD); winy = 0; move(winy,0); snprintf(str1, sizeof(str1), "%s - %s - state top", hostnm, IPL_VERSION); for (j = 0 ; j < (maxx - 8 - strlen(str1)) / 2; j++) printw(" "); printw("%s", str1); attroff(A_BOLD); /* just for fun add a clock */ move(winy, maxx - 8); t = time(NULL); strftime(str1, 80, "%T", localtime(&t)); printw("%s\n", str1); /* * print the display filters, this is placed in the loop, * because someday I might add code for changing these * while the programming is running :-) */ if (sport >= 0) snprintf(str1, sizeof(str1), "%s,%d", getip(ver, &saddr), sport); else snprintf(str1, sizeof(str1), "%s", getip(ver, &saddr)); if (dport >= 0) snprintf(str2, sizeof(str2), "%s,%d", getip(ver, &daddr), dport); else snprintf(str2, sizeof(str2), "%s", getip(ver, &daddr)); if (protocol < 0) strcpy(str3, "any"); else if ((proto = getprotobynumber(protocol)) != NULL) snprintf(str3, sizeof(str3), "%s", proto->p_name); else snprintf(str3, sizeof(str3), "%d", protocol); switch (sorting) { case STSORT_PR: snprintf(str4, sizeof(str4), "proto"); break; case STSORT_PKTS: snprintf(str4, sizeof(str4), "# pkts"); break; case STSORT_BYTES: snprintf(str4, sizeof(str4), "# bytes"); break; case STSORT_TTL: snprintf(str4, sizeof(str4), "ttl"); break; case STSORT_SRCIP: snprintf(str4, sizeof(str4), "src ip"); break; case STSORT_SRCPT: snprintf(str4, sizeof(str4), "src port"); break; case STSORT_DSTIP: snprintf(str4, sizeof(str4), "dest ip"); break; case STSORT_DSTPT: snprintf(str4, sizeof(str4), "dest port"); break; default: snprintf(str4, sizeof(str4), "unknown"); break; } if (reverse) strcat(str4, " (reverse)"); winy += 2; move(winy,0); printw("Src: %s, Dest: %s, Proto: %s, Sorted by: %s\n\n", str1, str2, str3, str4); /* * For an IPv4 IP address we need at most 15 characters, * 4 tuples of 3 digits, separated by 3 dots. Enforce this * length, so the columns do not change positions based * on the size of the IP address. This length makes the * output fit in a 80 column terminal. * We are lacking a good solution for IPv6 addresses (that * can be longer that 15 characters), so we do not enforce * a maximum on the IP field size. */ if (srclen < 15) srclen = 15; if (dstlen < 15) dstlen = 15; /* print column description */ winy += 2; move(winy,0); attron(A_BOLD); printw("%-*s %-*s %3s %4s %7s %9s %9s\n", srclen + 6, "Source IP", dstlen + 6, "Destination IP", "ST", "PR", "#pkts", "#bytes", "ttl"); attroff(A_BOLD); /* print all the entries */ tp = tstable; if (reverse) tp += tsentry; if (tsentry > maxy - 6) tsentry = maxy - 6; for (i = 0; i <= tsentry; i++) { /* print src/dest and port */ if ((tp->st_p == IPPROTO_TCP) || (tp->st_p == IPPROTO_UDP)) { snprintf(str1, sizeof(str1), "%s,%hu", getip(tp->st_v, &tp->st_src), ntohs(tp->st_sport)); snprintf(str2, sizeof(str2), "%s,%hu", getip(tp->st_v, &tp->st_dst), ntohs(tp->st_dport)); } else { snprintf(str1, sizeof(str1), "%s", getip(tp->st_v, &tp->st_src)); snprintf(str2, sizeof(str2), "%s", getip(tp->st_v, &tp->st_dst)); } winy++; move(winy, 0); printw("%-*s %-*s", srclen + 6, str1, dstlen + 6, str2); /* print state */ snprintf(str1, sizeof(str1), "%X/%X", tp->st_state[0], tp->st_state[1]); printw(" %3s", str1); /* print protocol */ proto = getprotobynumber(tp->st_p); if (proto) { strncpy(str1, proto->p_name, 4); str1[4] = '\0'; } else { snprintf(str1, sizeof(str1), "%d", tp->st_p); } /* just print icmp for IPv6-ICMP */ if (tp->st_p == IPPROTO_ICMPV6) strcpy(str1, "icmp"); printw(" %4s", str1); /* print #pkt/#bytes */ #ifdef USE_QUAD_T printw(" %7qu %9qu", (unsigned long long) tp->st_pkts, (unsigned long long) tp->st_bytes); #else printw(" %7lu %9lu", tp->st_pkts, tp->st_bytes); #endif printw(" %9s", ttl_to_string(tp->st_age)); if (reverse) tp--; else tp++; } /* screen data structure is filled, now update the screen */ if (redraw) clearok(stdscr,1); if (refresh() == ERR) break; if (redraw) { clearok(stdscr,0); redraw = 0; } /* wait for key press or a 1 second time out period */ selecttimeout.tv_sec = refreshtime; selecttimeout.tv_usec = 0; FD_ZERO(&readfd); FD_SET(0, &readfd); select(1, &readfd, NULL, NULL, &selecttimeout); /* if key pressed, read all waiting keys */ if (FD_ISSET(0, &readfd)) { c = wgetch(stdscr); if (c == ERR) continue; if (ISALPHA(c) && ISUPPER(c)) c = TOLOWER(c); if (c == 'l') { redraw = 1; } else if (c == 'q') { break; } else if (c == 'r') { reverse = !reverse; } else if (c == 'b') { forward = 0; } else if (c == 'f') { forward = 1; } else if (c == 's') { if (++sorting > STSORT_MAX) sorting = 0; } } } /* while */ out: printw("\n"); curs_set(1); /* nocbreak(); XXX - endwin() should make this redundant */ endwin(); free(tstable); if (ret != 0) perror(errstr); } #endif /* * Show fragment cache information that's held in the kernel. */ static void showfrstates(ipfrstat_t *ifsp, u_long ticks) { struct ipfr *ipfrtab[IPFT_SIZE], ifr; int i; /* * print out the numeric statistics */ PRINTF("IP fragment states:\n%lu\tnew\n%lu\texpired\n%lu\thits\n", ifsp->ifs_new, ifsp->ifs_expire, ifsp->ifs_hits); PRINTF("%lu\tretrans\n%lu\ttoo short\n", ifsp->ifs_retrans0, ifsp->ifs_short); PRINTF("%lu\tno memory\n%lu\talready exist\n", ifsp->ifs_nomem, ifsp->ifs_exists); PRINTF("%lu\tinuse\n", ifsp->ifs_inuse); PRINTF("\n"); if (live_kernel == 0) { if (kmemcpy((char *)ipfrtab, (u_long)ifsp->ifs_table, sizeof(ipfrtab))) return; } /* * Print out the contents (if any) of the fragment cache table. */ if (live_kernel == 1) { do { if (fetchfrag(ipf_fd, IPFGENITER_FRAG, &ifr) != 0) break; if (ifr.ipfr_ifp == NULL) break; ifr.ipfr_ttl -= ticks; printfraginfo("", &ifr); } while (ifr.ipfr_next != NULL); } else { for (i = 0; i < IPFT_SIZE; i++) while (ipfrtab[i] != NULL) { if (kmemcpy((char *)&ifr, (u_long)ipfrtab[i], sizeof(ifr)) == -1) break; printfraginfo("", &ifr); ipfrtab[i] = ifr.ipfr_next; } } /* * Print out the contents (if any) of the NAT fragment cache table. */ if (live_kernel == 0) { if (kmemcpy((char *)ipfrtab, (u_long)ifsp->ifs_nattab, sizeof(ipfrtab))) return; } if (live_kernel == 1) { do { if (fetchfrag(nat_fd, IPFGENITER_NATFRAG, &ifr) != 0) break; if (ifr.ipfr_ifp == NULL) break; ifr.ipfr_ttl -= ticks; printfraginfo("NAT: ", &ifr); } while (ifr.ipfr_next != NULL); } else { for (i = 0; i < IPFT_SIZE; i++) while (ipfrtab[i] != NULL) { if (kmemcpy((char *)&ifr, (u_long)ipfrtab[i], sizeof(ifr)) == -1) break; printfraginfo("NAT: ", &ifr); ipfrtab[i] = ifr.ipfr_next; } } } /* * Show stats on how auth within IPFilter has been used */ static void showauthstates(ipf_authstat_t *asp) { frauthent_t *frap, fra; ipfgeniter_t auth; ipfobj_t obj; obj.ipfo_rev = IPFILTER_VERSION; obj.ipfo_type = IPFOBJ_GENITER; obj.ipfo_size = sizeof(auth); obj.ipfo_ptr = &auth; auth.igi_type = IPFGENITER_AUTH; auth.igi_nitems = 1; auth.igi_data = &fra; #ifdef USE_QUAD_T printf("Authorisation hits: %"PRIu64"\tmisses %"PRIu64"\n", (unsigned long long) asp->fas_hits, (unsigned long long) asp->fas_miss); #else printf("Authorisation hits: %ld\tmisses %ld\n", asp->fas_hits, asp->fas_miss); #endif printf("nospace %ld\nadded %ld\nsendfail %ld\nsendok %ld\n", asp->fas_nospace, asp->fas_added, asp->fas_sendfail, asp->fas_sendok); printf("queok %ld\nquefail %ld\nexpire %ld\n", asp->fas_queok, asp->fas_quefail, asp->fas_expire); frap = asp->fas_faelist; while (frap) { if (live_kernel == 1) { if (ioctl(auth_fd, SIOCGENITER, &obj)) break; } else { if (kmemcpy((char *)&fra, (u_long)frap, sizeof(fra)) == -1) break; } printf("age %ld\t", fra.fae_age); printfr(&fra.fae_fr, ioctl); frap = fra.fae_next; } } /* * Display groups used for each of filter rules, accounting rules and * authentication, separately. */ static void showgroups(struct friostat *fiop) { static char *gnames[3] = { "Filter", "Accounting", "Authentication" }; static int gnums[3] = { IPL_LOGIPF, IPL_LOGCOUNT, IPL_LOGAUTH }; frgroup_t *fp, grp; int on, off, i; on = fiop->f_active; off = 1 - on; for (i = 0; i < 3; i++) { printf("%s groups (active):\n", gnames[i]); for (fp = fiop->f_groups[gnums[i]][on]; fp != NULL; fp = grp.fg_next) if (kmemcpy((char *)&grp, (u_long)fp, sizeof(grp))) break; else printf("%s\n", grp.fg_name); printf("%s groups (inactive):\n", gnames[i]); for (fp = fiop->f_groups[gnums[i]][off]; fp != NULL; fp = grp.fg_next) if (kmemcpy((char *)&grp, (u_long)fp, sizeof(grp))) break; else printf("%s\n", grp.fg_name); } } static void parse_ipportstr(const char *argument, i6addr_t *ip, int *port) { char *s, *comma; int ok = 0; /* make working copy of argument, Theoretically you must be able * to write to optarg, but that seems very ugly to me.... */ s = strdup(argument); if (s == NULL) return; /* get port */ if ((comma = strchr(s, ',')) != NULL) { if (!strcasecmp(comma + 1, "any")) { *port = -1; } else if (!sscanf(comma + 1, "%d", port) || (*port < 0) || (*port > 65535)) { fprintf(stderr, "Invalid port specification in %s\n", argument); free(s); exit(-2); } *comma = '\0'; } /* get ip address */ if (!strcasecmp(s, "any")) { ip->in4.s_addr = INADDR_ANY; ok = 1; #ifdef USE_INET6 ip->in6 = in6addr_any; } else if (use_inet6 && !use_inet4 && inet_pton(AF_INET6, s, &ip->in6)) { ok = 1; #endif } else if (inet_aton(s, &ip->in4)) ok = 1; if (ok == 0) { fprintf(stderr, "Invalid IP address: %s\n", s); free(s); exit(-2); } /* free allocated memory */ free(s); } #ifdef STATETOP static void sig_resize(int s) { handle_resize = 1; } static void sig_break(int s) { handle_break = 1; } static char *getip(int v, i6addr_t *addr) { #ifdef USE_INET6 static char hostbuf[MAXHOSTNAMELEN+1]; #endif if (v == 0) return ("any"); if (v == 4) return (inet_ntoa(addr->in4)); #ifdef USE_INET6 (void) inet_ntop(AF_INET6, &addr->in6, hostbuf, sizeof(hostbuf) - 1); hostbuf[MAXHOSTNAMELEN] = '\0'; return (hostbuf); #else return ("IPv6"); #endif } static char *ttl_to_string(long int ttl) { static char ttlbuf[STSTRSIZE]; int hours, minutes, seconds; /* ttl is in half seconds */ ttl /= 2; hours = ttl / 3600; ttl = ttl % 3600; minutes = ttl / 60; seconds = ttl % 60; if (hours > 0) snprintf(ttlbuf, sizeof(ttlbuf), "%2d:%02d:%02d", hours, minutes, seconds); else snprintf(ttlbuf, sizeof(ttlbuf), "%2d:%02d", minutes, seconds); return (ttlbuf); } static int sort_pkts(const void *a, const void *b) { register const statetop_t *ap = a; register const statetop_t *bp = b; if (ap->st_pkts == bp->st_pkts) return (0); else if (ap->st_pkts < bp->st_pkts) return (1); return (-1); } static int sort_bytes(const void *a, const void *b) { register const statetop_t *ap = a; register const statetop_t *bp = b; if (ap->st_bytes == bp->st_bytes) return (0); else if (ap->st_bytes < bp->st_bytes) return (1); return (-1); } static int sort_p(const void *a, const void *b) { register const statetop_t *ap = a; register const statetop_t *bp = b; if (ap->st_p == bp->st_p) return (0); else if (ap->st_p < bp->st_p) return (1); return (-1); } static int sort_ttl(const void *a, const void *b) { register const statetop_t *ap = a; register const statetop_t *bp = b; if (ap->st_age == bp->st_age) return (0); else if (ap->st_age < bp->st_age) return (1); return (-1); } static int sort_srcip(const void *a, const void *b) { register const statetop_t *ap = a; register const statetop_t *bp = b; #ifdef USE_INET6 if (use_inet6 && !use_inet4) { if (IP6_EQ(&ap->st_src, &bp->st_src)) return (0); else if (IP6_GT(&ap->st_src, &bp->st_src)) return (1); } else #endif { if (ntohl(ap->st_src.in4.s_addr) == ntohl(bp->st_src.in4.s_addr)) return (0); else if (ntohl(ap->st_src.in4.s_addr) > ntohl(bp->st_src.in4.s_addr)) return (1); } return (-1); } static int sort_srcpt(const void *a, const void *b) { register const statetop_t *ap = a; register const statetop_t *bp = b; if (htons(ap->st_sport) == htons(bp->st_sport)) return (0); else if (htons(ap->st_sport) > htons(bp->st_sport)) return (1); return (-1); } static int sort_dstip(const void *a, const void *b) { register const statetop_t *ap = a; register const statetop_t *bp = b; #ifdef USE_INET6 if (use_inet6 && !use_inet4) { if (IP6_EQ(&ap->st_dst, &bp->st_dst)) return (0); else if (IP6_GT(&ap->st_dst, &bp->st_dst)) return (1); } else #endif { if (ntohl(ap->st_dst.in4.s_addr) == ntohl(bp->st_dst.in4.s_addr)) return (0); else if (ntohl(ap->st_dst.in4.s_addr) > ntohl(bp->st_dst.in4.s_addr)) return (1); } return (-1); } static int sort_dstpt(const void *a, const void *b) { register const statetop_t *ap = a; register const statetop_t *bp = b; if (htons(ap->st_dport) == htons(bp->st_dport)) return (0); else if (htons(ap->st_dport) > htons(bp->st_dport)) return (1); return (-1); } #endif ipstate_t *fetchstate(ipstate_t *src, ipstate_t *dst) { if (live_kernel == 1) { ipfgeniter_t state; ipfobj_t obj; obj.ipfo_rev = IPFILTER_VERSION; obj.ipfo_type = IPFOBJ_GENITER; obj.ipfo_size = sizeof(state); obj.ipfo_ptr = &state; state.igi_type = IPFGENITER_STATE; state.igi_nitems = 1; state.igi_data = dst; if (ioctl(state_fd, SIOCGENITER, &obj) != 0) return (NULL); if (dst->is_next == NULL) { int n = IPFGENITER_STATE; (void) ioctl(ipf_fd,SIOCIPFDELTOK, &n); } } else { if (kmemcpy((char *)dst, (u_long)src, sizeof(*dst))) return (NULL); } return (dst); } static int fetchfrag( int fd, int type, ipfr_t *frp) { ipfgeniter_t frag; ipfobj_t obj; obj.ipfo_rev = IPFILTER_VERSION; obj.ipfo_type = IPFOBJ_GENITER; obj.ipfo_size = sizeof(frag); obj.ipfo_ptr = &frag; frag.igi_type = type; frag.igi_nitems = 1; frag.igi_data = frp; if (ioctl(fd, SIOCGENITER, &obj)) return (EFAULT); return (0); } static int state_matcharray(ipstate_t *stp, int *array) { int i, n, *x, rv, p; ipfexp_t *e; rv = 0; for (n = array[0], x = array + 1; n > 0; x += e->ipfe_size) { e = (ipfexp_t *)x; if (e->ipfe_cmd == IPF_EXP_END) break; n -= e->ipfe_size; rv = 0; /* * The upper 16 bits currently store the protocol value. * This is currently used with TCP and UDP port compares and * allows "tcp.port = 80" without requiring an explicit " "ip.pr = tcp" first. */ p = e->ipfe_cmd >> 16; if ((p != 0) && (p != stp->is_p)) break; switch (e->ipfe_cmd) { case IPF_EXP_IP_PR : for (i = 0; !rv && i < e->ipfe_narg; i++) { rv |= (stp->is_p == e->ipfe_arg0[i]); } break; case IPF_EXP_IP_SRCADDR : if (stp->is_v != 4) break; for (i = 0; !rv && i < e->ipfe_narg; i++) { rv |= ((stp->is_saddr & e->ipfe_arg0[i * 2 + 1]) == e->ipfe_arg0[i * 2]); } break; case IPF_EXP_IP_DSTADDR : if (stp->is_v != 4) break; for (i = 0; !rv && i < e->ipfe_narg; i++) { rv |= ((stp->is_daddr & e->ipfe_arg0[i * 2 + 1]) == e->ipfe_arg0[i * 2]); } break; case IPF_EXP_IP_ADDR : if (stp->is_v != 4) break; for (i = 0; !rv && i < e->ipfe_narg; i++) { rv |= ((stp->is_saddr & e->ipfe_arg0[i * 2 + 1]) == e->ipfe_arg0[i * 2]) || ((stp->is_daddr & e->ipfe_arg0[i * 2 + 1]) == e->ipfe_arg0[i * 2]); } break; #ifdef USE_INET6 case IPF_EXP_IP6_SRCADDR : if (stp->is_v != 6) break; for (i = 0; !rv && i < e->ipfe_narg; i++) { rv |= IP6_MASKEQ(&stp->is_src, &e->ipfe_arg0[i * 8 + 4], &e->ipfe_arg0[i * 8]); } break; case IPF_EXP_IP6_DSTADDR : if (stp->is_v != 6) break; for (i = 0; !rv && i < e->ipfe_narg; i++) { rv |= IP6_MASKEQ(&stp->is_dst, &e->ipfe_arg0[i * 8 + 4], &e->ipfe_arg0[i * 8]); } break; case IPF_EXP_IP6_ADDR : if (stp->is_v != 6) break; for (i = 0; !rv && i < e->ipfe_narg; i++) { rv |= IP6_MASKEQ(&stp->is_src, &e->ipfe_arg0[i * 8 + 4], &e->ipfe_arg0[i * 8]) || IP6_MASKEQ(&stp->is_dst, &e->ipfe_arg0[i * 8 + 4], &e->ipfe_arg0[i * 8]); } break; #endif case IPF_EXP_UDP_PORT : case IPF_EXP_TCP_PORT : for (i = 0; !rv && i < e->ipfe_narg; i++) { rv |= (stp->is_sport == e->ipfe_arg0[i]) || (stp->is_dport == e->ipfe_arg0[i]); } break; case IPF_EXP_UDP_SPORT : case IPF_EXP_TCP_SPORT : for (i = 0; !rv && i < e->ipfe_narg; i++) { rv |= (stp->is_sport == e->ipfe_arg0[i]); } break; case IPF_EXP_UDP_DPORT : case IPF_EXP_TCP_DPORT : for (i = 0; !rv && i < e->ipfe_narg; i++) { rv |= (stp->is_dport == e->ipfe_arg0[i]); } break; case IPF_EXP_IDLE_GT : for (i = 0; !rv && i < e->ipfe_narg; i++) { rv |= (stp->is_die < e->ipfe_arg0[i]); } break; case IPF_EXP_TCP_STATE : for (i = 0; !rv && i < e->ipfe_narg; i++) { rv |= (stp->is_state[0] == e->ipfe_arg0[i]) || (stp->is_state[1] == e->ipfe_arg0[i]); } break; } rv ^= e->ipfe_not; if (rv == 0) break; } return (rv); } static void showtqtable_live(int fd) { ipftq_t table[IPF_TCP_NSTATES]; ipfobj_t obj; bzero((char *)&obj, sizeof(obj)); obj.ipfo_rev = IPFILTER_VERSION; obj.ipfo_size = sizeof(table); obj.ipfo_ptr = (void *)table; obj.ipfo_type = IPFOBJ_STATETQTAB; if (ioctl(fd, SIOCGTQTAB, &obj) == 0) { printtqtable(table); } } diff --git a/sbin/ipf/ipfsync/ipfsyncd.c b/sbin/ipf/ipfsync/ipfsyncd.c index ead92b70371c..e22aa7c1423c 100644 --- a/sbin/ipf/ipfsync/ipfsyncd.c +++ b/sbin/ipf/ipfsync/ipfsyncd.c @@ -1,671 +1,667 @@ /* * Copyright (C) 2012 by Darren Reed. * * See the IPFILTER.LICENCE file for details on licencing. */ -#if !defined(lint) -static const char sccsid[] = "@(#)ip_fil.c 2.41 6/5/96 (C) 1993-2000 Darren Reed"; -static const char rcsid[] = "@(#)$Id: ipfsyncd.c,v 1.1.2.2 2012/07/22 08:04:24 darren_r Exp $"; -#endif #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include "ipf.h" #include "opts.h" #define R_IO_ERROR -1 #define R_OKAY 0 #define R_MORE 1 #define R_SKIP 2 #if defined(sun) && !defined(SOLARIS2) # define STRERROR(x) sys_errlist[x] extern char *sys_errlist[]; #else # define STRERROR(x) strerror(x) #endif int main(int, char *[]); void usage(char *); void printsynchdr(synchdr_t *); void printtable(int); void printsmcproto(char *); void printcommand(int); int do_kbuff(int, char *, int *); int do_packet(int, char *); int buildsocket(char *, struct sockaddr_in *); void do_io(void); void handleterm(int); int terminate = 0; int igmpfd = -1; int nfd = -1; int lfd = -1; int opts = 0; void usage(progname) char *progname; { fprintf(stderr, "Usage: %s [-d] [-p port] [-i address] -I \n", progname); } void handleterm(sig) int sig; { terminate = sig; } /* should be large enough to hold header + any datatype */ #define BUFFERLEN 1400 int main(argc, argv) int argc; char *argv[]; { struct sockaddr_in sin; char *interface; char *progname; int opt, tries; progname = strrchr(argv[0], '/'); if (progname) { progname++; } else { progname = argv[0]; } opts = 0; tries = 0; interface = NULL; bzero((char *)&sin, sizeof(sin)); sin.sin_family = AF_INET; sin.sin_port = htons(0xaf6c); sin.sin_addr.s_addr = htonl(INADDR_UNSPEC_GROUP | 0x697066); while ((opt = getopt(argc, argv, "di:I:p:")) != -1) switch (opt) { case 'd' : debuglevel++; break; case 'I' : interface = optarg; break; case 'i' : sin.sin_addr.s_addr = inet_addr(optarg); break; case 'p' : sin.sin_port = htons(atoi(optarg)); break; } if (interface == NULL) { usage(progname); exit(1); } if (!debuglevel) { #ifdef BSD daemon(0, 0); #else int fd = open("/dev/null", O_RDWR); switch (fork()) { case 0 : break; case -1 : fprintf(stderr, "%s: fork() failed: %s\n", argv[0], STRERROR(errno)); exit(1); /* NOTREACHED */ default : exit(0); /* NOTREACHED */ } dup2(fd, 0); dup2(fd, 1); dup2(fd, 2); close(fd); setsid(); #endif } signal(SIGHUP, handleterm); signal(SIGINT, handleterm); signal(SIGTERM, handleterm); openlog(progname, LOG_PID, LOG_SECURITY); while (!terminate) { if (lfd != -1) { close(lfd); lfd = -1; } if (nfd != -1) { close(nfd); nfd = -1; } if (igmpfd != -1) { close(igmpfd); igmpfd = -1; } if (buildsocket(interface, &sin) == -1) goto tryagain; lfd = open(IPSYNC_NAME, O_RDWR); if (lfd == -1) { syslog(LOG_ERR, "open(%s):%m", IPSYNC_NAME); debug(1, "open(%s): %s\n", IPSYNC_NAME, STRERROR(errno)); goto tryagain; } tries = -1; do_io(); tryagain: tries++; syslog(LOG_INFO, "retry in %d seconds", 1 << tries); debug(1, "wait %d seconds\n", 1 << tries); sleep(1 << tries); } /* terminate */ if (lfd != -1) close(lfd); if (nfd != -1) close(nfd); syslog(LOG_ERR, "signal %d received, exiting...", terminate); debug(1, "signal %d received, exiting...", terminate); exit(1); } void do_io() { char nbuff[BUFFERLEN]; char buff[BUFFERLEN]; fd_set mrd, rd; int maxfd; int inbuf; int n1; int left; FD_ZERO(&mrd); FD_SET(lfd, &mrd); FD_SET(nfd, &mrd); maxfd = nfd; if (lfd > maxfd) maxfd = lfd; debug(2, "nfd %d lfd %d maxfd %d\n", nfd, lfd, maxfd); inbuf = 0; /* * A threaded approach to this loop would have one thread * work on reading lfd (only) all the time and another thread * working on reading nfd all the time. */ while (!terminate) { int n; rd = mrd; n = select(maxfd + 1, &rd, NULL, NULL, NULL); if (n < 0) { switch (errno) { case EINTR : continue; default : syslog(LOG_ERR, "select error: %m"); debug(1, "select error: %s\n", STRERROR(errno)); return; } } if (FD_ISSET(lfd, &rd)) { n1 = read(lfd, buff+inbuf, BUFFERLEN-inbuf); debug(3, "read(K):%d\n", n1); if (n1 <= 0) { syslog(LOG_ERR, "read error (k-header): %m"); debug(1, "read error (k-header): %s\n", STRERROR(errno)); return; } left = 0; switch (do_kbuff(n1, buff, &left)) { case R_IO_ERROR : return; case R_MORE : inbuf += left; break; default : inbuf = 0; break; } } if (FD_ISSET(nfd, &rd)) { n1 = recv(nfd, nbuff, sizeof(nbuff), 0); debug(3, "read(N):%d\n", n1); if (n1 <= 0) { syslog(LOG_ERR, "read error (n-header): %m"); debug(1, "read error (n-header): %s\n", STRERROR(errno)); return; } switch (do_packet(n1, nbuff)) { case R_IO_ERROR : return; default : break; } } } } int buildsocket(nicname, sinp) char *nicname; struct sockaddr_in *sinp; { struct sockaddr_in *reqip; struct ifreq req; char opt; debug(2, "binding to %s:%s\n", nicname, inet_ntoa(sinp->sin_addr)); if (IN_MULTICAST(ntohl(sinp->sin_addr.s_addr))) { struct in_addr addr; struct ip_mreq mreq; igmpfd = socket(AF_INET, SOCK_RAW, IPPROTO_IGMP); if (igmpfd == -1) { syslog(LOG_ERR, "socket:%m"); debug(1, "socket:%s\n", STRERROR(errno)); return -1; } bzero((char *)&req, sizeof(req)); strncpy(req.ifr_name, nicname, sizeof(req.ifr_name)); req.ifr_name[sizeof(req.ifr_name) - 1] = '\0'; if (ioctl(igmpfd, SIOCGIFADDR, &req) == -1) { syslog(LOG_ERR, "ioctl(SIOCGIFADDR):%m"); debug(1, "ioctl(SIOCGIFADDR):%s\n", STRERROR(errno)); close(igmpfd); igmpfd = -1; return -1; } reqip = (struct sockaddr_in *)&req.ifr_addr; addr = reqip->sin_addr; if (setsockopt(igmpfd, IPPROTO_IP, IP_MULTICAST_IF, (char *)&addr, sizeof(addr)) == -1) { syslog(LOG_ERR, "setsockopt(IP_MULTICAST_IF(%s)):%m", inet_ntoa(addr)); debug(1, "setsockopt(IP_MULTICAST_IF(%s)):%s\n", inet_ntoa(addr), STRERROR(errno)); close(igmpfd); igmpfd = -1; return -1; } opt = 0; if (setsockopt(igmpfd, IPPROTO_IP, IP_MULTICAST_LOOP, (char *)&opt, sizeof(opt)) == -1) { syslog(LOG_ERR, "setsockopt(IP_MULTICAST_LOOP=0):%m"); debug(1, "setsockopt(IP_MULTICAST_LOOP=0):%s\n", STRERROR(errno)); close(igmpfd); igmpfd = -1; return -1; } opt = 63; if (setsockopt(igmpfd, IPPROTO_IP, IP_MULTICAST_TTL, (char *)&opt, sizeof(opt)) == -1) { syslog(LOG_ERR, "setsockopt(IP_MULTICAST_TTL=%d):%m", opt); debug(1, "setsockopt(IP_MULTICAST_TTL=%d):%s\n", opt, STRERROR(errno)); close(igmpfd); igmpfd = -1; return -1; } mreq.imr_multiaddr.s_addr = sinp->sin_addr.s_addr; mreq.imr_interface.s_addr = reqip->sin_addr.s_addr; if (setsockopt(igmpfd, IPPROTO_IP, IP_ADD_MEMBERSHIP, (char *)&mreq, sizeof(mreq)) == -1) { char buffer[80]; snprintf(buffer, sizeof(buffer), "%s,", inet_ntoa(sinp->sin_addr)); strcat(buffer, inet_ntoa(reqip->sin_addr)); syslog(LOG_ERR, "setsockpt(IP_ADD_MEMBERSHIP,%s):%m", buffer); debug(1, "setsockpt(IP_ADD_MEMBERSHIP,%s):%s\n", buffer, STRERROR(errno)); close(igmpfd); igmpfd = -1; return -1; } } nfd = socket(AF_INET, SOCK_DGRAM, 0); if (nfd == -1) { syslog(LOG_ERR, "socket:%m"); if (igmpfd != -1) { close(igmpfd); igmpfd = -1; } return -1; } bzero((char *)&req, sizeof(req)); strncpy(req.ifr_name, nicname, sizeof(req.ifr_name)); req.ifr_name[sizeof(req.ifr_name) - 1] = '\0'; if (ioctl(nfd, SIOCGIFADDR, &req) == -1) { syslog(LOG_ERR, "ioctl(SIOCGIFADDR):%m"); debug(1, "ioctl(SIOCGIFADDR):%s\n", STRERROR(errno)); close(igmpfd); igmpfd = -1; return -1; } if (bind(nfd, (struct sockaddr *)&req.ifr_addr, sizeof(req.ifr_addr)) == -1) { syslog(LOG_ERR, "bind:%m"); debug(1, "bind:%s\n", STRERROR(errno)); close(nfd); if (igmpfd != -1) { close(igmpfd); igmpfd = -1; } nfd = -1; return -1; } if (connect(nfd, (struct sockaddr *)sinp, sizeof(*sinp)) == -1) { syslog(LOG_ERR, "connect:%m"); debug(1, "connect:%s\n", STRERROR(errno)); close(nfd); if (igmpfd != -1) { close(igmpfd); igmpfd = -1; } nfd = -1; return -1; } syslog(LOG_INFO, "Sending data to %s", inet_ntoa(sinp->sin_addr)); debug(3, "Sending data to %s\n", inet_ntoa(sinp->sin_addr)); return nfd; } int do_packet(pklen, buff) int pklen; char *buff; { synchdr_t *sh; u_32_t magic; int len; int n2; int n3; while (pklen > 0) { if (pklen < sizeof(*sh)) { syslog(LOG_ERR, "packet length too short:%d", pklen); debug(2, "packet length too short:%d\n", pklen); return R_SKIP; } sh = (synchdr_t *)buff; len = ntohl(sh->sm_len); magic = ntohl(sh->sm_magic); if (magic != SYNHDRMAGIC) { syslog(LOG_ERR, "invalid header magic %x", magic); debug(2, "invalid header magic %x\n", magic); return R_SKIP; } if (pklen < len + sizeof(*sh)) { syslog(LOG_ERR, "packet length too short:%d", pklen); debug(2, "packet length too short:%d\n", pklen); return R_SKIP; } if (debuglevel > 3) { printsynchdr(sh); printcommand(sh->sm_cmd); printtable(sh->sm_table); printsmcproto(buff); } n2 = sizeof(*sh) + len; do { n3 = write(lfd, buff, n2); if (n3 <= 0) { syslog(LOG_ERR, "write error: %m"); debug(1, "write error: %s\n", STRERROR(errno)); return R_IO_ERROR; } n2 -= n3; buff += n3; pklen -= n3; } while (n3 != 0); } return R_OKAY; } int do_kbuff(inbuf, buf, left) int inbuf, *left; char *buf; { synchdr_t *sh; u_32_t magic; int complete; int sendlen; int error; int bytes; int len; int n2; int n3; sendlen = 0; bytes = inbuf; error = R_OKAY; sh = (synchdr_t *)buf; for (complete = 0; bytes > 0; complete++) { len = ntohl(sh->sm_len); magic = ntohl(sh->sm_magic); if (magic != SYNHDRMAGIC) { syslog(LOG_ERR, "read invalid header magic 0x%x, flushing", magic); debug(2, "read invalid header magic 0x%x, flushing\n", magic); n2 = SMC_RLOG; (void) ioctl(lfd, SIOCIPFFL, &n2); break; } if (debuglevel > 3) { printsynchdr(sh); printcommand(sh->sm_cmd); printtable(sh->sm_table); putchar('\n'); } if (bytes < sizeof(*sh) + len) { debug(3, "Not enough bytes %d < %d\n", bytes, sizeof(*sh) + len); error = R_MORE; break; } if (debuglevel > 3) { printsmcproto(buf); } sendlen += len + sizeof(*sh); sh = (synchdr_t *)(buf + sendlen); bytes -= sendlen; } if (complete) { n3 = send(nfd, buf, sendlen, 0); if (n3 <= 0) { syslog(LOG_ERR, "write error: %m"); debug(1, "write error: %s\n", STRERROR(errno)); return R_IO_ERROR; } debug(3, "send on %d len %d = %d\n", nfd, sendlen, n3); error = R_OKAY; } /* move buffer to the front,we might need to make * this more efficient, by using a rolling pointer * over the buffer and only copying it, when * we are reaching the end */ if (bytes > 0) { bcopy(buf + bytes, buf, bytes); error = R_MORE; } debug(4, "complete %d bytes %d error %d\n", complete, bytes, error); *left = bytes; return error; } void printcommand(cmd) int cmd; { switch (cmd) { case SMC_CREATE : printf(" cmd:CREATE"); break; case SMC_UPDATE : printf(" cmd:UPDATE"); break; default : printf(" cmd:Unknown(%d)", cmd); break; } } void printtable(table) int table; { switch (table) { case SMC_NAT : printf(" table:NAT"); break; case SMC_STATE : printf(" table:STATE"); break; default : printf(" table:Unknown(%d)", table); break; } } void printsmcproto(buff) char *buff; { syncupdent_t *su; synchdr_t *sh; sh = (synchdr_t *)buff; if (sh->sm_cmd == SMC_CREATE) { ; } else if (sh->sm_cmd == SMC_UPDATE) { su = (syncupdent_t *)buff; if (sh->sm_p == IPPROTO_TCP) { printf(" TCP Update: age %lu state %d/%d\n", su->sup_tcp.stu_age, su->sup_tcp.stu_state[0], su->sup_tcp.stu_state[1]); } } else { printf("Unknown command\n"); } } void printsynchdr(sh) synchdr_t *sh; { printf("v:%d p:%d num:%d len:%d magic:%x", sh->sm_v, sh->sm_p, ntohl(sh->sm_num), ntohl(sh->sm_len), ntohl(sh->sm_magic)); } diff --git a/sbin/ipf/ipfsync/ipsyncm.c b/sbin/ipf/ipfsync/ipsyncm.c index a9484a339c82..74dada9f56c5 100644 --- a/sbin/ipf/ipfsync/ipsyncm.c +++ b/sbin/ipf/ipfsync/ipsyncm.c @@ -1,255 +1,251 @@ /* * Copyright (C) 2012 by Darren Reed. * * See the IPFILTER.LICENCE file for details on licencing. */ -#if !defined(lint) -static const char sccsid[] = "@(#)ip_fil.c 2.41 6/5/96 (C) 1993-2000 Darren Reed"; -static const char rcsid[] = "@(#)$Id$"; -#endif #include #include #include #include #include #include #include #include #include #include #include #include #include #include "netinet/ip_compat.h" #include "netinet/ip_fil.h" #include "netinet/ip_nat.h" #include "netinet/ip_state.h" #include "netinet/ip_sync.h" int main(int, char *[]); void usage(const char *); int terminate = 0; void usage(const char *progname) { fprintf(stderr, "Usage: %s \n", progname); } #if 0 static void handleterm(int sig) { terminate = sig; } #endif /* should be large enough to hold header + any datatype */ #define BUFFERLEN 1400 int main(argc, argv) int argc; char *argv[]; { struct sockaddr_in sin; char buff[BUFFERLEN]; synclogent_t *sl; syncupdent_t *su; int nfd = -1, lfd = -1, n1, n2, n3, len; int inbuf; u_32_t magic; synchdr_t *sh; char *progname; progname = strrchr(argv[0], '/'); if (progname) { progname++; } else { progname = argv[0]; } if (argc < 2) { usage(progname); exit(1); } #if 0 signal(SIGHUP, handleterm); signal(SIGINT, handleterm); signal(SIGTERM, handleterm); #endif openlog(progname, LOG_PID, LOG_SECURITY); bzero((char *)&sin, sizeof(sin)); sin.sin_family = AF_INET; sin.sin_addr.s_addr = inet_addr(argv[1]); if (argc > 2) sin.sin_port = htons(atoi(argv[2])); else sin.sin_port = htons(43434); while (1) { if (lfd != -1) close(lfd); if (nfd != -1) close(nfd); lfd = open(IPSYNC_NAME, O_RDONLY); if (lfd == -1) { syslog(LOG_ERR, "Opening %s :%m", IPSYNC_NAME); goto tryagain; } nfd = socket(AF_INET, SOCK_DGRAM, 0); if (nfd == -1) { syslog(LOG_ERR, "Socket :%m"); goto tryagain; } if (connect(nfd, (struct sockaddr *)&sin, sizeof(sin)) == -1) { syslog(LOG_ERR, "Connect: %m"); goto tryagain; } syslog(LOG_INFO, "Sending data to %s", inet_ntoa(sin.sin_addr)); inbuf = 0; while (1) { n1 = read(lfd, buff+inbuf, BUFFERLEN-inbuf); printf("header : %d bytes read (header = %d bytes)\n", n1, (int) sizeof(*sh)); if (n1 < 0) { syslog(LOG_ERR, "Read error (header): %m"); goto tryagain; } if (n1 == 0) { /* XXX can this happen??? */ syslog(LOG_ERR, "Read error (header) : No data"); sleep(1); continue; } inbuf += n1; moreinbuf: if (inbuf < sizeof(*sh)) { continue; /* need more data */ } sh = (synchdr_t *)buff; len = ntohl(sh->sm_len); magic = ntohl(sh->sm_magic); if (magic != SYNHDRMAGIC) { syslog(LOG_ERR, "Invalid header magic %x", magic); goto tryagain; } #define IPSYNC_DEBUG #ifdef IPSYNC_DEBUG printf("v:%d p:%d len:%d magic:%x", sh->sm_v, sh->sm_p, len, magic); if (sh->sm_cmd == SMC_CREATE) printf(" cmd:CREATE"); else if (sh->sm_cmd == SMC_UPDATE) printf(" cmd:UPDATE"); else printf(" cmd:Unknown(%d)", sh->sm_cmd); if (sh->sm_table == SMC_NAT) printf(" table:NAT"); else if (sh->sm_table == SMC_STATE) printf(" table:STATE"); else printf(" table:Unknown(%d)", sh->sm_table); printf(" num:%d\n", (u_32_t)ntohl(sh->sm_num)); #endif if (inbuf < sizeof(*sh) + len) { continue; /* need more data */ goto tryagain; } #ifdef IPSYNC_DEBUG if (sh->sm_cmd == SMC_CREATE) { sl = (synclogent_t *)buff; } else if (sh->sm_cmd == SMC_UPDATE) { su = (syncupdent_t *)buff; if (sh->sm_p == IPPROTO_TCP) { printf(" TCP Update: age %lu state %d/%d\n", su->sup_tcp.stu_age, su->sup_tcp.stu_state[0], su->sup_tcp.stu_state[1]); } } else { printf("Unknown command\n"); } #endif n2 = sizeof(*sh) + len; n3 = write(nfd, buff, n2); if (n3 <= 0) { syslog(LOG_ERR, "Write error: %m"); goto tryagain; } if (n3 != n2) { syslog(LOG_ERR, "Incomplete write (%d/%d)", n3, n2); goto tryagain; } /* signal received? */ if (terminate) break; /* move buffer to the front,we might need to make * this more efficient, by using a rolling pointer * over the buffer and only copying it, when * we are reaching the end */ inbuf -= n2; if (inbuf) { bcopy(buff+n2, buff, inbuf); printf("More data in buffer\n"); goto moreinbuf; } } if (terminate) break; tryagain: sleep(1); } /* terminate */ if (lfd != -1) close(lfd); if (nfd != -1) close(nfd); syslog(LOG_ERR, "signal %d received, exiting...", terminate); exit(1); } diff --git a/sbin/ipf/ipfsync/ipsyncs.c b/sbin/ipf/ipfsync/ipsyncs.c index ee9ecfd4f886..4aec6925f079 100644 --- a/sbin/ipf/ipfsync/ipsyncs.c +++ b/sbin/ipf/ipfsync/ipsyncs.c @@ -1,273 +1,269 @@ /* * Copyright (C) 2012 by Darren Reed. * * See the IPFILTER.LICENCE file for details on licencing. */ -#if !defined(lint) -static const char sccsid[] = "@(#)ip_fil.c 2.41 6/5/96 (C) 1993-2000 Darren Reed"; -static const char rcsid[] = "@(#)$Id$"; -#endif #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include "netinet/ip_compat.h" #include "netinet/ip_fil.h" #include "netinet/ip_state.h" #include "netinet/ip_nat.h" #include "netinet/ip_sync.h" int main(int, char *[]); void usage(const char *progname); int terminate = 0; void usage(const char *progname) { fprintf(stderr, "Usage: %s [remote IP]\n", progname); } #if 0 static void handleterm(int sig) { terminate = sig; } #endif #define BUFFERLEN 1400 int main(argc, argv) int argc; char *argv[]; { int nfd = -1 , lfd = -1; int n1, n2, n3, magic, len, inbuf; struct sockaddr_in sin; struct sockaddr_in in; char buff[BUFFERLEN]; synclogent_t *sl; syncupdent_t *su; synchdr_t *sh; char *progname; progname = strrchr(argv[0], '/'); if (progname) { progname++; } else { progname = argv[0]; } if (argc < 2) { usage(progname); exit(1); } #if 0 signal(SIGHUP, handleterm); signal(SIGINT, handleterm); signal(SIGTERM, handleterm); #endif openlog(progname, LOG_PID, LOG_SECURITY); lfd = open(IPSYNC_NAME, O_WRONLY); if (lfd == -1) { syslog(LOG_ERR, "Opening %s :%m", IPSYNC_NAME); exit(1); } bzero((char *)&sin, sizeof(sin)); sin.sin_family = AF_INET; if (argc > 1) sin.sin_addr.s_addr = inet_addr(argv[1]); if (argc > 2) sin.sin_port = htons(atoi(argv[2])); else sin.sin_port = htons(43434); if (argc > 3) in.sin_addr.s_addr = inet_addr(argv[3]); else in.sin_addr.s_addr = 0; in.sin_port = 0; while(1) { if (lfd != -1) close(lfd); if (nfd != -1) close(nfd); lfd = open(IPSYNC_NAME, O_WRONLY); if (lfd == -1) { syslog(LOG_ERR, "Opening %s :%m", IPSYNC_NAME); goto tryagain; } nfd = socket(AF_INET, SOCK_DGRAM, 0); if (nfd == -1) { syslog(LOG_ERR, "Socket :%m"); goto tryagain; } n1 = 1; setsockopt(nfd, SOL_SOCKET, SO_REUSEADDR, &n1, sizeof(n1)); if (bind(nfd, (struct sockaddr *)&sin, sizeof(sin)) == -1) { syslog(LOG_ERR, "Bind: %m"); goto tryagain; } syslog(LOG_INFO, "Listening to %s", inet_ntoa(sin.sin_addr)); inbuf = 0; while (1) { /* * XXX currently we do not check the source address * of a datagram, this can be a security risk */ n1 = read(nfd, buff+inbuf, BUFFERLEN-inbuf); printf("header : %d bytes read (header = %d bytes)\n", n1, (int) sizeof(*sh)); if (n1 < 0) { syslog(LOG_ERR, "Read error (header): %m"); goto tryagain; } if (n1 == 0) { /* XXX can this happen??? */ syslog(LOG_ERR, "Read error (header) : No data"); sleep(1); continue; } inbuf += n1; moreinbuf: if (inbuf < sizeof(*sh)) { continue; /* need more data */ } sh = (synchdr_t *)buff; len = ntohl(sh->sm_len); magic = ntohl(sh->sm_magic); if (magic != SYNHDRMAGIC) { syslog(LOG_ERR, "Invalid header magic %x", magic); goto tryagain; } #define IPSYNC_DEBUG #ifdef IPSYNC_DEBUG printf("v:%d p:%d len:%d magic:%x", sh->sm_v, sh->sm_p, len, magic); if (sh->sm_cmd == SMC_CREATE) printf(" cmd:CREATE"); else if (sh->sm_cmd == SMC_UPDATE) printf(" cmd:UPDATE"); else printf(" cmd:Unknown(%d)", sh->sm_cmd); if (sh->sm_table == SMC_NAT) printf(" table:NAT"); else if (sh->sm_table == SMC_STATE) printf(" table:STATE"); else printf(" table:Unknown(%d)", sh->sm_table); printf(" num:%d\n", (u_32_t)ntohl(sh->sm_num)); #endif if (inbuf < sizeof(*sh) + len) { continue; /* need more data */ goto tryagain; } #ifdef IPSYNC_DEBUG if (sh->sm_cmd == SMC_CREATE) { sl = (synclogent_t *)buff; } else if (sh->sm_cmd == SMC_UPDATE) { su = (syncupdent_t *)buff; if (sh->sm_p == IPPROTO_TCP) { printf(" TCP Update: age %lu state %d/%d\n", su->sup_tcp.stu_age, su->sup_tcp.stu_state[0], su->sup_tcp.stu_state[1]); } } else { printf("Unknown command\n"); } #endif n2 = sizeof(*sh) + len; n3 = write(lfd, buff, n2); if (n3 <= 0) { syslog(LOG_ERR, "%s: Write error: %m", IPSYNC_NAME); goto tryagain; } if (n3 != n2) { syslog(LOG_ERR, "%s: Incomplete write (%d/%d)", IPSYNC_NAME, n3, n2); goto tryagain; } /* signal received? */ if (terminate) break; /* move buffer to the front,we might need to make * this more efficient, by using a rolling pointer * over the buffer and only copying it, when * we are reaching the end */ inbuf -= n2; if (inbuf) { bcopy(buff+n2, buff, inbuf); printf("More data in buffer\n"); goto moreinbuf; } } if (terminate) break; tryagain: sleep(1); } /* terminate */ if (lfd != -1) close(lfd); if (nfd != -1) close(nfd); syslog(LOG_ERR, "signal %d received, exiting...", terminate); exit(1); } diff --git a/sbin/ipf/ipftest/ip_fil.c b/sbin/ipf/ipftest/ip_fil.c index 74d4ec778d8e..6df3bed8224e 100644 --- a/sbin/ipf/ipftest/ip_fil.c +++ b/sbin/ipf/ipftest/ip_fil.c @@ -1,811 +1,807 @@ /* * Copyright (C) 2012 by Darren Reed. * * See the IPFILTER.LICENCE file for details on licencing. * * $Id$ */ -#if !defined(lint) -static const char sccsid[] = "@(#)ip_fil.c 2.41 6/5/96 (C) 1993-2000 Darren Reed"; -static const char rcsid[] = "@(#)$Id$"; -#endif #include "ipf.h" #include "md5.h" #include "ipt.h" ipf_main_softc_t ipfmain; static struct ifnet **ifneta = NULL; static int nifs = 0; struct rtentry; static void ipf_setifpaddr(struct ifnet *, char *); void init_ifp(void); static int no_output(struct ifnet *, struct mbuf *, struct sockaddr *, struct rtentry *); static int write_output(struct ifnet *, struct mbuf *, struct sockaddr *, struct rtentry *); struct ifaddr { struct sockaddr_storage ifa_addr; }; int ipfattach(softc) ipf_main_softc_t *softc; { return (0); } int ipfdetach(softc) ipf_main_softc_t *softc; { return (0); } /* * Filter ioctl interface. */ int ipfioctl(softc, dev, cmd, data, mode) ipf_main_softc_t *softc; int dev; ioctlcmd_t cmd; caddr_t data; int mode; { int error = 0, unit = 0, uid; uid = getuid(); unit = dev; SPL_NET(s); error = ipf_ioctlswitch(softc, unit, data, cmd, mode, uid, NULL); if (error != -1) { SPL_X(s); return (error); } SPL_X(s); return (error); } void ipf_forgetifp(softc, ifp) ipf_main_softc_t *softc; void *ifp; { register frentry_t *f; WRITE_ENTER(&softc->ipf_mutex); for (f = softc->ipf_acct[0][softc->ipf_active]; (f != NULL); f = f->fr_next) if (f->fr_ifa == ifp) f->fr_ifa = (void *)-1; for (f = softc->ipf_acct[1][softc->ipf_active]; (f != NULL); f = f->fr_next) if (f->fr_ifa == ifp) f->fr_ifa = (void *)-1; for (f = softc->ipf_rules[0][softc->ipf_active]; (f != NULL); f = f->fr_next) if (f->fr_ifa == ifp) f->fr_ifa = (void *)-1; for (f = softc->ipf_rules[1][softc->ipf_active]; (f != NULL); f = f->fr_next) if (f->fr_ifa == ifp) f->fr_ifa = (void *)-1; RWLOCK_EXIT(&softc->ipf_mutex); ipf_nat_sync(softc, ifp); ipf_lookup_sync(softc, ifp); } static int no_output(ifp, m, s, rt) struct rtentry *rt; struct ifnet *ifp; struct mbuf *m; struct sockaddr *s; { return (0); } static int write_output(ifp, m, s, rt) struct rtentry *rt; struct ifnet *ifp; struct mbuf *m; struct sockaddr *s; { char fname[32]; mb_t *mb; ip_t *ip; int fd; mb = (mb_t *)m; ip = MTOD(mb, ip_t *); #if (defined(NetBSD) && (NetBSD <= 1991011) && (NetBSD >= 199606)) || \ defined(__FreeBSD__) sprintf(fname, "/tmp/%s", ifp->if_xname); #else sprintf(fname, "/tmp/%s%d", ifp->if_name, ifp->if_unit); #endif fd = open(fname, O_WRONLY|O_APPEND); if (fd == -1) { perror("open"); return (-1); } write(fd, (char *)ip, ntohs(ip->ip_len)); close(fd); return (0); } static void ipf_setifpaddr(ifp, addr) struct ifnet *ifp; char *addr; { struct ifaddr *ifa; #if defined(__NetBSD__) || defined(__FreeBSD__) if (ifp->if_addrlist.tqh_first != NULL) #else if (ifp->if_addrlist != NULL) #endif return; ifa = (struct ifaddr *)malloc(sizeof(*ifa)); #if defined(__NetBSD__) || defined(__FreeBSD__) ifp->if_addrlist.tqh_first = ifa; #else ifp->if_addrlist = ifa; #endif if (ifa != NULL) { struct sockaddr_in *sin; sin = (struct sockaddr_in *)&ifa->ifa_addr; #ifdef USE_INET6 if (index(addr, ':') != NULL) { struct sockaddr_in6 *sin6; sin6 = (struct sockaddr_in6 *)&ifa->ifa_addr; sin6->sin6_family = AF_INET6; /* Abort if bad address. */ switch (inet_pton(AF_INET6, addr, &sin6->sin6_addr)) { case 1: break; case -1: perror("inet_pton"); abort(); break; default: abort(); break; } } else #endif { sin->sin_family = AF_INET; sin->sin_addr.s_addr = inet_addr(addr); if (sin->sin_addr.s_addr == 0) abort(); } } } struct ifnet * get_unit(name, family) char *name; int family; { struct ifnet *ifp, **ifpp, **old_ifneta; char *addr; #if (defined(NetBSD) && (NetBSD <= 1991011) && (NetBSD >= 199606)) || \ defined(__FreeBSD__) if (!*name) return (NULL); if (name == NULL) name = "anon0"; addr = strchr(name, '='); if (addr != NULL) *addr++ = '\0'; for (ifpp = ifneta; ifpp && (ifp = *ifpp); ifpp++) { if (!strcmp(name, ifp->if_xname)) { if (addr != NULL) ipf_setifpaddr(ifp, addr); return (ifp); } } #else char *s, ifname[LIFNAMSIZ+1]; if (name == NULL) name = "anon0"; addr = strchr(name, '='); if (addr != NULL) *addr++ = '\0'; for (ifpp = ifneta; ifpp && (ifp = *ifpp); ifpp++) { COPYIFNAME(family, ifp, ifname); if (!strcmp(name, ifname)) { if (addr != NULL) ipf_setifpaddr(ifp, addr); return (ifp); } } #endif if (!ifneta) { ifneta = (struct ifnet **)malloc(sizeof(ifp) * 2); if (!ifneta) return (NULL); ifneta[1] = NULL; ifneta[0] = (struct ifnet *)calloc(1, sizeof(*ifp)); if (!ifneta[0]) { free(ifneta); return (NULL); } nifs = 1; } else { old_ifneta = ifneta; nifs++; ifneta = (struct ifnet **)reallocarray(ifneta, nifs + 1, sizeof(ifp)); if (!ifneta) { free(old_ifneta); nifs = 0; return (NULL); } ifneta[nifs] = NULL; ifneta[nifs - 1] = (struct ifnet *)malloc(sizeof(*ifp)); if (!ifneta[nifs - 1]) { nifs--; return (NULL); } } ifp = ifneta[nifs - 1]; #if defined(__NetBSD__) || defined(__FreeBSD__) TAILQ_INIT(&ifp->if_addrlist); #endif #if (defined(NetBSD) && (NetBSD <= 1991011) && (NetBSD >= 199606)) || \ defined(__FreeBSD__) (void) strncpy(ifp->if_xname, name, sizeof(ifp->if_xname)); #else s = name + strlen(name) - 1; for (; s > name; s--) { if (!ISDIGIT(*s)) { s++; break; } } if ((s > name) && (*s != 0) && ISDIGIT(*s)) { ifp->if_unit = atoi(s); ifp->if_name = (char *)malloc(s - name + 1); (void) strncpy(ifp->if_name, name, s - name); ifp->if_name[s - name] = '\0'; } else { ifp->if_name = strdup(name); ifp->if_unit = -1; } #endif ifp->if_output = (void *)no_output; if (addr != NULL) { ipf_setifpaddr(ifp, addr); } return (ifp); } char * get_ifname(ifp) struct ifnet *ifp; { static char ifname[LIFNAMSIZ]; #if defined(__NetBSD__) || defined(__FreeBSD__) sprintf(ifname, "%s", ifp->if_xname); #else if (ifp->if_unit != -1) sprintf(ifname, "%s%d", ifp->if_name, ifp->if_unit); else strcpy(ifname, ifp->if_name); #endif return (ifname); } void init_ifp() { struct ifnet *ifp, **ifpp; char fname[32]; int fd; #if (defined(NetBSD) && (NetBSD <= 1991011) && (NetBSD >= 199606)) || \ defined(__FreeBSD__) for (ifpp = ifneta; ifpp && (ifp = *ifpp); ifpp++) { ifp->if_output = (void *)write_output; sprintf(fname, "/tmp/%s", ifp->if_xname); fd = open(fname, O_WRONLY|O_CREAT|O_EXCL|O_TRUNC, 0600); if (fd == -1) perror("open"); else close(fd); } #else for (ifpp = ifneta; ifpp && (ifp = *ifpp); ifpp++) { ifp->if_output = (void *)write_output; sprintf(fname, "/tmp/%s%d", ifp->if_name, ifp->if_unit); fd = open(fname, O_WRONLY|O_CREAT|O_EXCL|O_TRUNC, 0600); if (fd == -1) perror("open"); else close(fd); } #endif } int ipf_fastroute(m, mpp, fin, fdp) mb_t *m, **mpp; fr_info_t *fin; frdest_t *fdp; { struct ifnet *ifp; ip_t *ip = fin->fin_ip; frdest_t node; int error = 0; frentry_t *fr; void *sifp; int sout; sifp = fin->fin_ifp; sout = fin->fin_out; fr = fin->fin_fr; ip->ip_sum = 0; if (!(fr->fr_flags & FR_KEEPSTATE) && (fdp != NULL) && (fdp->fd_type == FRD_DSTLIST)) { bzero(&node, sizeof(node)); ipf_dstlist_select_node(fin, fdp->fd_ptr, NULL, &node); fdp = &node; } ifp = fdp->fd_ptr; if (ifp == NULL) return (0; /* no routing table out here */); if (fin->fin_out == 0) { fin->fin_ifp = ifp; fin->fin_out = 1; (void) ipf_acctpkt(fin, NULL); fin->fin_fr = NULL; if (!fr || !(fr->fr_flags & FR_RETMASK)) { u_32_t pass; (void) ipf_state_check(fin, &pass); } switch (ipf_nat_checkout(fin, NULL)) { case 0 : break; case 1 : ip->ip_sum = 0; break; case -1 : error = -1; goto done; break; } } m->mb_ifp = ifp; printpacket(fin->fin_out, m); (*ifp->if_output)(ifp, (void *)m, NULL, 0); done: fin->fin_ifp = sifp; fin->fin_out = sout; return (error); } int ipf_send_reset(fin) fr_info_t *fin; { ipfkverbose("- TCP RST sent\n"); return (0); } int ipf_send_icmp_err(type, fin, dst) int type; fr_info_t *fin; int dst; { ipfkverbose("- ICMP unreachable sent\n"); return (0); } void m_freem(m) mb_t *m; { return; } void m_copydata(m, off, len, cp) mb_t *m; int off, len; caddr_t cp; { bcopy((char *)m + off, cp, len); } int ipfuiomove(buf, len, rwflag, uio) caddr_t buf; int len, rwflag; struct uio *uio; { int left, ioc, num, offset; struct iovec *io; char *start; if (rwflag == UIO_READ) { left = len; ioc = 0; offset = uio->uio_offset; while ((left > 0) && (ioc < uio->uio_iovcnt)) { io = uio->uio_iov + ioc; num = io->iov_len; if (num > left) num = left; start = (char *)io->iov_base + offset; if (start > (char *)io->iov_base + io->iov_len) { offset -= io->iov_len; ioc++; continue; } bcopy(buf, start, num); uio->uio_resid -= num; uio->uio_offset += num; left -= num; if (left > 0) ioc++; } if (left > 0) return (EFAULT); } return (0); } u_32_t ipf_newisn(fin) fr_info_t *fin; { static int iss_seq_off = 0; u_char hash[16]; u_32_t newiss; MD5_CTX ctx; /* * Compute the base value of the ISS. It is a hash * of (saddr, sport, daddr, dport, secret). */ MD5Init(&ctx); MD5Update(&ctx, (u_char *) &fin->fin_fi.fi_src, sizeof(fin->fin_fi.fi_src)); MD5Update(&ctx, (u_char *) &fin->fin_fi.fi_dst, sizeof(fin->fin_fi.fi_dst)); MD5Update(&ctx, (u_char *) &fin->fin_dat, sizeof(fin->fin_dat)); /* MD5Update(&ctx, ipf_iss_secret, sizeof(ipf_iss_secret)); */ MD5Final(hash, &ctx); memcpy(&newiss, hash, sizeof(newiss)); /* * Now increment our "timer", and add it in to * the computed value. * * XXX Use `addin'? * XXX TCP_ISSINCR too large to use? */ iss_seq_off += 0x00010000; newiss += iss_seq_off; return (newiss); } /* ------------------------------------------------------------------------ */ /* Function: ipf_nextipid */ /* Returns: int - 0 == success, -1 == error (packet should be dropped) */ /* Parameters: fin(I) - pointer to packet information */ /* */ /* Returns the next IPv4 ID to use for this packet. */ /* ------------------------------------------------------------------------ */ inline u_short ipf_nextipid(fin) fr_info_t *fin; { static u_short ipid = 0; ipf_main_softc_t *softc = fin->fin_main_soft; u_short id; MUTEX_ENTER(&softc->ipf_rw); if (fin->fin_pktnum != 0) { /* * The -1 is for aligned test results. */ id = (fin->fin_pktnum - 1) & 0xffff; } else { } id = ipid++; MUTEX_EXIT(&softc->ipf_rw); return (id); } inline int ipf_checkv4sum(fin) fr_info_t *fin; { if (fin->fin_flx & FI_SHORT) return (1); if (ipf_checkl4sum(fin) == -1) { fin->fin_flx |= FI_BAD; return (-1); } return (0); } #ifdef USE_INET6 inline int ipf_checkv6sum(fin) fr_info_t *fin; { if (fin->fin_flx & FI_SHORT) return (1); if (ipf_checkl4sum(fin) == -1) { fin->fin_flx |= FI_BAD; return (-1); } return (0); } #endif #if 0 /* * See above for description, except that all addressing is in user space. */ int copyoutptr(softc, src, dst, size) void *src, *dst; size_t size; { caddr_t ca; bcopy(dst, (char *)&ca, sizeof(ca)); bcopy(src, ca, size); return (0); } /* * See above for description, except that all addressing is in user space. */ int copyinptr(src, dst, size) void *src, *dst; size_t size; { caddr_t ca; bcopy(src, (char *)&ca, sizeof(ca)); bcopy(ca, dst, size); return (0); } #endif /* * return the first IP Address associated with an interface */ int ipf_ifpaddr(softc, v, atype, ifptr, inp, inpmask) ipf_main_softc_t *softc; int v, atype; void *ifptr; i6addr_t *inp, *inpmask; { struct ifnet *ifp = ifptr; struct ifaddr *ifa; #if defined(__NetBSD__) || defined(__FreeBSD__) ifa = ifp->if_addrlist.tqh_first; #else ifa = ifp->if_addrlist; #endif if (ifa != NULL) { if (v == 4) { struct sockaddr_in *sin, mask; mask.sin_addr.s_addr = 0xffffffff; sin = (struct sockaddr_in *)&ifa->ifa_addr; return (ipf_ifpfillv4addr(atype, sin, &mask, &inp->in4, &inpmask->in4)); } #ifdef USE_INET6 if (v == 6) { struct sockaddr_in6 *sin6, mask; sin6 = (struct sockaddr_in6 *)&ifa->ifa_addr; ((i6addr_t *)&mask.sin6_addr)->i6[0] = 0xffffffff; ((i6addr_t *)&mask.sin6_addr)->i6[1] = 0xffffffff; ((i6addr_t *)&mask.sin6_addr)->i6[2] = 0xffffffff; ((i6addr_t *)&mask.sin6_addr)->i6[3] = 0xffffffff; return (ipf_ifpfillv6addr(atype, sin6, &mask, inp, inpmask)); } #endif } return (0); } /* * This function is not meant to be random, rather just produce a * sequence of numbers that isn't linear to show "randomness". */ u_32_t ipf_random() { static unsigned int last = 0xa5a5a5a5; static int calls = 0; int number; calls++; /* * These are deliberately chosen to ensure that there is some * attempt to test whether the output covers the range in test n18. */ switch (calls) { case 1 : number = 0; break; case 2 : number = 4; break; case 3 : number = 3999; break; case 4 : number = 4000; break; case 5 : number = 48999; break; case 6 : number = 49000; break; default : number = last; last *= calls; last++; number ^= last; break; } return (number); } int ipf_verifysrc(fin) fr_info_t *fin; { return (1); } int ipf_inject(fin, m) fr_info_t *fin; mb_t *m; { FREE_MB_T(m); return (0); } u_int ipf_pcksum(fin, hlen, sum) fr_info_t *fin; int hlen; u_int sum; { u_short *sp; u_int sum2; int slen; slen = fin->fin_plen - hlen; sp = (u_short *)((u_char *)fin->fin_ip + hlen); for (; slen > 1; slen -= 2) sum += *sp++; if (slen) sum += ntohs(*(u_char *)sp << 8); while (sum > 0xffff) sum = (sum & 0xffff) + (sum >> 16); sum2 = (u_short)(~sum & 0xffff); return (sum2); } void * ipf_pullup(m, fin, plen) mb_t *m; fr_info_t *fin; int plen; { if (M_LEN(m) >= plen) return (fin->fin_ip); /* * Fake ipf_pullup failing */ fin->fin_reason = FRB_PULLUP; *fin->fin_mp = NULL; fin->fin_m = NULL; fin->fin_ip = NULL; return (NULL); } diff --git a/sbin/ipf/ipftest/ipftest.c b/sbin/ipf/ipftest/ipftest.c index d83d47884089..2dfbe20592b3 100644 --- a/sbin/ipf/ipftest/ipftest.c +++ b/sbin/ipf/ipftest/ipftest.c @@ -1,714 +1,710 @@ /* * Copyright (C) 2012 by Darren Reed. * * See the IPFILTER.LICENCE file for details on licencing. */ #include "ipf.h" #include "ipt.h" #include #include -#if !defined(lint) -static const char sccsid[] = "@(#)ipt.c 1.19 6/3/96 (C) 1993-2000 Darren Reed"; -static const char rcsid[] = "@(#)$Id$"; -#endif extern char *optarg; extern struct ipread pcap, iptext, iphex; extern struct ifnet *get_unit(char *, int); extern void init_ifp(void); extern ipnat_t *natparse(char *, int); extern hostmap_t **ipf_hm_maptable; extern hostmap_t *ipf_hm_maplist; ipfmutex_t ipl_mutex, ipf_auth_mx, ipf_rw, ipf_stinsert; ipfmutex_t ipf_nat_new, ipf_natio, ipf_timeoutlock; ipfrwlock_t ipf_mutex, ipf_global, ipf_ipidfrag, ip_poolrw, ipf_frcache; ipfrwlock_t ipf_frag, ipf_state, ipf_nat, ipf_natfrag, ipf_authlk; ipfrwlock_t ipf_tokens; int opts = OPT_DONTOPEN; int use_inet6 = 0; int docksum = 0; int pfil_delayed_copy = 0; int main(int, char *[]); int loadrules(char *, int); int kmemcpy(char *, long, int); int kstrncpy(char *, long, int n); int blockreason; void dumpnat(void *); void dumpgroups(ipf_main_softc_t *); void dumprules(frentry_t *); void drain_log(char *); void fixv4sums(mb_t *, ip_t *); int ipftestioctl(int, ioctlcmd_t, ...); int ipnattestioctl(int, ioctlcmd_t, ...); int ipstatetestioctl(int, ioctlcmd_t, ...); int ipauthtestioctl(int, ioctlcmd_t, ...); int ipscantestioctl(int, ioctlcmd_t, ...); int ipsynctestioctl(int, ioctlcmd_t, ...); int ipooltestioctl(int, ioctlcmd_t, ...); static ioctlfunc_t iocfunctions[IPL_LOGSIZE] = { ipftestioctl, ipnattestioctl, ipstatetestioctl, ipauthtestioctl, ipsynctestioctl, ipscantestioctl, ipooltestioctl, NULL }; static ipf_main_softc_t *softc = NULL; int main(int argc, char *argv[]) { char *datain, *iface, *ifname, *logout; int fd, i, dir, c, loaded, dump, hlen; struct in_addr sip; struct ifnet *ifp; struct ipread *r; mb_t mb, *m, *n; ip_t *ip; m = &mb; dir = 0; dump = 0; hlen = 0; loaded = 0; r = &iptext; iface = NULL; logout = NULL; datain = NULL; sip.s_addr = 0; ifname = "anon0"; initparse(); ipf_load_all(); softc = ipf_create_all(NULL); if (softc == NULL) exit(1); if (ipf_init_all(softc) == -1) exit(1); i = 1; if (ipftestioctl(IPL_LOGIPF, SIOCFRENB, &i) != 0) exit(1); while ((c = getopt(argc, argv, "6bCdDF:i:I:l:N:P:or:RS:T:vxX")) != -1) switch (c) { case '6' : #ifdef USE_INET6 use_inet6 = 1; #else fprintf(stderr, "IPv6 not supported\n"); exit(1); #endif break; case 'b' : opts |= OPT_BRIEF; break; case 'd' : opts |= OPT_DEBUG; break; case 'C' : docksum = 1; break; case 'D' : dump = 1; break; case 'F' : if (strcasecmp(optarg, "pcap") == 0) r = &pcap; else if (strcasecmp(optarg, "hex") == 0) r = &iphex; else if (strcasecmp(optarg, "text") == 0) r = &iptext; break; case 'i' : datain = optarg; break; case 'I' : ifname = optarg; break; case 'l' : logout = optarg; break; case 'N' : if (ipnat_parsefile(-1, ipnat_addrule, ipnattestioctl, optarg) == -1) return (-1); loaded = 1; opts |= OPT_NAT; break; case 'o' : opts |= OPT_SAVEOUT; break; case 'P' : if (ippool_parsefile(-1, optarg, ipooltestioctl) == -1) return (-1); loaded = 1; break; case 'r' : if (ipf_parsefile(-1, ipf_addrule, iocfunctions, optarg) == -1) return (-1); loaded = 1; break; case 'S' : sip.s_addr = inet_addr(optarg); break; case 'R' : opts |= OPT_NORESOLVE; break; case 'T' : ipf_dotuning(-1, optarg, ipftestioctl); break; case 'v' : opts |= OPT_VERBOSE; break; case 'x' : opts |= OPT_HEX; break; } if (loaded == 0) { (void)fprintf(stderr,"no rules loaded\n"); exit(-1); } if (opts & OPT_SAVEOUT) init_ifp(); if (datain) fd = (*r->r_open)(datain); else fd = (*r->r_open)("-"); if (fd < 0) { perror("error opening input"); exit(-1); } m->m_data = (char *)m->mb_buf; while ((i = (*r->r_readip)(m, &iface, &dir)) > 0) { if ((iface == NULL) || (*iface == '\0')) iface = ifname; ip = MTOD(m, ip_t *); ifp = get_unit(iface, IP_V(ip)); if (IP_V(ip) == 4) { if ((r->r_flags & R_DO_CKSUM) || docksum) fixv4sums(m, ip); hlen = IP_HL(ip) << 2; if (sip.s_addr) dir = !(sip.s_addr == ip->ip_src.s_addr); } #ifdef USE_INET6 else hlen = sizeof(ip6_t); #endif /* ipfr_slowtimer(); */ blockreason = 0; m = &mb; m->mb_ifp = ifp; m->mb_len = i; i = ipf_check(softc, ip, hlen, ifp, dir, &m); if ((opts & OPT_NAT) == 0) switch (i) { case -4 : (void)printf("preauth"); break; case -3 : (void)printf("account"); break; case -2 : (void)printf("auth"); break; case -1 : (void)printf("block"); break; case 0 : (void)printf("pass"); break; case 1 : if (m == NULL) (void)printf("bad-packet"); else (void)printf("nomatch"); break; case 3 : (void)printf("block return-rst"); break; case 4 : (void)printf("block return-icmp"); break; case 5 : (void)printf("block return-icmp-as-dest"); break; default : (void)printf("recognised( return %#x\n", i)); break; } if (!(opts & OPT_BRIEF)) { putchar(' '); if (m != NULL) printpacket(dir, m); else printpacket(dir, &mb); printf("--------------"); } else if ((opts & (OPT_BRIEF|OPT_NAT)) == (OPT_NAT|OPT_BRIEF)) { if (m != NULL) printpacket(dir, m); else PRINTF("%d\n", blockreason); } ipf_state_flush(softc, 1, 0); if (dir && (ifp != NULL) && IP_V(ip) && (m != NULL)) (*ifp->if_output)(ifp, (void *)m, NULL, 0); while ((m != NULL) && (m != &mb)) { n = m->mb_next; freembt(m); m = n; } if ((opts & (OPT_BRIEF|OPT_NAT)) != (OPT_NAT|OPT_BRIEF)) putchar('\n'); dir = 0; if (iface != ifname) { free(iface); iface = ifname; } m = &mb; m->mb_data = (char *)m->mb_buf; } if (i != 0) fprintf(stderr, "readip failed: %d\n", i); (*r->r_close)(); if (logout != NULL) { drain_log(logout); } if (dump == 1) { dumpnat(softc->ipf_nat_soft); ipf_state_dump(softc, softc->ipf_state_soft); ipf_lookup_dump(softc, softc->ipf_state_soft); dumpgroups(softc); } ipf_fini_all(softc); ipf_destroy_all(softc); ipf_unload_all(); ipf_mutex_clean(); ipf_rwlock_clean(); if (getenv("FINDLEAKS")) { fflush(stdout); abort(); } return (0); } int ipftestioctl(int dev, ioctlcmd_t cmd, ...) { caddr_t data; va_list ap; int i; dev = dev; /* gcc -Wextra */ va_start(ap, cmd); data = va_arg(ap, caddr_t); va_end(ap); i = ipfioctl(softc, IPL_LOGIPF, cmd, data, FWRITE|FREAD); if (opts & OPT_DEBUG) fprintf(stderr, "ipfioctl(IPF,%#x,%p) = %d (%d)\n", (u_int)cmd, data, i, softc->ipf_interror); if (i != 0) { errno = i; return (-1); } return (0); } int ipnattestioctl(int dev, ioctlcmd_t cmd, ...) { caddr_t data; va_list ap; int i; dev = dev; /* gcc -Wextra */ va_start(ap, cmd); data = va_arg(ap, caddr_t); va_end(ap); i = ipfioctl(softc, IPL_LOGNAT, cmd, data, FWRITE|FREAD); if (opts & OPT_DEBUG) fprintf(stderr, "ipfioctl(NAT,%#x,%p) = %d\n", (u_int)cmd, data, i); if (i != 0) { errno = i; return (-1); } return (0); } int ipstatetestioctl(int dev, ioctlcmd_t cmd, ...) { caddr_t data; va_list ap; int i; dev = dev; /* gcc -Wextra */ va_start(ap, cmd); data = va_arg(ap, caddr_t); va_end(ap); i = ipfioctl(softc, IPL_LOGSTATE, cmd, data, FWRITE|FREAD); if ((opts & OPT_DEBUG) || (i != 0)) fprintf(stderr, "ipfioctl(STATE,%#x,%p) = %d\n", (u_int)cmd, data, i); if (i != 0) { errno = i; return (-1); } return (0); } int ipauthtestioctl(int dev, ioctlcmd_t cmd, ...) { caddr_t data; va_list ap; int i; dev = dev; /* gcc -Wextra */ va_start(ap, cmd); data = va_arg(ap, caddr_t); va_end(ap); i = ipfioctl(softc, IPL_LOGAUTH, cmd, data, FWRITE|FREAD); if ((opts & OPT_DEBUG) || (i != 0)) fprintf(stderr, "ipfioctl(AUTH,%#x,%p) = %d\n", (u_int)cmd, data, i); if (i != 0) { errno = i; return (-1); } return (0); } int ipscantestioctl(int dev, ioctlcmd_t cmd, ...) { caddr_t data; va_list ap; int i; dev = dev; /* gcc -Wextra */ va_start(ap, cmd); data = va_arg(ap, caddr_t); va_end(ap); i = ipfioctl(softc, IPL_LOGSCAN, cmd, data, FWRITE|FREAD); if ((opts & OPT_DEBUG) || (i != 0)) fprintf(stderr, "ipfioctl(SCAN,%#x,%p) = %d\n", (u_int)cmd, data, i); if (i != 0) { errno = i; return (-1); } return (0); } int ipsynctestioctl(int dev, ioctlcmd_t cmd, ...) { caddr_t data; va_list ap; int i; dev = dev; /* gcc -Wextra */ va_start(ap, cmd); data = va_arg(ap, caddr_t); va_end(ap); i = ipfioctl(softc, IPL_LOGSYNC, cmd, data, FWRITE|FREAD); if ((opts & OPT_DEBUG) || (i != 0)) fprintf(stderr, "ipfioctl(SYNC,%#x,%p) = %d\n", (u_int)cmd, data, i); if (i != 0) { errno = i; return (-1); } return (0); } int ipooltestioctl(int dev, ioctlcmd_t cmd, ...) { caddr_t data; va_list ap; int i; dev = dev; /* gcc -Wextra */ va_start(ap, cmd); data = va_arg(ap, caddr_t); va_end(ap); i = ipfioctl(softc, IPL_LOGLOOKUP, cmd, data, FWRITE|FREAD); if ((opts & OPT_DEBUG) || (i != 0)) fprintf(stderr, "ipfioctl(POOL,%#x,%p) = %d (%d)\n", (u_int)cmd, data, i, softc->ipf_interror); if (i != 0) { errno = i; return (-1); } return (0); } int kmemcpy(char *addr, long offset, int size) { bcopy((char *)offset, addr, size); return (0); } int kstrncpy(char *buf, long pos, int n) { char *ptr; ptr = (char *)pos; while ((n > 0) && (*buf++ = *ptr++)) ; return (0); } /* * Display the built up NAT table rules and mapping entries. */ void dumpnat(void *arg) { ipf_nat_softc_t *softn = arg; hostmap_t *hm; ipnat_t *ipn; nat_t *nat; printf("List of active MAP/Redirect filters:\n"); for (ipn = softn->ipf_nat_list; ipn != NULL; ipn = ipn->in_next) printnat(ipn, opts & (OPT_DEBUG|OPT_VERBOSE)); printf("\nList of active sessions:\n"); for (nat = softn->ipf_nat_instances; nat; nat = nat->nat_next) { printactivenat(nat, opts, 0); if (nat->nat_aps) printf("\tproxy active\n"); } printf("\nHostmap table:\n"); for (hm = softn->ipf_hm_maplist; hm != NULL; hm = hm->hm_next) printhostmap(hm, hm->hm_hv); } void dumpgroups(ipf_main_softc_t *softc) { frgroup_t *fg; int i; printf("List of groups configured (set 0)\n"); for (i = 0; i < IPL_LOGSIZE; i++) for (fg = softc->ipf_groups[i][0]; fg != NULL; fg = fg->fg_next) { printf("Dev.%d. Group %s Ref %d Flags %#x\n", i, fg->fg_name, fg->fg_ref, fg->fg_flags); dumprules(fg->fg_start); } printf("List of groups configured (set 1)\n"); for (i = 0; i < IPL_LOGSIZE; i++) for (fg = softc->ipf_groups[i][1]; fg != NULL; fg = fg->fg_next) { printf("Dev.%d. Group %s Ref %d Flags %#x\n", i, fg->fg_name, fg->fg_ref, fg->fg_flags); dumprules(fg->fg_start); } printf("Rules configured (set 0, in)\n"); dumprules(softc->ipf_rules[0][0]); printf("Rules configured (set 0, out)\n"); dumprules(softc->ipf_rules[1][0]); printf("Rules configured (set 1, in)\n"); dumprules(softc->ipf_rules[0][1]); printf("Rules configured (set 1, out)\n"); dumprules(softc->ipf_rules[1][1]); printf("Accounting rules configured (set 0, in)\n"); dumprules(softc->ipf_acct[0][0]); printf("Accounting rules configured (set 0, out)\n"); dumprules(softc->ipf_acct[0][1]); printf("Accounting rules configured (set 1, in)\n"); dumprules(softc->ipf_acct[1][0]); printf("Accounting rules configured (set 1, out)\n"); dumprules(softc->ipf_acct[1][1]); } void dumprules(frentry_t *rulehead) { frentry_t *fr; for (fr = rulehead; fr != NULL; fr = fr->fr_next) { #ifdef USE_QUAD_T printf("%"PRIu64" ",(unsigned long long)fr->fr_hits); #else printf("%ld ", fr->fr_hits); #endif printfr(fr, ipftestioctl); } } void drain_log(char *filename) { char buffer[DEFAULT_IPFLOGSIZE]; struct iovec iov; struct uio uio; size_t resid; int fd, i; fd = open(filename, O_CREAT|O_TRUNC|O_WRONLY, 0644); if (fd == -1) { perror("drain_log:open"); return; } for (i = 0; i <= IPL_LOGMAX; i++) while (1) { bzero((char *)&iov, sizeof(iov)); iov.iov_base = buffer; iov.iov_len = sizeof(buffer); bzero((char *)&uio, sizeof(uio)); uio.uio_iov = &iov; uio.uio_iovcnt = 1; uio.uio_resid = iov.iov_len; resid = uio.uio_resid; if (ipf_log_read(softc, i, &uio) == 0) { /* * If nothing was read then break out. */ if (uio.uio_resid == resid) break; write(fd, buffer, resid - uio.uio_resid); } else break; } close(fd); } void fixv4sums(mb_t *m, ip_t *ip) { u_char *csump, *hdr, p; fr_info_t tmp; int len; p = 0; len = 0; bzero((char *)&tmp, sizeof(tmp)); csump = (u_char *)ip; if (IP_V(ip) == 4) { ip->ip_sum = 0; ip->ip_sum = ipf_cksum((u_short *)ip, IP_HL(ip) << 2); tmp.fin_hlen = IP_HL(ip) << 2; csump += IP_HL(ip) << 2; p = ip->ip_p; len = ntohs(ip->ip_len); #ifdef USE_INET6 } else if (IP_V(ip) == 6) { tmp.fin_hlen = sizeof(ip6_t); csump += sizeof(ip6_t); p = ((ip6_t *)ip)->ip6_nxt; len = ntohs(((ip6_t *)ip)->ip6_plen); len += sizeof(ip6_t); #endif } tmp.fin_plen = len; tmp.fin_dlen = len - tmp.fin_hlen; switch (p) { case IPPROTO_TCP : hdr = csump; csump += offsetof(tcphdr_t, th_sum); break; case IPPROTO_UDP : hdr = csump; csump += offsetof(udphdr_t, uh_sum); break; case IPPROTO_ICMP : hdr = csump; csump += offsetof(icmphdr_t, icmp_cksum); break; default : csump = NULL; hdr = NULL; break; } if (hdr != NULL) { tmp.fin_m = m; tmp.fin_mp = &m; tmp.fin_dp = hdr; tmp.fin_ip = ip; tmp.fin_plen = len; *csump = 0; *(u_short *)csump = fr_cksum(&tmp, ip, p, hdr); } } void ip_fillid(struct ip *ip) { static uint16_t ip_id; ip->ip_id = ip_id++; } diff --git a/sbin/ipf/ipmon/ipmon.c b/sbin/ipf/ipmon/ipmon.c index 1f3a81fa20f8..d06c7bf71b0a 100644 --- a/sbin/ipf/ipmon/ipmon.c +++ b/sbin/ipf/ipmon/ipmon.c @@ -1,1847 +1,1843 @@ /* * Copyright (C) 2012 by Darren Reed. * * See the IPFILTER.LICENCE file for details on licencing. */ #include "ipf.h" #include "ipmon.h" #include #include #include #include #include #include -#if !defined(lint) -static const char sccsid[] = "@(#)ipmon.c 1.21 6/5/96 (C)1993-2000 Darren Reed"; -static const char rcsid[] = "@(#)$Id$"; -#endif #define STRERROR(x) strerror(x) extern int optind; extern char *optarg; extern ipmon_saver_t executesaver; extern ipmon_saver_t filesaver; extern ipmon_saver_t nothingsaver; extern ipmon_saver_t snmpv1saver; extern ipmon_saver_t snmpv2saver; extern ipmon_saver_t syslogsaver; struct flags { int value; char flag; }; typedef struct logsource { int fd; int logtype; char *file; int regular; size_t size; } logsource_t; typedef struct config { int opts; int maxfd; logsource_t logsrc[3]; fd_set fdmr; FILE *blog; char *bfile; FILE *log; char *file; char *cfile; } config_t; typedef struct icmp_subtype { int ist_val; char *ist_name; } icmp_subtype_t; typedef struct icmp_type { int it_val; struct icmp_subtype *it_subtable; size_t it_stsize; char *it_name; } icmp_type_t; #define IST_SZ(x) (sizeof(x)/sizeof(icmp_subtype_t)) struct flags tcpfl[] = { { TH_ACK, 'A' }, { TH_RST, 'R' }, { TH_SYN, 'S' }, { TH_FIN, 'F' }, { TH_URG, 'U' }, { TH_PUSH,'P' }, { TH_ECN, 'E' }, { TH_CWR, 'C' }, { 0, '\0' } }; char *reasons[] = { "filter-rule", "log-or-block_1", "pps-rate", "jumbogram", "makefrip-fail", "state_add-fail", "updateipid-fail", "log-or-block_2", "decap-fail", "auth_new-fail", "auth_captured", "coalesce-fail", "pullup-fail", "auth-feedback", "bad-frag", "natv4_out-fail", "natv4_in-fail", "natv6_out-fail", "natv6_in-fail", }; #if SOLARIS static char *pidfile = "/etc/opt/ipf/ipmon.pid"; #else static char *pidfile = "/var/run/ipmon.pid"; #endif static char line[2048]; static int donehup = 0; static void usage(char *); static void handlehup(int); static void flushlogs(char *, FILE *); static void print_log(config_t *, logsource_t *, char *, int); static void print_ipflog(config_t *, char *, int); static void print_natlog(config_t *, char *, int); static void print_statelog(config_t *, char *, int); static int read_log(int, int *, char *, int); static void write_pid(char *); static char *icmpname(u_int, u_int); static char *icmpname6(u_int, u_int); static icmp_type_t *find_icmptype(int, icmp_type_t *, size_t); static icmp_subtype_t *find_icmpsubtype(int, icmp_subtype_t *, size_t); static struct tm *get_tm(time_t); char *portlocalname(int, char *, u_int); int main(int, char *[]); static void logopts(int, char *); static void init_tabs(void); static char *getlocalproto(u_int); static void openlogs(config_t *conf); static int read_loginfo(config_t *conf); static void initconfig(config_t *conf); static char **protocols = NULL; static char **udp_ports = NULL; static char **tcp_ports = NULL; #define HOSTNAMEV4(b) hostname(AF_INET, (u_32_t *)&(b)) #ifndef LOGFAC #define LOGFAC LOG_LOCAL0 #endif int logfac = LOGFAC; int ipmonopts = 0; int opts = OPT_NORESOLVE; int use_inet6 = 0; static icmp_subtype_t icmpunreachnames[] = { { ICMP_UNREACH_NET, "net" }, { ICMP_UNREACH_HOST, "host" }, { ICMP_UNREACH_PROTOCOL, "protocol" }, { ICMP_UNREACH_PORT, "port" }, { ICMP_UNREACH_NEEDFRAG, "needfrag" }, { ICMP_UNREACH_SRCFAIL, "srcfail" }, { ICMP_UNREACH_NET_UNKNOWN, "net_unknown" }, { ICMP_UNREACH_HOST_UNKNOWN, "host_unknown" }, { ICMP_UNREACH_NET, "isolated" }, { ICMP_UNREACH_NET_PROHIB, "net_prohib" }, { ICMP_UNREACH_NET_PROHIB, "host_prohib" }, { ICMP_UNREACH_TOSNET, "tosnet" }, { ICMP_UNREACH_TOSHOST, "toshost" }, { ICMP_UNREACH_ADMIN_PROHIBIT, "admin_prohibit" }, { -2, NULL } }; static icmp_subtype_t redirectnames[] = { { ICMP_REDIRECT_NET, "net" }, { ICMP_REDIRECT_HOST, "host" }, { ICMP_REDIRECT_TOSNET, "tosnet" }, { ICMP_REDIRECT_TOSHOST, "toshost" }, { -2, NULL } }; static icmp_subtype_t timxceednames[] = { { ICMP_TIMXCEED_INTRANS, "transit" }, { ICMP_TIMXCEED_REASS, "reassem" }, { -2, NULL } }; static icmp_subtype_t paramnames[] = { { ICMP_PARAMPROB_ERRATPTR, "errata_pointer" }, { ICMP_PARAMPROB_OPTABSENT, "optmissing" }, { ICMP_PARAMPROB_LENGTH, "length" }, { -2, NULL } }; static icmp_type_t icmptypes4[] = { { ICMP_ECHOREPLY, NULL, 0, "echoreply" }, { -1, NULL, 0, NULL }, { -1, NULL, 0, NULL }, { ICMP_UNREACH, icmpunreachnames, IST_SZ(icmpunreachnames),"unreach" }, { ICMP_SOURCEQUENCH, NULL, 0, "sourcequench" }, { ICMP_REDIRECT, redirectnames, IST_SZ(redirectnames), "redirect" }, { -1, NULL, 0, NULL }, { -1, NULL, 0, NULL }, { ICMP_ECHO, NULL, 0, "echo" }, { ICMP_ROUTERADVERT, NULL, 0, "routeradvert" }, { ICMP_ROUTERSOLICIT, NULL, 0, "routersolicit" }, { ICMP_TIMXCEED, timxceednames, IST_SZ(timxceednames), "timxceed" }, { ICMP_PARAMPROB, paramnames, IST_SZ(paramnames), "paramprob" }, { ICMP_TSTAMP, NULL, 0, "timestamp" }, { ICMP_TSTAMPREPLY, NULL, 0, "timestampreply" }, { ICMP_IREQ, NULL, 0, "inforeq" }, { ICMP_IREQREPLY, NULL, 0, "inforeply" }, { ICMP_MASKREQ, NULL, 0, "maskreq" }, { ICMP_MASKREPLY, NULL, 0, "maskreply" }, { -2, NULL, 0, NULL } }; static icmp_subtype_t icmpredirect6[] = { { ICMP6_DST_UNREACH_NOROUTE, "noroute" }, { ICMP6_DST_UNREACH_ADMIN, "admin" }, { ICMP6_DST_UNREACH_NOTNEIGHBOR, "neighbour" }, { ICMP6_DST_UNREACH_ADDR, "address" }, { ICMP6_DST_UNREACH_NOPORT, "noport" }, { -2, NULL } }; static icmp_subtype_t icmptimexceed6[] = { { ICMP6_TIME_EXCEED_TRANSIT, "intransit" }, { ICMP6_TIME_EXCEED_REASSEMBLY, "reassem" }, { -2, NULL } }; static icmp_subtype_t icmpparamprob6[] = { { ICMP6_PARAMPROB_HEADER, "header" }, { ICMP6_PARAMPROB_NEXTHEADER, "nextheader" }, { ICMP6_PARAMPROB_OPTION, "option" }, { -2, NULL } }; static icmp_subtype_t icmpquerysubject6[] = { { ICMP6_NI_SUBJ_IPV6, "ipv6" }, { ICMP6_NI_SUBJ_FQDN, "fqdn" }, { ICMP6_NI_SUBJ_IPV4, "ipv4" }, { -2, NULL }, }; static icmp_subtype_t icmpnodeinfo6[] = { { ICMP6_NI_SUCCESS, "success" }, { ICMP6_NI_REFUSED, "refused" }, { ICMP6_NI_UNKNOWN, "unknown" }, { -2, NULL } }; static icmp_subtype_t icmprenumber6[] = { { ICMP6_ROUTER_RENUMBERING_COMMAND, "command" }, { ICMP6_ROUTER_RENUMBERING_RESULT, "result" }, { ICMP6_ROUTER_RENUMBERING_SEQNUM_RESET, "seqnum_reset" }, { -2, NULL } }; static icmp_type_t icmptypes6[] = { { 0, NULL, 0, NULL }, { ICMP6_DST_UNREACH, icmpredirect6, IST_SZ(icmpredirect6), "unreach" }, { ICMP6_PACKET_TOO_BIG, NULL, 0, "toobig" }, { ICMP6_TIME_EXCEEDED, icmptimexceed6, IST_SZ(icmptimexceed6), "timxceed" }, { ICMP6_PARAM_PROB, icmpparamprob6, IST_SZ(icmpparamprob6), "paramprob" }, { ICMP6_ECHO_REQUEST, NULL, 0, "echo" }, { ICMP6_ECHO_REPLY, NULL, 0, "echoreply" }, { ICMP6_MEMBERSHIP_QUERY, icmpquerysubject6, IST_SZ(icmpquerysubject6), "groupmemberquery" }, { ICMP6_MEMBERSHIP_REPORT,NULL, 0, "groupmemberreport" }, { ICMP6_MEMBERSHIP_REDUCTION,NULL, 0, "groupmemberterm" }, { ND_ROUTER_SOLICIT, NULL, 0, "routersolicit" }, { ND_ROUTER_ADVERT, NULL, 0, "routeradvert" }, { ND_NEIGHBOR_SOLICIT, NULL, 0, "neighborsolicit" }, { ND_NEIGHBOR_ADVERT, NULL, 0, "neighboradvert" }, { ND_REDIRECT, NULL, 0, "redirect" }, { ICMP6_ROUTER_RENUMBERING, icmprenumber6, IST_SZ(icmprenumber6), "routerrenumber" }, { ICMP6_WRUREQUEST, NULL, 0, "whoareyourequest" }, { ICMP6_WRUREPLY, NULL, 0, "whoareyoureply" }, { ICMP6_FQDN_QUERY, NULL, 0, "fqdnquery" }, { ICMP6_FQDN_REPLY, NULL, 0, "fqdnreply" }, { ICMP6_NI_QUERY, icmpnodeinfo6, IST_SZ(icmpnodeinfo6), "nodeinforequest" }, { ICMP6_NI_REPLY, NULL, 0, "nodeinforeply" }, { MLD6_MTRACE_RESP, NULL, 0, "mtraceresponse" }, { MLD6_MTRACE, NULL, 0, "mtracerequest" }, { -2, NULL, 0, NULL } }; static icmp_subtype_t * find_icmpsubtype(int type, icmp_subtype_t *table, size_t tablesz) { icmp_subtype_t *ist; if (tablesz < 2) return (NULL); if ((type < 0) || (type > table[tablesz - 2].ist_val)) return (NULL); if (table[type].ist_val == type) return (table + type); for (ist = table; ist->ist_val != -2; ist++) if (ist->ist_val == type) return (ist); return (NULL); } static icmp_type_t * find_icmptype(int type, icmp_type_t *table, size_t tablesz) { icmp_type_t *it; if (tablesz < 2) return (NULL); if ((type < 0) || (type > table[tablesz - 2].it_val)) return (NULL); if (table[type].it_val == type) return (table + type); for (it = table; it->it_val != -2; it++) if (it->it_val == type) return (it); return (NULL); } static void handlehup(int sig) { signal(SIGHUP, handlehup); donehup = 1; } static void init_tabs(void) { struct protoent *p; struct servent *s; char *name, **tab; int port, i; if (protocols != NULL) { for (i = 0; i < 256; i++) if (protocols[i] != NULL) { free(protocols[i]); protocols[i] = NULL; } free(protocols); protocols = NULL; } protocols = (char **)malloc(256 * sizeof(*protocols)); if (protocols != NULL) { bzero((char *)protocols, 256 * sizeof(*protocols)); setprotoent(1); while ((p = getprotoent()) != NULL) if (p->p_proto >= 0 && p->p_proto <= 255 && p->p_name != NULL && protocols[p->p_proto] == NULL) protocols[p->p_proto] = strdup(p->p_name); endprotoent(); if (protocols[0]) free(protocols[0]); protocols[0] = strdup("ip"); } if (udp_ports != NULL) { for (i = 0; i < 65536; i++) if (udp_ports[i] != NULL) { free(udp_ports[i]); udp_ports[i] = NULL; } free(udp_ports); udp_ports = NULL; } udp_ports = (char **)malloc(65536 * sizeof(*udp_ports)); if (udp_ports != NULL) bzero((char *)udp_ports, 65536 * sizeof(*udp_ports)); if (tcp_ports != NULL) { for (i = 0; i < 65536; i++) if (tcp_ports[i] != NULL) { free(tcp_ports[i]); tcp_ports[i] = NULL; } free(tcp_ports); tcp_ports = NULL; } tcp_ports = (char **)malloc(65536 * sizeof(*tcp_ports)); if (tcp_ports != NULL) bzero((char *)tcp_ports, 65536 * sizeof(*tcp_ports)); setservent(1); while ((s = getservent()) != NULL) { if (s->s_proto == NULL) continue; else if (!strcmp(s->s_proto, "tcp")) { port = ntohs(s->s_port); name = s->s_name; tab = tcp_ports; } else if (!strcmp(s->s_proto, "udp")) { port = ntohs(s->s_port); name = s->s_name; tab = udp_ports; } else continue; if ((port < 0 || port > 65535) || (name == NULL)) continue; if (tab != NULL) tab[port] = strdup(name); } endservent(); } static char * getlocalproto(u_int p) { static char pnum[4]; char *s; p &= 0xff; s = protocols ? protocols[p] : NULL; if (s == NULL) { sprintf(pnum, "%u", p); s = pnum; } return (s); } static int read_log(int fd, int *lenp, char *buf, int bufsize) { int nr; if (bufsize > IPFILTER_LOGSIZE) bufsize = IPFILTER_LOGSIZE; nr = read(fd, buf, bufsize); if (!nr) return (2); if ((nr < 0) && (errno != EINTR)) return (-1); *lenp = nr; return (0); } char * portlocalname(int res, char *proto, u_int port) { static char pname[8]; char *s; port = ntohs(port); port &= 0xffff; sprintf(pname, "%u", port); if (!res || (ipmonopts & IPMON_PORTNUM)) return (pname); s = NULL; if (!strcmp(proto, "tcp")) s = tcp_ports[port]; else if (!strcmp(proto, "udp")) s = udp_ports[port]; if (s == NULL) s = pname; return (s); } static char * icmpname(u_int type, u_int code) { static char name[80]; icmp_subtype_t *ist; icmp_type_t *it; char *s; s = NULL; it = find_icmptype(type, icmptypes4, sizeof(icmptypes4) / sizeof(*it)); if (it != NULL) s = it->it_name; if (s == NULL) sprintf(name, "icmptype(%d)/", type); else sprintf(name, "%s/", s); ist = NULL; if (it != NULL && it->it_subtable != NULL) ist = find_icmpsubtype(code, it->it_subtable, it->it_stsize); if (ist != NULL && ist->ist_name != NULL) strcat(name, ist->ist_name); else sprintf(name + strlen(name), "%d", code); return (name); } static char * icmpname6(u_int type, u_int code) { static char name[80]; icmp_subtype_t *ist; icmp_type_t *it; char *s; s = NULL; it = find_icmptype(type, icmptypes6, sizeof(icmptypes6) / sizeof(*it)); if (it != NULL) s = it->it_name; if (s == NULL) sprintf(name, "icmpv6type(%d)/", type); else sprintf(name, "%s/", s); ist = NULL; if (it != NULL && it->it_subtable != NULL) ist = find_icmpsubtype(code, it->it_subtable, it->it_stsize); if (ist != NULL && ist->ist_name != NULL) strcat(name, ist->ist_name); else sprintf(name + strlen(name), "%d", code); return (name); } void dumphex(FILE *log, int dopts, char *buf, int len) { char hline[80]; int i, j, k; u_char *s = (u_char *)buf, *t = (u_char *)hline; if (buf == NULL || len == 0) return; *hline = '\0'; for (i = len, j = 0; i; i--, j++, s++) { if (j && !(j & 0xf)) { *t++ = '\n'; *t = '\0'; if ((dopts & IPMON_SYSLOG)) syslog(LOG_INFO, "%s", hline); else if (log != NULL) fputs(hline, log); t = (u_char *)hline; *t = '\0'; } sprintf((char *)t, "%02x", *s & 0xff); t += 2; if (!((j + 1) & 0xf)) { s -= 15; sprintf((char *)t, " "); t += 8; for (k = 16; k; k--, s++) *t++ = (isprint(*s) ? *s : '.'); s--; } if ((j + 1) & 0xf) *t++ = ' ';; } if (j & 0xf) { for (k = 16 - (j & 0xf); k; k--) { *t++ = ' '; *t++ = ' '; *t++ = ' '; } sprintf((char *)t, " "); t += 7; s -= j & 0xf; for (k = j & 0xf; k; k--, s++) *t++ = (isprint(*s) ? *s : '.'); *t++ = '\n'; *t = '\0'; } if ((dopts & IPMON_SYSLOG) != 0) syslog(LOG_INFO, "%s", hline); else if (log != NULL) { fputs(hline, log); fflush(log); } } static struct tm * get_tm(time_t sec) { struct tm *tm; time_t t; t = sec; tm = localtime(&t); return (tm); } static void print_natlog(config_t *conf, char *buf, int blen) { static u_32_t seqnum = 0; int res, i, len, family; struct natlog *nl; struct tm *tm; iplog_t *ipl; char *proto; int simple; char *t; t = line; simple = 0; ipl = (iplog_t *)buf; if (ipl->ipl_seqnum != seqnum) { if ((ipmonopts & IPMON_SYSLOG) != 0) { syslog(LOG_WARNING, "missed %u NAT log entries: %u %u", ipl->ipl_seqnum - seqnum, seqnum, ipl->ipl_seqnum); } else { (void) fprintf(conf->log, "missed %u NAT log entries: %u %u\n", ipl->ipl_seqnum - seqnum, seqnum, ipl->ipl_seqnum); } } seqnum = ipl->ipl_seqnum + ipl->ipl_count; nl = (struct natlog *)((char *)ipl + sizeof(*ipl)); res = (ipmonopts & IPMON_RESOLVE) ? 1 : 0; tm = get_tm(ipl->ipl_sec); len = sizeof(line); if (!(ipmonopts & IPMON_SYSLOG)) { (void) strftime(t, len, "%d/%m/%Y ", tm); i = strlen(t); len -= i; t += i; } (void) strftime(t, len, "%T", tm); t += strlen(t); sprintf(t, ".%-.6ld @%hd ", (long)ipl->ipl_usec, nl->nl_rule + 1); t += strlen(t); switch (nl->nl_action) { case NL_NEW : strcpy(t, "NAT:NEW"); break; case NL_FLUSH : strcpy(t, "NAT:FLUSH"); break; case NL_CLONE : strcpy(t, "NAT:CLONE"); break; case NL_EXPIRE : strcpy(t, "NAT:EXPIRE"); break; case NL_DESTROY : strcpy(t, "NAT:DESTROY"); break; case NL_PURGE : strcpy(t, "NAT:PURGE"); break; default : sprintf(t, "NAT:Action(%d)", nl->nl_action); break; } t += strlen(t); switch (nl->nl_type) { case NAT_MAP : strcpy(t, "-MAP "); simple = 1; break; case NAT_REDIRECT : strcpy(t, "-RDR "); simple = 1; break; case NAT_BIMAP : strcpy(t, "-BIMAP "); simple = 1; break; case NAT_MAPBLK : strcpy(t, "-MAPBLOCK "); simple = 1; break; case NAT_REWRITE|NAT_MAP : strcpy(t, "-RWR_MAP "); break; case NAT_REWRITE|NAT_REDIRECT : strcpy(t, "-RWR_RDR "); break; case NAT_ENCAP|NAT_MAP : strcpy(t, "-ENC_MAP "); break; case NAT_ENCAP|NAT_REDIRECT : strcpy(t, "-ENC_RDR "); break; case NAT_DIVERTUDP|NAT_MAP : strcpy(t, "-DIV_MAP "); break; case NAT_DIVERTUDP|NAT_REDIRECT : strcpy(t, "-DIV_RDR "); break; default : sprintf(t, "-Type(%d) ", nl->nl_type); break; } t += strlen(t); proto = getlocalproto(nl->nl_p[0]); family = vtof(nl->nl_v[0]); if (simple == 1) { sprintf(t, "%s,%s <- -> ", hostname(family, nl->nl_osrcip.i6), portlocalname(res, proto, (u_int)nl->nl_osrcport)); t += strlen(t); sprintf(t, "%s,%s ", hostname(family, nl->nl_nsrcip.i6), portlocalname(res, proto, (u_int)nl->nl_nsrcport)); t += strlen(t); sprintf(t, "[%s,%s] ", hostname(family, nl->nl_odstip.i6), portlocalname(res, proto, (u_int)nl->nl_odstport)); } else { sprintf(t, "%s,%s ", hostname(family, nl->nl_osrcip.i6), portlocalname(res, proto, (u_int)nl->nl_osrcport)); t += strlen(t); sprintf(t, "%s,%s <- -> ", hostname(family, nl->nl_odstip.i6), portlocalname(res, proto, (u_int)nl->nl_odstport)); t += strlen(t); sprintf(t, "%s,%s ", hostname(family, nl->nl_nsrcip.i6), portlocalname(res, proto, (u_int)nl->nl_nsrcport)); t += strlen(t); sprintf(t, "%s,%s ", hostname(family, nl->nl_ndstip.i6), portlocalname(res, proto, (u_int)nl->nl_ndstport)); } t += strlen(t); strcpy(t, getlocalproto(nl->nl_p[0])); t += strlen(t); if (nl->nl_action == NL_EXPIRE || nl->nl_action == NL_FLUSH) { #ifdef USE_QUAD_T # ifdef PRId64 sprintf(t, " Pkts %" PRId64 "/%" PRId64 " Bytes %" PRId64 "/%" PRId64, # else sprintf(t, " Pkts %qd/%qd Bytes %qd/%qd", # endif #else sprintf(t, " Pkts %ld/%ld Bytes %ld/%ld", #endif nl->nl_pkts[0], nl->nl_pkts[1], nl->nl_bytes[0], nl->nl_bytes[1]); t += strlen(t); } *t++ = '\n'; *t++ = '\0'; if (ipmonopts & IPMON_SYSLOG) syslog(LOG_INFO, "%s", line); else if (conf->log != NULL) (void) fprintf(conf->log, "%s", line); } static void print_statelog(config_t *conf, char *buf, int blen) { static u_32_t seqnum = 0; int res, i, len, family; struct ipslog *sl; char *t, *proto; struct tm *tm; iplog_t *ipl; t = line; ipl = (iplog_t *)buf; if (ipl->ipl_seqnum != seqnum) { if ((ipmonopts & IPMON_SYSLOG) != 0) { syslog(LOG_WARNING, "missed %u state log entries: %u %u", ipl->ipl_seqnum - seqnum, seqnum, ipl->ipl_seqnum); } else { (void) fprintf(conf->log, "missed %u state log entries: %u %u\n", ipl->ipl_seqnum - seqnum, seqnum, ipl->ipl_seqnum); } } seqnum = ipl->ipl_seqnum + ipl->ipl_count; sl = (struct ipslog *)((char *)ipl + sizeof(*ipl)); res = (ipmonopts & IPMON_RESOLVE) ? 1 : 0; tm = get_tm(ipl->ipl_sec); len = sizeof(line); if (!(ipmonopts & IPMON_SYSLOG)) { (void) strftime(t, len, "%d/%m/%Y ", tm); i = strlen(t); len -= i; t += i; } (void) strftime(t, len, "%T", tm); t += strlen(t); sprintf(t, ".%-.6ld ", (long)ipl->ipl_usec); t += strlen(t); family = vtof(sl->isl_v); switch (sl->isl_type) { case ISL_NEW : strcpy(t, "STATE:NEW "); break; case ISL_CLONE : strcpy(t, "STATE:CLONED "); break; case ISL_EXPIRE : if ((sl->isl_p == IPPROTO_TCP) && (sl->isl_state[0] > IPF_TCPS_ESTABLISHED || sl->isl_state[1] > IPF_TCPS_ESTABLISHED)) strcpy(t, "STATE:CLOSE "); else strcpy(t, "STATE:EXPIRE "); break; case ISL_FLUSH : strcpy(t, "STATE:FLUSH "); break; case ISL_INTERMEDIATE : strcpy(t, "STATE:INTERMEDIATE "); break; case ISL_REMOVE : strcpy(t, "STATE:REMOVE "); break; case ISL_KILLED : strcpy(t, "STATE:KILLED "); break; case ISL_UNLOAD : strcpy(t, "STATE:UNLOAD "); break; default : sprintf(t, "Type: %d ", sl->isl_type); break; } t += strlen(t); proto = getlocalproto(sl->isl_p); if (sl->isl_p == IPPROTO_TCP || sl->isl_p == IPPROTO_UDP) { sprintf(t, "%s,%s -> ", hostname(family, (u_32_t *)&sl->isl_src), portlocalname(res, proto, (u_int)sl->isl_sport)); t += strlen(t); sprintf(t, "%s,%s PR %s", hostname(family, (u_32_t *)&sl->isl_dst), portlocalname(res, proto, (u_int)sl->isl_dport), proto); } else if (sl->isl_p == IPPROTO_ICMP) { sprintf(t, "%s -> ", hostname(family, (u_32_t *)&sl->isl_src)); t += strlen(t); sprintf(t, "%s PR icmp %d", hostname(family, (u_32_t *)&sl->isl_dst), sl->isl_itype); } else if (sl->isl_p == IPPROTO_ICMPV6) { sprintf(t, "%s -> ", hostname(family, (u_32_t *)&sl->isl_src)); t += strlen(t); sprintf(t, "%s PR icmpv6 %d", hostname(family, (u_32_t *)&sl->isl_dst), sl->isl_itype); } else { sprintf(t, "%s -> ", hostname(family, (u_32_t *)&sl->isl_src)); t += strlen(t); sprintf(t, "%s PR %s", hostname(family, (u_32_t *)&sl->isl_dst), proto); } t += strlen(t); if (sl->isl_tag != FR_NOLOGTAG) { sprintf(t, " tag %u", sl->isl_tag); t += strlen(t); } if (sl->isl_type != ISL_NEW) { sprintf(t, #ifdef USE_QUAD_T #ifdef PRId64 " Forward: Pkts in %" PRId64 " Bytes in %" PRId64 " Pkts out %" PRId64 " Bytes out %" PRId64 " Backward: Pkts in %" PRId64 " Bytes in %" PRId64 " Pkts out %" PRId64 " Bytes out %" PRId64, #else " Forward: Pkts in %qd Bytes in %qd Pkts out %qd Bytes out %qd Backward: Pkts in %qd Bytes in %qd Pkts out %qd Bytes out %qd", #endif /* PRId64 */ #else " Forward: Pkts in %ld Bytes in %ld Pkts out %ld Bytes out %ld Backward: Pkts in %ld Bytes in %ld Pkts out %ld Bytes out %ld", #endif sl->isl_pkts[0], sl->isl_bytes[0], sl->isl_pkts[1], sl->isl_bytes[1], sl->isl_pkts[2], sl->isl_bytes[2], sl->isl_pkts[3], sl->isl_bytes[3]); t += strlen(t); } *t++ = '\n'; *t++ = '\0'; if (ipmonopts & IPMON_SYSLOG) syslog(LOG_INFO, "%s", line); else if (conf->log != NULL) (void) fprintf(conf->log, "%s", line); } static void print_log(config_t *conf, logsource_t *log, char *buf, int blen) { char *bp, *bpo; iplog_t *ipl; int psize; bp = NULL; bpo = NULL; while (blen > 0) { ipl = (iplog_t *)buf; if ((u_long)ipl & (sizeof(long)-1)) { if (bp) bpo = bp; bp = (char *)malloc(blen); bcopy((char *)ipl, bp, blen); if (bpo) { free(bpo); bpo = NULL; } buf = bp; continue; } psize = ipl->ipl_dsize; if (psize > blen) break; if (conf->blog != NULL) { fwrite(buf, psize, 1, conf->blog); fflush(conf->blog); } if (log->logtype == IPL_LOGIPF) { if (ipl->ipl_magic == IPL_MAGIC) print_ipflog(conf, buf, psize); } else if (log->logtype == IPL_LOGNAT) { if (ipl->ipl_magic == IPL_MAGIC_NAT) print_natlog(conf, buf, psize); } else if (log->logtype == IPL_LOGSTATE) { if (ipl->ipl_magic == IPL_MAGIC_STATE) print_statelog(conf, buf, psize); } blen -= psize; buf += psize; } if (bp) free(bp); return; } static void print_ipflog(config_t *conf, char *buf, int blen) { static u_32_t seqnum = 0; int i, f, lvl, res, len, off, plen, ipoff, defaction; struct icmp *icmp; struct icmp *ic; char *t, *proto; ip_t *ipc, *ip; struct tm *tm; u_32_t *s, *d; u_short hl, p; ipflog_t *ipf; iplog_t *ipl; tcphdr_t *tp; #ifdef USE_INET6 struct ip6_ext *ehp; u_short ehl; ip6_t *ip6; int go; #endif ipl = (iplog_t *)buf; if (ipl->ipl_seqnum != seqnum) { if ((ipmonopts & IPMON_SYSLOG) != 0) { syslog(LOG_WARNING, "missed %u ipf log entries: %u %u", ipl->ipl_seqnum - seqnum, seqnum, ipl->ipl_seqnum); } else { (void) fprintf(conf->log, "missed %u ipf log entries: %u %u\n", ipl->ipl_seqnum - seqnum, seqnum, ipl->ipl_seqnum); } } seqnum = ipl->ipl_seqnum + ipl->ipl_count; ipf = (ipflog_t *)((char *)buf + sizeof(*ipl)); ip = (ip_t *)((char *)ipf + sizeof(*ipf)); f = ipf->fl_family; res = (ipmonopts & IPMON_RESOLVE) ? 1 : 0; t = line; *t = '\0'; tm = get_tm(ipl->ipl_sec); len = sizeof(line); if (!(ipmonopts & IPMON_SYSLOG)) { (void) strftime(t, len, "%d/%m/%Y ", tm); i = strlen(t); len -= i; t += i; } (void) strftime(t, len, "%T", tm); t += strlen(t); sprintf(t, ".%-.6ld ", (long)ipl->ipl_usec); t += strlen(t); if (ipl->ipl_count > 1) { sprintf(t, "%dx ", ipl->ipl_count); t += strlen(t); } { char ifname[sizeof(ipf->fl_ifname) + 1]; strncpy(ifname, ipf->fl_ifname, sizeof(ipf->fl_ifname)); ifname[sizeof(ipf->fl_ifname)] = '\0'; sprintf(t, "%s", ifname); t += strlen(t); # if SOLARIS if (ISALPHA(*(t - 1))) { sprintf(t, "%d", ipf->fl_unit); t += strlen(t); } # endif } if ((ipf->fl_group[0] == (char)~0) && (ipf->fl_group[1] == '\0')) strcat(t, " @-1:"); else if (ipf->fl_group[0] == '\0') (void) strcpy(t, " @0:"); else sprintf(t, " @%s:", ipf->fl_group); t += strlen(t); if (ipf->fl_rule == 0xffffffff) strcat(t, "-1 "); else sprintf(t, "%u ", ipf->fl_rule + 1); t += strlen(t); lvl = LOG_NOTICE; if (ipf->fl_lflags & FI_SHORT) { *t++ = 'S'; lvl = LOG_ERR; } if (FR_ISPASS(ipf->fl_flags)) { if (ipf->fl_flags & FR_LOGP) *t++ = 'p'; else *t++ = 'P'; } else if (FR_ISBLOCK(ipf->fl_flags)) { if (ipf->fl_flags & FR_LOGB) *t++ = 'b'; else *t++ = 'B'; lvl = LOG_WARNING; } else if ((ipf->fl_flags & FR_LOGMASK) == FR_LOG) { *t++ = 'L'; lvl = LOG_INFO; } else if (ipf->fl_flags & FF_LOGNOMATCH) { *t++ = 'n'; } else { *t++ = '?'; lvl = LOG_EMERG; } if (ipf->fl_loglevel != 0xffff) lvl = ipf->fl_loglevel; *t++ = ' '; *t = '\0'; if (f == AF_INET) { hl = IP_HL(ip) << 2; ipoff = ntohs(ip->ip_off); off = ipoff & IP_OFFMASK; p = (u_short)ip->ip_p; s = (u_32_t *)&ip->ip_src; d = (u_32_t *)&ip->ip_dst; plen = ntohs(ip->ip_len); } else #ifdef USE_INET6 if (f == AF_INET6) { off = 0; ipoff = 0; hl = sizeof(ip6_t); ip6 = (ip6_t *)ip; p = (u_short)ip6->ip6_nxt; s = (u_32_t *)&ip6->ip6_src; d = (u_32_t *)&ip6->ip6_dst; plen = hl + ntohs(ip6->ip6_plen); go = 1; ehp = (struct ip6_ext *)((char *)ip6 + hl); while (go == 1) { switch (p) { case IPPROTO_HOPOPTS : case IPPROTO_MOBILITY : case IPPROTO_DSTOPTS : case IPPROTO_ROUTING : case IPPROTO_AH : p = ehp->ip6e_nxt; ehl = 8 + (ehp->ip6e_len << 3); hl += ehl; ehp = (struct ip6_ext *)((char *)ehp + ehl); break; case IPPROTO_FRAGMENT : hl += sizeof(struct ip6_frag); /* FALLTHROUGH */ default : go = 0; break; } } } else #endif { goto printipflog; } proto = getlocalproto(p); if ((p == IPPROTO_TCP || p == IPPROTO_UDP) && !off) { tp = (tcphdr_t *)((char *)ip + hl); if (!(ipf->fl_lflags & FI_SHORT)) { sprintf(t, "%s,%s -> ", hostname(f, s), portlocalname(res, proto, (u_int)tp->th_sport)); t += strlen(t); sprintf(t, "%s,%s PR %s len %hu %hu", hostname(f, d), portlocalname(res, proto, (u_int)tp->th_dport), proto, hl, plen); t += strlen(t); if (p == IPPROTO_TCP) { *t++ = ' '; *t++ = '-'; for (i = 0; tcpfl[i].value; i++) if (tp->th_flags & tcpfl[i].value) *t++ = tcpfl[i].flag; if (ipmonopts & IPMON_VERBOSE) { sprintf(t, " %lu %lu %hu", (u_long)(ntohl(tp->th_seq)), (u_long)(ntohl(tp->th_ack)), ntohs(tp->th_win)); t += strlen(t); } } *t = '\0'; } else { sprintf(t, "%s -> ", hostname(f, s)); t += strlen(t); sprintf(t, "%s PR %s len %hu %hu", hostname(f, d), proto, hl, plen); } #if defined(AF_INET6) && defined(IPPROTO_ICMPV6) } else if ((p == IPPROTO_ICMPV6) && !off && (f == AF_INET6)) { ic = (struct icmp *)((char *)ip + hl); sprintf(t, "%s -> ", hostname(f, s)); t += strlen(t); sprintf(t, "%s PR icmpv6 len %hu %hu icmpv6 %s", hostname(f, d), hl, plen, icmpname6(ic->icmp_type, ic->icmp_code)); #endif } else if ((p == IPPROTO_ICMP) && !off && (f == AF_INET)) { ic = (struct icmp *)((char *)ip + hl); sprintf(t, "%s -> ", hostname(f, s)); t += strlen(t); sprintf(t, "%s PR icmp len %hu %hu icmp %s", hostname(f, d), hl, plen, icmpname(ic->icmp_type, ic->icmp_code)); if (ic->icmp_type == ICMP_UNREACH || ic->icmp_type == ICMP_SOURCEQUENCH || ic->icmp_type == ICMP_PARAMPROB || ic->icmp_type == ICMP_REDIRECT || ic->icmp_type == ICMP_TIMXCEED) { ipc = &ic->icmp_ip; i = ntohs(ipc->ip_len); /* * XXX - try to guess endian of ip_len in ICMP * returned data. */ if (i > 1500) i = ipc->ip_len; ipoff = ntohs(ipc->ip_off); proto = getlocalproto(ipc->ip_p); if (!(ipoff & IP_OFFMASK) && ((ipc->ip_p == IPPROTO_TCP) || (ipc->ip_p == IPPROTO_UDP))) { tp = (tcphdr_t *)((char *)ipc + hl); t += strlen(t); sprintf(t, " for %s,%s -", HOSTNAMEV4(ipc->ip_src), portlocalname(res, proto, (u_int)tp->th_sport)); t += strlen(t); sprintf(t, " %s,%s PR %s len %hu %hu", HOSTNAMEV4(ipc->ip_dst), portlocalname(res, proto, (u_int)tp->th_dport), proto, IP_HL(ipc) << 2, i); } else if (!(ipoff & IP_OFFMASK) && (ipc->ip_p == IPPROTO_ICMP)) { icmp = (icmphdr_t *)((char *)ipc + hl); t += strlen(t); sprintf(t, " for %s -", HOSTNAMEV4(ipc->ip_src)); t += strlen(t); sprintf(t, " %s PR icmp len %hu %hu icmp %d/%d", HOSTNAMEV4(ipc->ip_dst), IP_HL(ipc) << 2, i, icmp->icmp_type, icmp->icmp_code); } else { t += strlen(t); sprintf(t, " for %s -", HOSTNAMEV4(ipc->ip_src)); t += strlen(t); sprintf(t, " %s PR %s len %hu (%hu)", HOSTNAMEV4(ipc->ip_dst), proto, IP_HL(ipc) << 2, i); t += strlen(t); if (ipoff & IP_OFFMASK) { sprintf(t, "(frag %d:%hu@%hu%s%s)", ntohs(ipc->ip_id), i - (IP_HL(ipc) << 2), (ipoff & IP_OFFMASK) << 3, ipoff & IP_MF ? "+" : "", ipoff & IP_DF ? "-" : ""); } } } } else { sprintf(t, "%s -> ", hostname(f, s)); t += strlen(t); sprintf(t, "%s PR %s len %hu (%hu)", hostname(f, d), proto, hl, plen); t += strlen(t); if (off & IP_OFFMASK) sprintf(t, " (frag %d:%hu@%hu%s%s)", ntohs(ip->ip_id), plen - hl, (off & IP_OFFMASK) << 3, ipoff & IP_MF ? "+" : "", ipoff & IP_DF ? "-" : ""); } t += strlen(t); printipflog: if (ipf->fl_flags & FR_KEEPSTATE) { (void) strcpy(t, " K-S"); t += strlen(t); } if (ipf->fl_flags & FR_KEEPFRAG) { (void) strcpy(t, " K-F"); t += strlen(t); } if (ipf->fl_dir == 0) strcpy(t, " IN"); else if (ipf->fl_dir == 1) strcpy(t, " OUT"); t += strlen(t); if (ipf->fl_logtag != 0) { sprintf(t, " log-tag %d", ipf->fl_logtag); t += strlen(t); } if (ipf->fl_nattag.ipt_num[0] != 0) { strcpy(t, " nat-tag "); t += strlen(t); strncpy(t, ipf->fl_nattag.ipt_tag, sizeof(ipf->fl_nattag)); t += strlen(t); } if ((ipf->fl_lflags & FI_LOWTTL) != 0) { strcpy(t, " low-ttl"); t += 8; } if ((ipf->fl_lflags & FI_OOW) != 0) { strcpy(t, " OOW"); t += 4; } if ((ipf->fl_lflags & FI_BAD) != 0) { strcpy(t, " bad"); t += 4; } if ((ipf->fl_lflags & FI_NATED) != 0) { strcpy(t, " NAT"); t += 4; } if ((ipf->fl_lflags & FI_BADNAT) != 0) { strcpy(t, " bad-NAT"); t += 8; } if ((ipf->fl_lflags & FI_BADSRC) != 0) { strcpy(t, " bad-src"); t += 8; } if ((ipf->fl_lflags & FI_MULTICAST) != 0) { strcpy(t, " multicast"); t += 10; } if ((ipf->fl_lflags & FI_BROADCAST) != 0) { strcpy(t, " broadcast"); t += 10; } if ((ipf->fl_lflags & (FI_MULTICAST|FI_BROADCAST|FI_MBCAST)) == FI_MBCAST) { strcpy(t, " mbcast"); t += 7; } if (ipf->fl_breason != 0) { strcpy(t, " reason:"); t += 8; strcpy(t, reasons[ipf->fl_breason]); t += strlen(reasons[ipf->fl_breason]); } *t++ = '\n'; *t++ = '\0'; defaction = 0; if (conf->cfile != NULL) defaction = check_action(buf, line, ipmonopts, lvl); if (defaction == 0) { if (ipmonopts & IPMON_SYSLOG) { syslog(lvl, "%s", line); } else if (conf->log != NULL) { (void) fprintf(conf->log, "%s", line); } if (ipmonopts & IPMON_HEXHDR) { dumphex(conf->log, ipmonopts, buf, sizeof(iplog_t) + sizeof(*ipf)); } if (ipmonopts & IPMON_HEXBODY) { dumphex(conf->log, ipmonopts, (char *)ip, ipf->fl_plen + ipf->fl_hlen); } else if ((ipmonopts & IPMON_LOGBODY) && (ipf->fl_flags & FR_LOGBODY)) { dumphex(conf->log, ipmonopts, (char *)ip + ipf->fl_hlen, ipf->fl_plen); } } } static void usage(char *prog) { fprintf(stderr, "Usage: %s [ -abDFhnpstvxX ] [ -B ] [ -C ]\n" "\t[ -f ] [ -L ] [ -N ]\n" "\t[ -o [NSI] ] [ -O [NSI] ] [ -P ] [ -S ]\n" "\t[ ]\n", prog); exit(1); } static void write_pid(char *file) { FILE *fp = NULL; int fd; if ((fd = open(file, O_CREAT|O_TRUNC|O_WRONLY, 0644)) >= 0) { fp = fdopen(fd, "w"); if (fp == NULL) { close(fd); fprintf(stderr, "unable to open/create pid file: %s\n", file); return; } fprintf(fp, "%d", getpid()); fclose(fp); } } static void flushlogs(char *file, FILE *log) { int fd, flushed = 0; if ((fd = open(file, O_RDWR)) == -1) { (void) fprintf(stderr, "%s: open: %s\n", file, STRERROR(errno)); exit(1); } if (ioctl(fd, SIOCIPFFB, &flushed) == 0) { printf("%d bytes flushed from log buffer\n", flushed); fflush(stdout); } else ipferror(fd, "SIOCIPFFB"); (void) close(fd); if (flushed) { if (ipmonopts & IPMON_SYSLOG) { syslog(LOG_INFO, "%d bytes flushed from log\n", flushed); } else if ((log != stdout) && (log != NULL)) { fprintf(log, "%d bytes flushed from log\n", flushed); } } } static void logopts(int turnon, char *options) { int flags = 0; char *s; for (s = options; *s; s++) { switch (*s) { case 'N' : flags |= IPMON_NAT; break; case 'S' : flags |= IPMON_STATE; break; case 'I' : flags |= IPMON_FILTER; break; default : fprintf(stderr, "Unknown log option %c\n", *s); exit(1); } } if (turnon) ipmonopts |= flags; else ipmonopts &= ~(flags); } static void initconfig(config_t *conf) { int i; memset(conf, 0, sizeof(*conf)); conf->log = stdout; conf->maxfd = -1; for (i = 0; i < 3; i++) { conf->logsrc[i].fd = -1; conf->logsrc[i].logtype = -1; conf->logsrc[i].regular = -1; } conf->logsrc[0].file = IPL_NAME; conf->logsrc[1].file = IPNAT_NAME; conf->logsrc[2].file = IPSTATE_NAME; add_doing(&executesaver); add_doing(&snmpv1saver); add_doing(&snmpv2saver); add_doing(&syslogsaver); add_doing(&filesaver); add_doing(¬hingsaver); } int main(int argc, char *argv[]) { int doread, c, make_daemon = 0; char *prog; config_t config; prog = strrchr(argv[0], '/'); if (prog == NULL) prog = argv[0]; else prog++; initconfig(&config); while ((c = getopt(argc, argv, "?abB:C:Df:FhL:nN:o:O:pP:sS:tvxX")) != -1) switch (c) { case 'a' : ipmonopts |= IPMON_LOGALL; config.logsrc[0].logtype = IPL_LOGIPF; config.logsrc[1].logtype = IPL_LOGNAT; config.logsrc[2].logtype = IPL_LOGSTATE; break; case 'b' : ipmonopts |= IPMON_LOGBODY; break; case 'B' : config.bfile = optarg; config.blog = fopen(optarg, "a"); break; case 'C' : config.cfile = optarg; break; case 'D' : make_daemon = 1; break; case 'f' : case 'I' : ipmonopts |= IPMON_FILTER; config.logsrc[0].logtype = IPL_LOGIPF; config.logsrc[0].file = optarg; break; case 'F' : flushlogs(config.logsrc[0].file, config.log); flushlogs(config.logsrc[1].file, config.log); flushlogs(config.logsrc[2].file, config.log); break; case 'L' : logfac = fac_findname(optarg); if (logfac == -1) { fprintf(stderr, "Unknown syslog facility '%s'\n", optarg); exit(1); } break; case 'n' : ipmonopts |= IPMON_RESOLVE; opts &= ~OPT_NORESOLVE; break; case 'N' : ipmonopts |= IPMON_NAT; config.logsrc[1].logtype = IPL_LOGNAT; config.logsrc[1].file = optarg; break; case 'o' : case 'O' : logopts(c == 'o', optarg); if (ipmonopts & IPMON_FILTER) config.logsrc[0].logtype = IPL_LOGIPF; if (ipmonopts & IPMON_NAT) config.logsrc[1].logtype = IPL_LOGNAT; if (ipmonopts & IPMON_STATE) config.logsrc[2].logtype = IPL_LOGSTATE; break; case 'p' : ipmonopts |= IPMON_PORTNUM; break; case 'P' : pidfile = optarg; break; case 's' : ipmonopts |= IPMON_SYSLOG; config.log = NULL; break; case 'S' : ipmonopts |= IPMON_STATE; config.logsrc[2].logtype = IPL_LOGSTATE; config.logsrc[2].file = optarg; break; case 't' : ipmonopts |= IPMON_TAIL; break; case 'v' : ipmonopts |= IPMON_VERBOSE; break; case 'x' : ipmonopts |= IPMON_HEXBODY; break; case 'X' : ipmonopts |= IPMON_HEXHDR; break; default : case 'h' : case '?' : usage(argv[0]); } if (ipmonopts & IPMON_SYSLOG) openlog(prog, LOG_NDELAY|LOG_PID, logfac); init_tabs(); if (config.cfile) if (load_config(config.cfile) == -1) { unload_config(); exit(1); } /* * Default action is to only open the filter log file. */ if ((config.logsrc[0].logtype == -1) && (config.logsrc[0].logtype == -1) && (config.logsrc[0].logtype == -1)) config.logsrc[0].logtype = IPL_LOGIPF; openlogs(&config); if (!(ipmonopts & IPMON_SYSLOG)) { config.file = argv[optind]; config.log = config.file ? fopen(config.file, "a") : stdout; if (config.log == NULL) { (void) fprintf(stderr, "%s: fopen: %s\n", argv[optind], STRERROR(errno)); exit(1); /* NOTREACHED */ } setvbuf(config.log, NULL, _IONBF, 0); } else { config.log = NULL; } if (make_daemon && ((config.log != stdout) || (ipmonopts & IPMON_SYSLOG))) { #ifdef BSD daemon(0, !(ipmonopts & IPMON_SYSLOG)); #else int pid; switch (fork()) { case -1 : (void) fprintf(stderr, "%s: fork() failed: %s\n", argv[0], STRERROR(errno)); exit(1); /* NOTREACHED */ case 0 : break; default : exit(0); } setsid(); if ((ipmonopts & IPMON_SYSLOG)) close(2); #endif /* !BSD */ close(0); close(1); write_pid(pidfile); } signal(SIGHUP, handlehup); for (doread = 1; doread; ) doread = read_loginfo(&config); unload_config(); return (0); /* NOTREACHED */ } static void openlogs(config_t *conf) { logsource_t *l; struct stat sb; int i; for (i = 0; i < 3; i++) { l = &conf->logsrc[i]; if (l->logtype == -1) continue; if (!strcmp(l->file, "-")) l->fd = 0; else { if ((l->fd= open(l->file, O_RDONLY)) == -1) { (void) fprintf(stderr, "%s: open: %s\n", l->file, STRERROR(errno)); exit(1); /* NOTREACHED */ } if (fstat(l->fd, &sb) == -1) { (void) fprintf(stderr, "%d: fstat: %s\n", l->fd, STRERROR(errno)); exit(1); /* NOTREACHED */ } l->regular = !S_ISCHR(sb.st_mode); if (l->regular) l->size = sb.st_size; FD_SET(l->fd, &conf->fdmr); if (l->fd > conf->maxfd) conf->maxfd = l->fd; } } } static int read_loginfo(config_t *conf) { iplog_t buf[DEFAULT_IPFLOGSIZE/sizeof(iplog_t)+1]; int n, tr, nr, i; logsource_t *l; fd_set fdr; fdr = conf->fdmr; n = select(conf->maxfd + 1, &fdr, NULL, NULL, NULL); if (n == 0) return (1); if (n == -1) { if (errno == EINTR) return (1); return (-1); } for (i = 0, nr = 0; i < 3; i++) { l = &conf->logsrc[i]; if ((l->logtype == -1) || !FD_ISSET(l->fd, &fdr)) continue; tr = 0; if (l->regular) { tr = (lseek(l->fd, 0, SEEK_CUR) < l->size); if (!tr && !(ipmonopts & IPMON_TAIL)) return (0); } n = 0; tr = read_log(l->fd, &n, (char *)buf, sizeof(buf)); if (donehup) { if (conf->file != NULL) { if (conf->log != NULL) { fclose(conf->log); conf->log = NULL; } conf->log = fopen(conf->file, "a"); } if (conf->bfile != NULL) { if (conf->blog != NULL) { fclose(conf->blog); conf->blog = NULL; } conf->blog = fopen(conf->bfile, "a"); } init_tabs(); if (conf->cfile != NULL) load_config(conf->cfile); donehup = 0; } switch (tr) { case -1 : if (ipmonopts & IPMON_SYSLOG) syslog(LOG_CRIT, "read: %m\n"); else { ipferror(l->fd, "read"); } return (0); case 1 : if (ipmonopts & IPMON_SYSLOG) syslog(LOG_CRIT, "aborting logging\n"); else if (conf->log != NULL) fprintf(conf->log, "aborting logging\n"); return (0); case 2 : break; case 0 : nr += tr; if (n > 0) { print_log(conf, l, (char *)buf, n); if (!(ipmonopts & IPMON_SYSLOG)) fflush(conf->log); } break; } } if (!nr && (ipmonopts & IPMON_TAIL)) sleep(1); return (1); } diff --git a/sbin/ipf/ipnat/ipnat.c b/sbin/ipf/ipnat/ipnat.c index 07d11fc535ee..8eb2e240f6cf 100644 --- a/sbin/ipf/ipnat/ipnat.c +++ b/sbin/ipf/ipnat/ipnat.c @@ -1,832 +1,828 @@ /* * Copyright (C) 2012 by Darren Reed. * * See the IPFILTER.LICENCE file for details on licencing. * * Added redirect stuff and a variety of bug fixes. (mcn@EnGarde.com) */ #include #include #include #include #include #if !defined(__SVR4) #include #else #include #endif #include #include #include #include #include #include #define _KERNEL #include #undef _KERNEL #include #include #if defined(sun) && defined(__SVR4) # include # include #endif #include #include #include #include #include #include #include #include #include #include # include #include "ipf.h" #include "netinet/ipl.h" #include "kmem.h" # define STRERROR(x) strerror(x) -#if !defined(lint) -static const char sccsid[] ="@(#)ipnat.c 1.9 6/5/96 (C) 1993 Darren Reed"; -static const char rcsid[] = "@(#)$Id$"; -#endif #if SOLARIS #define bzero(a,b) memset(a,0,b) #endif int use_inet6 = 0; extern char *optarg; void dostats(int, natstat_t *, int, int, int *); void dotable(natstat_t *, int, int, int, char *); void flushtable(int, int, int *); void usage(char *); int main(int, char*[]); void showhostmap(natstat_t *nsp); void natstat_dead(natstat_t *, char *); void dostats_live(int, natstat_t *, int, int *); void showhostmap_dead(natstat_t *); void showhostmap_live(int, natstat_t *); void dostats_dead(natstat_t *, int, int *); int nat_matcharray(nat_t *, int *); int opts; int nohdrfields = 0; wordtab_t *nat_fields = NULL; void usage(char *name) { fprintf(stderr, "Usage: %s [-CFhlnrRsv] [-f filename]\n", name); exit(1); } int main(int argc, char *argv[]) { int fd, c, mode, *natfilter; char *file, *core, *kernel; natstat_t ns, *nsp; ipfobj_t obj; fd = -1; opts = 0; nsp = &ns; file = NULL; core = NULL; kernel = NULL; mode = O_RDWR; natfilter = NULL; assigndefined(getenv("IPNAT_PREDEFINED")); while ((c = getopt(argc, argv, "CdFf:hlm:M:N:nO:prRsv")) != -1) switch (c) { case 'C' : opts |= OPT_CLEAR; break; case 'd' : opts |= OPT_DEBUG; break; case 'f' : file = optarg; break; case 'F' : opts |= OPT_FLUSH; break; case 'h' : opts |=OPT_HITS; break; case 'l' : opts |= OPT_LIST; mode = O_RDONLY; break; case 'm' : natfilter = parseipfexpr(optarg, NULL); break; case 'M' : core = optarg; break; case 'N' : kernel = optarg; break; case 'n' : opts |= OPT_DONOTHING|OPT_DONTOPEN; mode = O_RDONLY; break; case 'O' : nat_fields = parsefields(natfields, optarg); break; case 'p' : opts |= OPT_PURGE; break; case 'R' : opts |= OPT_NORESOLVE; break; case 'r' : opts |= OPT_REMOVE; break; case 's' : opts |= OPT_STAT; mode = O_RDONLY; break; case 'v' : opts |= OPT_VERBOSE; break; default : usage(argv[0]); } if (((opts & OPT_PURGE) != 0) && ((opts & OPT_REMOVE) == 0)) { (void) fprintf(stderr, "%s: -p must be used with -r\n", argv[0]); exit(1); } initparse(); if ((kernel != NULL) || (core != NULL)) { (void) setgid(getgid()); (void) setuid(getuid()); } if (!(opts & OPT_DONOTHING)) { if (((fd = open(IPNAT_NAME, mode)) == -1) && ((fd = open(IPNAT_NAME, O_RDONLY)) == -1)) { (void) fprintf(stderr, "%s: open: %s\n", IPNAT_NAME, STRERROR(errno)); exit(1); } } bzero((char *)&ns, sizeof(ns)); if ((opts & OPT_DONOTHING) == 0) { if (checkrev(IPL_NAME) == -1) { fprintf(stderr, "User/kernel version check failed\n"); exit(1); } } if (!(opts & OPT_DONOTHING) && (kernel == NULL) && (core == NULL)) { bzero((char *)&obj, sizeof(obj)); obj.ipfo_rev = IPFILTER_VERSION; obj.ipfo_type = IPFOBJ_NATSTAT; obj.ipfo_size = sizeof(*nsp); obj.ipfo_ptr = (void *)nsp; if (ioctl(fd, SIOCGNATS, &obj) == -1) { ipferror(fd, "ioctl(SIOCGNATS)"); exit(1); } (void) setgid(getgid()); (void) setuid(getuid()); } else if ((kernel != NULL) || (core != NULL)) { if (openkmem(kernel, core) == -1) exit(1); natstat_dead(nsp, kernel); if (opts & (OPT_LIST|OPT_STAT)) dostats(fd, nsp, opts, 0, natfilter); exit(0); } if (opts & (OPT_FLUSH|OPT_CLEAR)) flushtable(fd, opts, natfilter); if (file) { return (ipnat_parsefile(fd, ipnat_addrule, ioctl, file)); } if (opts & (OPT_LIST|OPT_STAT)) dostats(fd, nsp, opts, 1, natfilter); return (0); } /* * Read NAT statistic information in using a symbol table and memory file * rather than doing ioctl's. */ void natstat_dead(natstat_t *nsp, char *kernel) { struct nlist nat_nlist[10] = { { "nat_table" }, /* 0 */ { "nat_list" }, { "maptable" }, { "ipf_nattable_sz" }, { "ipf_natrules_sz" }, { "ipf_rdrrules_sz" }, /* 5 */ { "ipf_hostmap_sz" }, { "nat_instances" }, { NULL } }; void *tables[2]; if (nlist(kernel, nat_nlist) == -1) { fprintf(stderr, "nlist error\n"); return; } /* * Normally the ioctl copies all of these values into the structure * for us, before returning it to userland, so here we must copy each * one in individually. */ kmemcpy((char *)&tables, nat_nlist[0].n_value, sizeof(tables)); nsp->ns_side[0].ns_table = tables[0]; nsp->ns_side[1].ns_table = tables[1]; kmemcpy((char *)&nsp->ns_list, nat_nlist[1].n_value, sizeof(nsp->ns_list)); kmemcpy((char *)&nsp->ns_maptable, nat_nlist[2].n_value, sizeof(nsp->ns_maptable)); kmemcpy((char *)&nsp->ns_nattab_sz, nat_nlist[3].n_value, sizeof(nsp->ns_nattab_sz)); kmemcpy((char *)&nsp->ns_rultab_sz, nat_nlist[4].n_value, sizeof(nsp->ns_rultab_sz)); kmemcpy((char *)&nsp->ns_rdrtab_sz, nat_nlist[5].n_value, sizeof(nsp->ns_rdrtab_sz)); kmemcpy((char *)&nsp->ns_hostmap_sz, nat_nlist[6].n_value, sizeof(nsp->ns_hostmap_sz)); kmemcpy((char *)&nsp->ns_instances, nat_nlist[7].n_value, sizeof(nsp->ns_instances)); } /* * Issue an ioctl to flush either the NAT rules table or the active mapping * table or both. */ void flushtable(int fd, int opts, int *match) { int n = 0; if (opts & OPT_FLUSH) { n = 0; if (!(opts & OPT_DONOTHING)) { if (match != NULL) { ipfobj_t obj; obj.ipfo_rev = IPFILTER_VERSION; obj.ipfo_size = match[0] * sizeof(int); obj.ipfo_type = IPFOBJ_IPFEXPR; obj.ipfo_ptr = match; if (ioctl(fd, SIOCMATCHFLUSH, &obj) == -1) { ipferror(fd, "ioctl(SIOCMATCHFLUSH)"); n = -1; } else { n = obj.ipfo_retval; } } else if (ioctl(fd, SIOCIPFFL, &n) == -1) { ipferror(fd, "ioctl(SIOCIPFFL)"); n = -1; } } if (n >= 0) printf("%d entries flushed from NAT table\n", n); } if (opts & OPT_CLEAR) { n = 1; if (!(opts & OPT_DONOTHING) && ioctl(fd, SIOCIPFFL, &n) == -1) ipferror(fd, "ioctl(SIOCCNATL)"); else printf("%d entries flushed from NAT list\n", n); } } /* * Display NAT statistics. */ void dostats_dead(natstat_t *nsp, int opts, int *filter) { nat_t *np, nat; ipnat_t ipn; int i; if (nat_fields == NULL) { printf("List of active MAP/Redirect filters:\n"); while (nsp->ns_list) { if (kmemcpy((char *)&ipn, (long)nsp->ns_list, sizeof(ipn))) { perror("kmemcpy"); break; } if (opts & OPT_HITS) printf("%lu ", ipn.in_hits); printnat(&ipn, opts & (OPT_DEBUG|OPT_VERBOSE)); nsp->ns_list = ipn.in_next; } } if (nat_fields == NULL) { printf("\nList of active sessions:\n"); } else if (nohdrfields == 0) { for (i = 0; nat_fields[i].w_value != 0; i++) { printfieldhdr(natfields, nat_fields + i); if (nat_fields[i + 1].w_value != 0) printf("\t"); } printf("\n"); } for (np = nsp->ns_instances; np; np = nat.nat_next) { if (kmemcpy((char *)&nat, (long)np, sizeof(nat))) break; if ((filter != NULL) && (nat_matcharray(&nat, filter) == 0)) continue; if (nat_fields != NULL) { for (i = 0; nat_fields[i].w_value != 0; i++) { printnatfield(&nat, nat_fields[i].w_value); if (nat_fields[i + 1].w_value != 0) printf("\t"); } printf("\n"); } else { printactivenat(&nat, opts, nsp->ns_ticks); if (nat.nat_aps) { int proto; if (nat.nat_dir & NAT_OUTBOUND) proto = nat.nat_pr[1]; else proto = nat.nat_pr[0]; printaps(nat.nat_aps, opts, proto); } } } if (opts & OPT_VERBOSE) showhostmap_dead(nsp); } void dotable(natstat_t *nsp, int fd, int alive, int which, char *side) { int sz, i, used, maxlen, minlen, totallen; ipftable_t table; u_int *buckets; ipfobj_t obj; sz = sizeof(*buckets) * nsp->ns_nattab_sz; buckets = (u_int *)malloc(sz); if (buckets == NULL) { fprintf(stderr, "cannot allocate memory (%d) for buckets\n", sz); return; } obj.ipfo_rev = IPFILTER_VERSION; obj.ipfo_type = IPFOBJ_GTABLE; obj.ipfo_size = sizeof(table); obj.ipfo_ptr = &table; if (which == 0) { table.ita_type = IPFTABLE_BUCKETS_NATIN; } else if (which == 1) { table.ita_type = IPFTABLE_BUCKETS_NATOUT; } table.ita_table = buckets; if (alive) { if (ioctl(fd, SIOCGTABL, &obj) != 0) { ipferror(fd, "SIOCFTABL"); free(buckets); return; } } else { if (kmemcpy((char *)buckets, (u_long)nsp->ns_nattab_sz, sz)) { free(buckets); return; } } minlen = nsp->ns_side[which].ns_inuse; totallen = 0; maxlen = 0; used = 0; for (i = 0; i < nsp->ns_nattab_sz; i++) { if (buckets[i] > maxlen) maxlen = buckets[i]; if (buckets[i] < minlen) minlen = buckets[i]; if (buckets[i] != 0) used++; totallen += buckets[i]; } printf("%d%%\thash efficiency %s\n", totallen ? used * 100 / totallen : 0, side); printf("%2.2f%%\tbucket usage %s\n", ((float)used / nsp->ns_nattab_sz) * 100.0, side); printf("%d\tminimal length %s\n", minlen, side); printf("%d\tmaximal length %s\n", maxlen, side); printf("%.3f\taverage length %s\n", used ? ((float)totallen / used) : 0.0, side); free(buckets); } void dostats(int fd, natstat_t *nsp, int opts, int alive, int *filter) { /* * Show statistics ? */ if (opts & OPT_STAT) { printnatside("in", &nsp->ns_side[0]); dotable(nsp, fd, alive, 0, "in"); printnatside("out", &nsp->ns_side[1]); dotable(nsp, fd, alive, 1, "out"); printf("%lu\tlog successes\n", nsp->ns_side[0].ns_log); printf("%lu\tlog failures\n", nsp->ns_side[1].ns_log); printf("%lu\tadded in\n%lu\tadded out\n", nsp->ns_side[0].ns_added, nsp->ns_side[1].ns_added); printf("%u\tactive\n", nsp->ns_active); printf("%lu\ttransparent adds\n", nsp->ns_addtrpnt); printf("%lu\tdivert build\n", nsp->ns_divert_build); printf("%lu\texpired\n", nsp->ns_expire); printf("%lu\tflush all\n", nsp->ns_flush_all); printf("%lu\tflush closing\n", nsp->ns_flush_closing); printf("%lu\tflush queue\n", nsp->ns_flush_queue); printf("%lu\tflush state\n", nsp->ns_flush_state); printf("%lu\tflush timeout\n", nsp->ns_flush_timeout); printf("%lu\thostmap new\n", nsp->ns_hm_new); printf("%lu\thostmap fails\n", nsp->ns_hm_newfail); printf("%lu\thostmap add\n", nsp->ns_hm_addref); printf("%lu\thostmap NULL rule\n", nsp->ns_hm_nullnp); printf("%lu\tlog ok\n", nsp->ns_log_ok); printf("%lu\tlog fail\n", nsp->ns_log_fail); printf("%u\torphan count\n", nsp->ns_orphans); printf("%u\trule count\n", nsp->ns_rules); printf("%u\tmap rules\n", nsp->ns_rules_map); printf("%u\trdr rules\n", nsp->ns_rules_rdr); printf("%u\twilds\n", nsp->ns_wilds); if (opts & OPT_VERBOSE) printf("list %p\n", nsp->ns_list); } if (opts & OPT_LIST) { if (alive) dostats_live(fd, nsp, opts, filter); else dostats_dead(nsp, opts, filter); } } /* * Display NAT statistics. */ void dostats_live(int fd, natstat_t *nsp, int opts, int *filter) { ipfgeniter_t iter; char buffer[2000]; ipfobj_t obj; ipnat_t *ipn; nat_t nat; int i; bzero((char *)&obj, sizeof(obj)); obj.ipfo_rev = IPFILTER_VERSION; obj.ipfo_type = IPFOBJ_GENITER; obj.ipfo_size = sizeof(iter); obj.ipfo_ptr = &iter; iter.igi_type = IPFGENITER_IPNAT; iter.igi_nitems = 1; iter.igi_data = buffer; ipn = (ipnat_t *)buffer; /* * Show list of NAT rules and NAT sessions ? */ if (nat_fields == NULL) { printf("List of active MAP/Redirect filters:\n"); while (nsp->ns_list) { if (ioctl(fd, SIOCGENITER, &obj) == -1) break; if (opts & OPT_HITS) printf("%lu ", ipn->in_hits); printnat(ipn, opts & (OPT_DEBUG|OPT_VERBOSE)); nsp->ns_list = ipn->in_next; } } if (nat_fields == NULL) { printf("\nList of active sessions:\n"); } else if (nohdrfields == 0) { for (i = 0; nat_fields[i].w_value != 0; i++) { printfieldhdr(natfields, nat_fields + i); if (nat_fields[i + 1].w_value != 0) printf("\t"); } printf("\n"); } i = IPFGENITER_IPNAT; (void) ioctl(fd,SIOCIPFDELTOK, &i); iter.igi_type = IPFGENITER_NAT; iter.igi_nitems = 1; iter.igi_data = &nat; while (nsp->ns_instances != NULL) { if (ioctl(fd, SIOCGENITER, &obj) == -1) break; if ((filter != NULL) && (nat_matcharray(&nat, filter) == 0)) continue; if (nat_fields != NULL) { for (i = 0; nat_fields[i].w_value != 0; i++) { printnatfield(&nat, nat_fields[i].w_value); if (nat_fields[i + 1].w_value != 0) printf("\t"); } printf("\n"); } else { printactivenat(&nat, opts, nsp->ns_ticks); if (nat.nat_aps) { int proto; if (nat.nat_dir & NAT_OUTBOUND) proto = nat.nat_pr[1]; else proto = nat.nat_pr[0]; printaps(nat.nat_aps, opts, proto); } } nsp->ns_instances = nat.nat_next; } if (opts & OPT_VERBOSE) showhostmap_live(fd, nsp); i = IPFGENITER_NAT; (void) ioctl(fd,SIOCIPFDELTOK, &i); } /* * Display the active host mapping table. */ void showhostmap_dead(natstat_t *nsp) { hostmap_t hm, *hmp, **maptable; u_int hv; printf("\nList of active host mappings:\n"); maptable = (hostmap_t **)malloc(sizeof(hostmap_t *) * nsp->ns_hostmap_sz); if (kmemcpy((char *)maptable, (u_long)nsp->ns_maptable, sizeof(hostmap_t *) * nsp->ns_hostmap_sz)) { perror("kmemcpy (maptable)"); return; } for (hv = 0; hv < nsp->ns_hostmap_sz; hv++) { hmp = maptable[hv]; while (hmp) { if (kmemcpy((char *)&hm, (u_long)hmp, sizeof(hm))) { perror("kmemcpy (hostmap)"); return; } printhostmap(&hm, hv); hmp = hm.hm_next; } } free(maptable); } /* * Display the active host mapping table. */ void showhostmap_live(int fd, natstat_t *nsp) { ipfgeniter_t iter; hostmap_t hm; ipfobj_t obj; int i; bzero((char *)&obj, sizeof(obj)); obj.ipfo_rev = IPFILTER_VERSION; obj.ipfo_type = IPFOBJ_GENITER; obj.ipfo_size = sizeof(iter); obj.ipfo_ptr = &iter; iter.igi_type = IPFGENITER_HOSTMAP; iter.igi_nitems = 1; iter.igi_data = &hm; printf("\nList of active host mappings:\n"); while (nsp->ns_maplist != NULL) { if (ioctl(fd, SIOCGENITER, &obj) == -1) break; printhostmap(&hm, hm.hm_hv); nsp->ns_maplist = hm.hm_next; } i = IPFGENITER_HOSTMAP; (void) ioctl(fd,SIOCIPFDELTOK, &i); } int nat_matcharray(nat_t *nat, int *array) { int i, n, *x, rv, p; ipfexp_t *e; rv = 0; n = array[0]; x = array + 1; for (; n > 0; x += 3 + x[3], rv = 0) { e = (ipfexp_t *)x; if (e->ipfe_cmd == IPF_EXP_END) break; n -= e->ipfe_size; p = e->ipfe_cmd >> 16; if ((p != 0) && (p != nat->nat_pr[1])) break; switch (e->ipfe_cmd) { case IPF_EXP_IP_PR : for (i = 0; !rv && i < e->ipfe_narg; i++) { rv |= (nat->nat_pr[1] == e->ipfe_arg0[i]); } break; case IPF_EXP_IP_SRCADDR : if (nat->nat_v[0] != 4) break; for (i = 0; !rv && i < e->ipfe_narg; i++) { rv |= ((nat->nat_osrcaddr & e->ipfe_arg0[i * 2 + 1]) == e->ipfe_arg0[i * 2]) || ((nat->nat_nsrcaddr & e->ipfe_arg0[i * 2 + 1]) == e->ipfe_arg0[i * 2]); } break; case IPF_EXP_IP_DSTADDR : if (nat->nat_v[0] != 4) break; for (i = 0; !rv && i < e->ipfe_narg; i++) { rv |= ((nat->nat_odstaddr & e->ipfe_arg0[i * 2 + 1]) == e->ipfe_arg0[i * 2]) || ((nat->nat_ndstaddr & e->ipfe_arg0[i * 2 + 1]) == e->ipfe_arg0[i * 2]); } break; case IPF_EXP_IP_ADDR : if (nat->nat_v[0] != 4) break; for (i = 0; !rv && i < e->ipfe_narg; i++) { rv |= ((nat->nat_osrcaddr & e->ipfe_arg0[i * 2 + 1]) == e->ipfe_arg0[i * 2]) || ((nat->nat_nsrcaddr & e->ipfe_arg0[i * 2 + 1]) == e->ipfe_arg0[i * 2]) || ((nat->nat_odstaddr & e->ipfe_arg0[i * 2 + 1]) == e->ipfe_arg0[i * 2]) || ((nat->nat_ndstaddr & e->ipfe_arg0[i * 2 + 1]) == e->ipfe_arg0[i * 2]); } break; #ifdef USE_INET6 case IPF_EXP_IP6_SRCADDR : if (nat->nat_v[0] != 6) break; for (i = 0; !rv && i < e->ipfe_narg; i++) { rv |= IP6_MASKEQ(&nat->nat_osrc6, &e->ipfe_arg0[i * 8 + 4], &e->ipfe_arg0[i * 8]) || IP6_MASKEQ(&nat->nat_nsrc6, &e->ipfe_arg0[i * 8 + 4], &e->ipfe_arg0[i * 8]); } break; case IPF_EXP_IP6_DSTADDR : if (nat->nat_v[0] != 6) break; for (i = 0; !rv && i < e->ipfe_narg; i++) { rv |= IP6_MASKEQ(&nat->nat_odst6, &e->ipfe_arg0[i * 8 + 4], &e->ipfe_arg0[i * 8]) || IP6_MASKEQ(&nat->nat_ndst6, &e->ipfe_arg0[i * 8 + 4], &e->ipfe_arg0[i * 8]); } break; case IPF_EXP_IP6_ADDR : if (nat->nat_v[0] != 6) break; for (i = 0; !rv && i < e->ipfe_narg; i++) { rv |= IP6_MASKEQ(&nat->nat_osrc6, &e->ipfe_arg0[i * 8 + 4], &e->ipfe_arg0[i * 8]) || IP6_MASKEQ(&nat->nat_nsrc6, &e->ipfe_arg0[i * 8 + 4], &e->ipfe_arg0[i * 8]) || IP6_MASKEQ(&nat->nat_odst6, &e->ipfe_arg0[i * 8 + 4], &e->ipfe_arg0[i * 8]) || IP6_MASKEQ(&nat->nat_ndst6, &e->ipfe_arg0[i * 8 + 4], &e->ipfe_arg0[i * 8]); } break; #endif case IPF_EXP_UDP_PORT : case IPF_EXP_TCP_PORT : for (i = 0; !rv && i < e->ipfe_narg; i++) { rv |= (nat->nat_osport == e->ipfe_arg0[i]) || (nat->nat_nsport == e->ipfe_arg0[i]) || (nat->nat_odport == e->ipfe_arg0[i]) || (nat->nat_ndport == e->ipfe_arg0[i]); } break; case IPF_EXP_UDP_SPORT : case IPF_EXP_TCP_SPORT : for (i = 0; !rv && i < e->ipfe_narg; i++) { rv |= (nat->nat_osport == e->ipfe_arg0[i]) || (nat->nat_nsport == e->ipfe_arg0[i]); } break; case IPF_EXP_UDP_DPORT : case IPF_EXP_TCP_DPORT : for (i = 0; !rv && i < e->ipfe_narg; i++) { rv |= (nat->nat_odport == e->ipfe_arg0[i]) || (nat->nat_ndport == e->ipfe_arg0[i]); } break; } rv ^= e->ipfe_not; if (rv == 0) break; } return (rv); } diff --git a/sbin/ipf/ipsend/arp.c b/sbin/ipf/ipsend/arp.c index 1aed79aa500f..a9409093213f 100644 --- a/sbin/ipf/ipsend/arp.c +++ b/sbin/ipf/ipsend/arp.c @@ -1,133 +1,129 @@ /* * arp.c (C) 1995-1998 Darren Reed * * See the IPFILTER.LICENCE file for details on licencing. */ -#if !defined(lint) -static const char sccsid[] = "@(#)arp.c 1.4 1/11/96 (C)1995 Darren Reed"; -static const char rcsid[] = "@(#)$Id$"; -#endif #include #include # include #include #include #include #include #include # include #include #include #include #include #include #include #include #include "ipsend.h" #include "iplang/iplang.h" /* * lookup host and return * its IP address in address * (4 bytes) */ int resolve(char *host, char *address) { struct hostent *hp; u_long add; add = inet_addr(host); if (add == -1) { if (!(hp = gethostbyname(host))) { fprintf(stderr, "unknown host: %s\n", host); return (-1); } bcopy((char *)hp->h_addr, (char *)address, 4); return (0); } bcopy((char*)&add, address, 4); return (0); } /* * ARP for the MAC address corresponding * to the IP address. This taken from * some BSD program, I cant remember which. */ int arp(ip, ether) char *ip; char *ether; { static int sfd = -1; static char ethersave[6], ipsave[4]; struct arpreq ar; struct sockaddr_in *sin, san; struct hostent *hp; int fd; #ifdef IPSEND if (arp_getipv4(ip, ether) == 0) return (0); #endif if (!bcmp(ipsave, ip, 4)) { bcopy(ethersave, ether, 6); return (0); } fd = -1; bzero((char *)&ar, sizeof(ar)); sin = (struct sockaddr_in *)&ar.arp_pa; sin->sin_family = AF_INET; bcopy(ip, (char *)&sin->sin_addr.s_addr, 4); if ((hp = gethostbyaddr(ip, 4, AF_INET))) # if SOLARIS && (SOLARIS2 >= 10) if (!(ether_hostton(hp->h_name, (struct ether_addr *)ether))) # else if (!(ether_hostton(hp->h_name, ether))) # endif goto savearp; if (sfd == -1) if ((sfd = socket(AF_INET, SOCK_DGRAM, 0)) == -1) { perror("arp: socket"); return (-1); } tryagain: if (ioctl(sfd, SIOCGARP, (caddr_t)&ar) == -1) { if (fd == -1) { bzero((char *)&san, sizeof(san)); san.sin_family = AF_INET; san.sin_port = htons(1); bcopy(ip, &san.sin_addr.s_addr, 4); fd = socket(AF_INET, SOCK_DGRAM, 0); (void) sendto(fd, ip, 4, 0, (struct sockaddr *)&san, sizeof(san)); sleep(1); (void) close(fd); goto tryagain; } fprintf(stderr, "(%s):", inet_ntoa(sin->sin_addr)); if (errno != ENXIO) perror("SIOCGARP"); return (-1); } if ((ar.arp_ha.sa_data[0] == 0) && (ar.arp_ha.sa_data[1] == 0) && (ar.arp_ha.sa_data[2] == 0) && (ar.arp_ha.sa_data[3] == 0) && (ar.arp_ha.sa_data[4] == 0) && (ar.arp_ha.sa_data[5] == 0)) { fprintf(stderr, "(%s):", inet_ntoa(sin->sin_addr)); return (-1); } bcopy(ar.arp_ha.sa_data, ether, 6); savearp: bcopy(ether, ethersave, 6); bcopy(ip, ipsave, 4); return (0); } diff --git a/sbin/ipf/ipsend/ipsend.c b/sbin/ipf/ipsend/ipsend.c index 22218b07c40e..83440d7cb097 100644 --- a/sbin/ipf/ipsend/ipsend.c +++ b/sbin/ipf/ipsend/ipsend.c @@ -1,410 +1,406 @@ /* * ipsend.c (C) 1995-1998 Darren Reed * * See the IPFILTER.LICENCE file for details on licencing. */ -#if !defined(lint) -static const char sccsid[] = "@(#)ipsend.c 1.5 12/10/95 (C)1995 Darren Reed"; -static const char rcsid[] = "@(#)$Id$"; -#endif #include #include #include #include #include #include #include #include #include #include #include #include #include # include #include "ipsend.h" #include "ipf.h" # include extern char *optarg; extern int optind; extern void iplang(FILE *); char options[68]; int opts; char default_device[] = "le0"; static void usage(char *); static void do_icmp(ip_t *, char *); void udpcksum(ip_t *, struct udphdr *, int); int main(int, char **); static void usage(prog) char *prog; { fprintf(stderr, "Usage: %s [options] dest [flags]\n\ \toptions:\n\ \t\t-d\tdebug mode\n\ \t\t-i device\tSend out on this device\n\ \t\t-f fragflags\tcan set IP_MF or IP_DF\n\ \t\t-g gateway\tIP gateway to use if non-local dest.\n\ \t\t-I code,type[,gw[,dst[,src]]]\tSet ICMP protocol\n\ \t\t-m mtu\t\tfake MTU to use when sending out\n\ \t\t-P protocol\tSet protocol by name\n\ \t\t-s src\t\tsource address for IP packet\n\ \t\t-T\t\tSet TCP protocol\n\ \t\t-t port\t\tdestination port\n\ \t\t-U\t\tSet UDP protocol\n\ \t\t-v\tverbose mode\n\ \t\t-w \tSet the TCP window size\n\ ", prog); fprintf(stderr, "Usage: %s [-dv] -L \n\ \toptions:\n\ \t\t-d\tdebug mode\n\ \t\t-L filename\tUse IP language for sending packets\n\ \t\t-v\tverbose mode\n\ ", prog); exit(1); } static void do_icmp(ip_t *ip, char *args) { struct icmp *ic; char *s; ip->ip_p = IPPROTO_ICMP; ip->ip_len += sizeof(*ic); ic = (struct icmp *)(ip + 1); bzero((char *)ic, sizeof(*ic)); if (!(s = strchr(args, ','))) { fprintf(stderr, "ICMP args missing: ,\n"); return; } *s++ = '\0'; ic->icmp_type = atoi(args); ic->icmp_code = atoi(s); if (ic->icmp_type == ICMP_REDIRECT && strchr(s, ',')) { char *t; t = strtok(s, ","); t = strtok(NULL, ","); if (resolve(t, (char *)&ic->icmp_gwaddr) == -1) { fprintf(stderr,"Cant resolve %s\n", t); exit(2); } if ((t = strtok(NULL, ","))) { if (resolve(t, (char *)&ic->icmp_ip.ip_dst) == -1) { fprintf(stderr,"Cant resolve %s\n", t); exit(2); } if ((t = strtok(NULL, ","))) { if (resolve(t, (char *)&ic->icmp_ip.ip_src) == -1) { fprintf(stderr,"Cant resolve %s\n", t); exit(2); } } } } } int send_packets(char *dev, int mtu, ip_t *ip, struct in_addr gwip) { int wfd; wfd = initdevice(dev, 5); if (wfd == -1) return (-1); return (send_packet(wfd, mtu, ip, gwip)); } void udpcksum(ip_t *ip, struct udphdr *udp, int len) { union pseudoh { struct hdr { u_short len; u_char ttl; u_char proto; u_32_t src; u_32_t dst; } h; u_short w[6]; } ph; u_32_t temp32; u_short *opts; ph.h.len = htons(len); ph.h.ttl = 0; ph.h.proto = IPPROTO_UDP; ph.h.src = ip->ip_src.s_addr; ph.h.dst = ip->ip_dst.s_addr; temp32 = 0; opts = &ph.w[0]; temp32 += opts[0] + opts[1] + opts[2] + opts[3] + opts[4] + opts[5]; temp32 = (temp32 >> 16) + (temp32 & 65535); temp32 += (temp32 >> 16); udp->uh_sum = temp32 & 65535; udp->uh_sum = chksum((u_short *)udp, len); if (udp->uh_sum == 0) udp->uh_sum = 0xffff; } int main(int argc, char **argv) { FILE *langfile = NULL; struct in_addr gwip; tcphdr_t *tcp; udphdr_t *udp; ip_t *ip; char *name = argv[0], host[MAXHOSTNAMELEN + 1]; char *gateway = NULL, *dev = NULL; char *src = NULL, *dst, *s; int mtu = 1500, olen = 0, c, nonl = 0; /* * 65535 is maximum packet size...you never know... */ ip = (ip_t *)calloc(1, 65536); tcp = (tcphdr_t *)(ip + 1); udp = (udphdr_t *)tcp; ip->ip_len = sizeof(*ip); IP_HL_A(ip, sizeof(*ip) >> 2); while ((c = getopt(argc, argv, "I:L:P:TUdf:i:g:m:o:s:t:vw:")) != -1) { switch (c) { case 'I' : nonl++; if (ip->ip_p) { fprintf(stderr, "Protocol already set: %d\n", ip->ip_p); break; } do_icmp(ip, optarg); break; case 'L' : if (nonl) { fprintf(stderr, "Incorrect usage of -L option.\n"); usage(name); } if (!strcmp(optarg, "-")) langfile = stdin; else if (!(langfile = fopen(optarg, "r"))) { fprintf(stderr, "can't open file %s\n", optarg); exit(1); } iplang(langfile); return (0); case 'P' : { struct protoent *p; nonl++; if (ip->ip_p) { fprintf(stderr, "Protocol already set: %d\n", ip->ip_p); break; } if ((p = getprotobyname(optarg))) ip->ip_p = p->p_proto; else fprintf(stderr, "Unknown protocol: %s\n", optarg); break; } case 'T' : nonl++; if (ip->ip_p) { fprintf(stderr, "Protocol already set: %d\n", ip->ip_p); break; } ip->ip_p = IPPROTO_TCP; ip->ip_len += sizeof(tcphdr_t); break; case 'U' : nonl++; if (ip->ip_p) { fprintf(stderr, "Protocol already set: %d\n", ip->ip_p); break; } ip->ip_p = IPPROTO_UDP; ip->ip_len += sizeof(udphdr_t); break; case 'd' : opts |= OPT_DEBUG; break; case 'f' : nonl++; ip->ip_off = strtol(optarg, NULL, 0); break; case 'g' : nonl++; gateway = optarg; break; case 'i' : nonl++; dev = optarg; break; case 'm' : nonl++; mtu = atoi(optarg); if (mtu < 28) { fprintf(stderr, "mtu must be > 28\n"); exit(1); } break; case 'o' : nonl++; olen = buildopts(optarg, options, (IP_HL(ip) - 5) << 2); break; case 's' : nonl++; src = optarg; break; case 't' : nonl++; if (ip->ip_p == IPPROTO_TCP || ip->ip_p == IPPROTO_UDP) tcp->th_dport = htons(atoi(optarg)); break; case 'v' : opts |= OPT_VERBOSE; break; case 'w' : nonl++; if (ip->ip_p == IPPROTO_TCP) tcp->th_win = atoi(optarg); else fprintf(stderr, "set protocol to TCP first\n"); break; default : fprintf(stderr, "Unknown option \"%c\"\n", c); usage(name); } } if (argc - optind < 1) usage(name); dst = argv[optind++]; if (!src) { gethostname(host, sizeof(host)); src = host; } if (resolve(src, (char *)&ip->ip_src) == -1) { fprintf(stderr,"Cant resolve %s\n", src); exit(2); } if (resolve(dst, (char *)&ip->ip_dst) == -1) { fprintf(stderr,"Cant resolve %s\n", dst); exit(2); } if (!gateway) gwip = ip->ip_dst; else if (resolve(gateway, (char *)&gwip) == -1) { fprintf(stderr,"Cant resolve %s\n", gateway); exit(2); } if (olen) { int hlen; char *p; printf("Options: %d\n", olen); hlen = sizeof(*ip) + olen; IP_HL_A(ip, hlen >> 2); ip->ip_len += olen; p = (char *)malloc(65536); if (p == NULL) { fprintf(stderr, "malloc failed\n"); exit(2); } bcopy(ip, p, sizeof(*ip)); bcopy(options, p + sizeof(*ip), olen); bcopy(ip + 1, p + hlen, ip->ip_len - hlen); ip = (ip_t *)p; if (ip->ip_p == IPPROTO_TCP) { tcp = (tcphdr_t *)(p + hlen); } else if (ip->ip_p == IPPROTO_UDP) { udp = (udphdr_t *)(p + hlen); } } if (ip->ip_p == IPPROTO_TCP) for (s = argv[optind]; s && (c = *s); s++) switch(c) { case 'S' : case 's' : tcp->th_flags |= TH_SYN; break; case 'A' : case 'a' : tcp->th_flags |= TH_ACK; break; case 'F' : case 'f' : tcp->th_flags |= TH_FIN; break; case 'R' : case 'r' : tcp->th_flags |= TH_RST; break; case 'P' : case 'p' : tcp->th_flags |= TH_PUSH; break; case 'U' : case 'u' : tcp->th_flags |= TH_URG; break; } if (!dev) dev = default_device; printf("Device: %s\n", dev); printf("Source: %s\n", inet_ntoa(ip->ip_src)); printf("Dest: %s\n", inet_ntoa(ip->ip_dst)); printf("Gateway: %s\n", inet_ntoa(gwip)); if (ip->ip_p == IPPROTO_TCP && tcp->th_flags) printf("Flags: %#x\n", tcp->th_flags); printf("mtu: %d\n", mtu); if (ip->ip_p == IPPROTO_UDP) { udp->uh_sum = 0; udpcksum(ip, udp, ip->ip_len - (IP_HL(ip) << 2)); } #ifdef DOSOCKET if (ip->ip_p == IPPROTO_TCP && tcp->th_dport) return (do_socket(dev, mtu, ip, gwip)); #endif return (send_packets(dev, mtu, ip, gwip)); } diff --git a/sbin/ipf/ipsend/ipsopt.c b/sbin/ipf/ipsend/ipsopt.c index 6efbea16bc26..ffad9c008461 100644 --- a/sbin/ipf/ipsend/ipsopt.c +++ b/sbin/ipf/ipsend/ipsopt.c @@ -1,191 +1,187 @@ /* * Copyright (C) 2012 by Darren Reed. * * See the IPFILTER.LICENCE file for details on licencing. * */ -#if !defined(lint) -static const char sccsid[] = "@(#)ipsopt.c 1.2 1/11/96 (C)1995 Darren Reed"; -static const char rcsid[] = "@(#)$Id$"; -#endif #include #include #include #include #include #include #include #include #include #include #include #include #include #include "ipsend.h" #ifndef __P # define __P(x) x #endif struct ipopt_names ionames[] = { { IPOPT_EOL, 0x01, 1, "eol" }, { IPOPT_NOP, 0x02, 1, "nop" }, { IPOPT_RR, 0x04, 3, "rr" }, /* 1 route */ { IPOPT_TS, 0x08, 8, "ts" }, /* 1 TS */ { IPOPT_SECURITY, 0x08, 11, "sec-level" }, { IPOPT_LSRR, 0x10, 7, "lsrr" }, /* 1 route */ { IPOPT_SATID, 0x20, 4, "satid" }, { IPOPT_SSRR, 0x40, 7, "ssrr" }, /* 1 route */ { 0, 0, 0, NULL } /* must be last */ }; struct ipopt_names secnames[] = { { IPOPT_SECUR_UNCLASS, 0x0100, 0, "unclass" }, { IPOPT_SECUR_CONFID, 0x0200, 0, "confid" }, { IPOPT_SECUR_EFTO, 0x0400, 0, "efto" }, { IPOPT_SECUR_MMMM, 0x0800, 0, "mmmm" }, { IPOPT_SECUR_RESTR, 0x1000, 0, "restr" }, { IPOPT_SECUR_SECRET, 0x2000, 0, "secret" }, { IPOPT_SECUR_TOPSECRET, 0x4000,0, "topsecret" }, { 0, 0, 0, NULL } /* must be last */ }; u_short ipseclevel(slevel) char *slevel; { struct ipopt_names *so; for (so = secnames; so->on_name; so++) if (!strcasecmp(slevel, so->on_name)) break; if (!so->on_name) { fprintf(stderr, "no such security level: %s\n", slevel); return (0); } return (so->on_value); } int addipopt(char *op, struct ipopt_names *io, int len, char *class) { struct in_addr ipadr; int olen = len, srr = 0; u_short val; u_char lvl; char *s = op, *t; if ((len + io->on_siz) > 48) { fprintf(stderr, "options too long\n"); return (0); } len += io->on_siz; *op++ = io->on_value; if (io->on_siz > 1) { /* * Allow option to specify RR buffer length in bytes. */ if (io->on_value == IPOPT_RR) { val = (class && *class) ? atoi(class) : 4; *op++ = val + io->on_siz; len += val; } else *op++ = io->on_siz; if (io->on_value == IPOPT_TS) *op++ = IPOPT_MINOFF + 1; else *op++ = IPOPT_MINOFF; while (class && *class) { t = NULL; switch (io->on_value) { case IPOPT_SECURITY : lvl = ipseclevel(class); *(op - 1) = lvl; break; case IPOPT_LSRR : case IPOPT_SSRR : if ((t = strchr(class, ','))) *t = '\0'; ipadr.s_addr = inet_addr(class); srr++; bcopy((char *)&ipadr, op, sizeof(ipadr)); op += sizeof(ipadr); break; case IPOPT_SATID : val = atoi(class); bcopy((char *)&val, op, 2); break; } if (t) *t++ = ','; class = t; } if (srr) s[IPOPT_OLEN] = IPOPT_MINOFF - 1 + 4 * srr; if (io->on_value == IPOPT_RR) op += val; else op += io->on_siz - 3; } return (len - olen); } u_32_t buildopts(char *cp, char *op, int len) char *cp, *op; int len; { struct ipopt_names *io; u_32_t msk = 0; char *s, *t; int inc, lastop = -1; for (s = strtok(cp, ","); s; s = strtok(NULL, ",")) { if ((t = strchr(s, '='))) *t++ = '\0'; for (io = ionames; io->on_name; io++) { if (strcasecmp(s, io->on_name) || (msk & io->on_bit)) continue; lastop = io->on_value; if ((inc = addipopt(op, io, len, t))) { op += inc; len += inc; } msk |= io->on_bit; break; } if (!io->on_name) { fprintf(stderr, "unknown IP option name %s\n", s); return (0); } } if (len & 3) { while (len & 3) { *op++ = ((len & 3) == 3) ? IPOPT_EOL : IPOPT_NOP; len++; } } else { if (lastop != IPOPT_EOL) { if (lastop == IPOPT_NOP) *(op - 1) = IPOPT_EOL; else { *op++ = IPOPT_NOP; *op++ = IPOPT_NOP; *op++ = IPOPT_NOP; *op = IPOPT_EOL; len += 4; } } } return (len); } diff --git a/sbin/ipf/ipsend/resend.c b/sbin/ipf/ipsend/resend.c index 484709e89c53..1512f8293c8c 100644 --- a/sbin/ipf/ipsend/resend.c +++ b/sbin/ipf/ipsend/resend.c @@ -1,137 +1,133 @@ /* * resend.c (C) 1995-1998 Darren Reed * * See the IPFILTER.LICENCE file for details on licencing. * */ -#if !defined(lint) -static const char sccsid[] = "@(#)resend.c 1.3 1/11/96 (C)1995 Darren Reed"; -static const char rcsid[] = "@(#)$Id$"; -#endif #include #include #include #include #include #include #include #include #include # include # include #include #include #include #include #include #include "ipsend.h" extern int opts; void dumppacket(ip_t *); void dumppacket(ip_t *ip) { tcphdr_t *t; int i, j; t = (tcphdr_t *)((char *)ip + (IP_HL(ip) << 2)); if (ip->ip_tos) printf("tos %#x ", ip->ip_tos); if (ip->ip_off & 0x3fff) printf("frag @%#x ", (ip->ip_off & 0x1fff) << 3); printf("len %d id %d ", ip->ip_len, ip->ip_id); printf("ttl %d p %d src %s", ip->ip_ttl, ip->ip_p, inet_ntoa(ip->ip_src)); if (ip->ip_p == IPPROTO_TCP || ip->ip_p == IPPROTO_UDP) printf(",%d", t->th_sport); printf(" dst %s", inet_ntoa(ip->ip_dst)); if (ip->ip_p == IPPROTO_TCP || ip->ip_p == IPPROTO_UDP) printf(",%d", t->th_dport); if (ip->ip_p == IPPROTO_TCP) { printf(" seq %lu:%lu flags ", (u_long)t->th_seq, (u_long)t->th_ack); for (j = 0, i = 1; i < 256; i *= 2, j++) if (t->th_flags & i) printf("%c", "FSRPAU--"[j]); } putchar('\n'); } int ip_resend(char *dev, int mtu, struct ipread *r, struct in_addr gwip, char *datain) { ether_header_t *eh; char dhost[6]; ip_t *ip; int fd, wfd = initdevice(dev, 5), len, i; mb_t mb; if (wfd == -1) return (-1); if (datain) fd = (*r->r_open)(datain); else fd = (*r->r_open)("-"); if (fd < 0) exit(-1); ip = (struct ip *)mb.mb_buf; eh = (ether_header_t *)malloc(sizeof(*eh)); if(!eh) { perror("malloc failed"); return (-2); } bzero((char *) &eh->ether_shost, sizeof(eh->ether_shost)); if (gwip.s_addr && (arp((char *)&gwip, dhost) == -1)) { perror("arp"); free(eh); return (-2); } while ((i = (*r->r_readip)(&mb, NULL, NULL)) > 0) { if (!(opts & OPT_RAW)) { len = ntohs(ip->ip_len); eh = (ether_header_t *)realloc((char *)eh, sizeof(*eh) + len); eh->ether_type = htons((u_short)ETHERTYPE_IP); if (!gwip.s_addr) { if (arp((char *)&gwip, (char *) &eh->ether_dhost) == -1) { perror("arp"); continue; } } else bcopy(dhost, (char *) &eh->ether_dhost, sizeof(dhost)); if (!ip->ip_sum) ip->ip_sum = chksum((u_short *)ip, IP_HL(ip) << 2); bcopy(ip, (char *)(eh + 1), len); len += sizeof(*eh); dumppacket(ip); } else { eh = (ether_header_t *)mb.mb_buf; len = i; } if (sendip(wfd, (char *)eh, len) == -1) { perror("send_packet"); break; } } (*r->r_close)(); free(eh); return (0); } diff --git a/sbin/ipf/ipsend/sbpf.c b/sbin/ipf/ipsend/sbpf.c index d2efc4a19f6b..6d5d60292ce9 100644 --- a/sbin/ipf/ipsend/sbpf.c +++ b/sbin/ipf/ipsend/sbpf.c @@ -1,147 +1,143 @@ /* * (C)opyright 1995-1998 Darren Reed. (from tcplog) * * See the IPFILTER.LICENCE file for details on licencing. * */ #include #include #include #include #include #include #include #ifdef __FreeBSD__ # include #else # include #endif #include #include #include #include #include #include #include #include #include #include #include #include #ifdef __NetBSD__ # include #endif #include #include #include #include "ipsend.h" -#if !defined(lint) -static const char sccsid[] = "@(#)sbpf.c 1.3 8/25/95 (C)1995 Darren Reed"; -static const char rcsid[] = "@(#)$Id$"; -#endif /* * the code herein is dervied from libpcap. */ static u_char *buf = NULL; static int bufsize = 0, timeout = 1; int initdevice(char *device, int tout) { struct bpf_version bv; struct timeval to; struct ifreq ifr; #ifdef _PATH_BPF char *bpfname = _PATH_BPF; int fd; if ((fd = open(bpfname, O_RDWR)) < 0) { fprintf(stderr, "no bpf devices available as /dev/bpfxx\n"); return (-1); } #else char bpfname[16]; int fd = 0, i; for (i = 0; i < 16; i++) { (void) snprintf(bpfname, sizeof(bpfname), "/dev/bpf%d", i); if ((fd = open(bpfname, O_RDWR)) >= 0) break; } if (i == 16) { fprintf(stderr, "no bpf devices available as /dev/bpfxx\n"); return (-1); } #endif if (ioctl(fd, BIOCVERSION, (caddr_t)&bv) < 0) { perror("BIOCVERSION"); return (-1); } if (bv.bv_major != BPF_MAJOR_VERSION || bv.bv_minor < BPF_MINOR_VERSION) { fprintf(stderr, "kernel bpf (v%d.%d) filter out of date:\n", bv.bv_major, bv.bv_minor); fprintf(stderr, "current version: %d.%d\n", BPF_MAJOR_VERSION, BPF_MINOR_VERSION); return (-1); } (void) strncpy(ifr.ifr_name, device, sizeof(ifr.ifr_name)); if (ioctl(fd, BIOCSETIF, &ifr) == -1) { fprintf(stderr, "%s(%d):", ifr.ifr_name, fd); perror("BIOCSETIF"); exit(1); } /* * get kernel buffer size */ if (ioctl(fd, BIOCGBLEN, &bufsize) == -1) { perror("BIOCSBLEN"); exit(-1); } buf = (u_char*)malloc(bufsize); /* * set the timeout */ timeout = tout; to.tv_sec = 1; to.tv_usec = 0; if (ioctl(fd, BIOCSRTIMEOUT, (caddr_t)&to) == -1) { perror("BIOCSRTIMEOUT"); exit(-1); } (void) ioctl(fd, BIOCFLUSH, 0); return (fd); } /* * output an IP packet onto a fd opened for /dev/bpf */ int sendip(int fd, char *pkt, int len) { if (write(fd, pkt, len) == -1) { perror("send"); return (-1); } return (len); } diff --git a/sbin/ipf/ipsend/sdlpi.c b/sbin/ipf/ipsend/sdlpi.c index a8ccd2d41df4..d4195c456622 100644 --- a/sbin/ipf/ipsend/sdlpi.c +++ b/sbin/ipf/ipsend/sdlpi.c @@ -1,165 +1,161 @@ /* * (C)opyright 1992-1998 Darren Reed. (from tcplog) * * See the IPFILTER.LICENCE file for details on licencing. * */ #include #include #include #include #include #include #include #include #include #include #include #include #include #ifdef sun # include # include #endif # include #include #include #include #include #include #include #include #include #include #include "ipsend.h" -#if !defined(lint) -static const char sccsid[] = "@(#)sdlpi.c 1.3 10/30/95 (C)1995 Darren Reed"; -static const char rcsid[] = "@(#)$Id$"; -#endif #define CHUNKSIZE 8192 #define BUFSPACE (4*CHUNKSIZE) /* * Be careful to only include those defined in the flags option for the * interface are included in the header size. */ int initdevice(char *device, int tout) { char devname[16], *s, buf[256]; int i, fd; (void) strcpy(devname, "/dev/"); (void) strncat(devname, device, sizeof(devname) - strlen(devname)); s = devname + 5; while (*s && !ISDIGIT(*s)) s++; if (!*s) { fprintf(stderr, "bad device name %s\n", devname); exit(-1); } i = atoi(s); *s = '\0'; /* * For writing */ if ((fd = open(devname, O_RDWR)) < 0) { fprintf(stderr, "O_RDWR(1) "); perror(devname); exit(-1); } if (dlattachreq(fd, i) == -1) { fprintf(stderr, "dlattachreq: DLPI error\n"); exit(-1); } else if (dlokack(fd, buf) == -1) { fprintf(stderr, "dlokack(attach): DLPI error\n"); exit(-1); } #ifdef DL_HP_RAWDLS if (dlpromisconreq(fd, DL_PROMISC_SAP) < 0) { fprintf(stderr, "dlpromisconreq: DL_PROMISC_PHYS error\n"); exit(-1); } else if (dlokack(fd, buf) < 0) { fprintf(stderr, "dlokack(promisc): DLPI error\n"); exit(-1); } /* 22 is INSAP as per the HP-UX DLPI Programmer's Guide */ dlbindreq(fd, 22, 1, DL_HP_RAWDLS, 0, 0); #else dlbindreq(fd, ETHERTYPE_IP, 0, DL_CLDLS, 0, 0); #endif dlbindack(fd, buf); /* * write full headers */ #ifdef DLIOCRAW /* we require RAW DLPI mode, which is a Sun extension */ if (strioctl(fd, DLIOCRAW, -1, 0, NULL) == -1) { fprintf(stderr, "DLIOCRAW error\n"); exit(-1); } #endif return (fd); } /* * output an IP packet onto a fd opened for /dev/nit */ int sendip(int fd, char *pkt, int len) int fd, len; char *pkt; { struct strbuf dbuf, *dp = &dbuf, *cp = NULL; int pri = 0; #ifdef DL_HP_RAWDLS struct strbuf cbuf; dl_hp_rawdata_req_t raw; cp = &cbuf; raw.dl_primitive = DL_HP_RAWDATA_REQ; cp->len = sizeof(raw); cp->buf = (char *)&raw; cp->maxlen = cp->len; pri = MSG_HIPRI; #endif /* * construct NIT STREAMS messages, first control then data. */ dp->buf = pkt; dp->len = len; dp->maxlen = dp->len; if (putmsg(fd, cp, dp, pri) == -1) { perror("putmsg"); return (-1); } if (ioctl(fd, I_FLUSH, FLUSHW) == -1) { perror("I_FLUSHW"); return (-1); } return (len); } diff --git a/sbin/ipf/ipsend/snit.c b/sbin/ipf/ipsend/snit.c index e7fb51b72546..6dc9df06714f 100644 --- a/sbin/ipf/ipsend/snit.c +++ b/sbin/ipf/ipsend/snit.c @@ -1,159 +1,155 @@ /* * (C)opyright 1992-1998 Darren Reed. (from tcplog) * * See the IPFILTER.LICENCE file for details on licencing. * */ #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include "ipsend.h" -#if !defined(lint) -static const char sccsid[] = "@(#)snit.c 1.5 1/11/96 (C)1995 Darren Reed"; -static const char rcsid[] = "@(#)$Id$"; -#endif #define CHUNKSIZE 8192 #define BUFSPACE (4*CHUNKSIZE) /* * Be careful to only include those defined in the flags option for the * interface are included in the header size. */ #define BUFHDR_SIZE (sizeof(struct nit_bufhdr)) #define NIT_HDRSIZE (BUFHDR_SIZE) static int timeout; int initdevice(char *device, int tout) { struct strioctl si; struct timeval to; struct ifreq ifr; int fd; if ((fd = open("/dev/nit", O_RDWR)) < 0) { perror("/dev/nit"); exit(-1); } /* * arrange to get messages from the NIT STREAM and use NIT_BUF option */ ioctl(fd, I_SRDOPT, (char*)RMSGD); ioctl(fd, I_PUSH, "nbuf"); /* * set the timeout */ timeout = tout; si.ic_timout = 1; to.tv_sec = 1; to.tv_usec = 0; si.ic_cmd = NIOCSTIME; si.ic_len = sizeof(to); si.ic_dp = (char*)&to; if (ioctl(fd, I_STR, (char*)&si) == -1) { perror("ioctl: NIT timeout"); exit(-1); } /* * request the interface */ strncpy(ifr.ifr_name, device, sizeof(ifr.ifr_name)); ifr.ifr_name[sizeof(ifr.ifr_name) - 1] = ' '; si.ic_cmd = NIOCBIND; si.ic_len = sizeof(ifr); si.ic_dp = (char*)𝔦 if (ioctl(fd, I_STR, (char*)&si) == -1) { perror(ifr.ifr_name); exit(1); } return (fd); } /* * output an IP packet onto a fd opened for /dev/nit */ int sendip(int fd, char *pkt, int len) int fd, len; char *pkt; { struct sockaddr sk, *sa = &sk; struct strbuf cbuf, *cp = &cbuf, dbuf, *dp = &dbuf; /* * For ethernet, need at least 802.3 header and IP header. */ if (len < (sizeof(sa->sa_data) + sizeof(struct ip))) return (-1); /* * to avoid any output processing for IP, say we're not. */ sa->sa_family = AF_UNSPEC; bcopy(pkt, sa->sa_data, sizeof(sa->sa_data)); pkt += sizeof(sa->sa_data); len -= sizeof(sa->sa_data); /* * construct NIT STREAMS messages, first control then data. */ cp->len = sizeof(*sa); cp->maxlen = sizeof(*sa); cp->buf = (char *)sa; dp->buf = pkt; dp->len = len; dp->maxlen = dp->len; if (putmsg(fd, cp, dp, 0) == -1) { perror("putmsg"); return (-1); } if (ioctl(fd, I_FLUSH, FLUSHW) == -1) { perror("I_FLUSH"); return (-1); } return (len); } diff --git a/sbin/ipf/ipsend/sock.c b/sbin/ipf/ipsend/sock.c index 6159864364bb..b42f56f848da 100644 --- a/sbin/ipf/ipsend/sock.c +++ b/sbin/ipf/ipsend/sock.c @@ -1,313 +1,309 @@ /* * sock.c (C) 1995-1998 Darren Reed * * See the IPFILTER.LICENCE file for details on licencing. * */ -#if !defined(lint) -static const char sccsid[] = "@(#)sock.c 1.2 1/11/96 (C)1995 Darren Reed"; -static const char rcsid[] = "@(#)$Id$"; -#endif #include #include #include #include #if defined(__NetBSD__) && defined(__vax__) /* * XXX need to declare boolean_t for _KERNEL * which ends up including for vax. See PR#32907 * for further details. */ typedef int boolean_t; #endif #include # include # ifdef __NetBSD__ # include # endif # ifdef __FreeBSD__ # define _WANT_FILE # else # define _KERNEL # define KERNEL # endif # include # ifdef __FreeBSD__ # undef _WANT_FILE # else # undef _KERNEL # undef KERNEL # endif #include #include #include #define _WANT_SOCKET #include #include # include #ifdef sun #include #include #endif #include #include #include #include #include #include #include #include #include # include #include #define _WANT_INPCB #include #include #define _WANT_TCPCB #include #include #include #include #include #include #include #include "ipsend.h" int nproc; struct proc *proc; #ifndef KMEM # ifdef _PATH_KMEM # define KMEM _PATH_KMEM # endif #endif #ifndef KERNEL # ifdef _PATH_UNIX # define KERNEL _PATH_UNIX # endif #endif #ifndef KMEM # define KMEM "/dev/kmem" #endif #ifndef KERNEL # define KERNEL "/vmunix" #endif static struct kinfo_proc *getproc(void); int kmemcpy(char *buf, void *pos, int n) { static int kfd = -1; off_t offset = (u_long)pos; if (kfd == -1) kfd = open(KMEM, O_RDONLY); if (lseek(kfd, offset, SEEK_SET) == -1) { perror("lseek"); return (-1); } if (read(kfd, buf, n) == -1) { perror("read"); return (-1); } return (n); } struct nlist names[4] = { { "_proc" }, { "_nproc" }, { NULL }, { NULL } }; static struct kinfo_proc *getproc(void) { static struct kinfo_proc kp; pid_t pid = getpid(); int mib[4]; size_t n; mib[0] = CTL_KERN; mib[1] = KERN_PROC; mib[2] = KERN_PROC_PID; mib[3] = pid; n = sizeof(kp); if (sysctl(mib, 4, &kp, &n, NULL, 0) == -1) { perror("sysctl"); return (NULL); } return (&kp); } struct tcpcb * find_tcp(int tfd, struct tcpiphdr *ti) { struct tcpcb *t; struct inpcb *i; struct socket *s; struct filedesc *fd; struct kinfo_proc *p; struct file *f, **o; if (!(p = getproc())) return (NULL); fd = (struct filedesc *)malloc(sizeof(*fd)); if (fd == NULL) return (NULL); #if defined( __FreeBSD__) if (KMCPY(fd, p->ki_fd, sizeof(*fd)) == -1) { fprintf(stderr, "read(%#lx,%#lx) failed\n", (u_long)p, (u_long)p->ki_fd); free(fd); return (NULL); } #else if (KMCPY(fd, p->kp_proc.p_fd, sizeof(*fd)) == -1) { fprintf(stderr, "read(%#lx,%#lx) failed\n", (u_long)p, (u_long)p->kp_proc.p_fd); free(fd); return (NULL); } #endif o = NULL; f = NULL; s = NULL; i = NULL; t = NULL; o = (struct file **)calloc(fd->fd_lastfile + 1, sizeof(*o)); if (KMCPY(o, fd->fd_ofiles, (fd->fd_lastfile + 1) * sizeof(*o)) == -1) { fprintf(stderr, "read(%#lx,%#lx,%lu) - u_ofile - failed\n", (u_long)fd->fd_ofiles, (u_long)o, (u_long)sizeof(*o)); goto finderror; } f = (struct file *)calloc(1, sizeof(*f)); if (KMCPY(f, o[tfd], sizeof(*f)) == -1) { fprintf(stderr, "read(%#lx,%#lx,%lu) - o[tfd] - failed\n", (u_long)o[tfd], (u_long)f, (u_long)sizeof(*f)); goto finderror; } s = (struct socket *)calloc(1, sizeof(*s)); if (KMCPY(s, f->f_data, sizeof(*s)) == -1) { fprintf(stderr, "read(%#lx,%#lx,%lu) - f_data - failed\n", (u_long)f->f_data, (u_long)s, (u_long)sizeof(*s)); goto finderror; } i = (struct inpcb *)calloc(1, sizeof(*i)); if (KMCPY(i, s->so_pcb, sizeof(*i)) == -1) { fprintf(stderr, "kvm_read(%#lx,%#lx,%lu) - so_pcb - failed\n", (u_long)s->so_pcb, (u_long)i, (u_long)sizeof(*i)); goto finderror; } t = (struct tcpcb *)calloc(1, sizeof(*t)); if (KMCPY(t, i->inp_ppcb, sizeof(*t)) == -1) { fprintf(stderr, "read(%#lx,%#lx,%lu) - inp_ppcb - failed\n", (u_long)i->inp_ppcb, (u_long)t, (u_long)sizeof(*t)); goto finderror; } return (struct tcpcb *)i->inp_ppcb; finderror: if (o != NULL) free(o); if (f != NULL) free(f); if (s != NULL) free(s); if (i != NULL) free(i); if (t != NULL) free(t); return (NULL); } int do_socket(char *dev, int mtu, struct tcpiphdr *ti, struct in_addr gwip) { struct sockaddr_in rsin, lsin; struct tcpcb *t, tcb; int fd, nfd; socklen_t len; printf("Dest. Port: %d\n", ti->ti_dport); fd = socket(AF_INET, SOCK_STREAM, 0); if (fd == -1) { perror("socket"); return (-1); } if (fcntl(fd, F_SETFL, FNDELAY) == -1) { perror("fcntl"); return (-1); } bzero((char *)&lsin, sizeof(lsin)); lsin.sin_family = AF_INET; bcopy((char *)&ti->ti_src, (char *)&lsin.sin_addr, sizeof(struct in_addr)); if (bind(fd, (struct sockaddr *)&lsin, sizeof(lsin)) == -1) { perror("bind"); return (-1); } len = sizeof(lsin); (void) getsockname(fd, (struct sockaddr *)&lsin, &len); ti->ti_sport = lsin.sin_port; printf("sport %d\n", ntohs(lsin.sin_port)); nfd = initdevice(dev, 1); if (nfd == -1) return (-1); if (!(t = find_tcp(fd, ti))) return (-1); bzero((char *)&rsin, sizeof(rsin)); rsin.sin_family = AF_INET; bcopy((char *)&ti->ti_dst, (char *)&rsin.sin_addr, sizeof(struct in_addr)); rsin.sin_port = ti->ti_dport; if (connect(fd, (struct sockaddr *)&rsin, sizeof(rsin)) == -1 && errno != EINPROGRESS) { perror("connect"); return (-1); } KMCPY(&tcb, t, sizeof(tcb)); ti->ti_win = tcb.rcv_adv; ti->ti_seq = tcb.snd_nxt - 1; ti->ti_ack = tcb.rcv_nxt; if (send_tcp(nfd, mtu, (ip_t *)ti, gwip) == -1) return (-1); (void)write(fd, "Hello World\n", 12); sleep(2); close(fd); return (0); } diff --git a/sbin/ipf/ipsend/sockraw.c b/sbin/ipf/ipsend/sockraw.c index 56fcb7174532..ab65f63753c7 100644 --- a/sbin/ipf/ipsend/sockraw.c +++ b/sbin/ipf/ipsend/sockraw.c @@ -1,89 +1,86 @@ /* * (C)opyright 2000 Darren Reed. * * See the IPFILTER.LICENCE file for details on licencing. * * WARNING: Attempting to use this .c file on HP-UX 11.00 will cause the * system to crash. */ #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include "ipsend.h" -#if !defined(lint) && defined(LIBC_SCCS) -static char sirix[] = "@(#)sirix.c 1.0 10/9/97 (C)1997 Marc Boucher"; -#endif int initdevice(char *device, int tout) { struct sockaddr s; struct ifreq ifr; int fd; memset(&ifr, 0, sizeof(ifr)); strncpy(ifr.ifr_name, device, sizeof ifr.ifr_name); if ((fd = socket(AF_INET, SOCK_RAW, IPPROTO_RAW)) < 0) { perror("socket(AF_INET, SOCK_RAW, IPPROTO_RAW)"); return (-1); } if (ioctl(fd, SIOCGIFADDR, &ifr) == -1) { perror("ioctl SIOCGIFADDR"); return (-1); } bzero((char *)&s, sizeof(s)); s.sa_family = AF_INET; bcopy(&ifr.ifr_addr, s.sa_data, 4); if (bind(fd, &s, sizeof(s)) == -1) perror("bind"); return (fd); } /* * output an IP packet */ int sendip(int fd, char *pkt, int len) { struct ether_header *eh; struct sockaddr_in sin; eh = (struct ether_header *)pkt; bzero((char *)&sin, sizeof(sin)); sin.sin_family = AF_INET; pkt += 14; len -= 14; bcopy(pkt + 12, (char *)&sin.sin_addr, 4); if (sendto(fd, pkt, len, 0, &sin, sizeof(sin)) == -1) { perror("send"); return (-1); } return (len); } diff --git a/sbin/ipf/libipf/facpri.c b/sbin/ipf/libipf/facpri.c index eac41abcfea5..9f66cedc7df5 100644 --- a/sbin/ipf/libipf/facpri.c +++ b/sbin/ipf/libipf/facpri.c @@ -1,148 +1,145 @@ /* * Copyright (C) 2012 by Darren Reed. * * See the IPFILTER.LICENCE file for details on licencing. * * $Id$ */ #include #include #include #include #if !defined(__SVR4) && !defined(__svr4__) #include #endif #include #include #include #include #include "facpri.h" -#if !defined(lint) -static const char rcsid[] = "@(#)$Id$"; -#endif typedef struct table { char *name; int value; } table_t; table_t facs[] = { { "kern", LOG_KERN }, { "user", LOG_USER }, { "mail", LOG_MAIL }, { "daemon", LOG_DAEMON }, { "auth", LOG_AUTH }, { "syslog", LOG_SYSLOG }, { "lpr", LOG_LPR }, { "news", LOG_NEWS }, { "uucp", LOG_UUCP }, #if LOG_CRON == LOG_CRON2 { "cron2", LOG_CRON1 }, #else { "cron", LOG_CRON1 }, #endif #ifdef LOG_FTP { "ftp", LOG_FTP }, #endif #ifdef LOG_AUTHPRIV { "authpriv", LOG_AUTHPRIV }, #endif #ifdef LOG_AUDIT { "audit", LOG_AUDIT }, #endif #ifdef LOG_LFMT { "logalert", LOG_LFMT }, #endif #if LOG_CRON == LOG_CRON1 { "cron", LOG_CRON2 }, #else { "cron2", LOG_CRON2 }, #endif #ifdef LOG_SECURITY { "security", LOG_SECURITY }, #endif { "local0", LOG_LOCAL0 }, { "local1", LOG_LOCAL1 }, { "local2", LOG_LOCAL2 }, { "local3", LOG_LOCAL3 }, { "local4", LOG_LOCAL4 }, { "local5", LOG_LOCAL5 }, { "local6", LOG_LOCAL6 }, { "local7", LOG_LOCAL7 }, { NULL, 0 } }; /* * map a facility number to its name */ char * fac_toname(int facpri) { int i, j, fac; fac = facpri & LOG_FACMASK; j = fac >> 3; if (j < (sizeof(facs)/sizeof(facs[0]))) { if (facs[j].value == fac) return (facs[j].name); } for (i = 0; facs[i].name; i++) if (fac == facs[i].value) return (facs[i].name); return (NULL); } /* * map a facility name to its number */ int fac_findname(char *name) { int i; for (i = 0; facs[i].name; i++) if (!strcmp(facs[i].name, name)) return (facs[i].value); return (-1); } table_t pris[] = { { "emerg", LOG_EMERG }, { "alert", LOG_ALERT }, { "crit", LOG_CRIT }, { "err", LOG_ERR }, { "warn", LOG_WARNING }, { "notice", LOG_NOTICE }, { "info", LOG_INFO }, { "debug", LOG_DEBUG }, { NULL, 0 } }; /* * map a facility name to its number */ int pri_findname(char *name) { int i; for (i = 0; pris[i].name; i++) if (!strcmp(pris[i].name, name)) return (pris[i].value); return (-1); } /* * map a priority number to its name */ char * pri_toname(int facpri) { int i, pri; pri = facpri & LOG_PRIMASK; if (pris[pri].value == pri) return (pris[pri].name); for (i = 0; pris[i].name; i++) if (pri == pris[i].value) return (pris[i].name); return (NULL); } diff --git a/sbin/ipf/libipf/getnattype.c b/sbin/ipf/libipf/getnattype.c index 60ab7793a325..30bae7ce0216 100644 --- a/sbin/ipf/libipf/getnattype.c +++ b/sbin/ipf/libipf/getnattype.c @@ -1,68 +1,65 @@ /* * Copyright (C) 2012 by Darren Reed. * * See the IPFILTER.LICENCE file for details on licencing. * * Added redirect stuff and a variety of bug fixes. (mcn@EnGarde.com) */ #include "ipf.h" #include "kmem.h" -#if !defined(lint) -static const char rcsid[] = "@(#)$Id$"; -#endif /* * Get a nat filter type given its kernel address. */ char * getnattype(nat_t *nat) { static char unknownbuf[20]; char *which; if (!nat) return ("???"); switch (nat->nat_redir) { case NAT_MAP : which = "MAP"; break; case NAT_MAPBLK : which = "MAP-BLOCK"; break; case NAT_REDIRECT : which = "RDR"; break; case NAT_MAP|NAT_REWRITE : which = "RWR-MAP"; break; case NAT_REDIRECT|NAT_REWRITE : which = "RWR-RDR"; break; case NAT_BIMAP : which = "BIMAP"; break; case NAT_REDIRECT|NAT_DIVERTUDP : which = "DIV-RDR"; break; case NAT_MAP|NAT_DIVERTUDP : which = "DIV-MAP"; break; case NAT_REDIRECT|NAT_ENCAP : which = "ENC-RDR"; break; case NAT_MAP|NAT_ENCAP : which = "ENC-MAP"; break; default : snprintf(unknownbuf, sizeof(unknownbuf), "unknown(%04x)", nat->nat_redir & 0xffffffff); which = unknownbuf; break; } return (which); } diff --git a/sbin/ipf/libipf/inet_addr.c b/sbin/ipf/libipf/inet_addr.c index 11e468eb09f7..d64b3da41361 100644 --- a/sbin/ipf/libipf/inet_addr.c +++ b/sbin/ipf/libipf/inet_addr.c @@ -1,200 +1,196 @@ /* * ++Copyright++ 1983, 1990, 1993 * - * Copyright (c) 1983, 1990, 1993 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. All advertising materials mentioning features or use of this software * must display the following acknowledgement: * This product includes software developed by the University of * California, Berkeley and its contributors. * 4. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * Portions Copyright (c) 1993 by Digital Equipment Corporation. * * Permission to use, copy, modify, and distribute this software for any * purpose with or without fee is hereby granted, provided that the above * copyright notice and this permission notice appear in all copies, and that * the name of Digital Equipment Corporation not be used in advertising or * publicity pertaining to distribution of the document or software without * specific, written prior permission. * * THE SOFTWARE IS PROVIDED "AS IS" AND DIGITAL EQUIPMENT CORP. DISCLAIMS ALL * WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES * OF MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL DIGITAL EQUIPMENT * CORPORATION BE LIABLE FOR ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL * DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR * PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS * ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS * SOFTWARE. * - * --Copyright-- */ -#if !defined(lint) -static const char sccsid[] = "@(#)inet_addr.c 8.1 (Berkeley) 6/17/93"; -static const char rcsid[] = "@(#)$Id: inet_addr.c,v 1.8.2.3 2004/12/09 19:41:20 darrenr Exp $"; -#endif /* LIBC_SCCS and not lint */ #include #include #include #include #ifndef __P # define __P(x) x #endif int inet_aton(const char *, struct in_addr *); /* * Because the ctype(3) posix definition, if used "safely" in code everywhere, * would mean all normal code that walks through strings needed casts. Yuck. */ #define ISALNUM(x) isalnum((u_char)(x)) #define ISALPHA(x) isalpha((u_char)(x)) #define ISASCII(x) isascii((u_char)(x)) #define ISDIGIT(x) isdigit((u_char)(x)) #define ISPRINT(x) isprint((u_char)(x)) #define ISSPACE(x) isspace((u_char)(x)) #define ISUPPER(x) isupper((u_char)(x)) #define ISXDIGIT(x) isxdigit((u_char)(x)) #define ISLOWER(x) islower((u_char)(x)) /* * Check whether "cp" is a valid ascii representation * of an Internet address and convert to a binary address. * Returns 1 if the address is valid, 0 if not. * This replaces inet_addr, the return value from which * cannot distinguish between failure and a local broadcast address. */ int inet_aton(register const char *cp, struct in_addr *addr) { register u_long val; register int base, n; register char c; u_int parts[4]; register u_int *pp = parts; c = *cp; for (;;) { /* * Collect number up to ``.''. * Values are specified as for C: * 0x=hex, 0=octal, isdigit=decimal. */ if (!ISDIGIT(c)) return (0); val = 0; base = 10; if (c == '0') { c = *++cp; if (c == 'x' || c == 'X') base = 16, c = *++cp; else base = 8; } for (;;) { if (ISASCII(c) && ISDIGIT(c)) { val = (val * base) + (c - '0'); c = *++cp; } else if (base == 16 && ISASCII(c) && ISXDIGIT(c)) { val = (val << 4) | (c + 10 - (ISLOWER(c) ? 'a' : 'A')); c = *++cp; } else break; } if (c == '.') { /* * Internet format: * a.b.c.d * a.b.c (with c treated as 16 bits) * a.b (with b treated as 24 bits) */ if (pp >= parts + 3) return (0); *pp++ = val; c = *++cp; } else break; } /* * Check for trailing characters. */ if (c != '\0' && (!ISASCII(c) || !ISSPACE(c))) return (0); /* * Concoct the address according to * the number of parts specified. */ n = pp - parts + 1; switch (n) { case 0: return (0); /* initial nondigit */ case 1: /* a -- 32 bits */ break; case 2: /* a.b -- 8.24 bits */ if (val > 0xffffff) return (0); val |= parts[0] << 24; break; case 3: /* a.b.c -- 8.8.16 bits */ if (val > 0xffff) return (0); val |= (parts[0] << 24) | (parts[1] << 16); break; case 4: /* a.b.c.d -- 8.8.8.8 bits */ if (val > 0xff) return (0); val |= (parts[0] << 24) | (parts[1] << 16) | (parts[2] << 8); break; } if (addr) addr->s_addr = htonl(val); return (1); } /* these are compatibility routines, not needed on recent BSD releases */ /* * Ascii internet address interpretation routine. * The value returned is in network order. */ #if 0 inet_addr(const char *cp) { struct in_addr val; if (inet_aton(cp, &val)) return (val.s_addr); return (0xffffffff); } #endif diff --git a/sbin/ipf/libipf/ipft_hx.c b/sbin/ipf/libipf/ipft_hx.c index d6ae80ec4efd..98c0d1eb0114 100644 --- a/sbin/ipf/libipf/ipft_hx.c +++ b/sbin/ipf/libipf/ipft_hx.c @@ -1,181 +1,177 @@ /* * Copyright (C) 2012 by Darren Reed. * * See the IPFILTER.LICENCE file for details on licencing. */ -#if !defined(lint) -static const char sccsid[] = "@(#)ipft_hx.c 1.1 3/9/96 (C) 1996 Darren Reed"; -static const char rcsid[] = "@(#)$Id$"; -#endif #include #include "ipf.h" #include "ipt.h" extern int opts; static int hex_open(char *); static int hex_close(void); static int hex_readip(mb_t *, char **, int *); static char *readhex(char *, char *); struct ipread iphex = { hex_open, hex_close, hex_readip, 0 }; static FILE *tfp = NULL; static int tfd = -1; static int hex_open(char *fname) { if (tfp && tfd != -1) { rewind(tfp); return (tfd); } if (!strcmp(fname, "-")) { tfd = 0; tfp = stdin; } else { tfd = open(fname, O_RDONLY); if (tfd != -1) tfp = fdopen(tfd, "r"); } return (tfd); } static int hex_close(void) { int cfd = tfd; tfd = -1; return (close(cfd)); } static int hex_readip(mb_t *mb, char **ifn, int *dir) { register char *s, *t, *u; char line[513]; ip_t *ip; char *buf; buf = (char *)mb->mb_buf; /* * interpret start of line as possibly "[ifname]" or * "[in/out,ifname]". */ if (ifn) *ifn = NULL; if (dir) *dir = 0; ip = (ip_t *)buf; while (fgets(line, sizeof(line)-1, tfp)) { if ((s = strchr(line, '\n'))) { if (s == line) { mb->mb_len = (char *)ip - buf; return (mb->mb_len); } *s = '\0'; } if ((s = strchr(line, '#'))) *s = '\0'; if (!*line) continue; if ((opts & OPT_DEBUG) != 0) { printf("input: %s", line); } if ((*line == '[') && (s = strchr(line, ']'))) { t = line + 1; if (s - t > 0) { *s++ = '\0'; if ((u = strchr(t, ',')) && (u < s)) { u++; if (ifn) *ifn = strdup(u); if (dir) { if (*t == 'i') *dir = 0; else if (*t == 'o') *dir = 1; } } else if (ifn) *ifn = t; } while (*s++ == '+') { if (!strncasecmp(s, "mcast", 5)) { mb->mb_flags |= M_MCAST; s += 5; } if (!strncasecmp(s, "bcast", 5)) { mb->mb_flags |= M_BCAST; s += 5; } if (!strncasecmp(s, "mbcast", 6)) { mb->mb_flags |= M_MBCAST; s += 6; } } while (ISSPACE(*s)) s++; } else s = line; t = (char *)ip; ip = (ip_t *)readhex(s, (char *)ip); if ((opts & OPT_DEBUG) != 0) { if (opts & OPT_ASCII) { int c = *t; if (t < (char *)ip) putchar('\t'); while (t < (char *)ip) { if (isprint(c) && isascii(c)) putchar(c); else putchar('.'); t++; } } putchar('\n'); fflush(stdout); } } if (feof(tfp)) return (0); return (-1); } static char *readhex(register char *src, register char *dst) { int state = 0; char c; while ((c = *src++)) { if (ISSPACE(c)) { if (state) { dst++; state = 0; } continue; } else if ((c >= '0' && c <= '9') || (c >= 'a' && c <= 'f') || (c >= 'A' && c <= 'F')) { c = ISDIGIT(c) ? (c - '0') : (TOUPPER(c) - 55); if (state == 0) { *dst = (c << 4); state++; } else { *dst++ |= c; state = 0; } } else break; } return (dst); } diff --git a/sbin/ipf/libipf/ipft_pc.c b/sbin/ipf/libipf/ipft_pc.c index 0f4a9f6a5983..ff4acd5d1753 100644 --- a/sbin/ipf/libipf/ipft_pc.c +++ b/sbin/ipf/libipf/ipft_pc.c @@ -1,248 +1,245 @@ /* * Copyright (C) 2012 by Darren Reed. * * See the IPFILTER.LICENCE file for details on licencing. * * $Id$ */ #include "ipf.h" #include "ipt.h" -#if !defined(lint) -static const char rcsid[] = "@(#)$Id$"; -#endif struct llc { int lc_type; int lc_sz; /* LLC header length */ int lc_to; /* LLC Type offset */ int lc_tl; /* LLC Type length */ }; /* * While many of these maybe the same, some do have different header formats * which make this useful. */ static struct llc llcs[] = { { 0, 0, 0, 0 }, /* DLT_NULL */ { 1, 14, 12, 2 }, /* DLT_Ethernet */ { 10, 0, 0, 0 }, /* DLT_FDDI */ { 12, 0, 0, 0 }, /* DLT_RAW */ { -1, -1, -1, -1 } }; typedef struct { u_int id; u_short major; u_short minor; u_int timezone; u_int sigfigs; u_int snaplen; u_int type; } fileheader_t; typedef struct { u_32_t seconds; u_32_t microseconds; u_32_t caplen; u_32_t wirelen; } packetheader_t; static int ipcap_open(char *); static int ipcap_close(void); static int ipcap_readip(mb_t *, char **, int *); static int ipcap_read_rec(packetheader_t *); static void iswap_hdr(fileheader_t *); static int pfd = -1, swapped = 0; static struct llc *llcp = NULL; struct ipread pcap = { ipcap_open, ipcap_close, ipcap_readip, 0 }; #define SWAPLONG(y) \ ((((y)&0xff)<<24) | (((y)&0xff00)<<8) | (((y)&0xff0000)>>8) | (((y)>>24)&0xff)) #define SWAPSHORT(y) \ ( (((y)&0xff)<<8) | (((y)&0xff00)>>8) ) static void iswap_hdr(fileheader_t *p) { p->major = SWAPSHORT(p->major); p->minor = SWAPSHORT(p->minor); p->timezone = SWAPLONG(p->timezone); p->sigfigs = SWAPLONG(p->sigfigs); p->snaplen = SWAPLONG(p->snaplen); p->type = SWAPLONG(p->type); } static int ipcap_open(char *fname) { fileheader_t ph; int fd, i; if (pfd != -1) return (pfd); if (!strcmp(fname, "-")) fd = 0; else if ((fd = open(fname, O_RDONLY)) == -1) return (-1); if (read(fd, (char *)&ph, sizeof(ph)) != sizeof(ph)) return (-2); if (ph.id != 0xa1b2c3d4) { if (SWAPLONG(ph.id) != 0xa1b2c3d4) { (void) close(fd); return (-2); } swapped = 1; iswap_hdr(&ph); } for (i = 0; llcs[i].lc_type != -1; i++) if (llcs[i].lc_type == ph.type) { llcp = llcs + i; break; } if (llcp == NULL) { (void) close(fd); return (-2); } pfd = fd; printf("opened pcap file %s:\n", fname); printf("\tid: %08x version: %d.%d type: %d snap %d\n", ph.id, ph.major, ph.minor, ph.type, ph.snaplen); return (fd); } static int ipcap_close(void) { return (close(pfd)); } /* * read in the header (and validate) which should be the first record * in a pcap file. */ static int ipcap_read_rec(packetheader_t *rec) { int n, p, i; n = sizeof(*rec); while (n > 0) { i = read(pfd, (char *)rec, sizeof(*rec)); if (i <= 0) return (-2); n -= i; } if (swapped) { rec->caplen = SWAPLONG(rec->caplen); rec->wirelen = SWAPLONG(rec->wirelen); rec->seconds = SWAPLONG(rec->seconds); rec->microseconds = SWAPLONG(rec->microseconds); } p = rec->caplen; n = MIN(p, rec->wirelen); if (!n || n < 0) return (-3); if (p < 0 || p > 65536) return (-4); return (p); } #ifdef notyet /* * read an entire pcap packet record. only the data part is copied into * the available buffer, with the number of bytes copied returned. */ static int ipcap_read(char *buf, int cnt) { packetheader_t rec; static char *bufp = NULL; int i, n; if ((i = ipcap_read_rec(&rec)) <= 0) return (i); if (!bufp) bufp = malloc(i); else bufp = realloc(bufp, i); if (read(pfd, bufp, i) != i) return (-2); n = MIN(i, cnt); bcopy(bufp, buf, n); return (n); } #endif /* * return only an IP packet read into buf */ static int ipcap_readip(mb_t *mb, char **ifn, int *dir) { static char *bufp = NULL; packetheader_t rec; struct llc *l; char *s, ty[4]; int i, j, n; char *buf; int cnt; #if 0 ifn = ifn; /* gcc -Wextra */ dir = dir; /* gcc -Wextra */ #endif buf = (char *)mb->mb_buf; cnt = sizeof(mb->mb_buf); l = llcp; /* do { */ if ((i = ipcap_read_rec(&rec)) <= 0) return (i); if (!bufp) bufp = malloc(i); else bufp = realloc(bufp, i); s = bufp; for (j = i, n = 0; j > 0; ) { n = read(pfd, s, j); if (n <= 0) return (-2); j -= n; s += n; } s = bufp; i -= l->lc_sz; s += l->lc_to; bcopy(s, ty, l->lc_tl); s += l->lc_tl; /* } while (ty[0] != 0x8 && ty[1] != 0); */ n = MIN(i, cnt); bcopy(s, buf, n); mb->mb_len = n; return (n); } diff --git a/sbin/ipf/libipf/ipft_tx.c b/sbin/ipf/libipf/ipft_tx.c index bab33016b9cc..e54a7e15f982 100644 --- a/sbin/ipf/libipf/ipft_tx.c +++ b/sbin/ipf/libipf/ipft_tx.c @@ -1,499 +1,495 @@ /* * Copyright (C) 2012 by Darren Reed. * * See the IPFILTER.LICENCE file for details on licencing. * * $Id$ */ -#if !defined(lint) -static const char sccsid[] = "@(#)ipft_tx.c 1.7 6/5/96 (C) 1993 Darren Reed"; -static const char rcsid[] = "@(#)$Id$"; -#endif #include #include "ipf.h" #include "ipt.h" extern int opts; static char *tx_proto = ""; static int text_open(char *), text_close(void); static int text_readip(mb_t *, char **, int *); static int parseline(char *, ip_t *, char **, int *); static char myflagset[] = "FSRPAUEC"; static u_char myflags[] = { TH_FIN, TH_SYN, TH_RST, TH_PUSH, TH_ACK, TH_URG, TH_ECN, TH_CWR }; struct ipread iptext = { text_open, text_close, text_readip, R_DO_CKSUM }; static FILE *tfp = NULL; static int tfd = -1; static u_32_t tx_hostnum(char *, int *); static u_short tx_portnum(char *); #ifdef USE_INET6 int parseipv6(char **, ip6_t *, char **, int *); #endif /* * returns an ip address as a long var as a result of either a DNS lookup or * straight inet_addr() call */ static u_32_t tx_hostnum(char *host, int *resolved) { i6addr_t ipa; *resolved = 0; if (!strcasecmp("any", host)) return (0L); if (ISDIGIT(*host)) return (inet_addr(host)); if (gethost(AF_INET, host, &ipa) == -1) { *resolved = -1; fprintf(stderr, "can't resolve hostname: %s\n", host); return (0); } return (ipa.in4.s_addr); } /* * find the port number given by the name, either from getservbyname() or * straight atoi() */ static u_short tx_portnum(char *name) { struct servent *sp; if (ISDIGIT(*name)) return (u_short)atoi(name); sp = getservbyname(name, tx_proto); if (sp) return (ntohs(sp->s_port)); (void) fprintf(stderr, "unknown service \"%s\".\n", name); return (0); } static int text_open(char *fname) { if (tfp && tfd != -1) { rewind(tfp); return (tfd); } if (!strcmp(fname, "-")) { tfd = 0; tfp = stdin; } else { tfd = open(fname, O_RDONLY); if (tfd != -1) tfp = fdopen(tfd, "r"); } return (tfd); } static int text_close(void) { int cfd = tfd; tfd = -1; return (close(cfd)); } static int text_readip(mb_t *mb, char **ifn, int *dir) { register char *s; char line[513]; ip_t *ip; char *buf; buf = (char *)mb->mb_buf; *ifn = NULL; while (fgets(line, sizeof(line)-1, tfp)) { if ((s = strchr(line, '\n'))) *s = '\0'; if ((s = strchr(line, '\r'))) *s = '\0'; if ((s = strchr(line, '#'))) *s = '\0'; if (!*line) continue; if ((opts & OPT_DEBUG) != 0) printf("input: %s\n", line); *ifn = NULL; *dir = 0; if (!parseline(line, (ip_t *)buf, ifn, dir)) { ip = (ip_t *)buf; if (IP_V(ip) == 6) { #ifdef USE_INET6 mb->mb_len = ntohs(((ip6_t *)ip)->ip6_plen) + sizeof(ip6_t); #else mb->mb_len = 0; #endif } else { mb->mb_len = ntohs(ip->ip_len); } return (mb->mb_len); } } if (feof(tfp)) return (0); return (-1); } static int parseline(char *line, ip_t *ip, char **ifn, int *out) { tcphdr_t th, *tcp = &th; struct icmp icmp, *ic = &icmp; char *cps[20], **cpp, c, ipopts[68]; int i, r; if (*ifn) free(*ifn); bzero((char *)ip, MAX(sizeof(*tcp), sizeof(*ic)) + sizeof(*ip)); bzero((char *)tcp, sizeof(*tcp)); bzero((char *)ic, sizeof(*ic)); bzero(ipopts, sizeof(ipopts)); IP_HL_A(ip, sizeof(*ip) >> 2); IP_V_A(ip, IPVERSION); ip->ip_ttl = 63; for (i = 0, cps[0] = strtok(line, " \b\t\r\n"); cps[i] && i < 19; ) cps[++i] = strtok(NULL, " \b\t\r\n"); cpp = cps; if (!*cpp) return (1); c = **cpp; if (!ISALPHA(c) || (TOLOWER(c) != 'o' && TOLOWER(c) != 'i')) { fprintf(stderr, "bad direction \"%s\"\n", *cpp); return (1); } #ifdef USE_INET6 if (!strcasecmp(*cpp, "out6") || !strcasecmp(*cpp, "in6")) { return (parseipv6(cpp, (ip6_t *)ip, ifn, out)); } #endif *out = (TOLOWER(c) == 'o') ? 1 : 0; cpp++; if (!*cpp) return (1); if (!strcasecmp(*cpp, "on")) { cpp++; if (!*cpp) return (1); *ifn = strdup(*cpp++); if (!*cpp) return (1); } c = **cpp; ip->ip_len = sizeof(ip_t); if (!strcasecmp(*cpp, "tcp") || !strcasecmp(*cpp, "udp") || !strcasecmp(*cpp, "icmp")) { if (c == 't') { ip->ip_p = IPPROTO_TCP; ip->ip_len += sizeof(struct tcphdr); tx_proto = "tcp"; } else if (c == 'u') { ip->ip_p = IPPROTO_UDP; ip->ip_len += sizeof(struct udphdr); tx_proto = "udp"; } else { ip->ip_p = IPPROTO_ICMP; ip->ip_len += ICMPERR_IPICMPHLEN; tx_proto = "icmp"; } cpp++; } else if (ISDIGIT(**cpp) && !index(*cpp, '.')) { ip->ip_p = atoi(*cpp); cpp++; } else ip->ip_p = IPPROTO_IP; if (!*cpp) return (1); if (ip->ip_p == IPPROTO_TCP || ip->ip_p == IPPROTO_UDP) { char *last; last = strchr(*cpp, ','); if (!last) { fprintf(stderr, "tcp/udp with no source port\n"); return (1); } *last++ = '\0'; tcp->th_sport = htons(tx_portnum(last)); if (ip->ip_p == IPPROTO_TCP) { tcp->th_win = htons(4096); TCP_OFF_A(tcp, sizeof(*tcp) >> 2); } } ip->ip_src.s_addr = tx_hostnum(*cpp, &r); cpp++; if (!*cpp) return (1); if (ip->ip_p == IPPROTO_TCP || ip->ip_p == IPPROTO_UDP) { char *last; last = strchr(*cpp, ','); if (!last) { fprintf(stderr, "tcp/udp with no destination port\n"); return (1); } *last++ = '\0'; tcp->th_dport = htons(tx_portnum(last)); } ip->ip_dst.s_addr = tx_hostnum(*cpp, &r); cpp++; if (ip->ip_p == IPPROTO_TCP) { if (*cpp != NULL) { char *s, *t; tcp->th_flags = 0; for (s = *cpp; *s; s++) if ((t = strchr(myflagset, *s))) tcp->th_flags |= myflags[t-myflagset]; if (tcp->th_flags) cpp++; } if (tcp->th_flags & TH_URG) tcp->th_urp = htons(1); if (*cpp && !strncasecmp(*cpp, "seq=", 4)) { tcp->th_seq = htonl(atoi(*cpp + 4)); cpp++; } if (*cpp && !strncasecmp(*cpp, "ack=", 4)) { tcp->th_ack = htonl(atoi(*cpp + 4)); cpp++; } } else if (*cpp && ip->ip_p == IPPROTO_ICMP) { char *t; t = strchr(*cpp, ','); if (t != NULL) *t = '\0'; ic->icmp_type = geticmptype(AF_INET, *cpp); if (t != NULL) ic->icmp_code = atoi(t + 1); cpp++; if (ic->icmp_type == ICMP_ECHO || ic->icmp_type == ICMP_ECHOREPLY) ic->icmp_id = htons(getpid()); if (t != NULL) *t = ','; } if (*cpp && !strcasecmp(*cpp, "opt")) { u_long olen; cpp++; olen = buildopts(*cpp, ipopts, (IP_HL(ip) - 5) << 2); if (olen) { bcopy(ipopts, (char *)(ip + 1), olen); IP_HL_A(ip, IP_HL(ip) + (olen >> 2)); ip->ip_len += olen; } } if (ip->ip_p == IPPROTO_TCP || ip->ip_p == IPPROTO_UDP) bcopy((char *)tcp, ((char *)ip) + (IP_HL(ip) << 2), sizeof(*tcp)); else if (ip->ip_p == IPPROTO_ICMP) bcopy((char *)ic, ((char *)ip) + (IP_HL(ip) << 2), sizeof(*ic)); ip->ip_len = htons(ip->ip_len); return (0); } #ifdef USE_INET6 int parseipv6(char **cpp, ip6_t *ip6, char **ifn, int *out) { tcphdr_t th, *tcp = &th; struct icmp6_hdr icmp, *ic6 = &icmp; bzero((char *)ip6, MAX(sizeof(*tcp), sizeof(*ic6)) + sizeof(*ip6)); bzero((char *)tcp, sizeof(*tcp)); bzero((char *)ic6, sizeof(*ic6)); ip6->ip6_vfc = 0x60; *out = (**cpp == 'o') ? 1 : 0; cpp++; if (!*cpp) return (1); if (!strcasecmp(*cpp, "on")) { cpp++; if (!*cpp) return (1); *ifn = strdup(*cpp++); if (!*cpp) return (1); } if (!strcasecmp(*cpp, "tcp")) { ip6->ip6_nxt = IPPROTO_TCP; tx_proto = "tcp"; cpp++; } else if (!strcasecmp(*cpp, "udp")) { ip6->ip6_nxt = IPPROTO_UDP; tx_proto = "udp"; cpp++; } else if (!strcasecmp(*cpp, "icmpv6")) { ip6->ip6_nxt = IPPROTO_ICMPV6; tx_proto = "icmpv6"; cpp++; } else if (ISDIGIT(**cpp) && !index(*cpp, ':')) { ip6->ip6_nxt = atoi(*cpp); cpp++; } else ip6->ip6_nxt = IPPROTO_IPV6; if (!*cpp) return (1); switch (ip6->ip6_nxt) { case IPPROTO_TCP : ip6->ip6_plen = sizeof(struct tcphdr); break; case IPPROTO_UDP : ip6->ip6_plen = sizeof(struct udphdr); break; case IPPROTO_ICMPV6 : ip6->ip6_plen = ICMP6ERR_IPICMPHLEN; break; default : break; } if (ip6->ip6_nxt == IPPROTO_TCP || ip6->ip6_nxt == IPPROTO_UDP) { char *last; last = strchr(*cpp, ','); if (!last) { fprintf(stderr, "tcp/udp with no source port\n"); return (1); } *last++ = '\0'; tcp->th_sport = htons(tx_portnum(last)); if (ip6->ip6_nxt == IPPROTO_TCP) { tcp->th_win = htons(4096); TCP_OFF_A(tcp, sizeof(*tcp) >> 2); } } if (inet_pton(AF_INET6, *cpp, &ip6->ip6_src) != 1) { fprintf(stderr, "cannot parse source address '%s'\n", *cpp); return (1); } cpp++; if (!*cpp) return (1); if (ip6->ip6_nxt == IPPROTO_TCP || ip6->ip6_nxt == IPPROTO_UDP) { char *last; last = strchr(*cpp, ','); if (!last) { fprintf(stderr, "tcp/udp with no destination port\n"); return (1); } *last++ = '\0'; tcp->th_dport = htons(tx_portnum(last)); } if (inet_pton(AF_INET6, *cpp, &ip6->ip6_dst) != 1) { fprintf(stderr, "cannot parse destination address '%s'\n", *cpp); return (1); } cpp++; if (ip6->ip6_nxt == IPPROTO_TCP) { if (*cpp != NULL) { char *s, *t; tcp->th_flags = 0; for (s = *cpp; *s; s++) if ((t = strchr(myflagset, *s))) tcp->th_flags |= myflags[t-myflagset]; if (tcp->th_flags) cpp++; } if (tcp->th_flags & TH_URG) tcp->th_urp = htons(1); if (*cpp && !strncasecmp(*cpp, "seq=", 4)) { tcp->th_seq = htonl(atoi(*cpp + 4)); cpp++; } if (*cpp && !strncasecmp(*cpp, "ack=", 4)) { tcp->th_ack = htonl(atoi(*cpp + 4)); cpp++; } } else if (*cpp && ip6->ip6_nxt == IPPROTO_ICMPV6) { char *t; t = strchr(*cpp, ','); if (t != NULL) *t = '\0'; ic6->icmp6_type = geticmptype(AF_INET6, *cpp); if (t != NULL) ic6->icmp6_code = atoi(t + 1); if (ic6->icmp6_type == ICMP6_ECHO_REQUEST || ic6->icmp6_type == ICMP6_ECHO_REPLY) ic6->icmp6_id = htons(getpid()); if (t != NULL) *t = ','; } if (ip6->ip6_nxt == IPPROTO_TCP || ip6->ip6_nxt == IPPROTO_UDP) { bcopy((char *)tcp, (char *)ip6 + sizeof(*ip6), sizeof(*tcp)); } else if (ip6->ip6_nxt == IPPROTO_ICMPV6) { bcopy((char *)ic6, (char *)ip6 + sizeof(*ip6), sizeof(*ic6)); } /* * Because a length of 0 == jumbo gram... */ if (ip6->ip6_plen == 0) { ip6->ip6_plen++; } ip6->ip6_plen = htons(ip6->ip6_plen); return (0); } #endif diff --git a/sbin/ipf/libipf/kmem.c b/sbin/ipf/libipf/kmem.c index 0f15159b0348..6ebd0dee6b72 100644 --- a/sbin/ipf/libipf/kmem.c +++ b/sbin/ipf/libipf/kmem.c @@ -1,113 +1,109 @@ /* * Copyright (C) 2012 by Darren Reed. * * See the IPFILTER.LICENCE file for details on licencing. */ /* * kmemcpy() - copies n bytes from kernel memory into user buffer. * returns 0 on success, -1 on error. */ #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include "kmem.h" -#if !defined(lint) -static const char sccsid[] = "@(#)kmem.c 1.4 1/12/96 (C) 1992 Darren Reed"; -static const char rcsid[] = "@(#)$Id$"; -#endif static kvm_t *kvm_f = NULL; int openkmem(char *kern, char *core) { kvm_f = kvm_open(kern, core, NULL, O_RDONLY, NULL); if (kvm_f == NULL) { perror("openkmem:open"); return (-1); } return (kvm_f != NULL); } int kmemcpy(register char *buf, long pos, register int n) { register int r; if (!n) return (0); if (kvm_f == NULL) if (openkmem(NULL, NULL) == -1) return (-1); while ((r = kvm_read(kvm_f, pos, buf, n)) < n) if (r <= 0) { fprintf(stderr, "pos=0x%lx ", (u_long)pos); perror("kmemcpy:read"); return (-1); } else { buf += r; pos += r; n -= r; } return (0); } int kstrncpy(register char *buf, long pos, register int n) { register int r; if (!n) return (0); if (kvm_f == NULL) if (openkmem(NULL, NULL) == -1) return (-1); while (n > 0) { r = kvm_read(kvm_f, pos, buf, 1); if (r <= 0) { fprintf(stderr, "pos=0x%lx ", (u_long)pos); perror("kmemcpy:read"); return (-1); } else { if (*buf == '\0') break; buf++; pos++; n--; } } return (0); } diff --git a/sbin/ipf/libipf/nat_setgroupmap.c b/sbin/ipf/libipf/nat_setgroupmap.c index fd3a2c120e1e..97a5211688c3 100644 --- a/sbin/ipf/libipf/nat_setgroupmap.c +++ b/sbin/ipf/libipf/nat_setgroupmap.c @@ -1,33 +1,30 @@ /* * Copyright (C) 2012 by Darren Reed. * * See the IPFILTER.LICENCE file for details on licencing. */ -#if !defined(lint) -static const char rcsid[] = "@(#)$Id$"; -#endif #include "ipf.h" void nat_setgroupmap(ipnat_t *n) { if (n->in_nsrcmsk == n->in_osrcmsk) n->in_ippip = 1; else if (n->in_flags & IPN_AUTOPORTMAP) { n->in_ippip = ~ntohl(n->in_osrcmsk); if (n->in_nsrcmsk != 0xffffffff) n->in_ippip /= (~ntohl(n->in_nsrcmsk) + 1); n->in_ippip++; if (n->in_ippip == 0) n->in_ippip = 1; n->in_ppip = USABLE_PORTS / n->in_ippip; } else { n->in_space = USABLE_PORTS * ~ntohl(n->in_nsrcmsk); n->in_snip = 0; if (!(n->in_ppip = n->in_spmin)) n->in_ppip = 1; n->in_ippip = USABLE_PORTS / n->in_ppip; } } diff --git a/sbin/ipf/libipf/printactiveaddr.c b/sbin/ipf/libipf/printactiveaddr.c index 66b5b00aaf98..70deafa345e0 100644 --- a/sbin/ipf/libipf/printactiveaddr.c +++ b/sbin/ipf/libipf/printactiveaddr.c @@ -1,34 +1,31 @@ /* * Copyright (C) 2012 by Darren Reed. * * See the IPFILTER.LICENCE file for details on licencing. * * Added redirect stuff and a variety of bug fixes. (mcn@EnGarde.com) */ #include "ipf.h" -#if !defined(lint) -static const char rcsid[] = "@(#)$Id: printactiveaddr.c,v 1.3.2.2 2012/07/22 08:04:24 darren_r Exp $"; -#endif void printactiveaddress(int v, char *fmt, i6addr_t *addr, char *ifname) { switch (v) { case 4 : PRINTF(fmt, inet_ntoa(addr->in4)); break; #ifdef USE_INET6 case 6 : printaddr(AF_INET6, FRI_NORMAL, ifname, 0, (u_32_t *)&addr->in6, NULL); break; #endif default : break; } } diff --git a/sbin/ipf/libipf/printactivenat.c b/sbin/ipf/libipf/printactivenat.c index 0a4c254c9529..ba792d3b2be0 100644 --- a/sbin/ipf/libipf/printactivenat.c +++ b/sbin/ipf/libipf/printactivenat.c @@ -1,162 +1,159 @@ /* * Copyright (C) 2012 by Darren Reed. * * See the IPFILTER.LICENCE file for details on licencing. * * Added redirect stuff and a variety of bug fixes. (mcn@EnGarde.com) */ #include "ipf.h" -#if !defined(lint) -static const char rcsid[] = "@(#)$Id$"; -#endif static int proto_opened = 0; void printactivenat(nat_t *nat, int opts, u_long ticks) { struct protoent *pproto; if (proto_opened == 0) { proto_opened = 1; setprotoent(1); } PRINTF("%s", getnattype(nat)); if (nat->nat_flags & SI_CLONE) PRINTF(" CLONE"); if (nat->nat_phnext[0] == NULL && nat->nat_phnext[1] == NULL) PRINTF(" ORPHAN"); putchar(' '); if (nat->nat_redir & NAT_REWRITE) { printactiveaddress(nat->nat_v[0], "%-15s", &nat->nat_osrc6, nat->nat_ifnames[0]); if ((nat->nat_flags & IPN_TCPUDP) != 0) PRINTF(" %-5hu", ntohs(nat->nat_osport)); putchar(' '); printactiveaddress(nat->nat_v[0], "%-15s", &nat->nat_odst6, nat->nat_ifnames[0]); if ((nat->nat_flags & IPN_TCPUDP) != 0) PRINTF(" %-5hu", ntohs(nat->nat_odport)); PRINTF("<- -> "); printactiveaddress(nat->nat_v[1], "%-15s", &nat->nat_nsrc6, nat->nat_ifnames[0]); if ((nat->nat_flags & IPN_TCPUDP) != 0) PRINTF(" %-5hu", ntohs(nat->nat_nsport)); putchar(' '); printactiveaddress(nat->nat_v[1], "%-15s", &nat->nat_ndst6, nat->nat_ifnames[0]); if ((nat->nat_flags & IPN_TCPUDP) != 0) PRINTF(" %-5hu", ntohs(nat->nat_ndport)); pproto = getprotobynumber(nat->nat_pr[0]); PRINTF(" %s", pproto->p_name); } else if (nat->nat_dir == NAT_OUTBOUND) { printactiveaddress(nat->nat_v[0], "%-15s", &nat->nat_osrc6, nat->nat_ifnames[0]); if ((nat->nat_flags & IPN_TCPUDP) != 0) PRINTF(" %-5hu", ntohs(nat->nat_osport)); PRINTF(" <- -> "); printactiveaddress(nat->nat_v[1], "%-15s", &nat->nat_nsrc6, nat->nat_ifnames[0]); if ((nat->nat_flags & IPN_TCPUDP) != 0) PRINTF(" %-5hu", ntohs(nat->nat_nsport)); PRINTF(" ["); printactiveaddress(nat->nat_v[0], "%s", &nat->nat_odst6, nat->nat_ifnames[0]); if ((nat->nat_flags & IPN_TCPUDP) != 0) PRINTF(" %hu", ntohs(nat->nat_odport)); PRINTF("]"); pproto = getprotobynumber(nat->nat_pr[1]); PRINTF(" %s", pproto->p_name); } else { printactiveaddress(nat->nat_v[1], "%-15s", &nat->nat_ndst6, nat->nat_ifnames[0]); if ((nat->nat_flags & IPN_TCPUDP) != 0) PRINTF(" %-5hu", ntohs(nat->nat_ndport)); PRINTF(" <- -> "); printactiveaddress(nat->nat_v[0], "%-15s", &nat->nat_odst6, nat->nat_ifnames[0]); if ((nat->nat_flags & IPN_TCPUDP) != 0) PRINTF(" %-5hu", ntohs(nat->nat_odport)); PRINTF(" ["); printactiveaddress(nat->nat_v[0], "%s", &nat->nat_osrc6, nat->nat_ifnames[0]); if ((nat->nat_flags & IPN_TCPUDP) != 0) PRINTF(" %hu", ntohs(nat->nat_osport)); PRINTF("]"); pproto = getprotobynumber(nat->nat_pr[0]); PRINTF(" %s", pproto->p_name); } if (opts & OPT_VERBOSE) { PRINTF("\n\tttl %lu use %hu sumd %s/", nat->nat_age - ticks, nat->nat_use, getsumd(nat->nat_sumd[0])); PRINTF("%s pr %u/%u hash %u/%u flags %x\n", getsumd(nat->nat_sumd[1]), nat->nat_pr[0], nat->nat_pr[1], nat->nat_hv[0], nat->nat_hv[1], nat->nat_flags); PRINTF("\tifp %s,%s ", FORMAT_IF(nat->nat_ifnames[0]), FORMAT_IF(nat->nat_ifnames[1])); #ifdef USE_QUAD_T PRINTF("bytes %"PRIu64"/%"PRIu64" pkts %"PRIu64"/%"PRIu64"", (unsigned long long)nat->nat_bytes[0], (unsigned long long)nat->nat_bytes[1], (unsigned long long)nat->nat_pkts[0], (unsigned long long)nat->nat_pkts[1]); #else PRINTF("bytes %lu/%lu pkts %lu/%lu", nat->nat_bytes[0], nat->nat_bytes[1], nat->nat_pkts[0], nat->nat_pkts[1]); #endif PRINTF(" ipsumd %x", nat->nat_ipsumd); } if (opts & OPT_DEBUG) { PRINTF("\n\tnat_next %p _pnext %p _hm %p\n", nat->nat_next, nat->nat_pnext, nat->nat_hm); PRINTF("\t_hnext %p/%p _phnext %p/%p\n", nat->nat_hnext[0], nat->nat_hnext[1], nat->nat_phnext[0], nat->nat_phnext[1]); PRINTF("\t_data %p _me %p _state %p _aps %p\n", nat->nat_data, nat->nat_me, nat->nat_state, nat->nat_aps); PRINTF("\tfr %p ptr %p ifps %p/%p sync %p\n", nat->nat_fr, nat->nat_ptr, nat->nat_ifps[0], nat->nat_ifps[1], nat->nat_sync); PRINTF("\ttqe:pnext %p next %p ifq %p parent %p/%p\n", nat->nat_tqe.tqe_pnext, nat->nat_tqe.tqe_next, nat->nat_tqe.tqe_ifq, nat->nat_tqe.tqe_parent, nat); PRINTF("\ttqe:die %d touched %d flags %x state %d/%d\n", nat->nat_tqe.tqe_die, nat->nat_tqe.tqe_touched, nat->nat_tqe.tqe_flags, nat->nat_tqe.tqe_state[0], nat->nat_tqe.tqe_state[1]); } putchar('\n'); } diff --git a/sbin/ipf/libipf/printaps.c b/sbin/ipf/libipf/printaps.c index ee0c516ae2e3..df27c48b72c8 100644 --- a/sbin/ipf/libipf/printaps.c +++ b/sbin/ipf/libipf/printaps.c @@ -1,110 +1,107 @@ /* * Copyright (C) 2012 by Darren Reed. * * See the IPFILTER.LICENCE file for details on licencing. * * Added redirect stuff and a variety of bug fixes. (mcn@EnGarde.com) */ #include "ipf.h" #include "kmem.h" -#if !defined(lint) -static const char rcsid[] = "@(#)$Id$"; -#endif void printaps(ap_session_t *aps, int opts, int proto) { ipsec_pxy_t ipsec; ap_session_t ap; ftpinfo_t ftp; aproxy_t apr; raudio_t ra; if (kmemcpy((char *)&ap, (long)aps, sizeof(ap))) return; if (kmemcpy((char *)&apr, (long)ap.aps_apr, sizeof(apr))) return; PRINTF("\tproxy %s/%d use %d flags %x\n", apr.apr_label, apr.apr_p, apr.apr_ref, apr.apr_flags); #ifdef USE_QUAD_T PRINTF("\tbytes %"PRIu64" pkts %"PRIu64"", (unsigned long long)ap.aps_bytes, (unsigned long long)ap.aps_pkts); #else PRINTF("\tbytes %lu pkts %lu", ap.aps_bytes, ap.aps_pkts); #endif PRINTF(" data %s\n", ap.aps_data ? "YES" : "NO"); if ((proto == IPPROTO_TCP) && (opts & OPT_VERBOSE)) { PRINTF("\t\tstate[%u,%u], sel[%d,%d]\n", ap.aps_state[0], ap.aps_state[1], ap.aps_sel[0], ap.aps_sel[1]); #if (defined(NetBSD) && (NetBSD >= 199905) && (NetBSD < 1991011)) || \ defined(__FreeBSD__) PRINTF("\t\tseq: off %hd/%hd min %x/%x\n", ap.aps_seqoff[0], ap.aps_seqoff[1], ap.aps_seqmin[0], ap.aps_seqmin[1]); PRINTF("\t\tack: off %hd/%hd min %x/%x\n", ap.aps_ackoff[0], ap.aps_ackoff[1], ap.aps_ackmin[0], ap.aps_ackmin[1]); #else PRINTF("\t\tseq: off %hd/%hd min %lx/%lx\n", ap.aps_seqoff[0], ap.aps_seqoff[1], ap.aps_seqmin[0], ap.aps_seqmin[1]); PRINTF("\t\tack: off %hd/%hd min %lx/%lx\n", ap.aps_ackoff[0], ap.aps_ackoff[1], ap.aps_ackmin[0], ap.aps_ackmin[1]); #endif } if (!strcmp(apr.apr_label, "raudio") && ap.aps_psiz == sizeof(ra)) { if (kmemcpy((char *)&ra, (long)ap.aps_data, sizeof(ra))) return; PRINTF("\tReal Audio Proxy:\n"); PRINTF("\t\tSeen PNA: %d\tVersion: %d\tEOS: %d\n", ra.rap_seenpna, ra.rap_version, ra.rap_eos); PRINTF("\t\tMode: %#x\tSBF: %#x\n", ra.rap_mode, ra.rap_sbf); PRINTF("\t\tPorts:pl %hu, pr %hu, sr %hu\n", ra.rap_plport, ra.rap_prport, ra.rap_srport); } else if (!strcmp(apr.apr_label, "ftp") && (ap.aps_psiz == sizeof(ftp))) { if (kmemcpy((char *)&ftp, (long)ap.aps_data, sizeof(ftp))) return; PRINTF("\tFTP Proxy:\n"); PRINTF("\t\tpassok: %d\n", ftp.ftp_passok); ftp.ftp_side[0].ftps_buf[FTP_BUFSZ - 1] = '\0'; ftp.ftp_side[1].ftps_buf[FTP_BUFSZ - 1] = '\0'; PRINTF("\tClient:\n"); PRINTF("\t\tseq %x (ack %x) len %d junk %d cmds %d\n", ftp.ftp_side[0].ftps_seq[0], ftp.ftp_side[0].ftps_seq[1], ftp.ftp_side[0].ftps_len, ftp.ftp_side[0].ftps_junk, ftp.ftp_side[0].ftps_cmds); PRINTF("\t\tbuf ["); printbuf(ftp.ftp_side[0].ftps_buf, FTP_BUFSZ, 1); PRINTF("]\n\tServer:\n"); PRINTF("\t\tseq %x (ack %x) len %d junk %d cmds %d\n", ftp.ftp_side[1].ftps_seq[0], ftp.ftp_side[1].ftps_seq[1], ftp.ftp_side[1].ftps_len, ftp.ftp_side[1].ftps_junk, ftp.ftp_side[1].ftps_cmds); PRINTF("\t\tbuf ["); printbuf(ftp.ftp_side[1].ftps_buf, FTP_BUFSZ, 1); PRINTF("]\n"); } else if (!strcmp(apr.apr_label, "ipsec") && (ap.aps_psiz == sizeof(ipsec))) { if (kmemcpy((char *)&ipsec, (long)ap.aps_data, sizeof(ipsec))) return; PRINTF("\tIPSec Proxy:\n"); PRINTF("\t\tICookie %08x%08x RCookie %08x%08x %s\n", (u_int)ntohl(ipsec.ipsc_icookie[0]), (u_int)ntohl(ipsec.ipsc_icookie[1]), (u_int)ntohl(ipsec.ipsc_rcookie[0]), (u_int)ntohl(ipsec.ipsc_rcookie[1]), ipsec.ipsc_rckset ? "(Set)" : "(Not set)"); } } diff --git a/sbin/ipf/libipf/printnat.c b/sbin/ipf/libipf/printnat.c index e4c096429b59..0b032955c8d8 100644 --- a/sbin/ipf/libipf/printnat.c +++ b/sbin/ipf/libipf/printnat.c @@ -1,350 +1,347 @@ /* * Copyright (C) 2012 by Darren Reed. * * See the IPFILTER.LICENCE file for details on licencing. * * Added redirect stuff and a variety of bug fixes. (mcn@EnGarde.com) */ #include "ipf.h" #include "kmem.h" -#if !defined(lint) -static const char rcsid[] = "@(#)$Id$"; -#endif /* * Print out a NAT rule */ void printnat(ipnat_t *np, int opts) { struct protoent *pr; char *base; int family; int proto; if (np->in_v[0] == 4) family = AF_INET; #ifdef USE_INET6 else if (np->in_v[0] == 6) family = AF_INET6; #endif else family = AF_UNSPEC; if (np->in_flags & IPN_NO) PRINTF("no "); switch (np->in_redir) { case NAT_REDIRECT|NAT_ENCAP : PRINTF("encap in on"); proto = np->in_pr[0]; break; case NAT_MAP|NAT_ENCAP : PRINTF("encap out on"); proto = np->in_pr[1]; break; case NAT_REDIRECT|NAT_DIVERTUDP : PRINTF("divert in on"); proto = np->in_pr[0]; break; case NAT_MAP|NAT_DIVERTUDP : PRINTF("divert out on"); proto = np->in_pr[1]; break; case NAT_REDIRECT|NAT_REWRITE : PRINTF("rewrite in on"); proto = np->in_pr[0]; break; case NAT_MAP|NAT_REWRITE : PRINTF("rewrite out on"); proto = np->in_pr[1]; break; case NAT_REDIRECT : PRINTF("rdr"); proto = np->in_pr[0]; break; case NAT_MAP : PRINTF("map"); proto = np->in_pr[1]; break; case NAT_MAPBLK : PRINTF("map-block"); proto = np->in_pr[1]; break; case NAT_BIMAP : PRINTF("bimap"); proto = np->in_pr[0]; break; default : FPRINTF(stderr, "unknown value for in_redir: %#x\n", np->in_redir); proto = np->in_pr[0]; break; } pr = getprotobynumber(proto); base = np->in_names; if (!strcmp(base + np->in_ifnames[0], "-")) PRINTF(" \"%s\"", base + np->in_ifnames[0]); else PRINTF(" %s", base + np->in_ifnames[0]); if ((np->in_ifnames[1] != -1) && (strcmp(base + np->in_ifnames[0], base + np->in_ifnames[1]) != 0)) { if (!strcmp(base + np->in_ifnames[1], "-")) PRINTF(",\"%s\"", base + np->in_ifnames[1]); else PRINTF(",%s", base + np->in_ifnames[1]); } putchar(' '); if (family == AF_INET6) PRINTF("inet6 "); if (np->in_redir & (NAT_REWRITE|NAT_ENCAP|NAT_DIVERTUDP)) { if ((proto != 0) || (np->in_flags & IPN_TCPUDP)) { PRINTF("proto "); printproto(pr, proto, np); putchar(' '); } } if (np->in_flags & IPN_FILTER) { if (np->in_flags & IPN_NOTSRC) PRINTF("! "); PRINTF("from "); printnataddr(np->in_v[0], np->in_names, &np->in_osrc, np->in_ifnames[0]); if (np->in_scmp) printportcmp(proto, &np->in_tuc.ftu_src); if (np->in_flags & IPN_NOTDST) PRINTF(" !"); PRINTF(" to "); printnataddr(np->in_v[0], np->in_names, &np->in_odst, np->in_ifnames[0]); if (np->in_dcmp) printportcmp(proto, &np->in_tuc.ftu_dst); } if (np->in_redir & (NAT_ENCAP|NAT_DIVERTUDP)) { PRINTF(" -> src "); printnataddr(np->in_v[1], np->in_names, &np->in_nsrc, np->in_ifnames[0]); if ((np->in_redir & NAT_DIVERTUDP) != 0) PRINTF(",%u", np->in_spmin); PRINTF(" dst "); printnataddr(np->in_v[1], np->in_names, &np->in_ndst, np->in_ifnames[0]); if ((np->in_redir & NAT_DIVERTUDP) != 0) PRINTF(",%u udp", np->in_dpmin); if ((np->in_flags & IPN_PURGE) != 0) PRINTF(" purge"); PRINTF(";\n"); } else if (np->in_redir & NAT_REWRITE) { PRINTF(" -> src "); if (np->in_nsrc.na_atype == FRI_LOOKUP && np->in_nsrc.na_type == IPLT_DSTLIST) { PRINTF("dstlist/"); if (np->in_nsrc.na_subtype == 0) PRINTF("%d", np->in_nsrc.na_num); else PRINTF("%s", base + np->in_nsrc.na_num); } else { printnataddr(np->in_v[1], np->in_names, &np->in_nsrc, np->in_ifnames[0]); } if ((((np->in_flags & IPN_TCPUDP) != 0)) && (np->in_spmin != 0)) { if ((np->in_flags & IPN_FIXEDSPORT) != 0) { PRINTF(",port = %u", np->in_spmin); } else { PRINTF(",%u", np->in_spmin); if (np->in_spmax != np->in_spmin) PRINTF("-%u", np->in_spmax); } } PRINTF(" dst "); if (np->in_ndst.na_atype == FRI_LOOKUP && np->in_ndst.na_type == IPLT_DSTLIST) { PRINTF("dstlist/"); if (np->in_ndst.na_subtype == 0) PRINTF("%d", np->in_nsrc.na_num); else PRINTF("%s", base + np->in_ndst.na_num); } else { printnataddr(np->in_v[1], np->in_names, &np->in_ndst, np->in_ifnames[0]); } if ((((np->in_flags & IPN_TCPUDP) != 0)) && (np->in_dpmin != 0)) { if ((np->in_flags & IPN_FIXEDDPORT) != 0) { PRINTF(",port = %u", np->in_dpmin); } else { PRINTF(",%u", np->in_dpmin); if (np->in_dpmax != np->in_dpmin) PRINTF("-%u", np->in_dpmax); } } if ((np->in_flags & IPN_PURGE) != 0) PRINTF(" purge"); PRINTF(";\n"); } else if (np->in_redir == NAT_REDIRECT) { if (!(np->in_flags & IPN_FILTER)) { printnataddr(np->in_v[0], np->in_names, &np->in_odst, np->in_ifnames[0]); if (np->in_flags & IPN_TCPUDP) { PRINTF(" port %d", np->in_odport); if (np->in_odport != np->in_dtop) PRINTF("-%d", np->in_dtop); } } if (np->in_flags & IPN_NO) { putchar(' '); printproto(pr, proto, np); PRINTF(";\n"); return; } PRINTF(" -> "); printnataddr(np->in_v[1], np->in_names, &np->in_ndst, np->in_ifnames[0]); if (np->in_flags & IPN_TCPUDP) { if ((np->in_flags & IPN_FIXEDDPORT) != 0) PRINTF(" port = %d", np->in_dpmin); else { PRINTF(" port %d", np->in_dpmin); if (np->in_dpmin != np->in_dpmax) PRINTF("-%d", np->in_dpmax); } } putchar(' '); printproto(pr, proto, np); if (np->in_flags & IPN_ROUNDR) PRINTF(" round-robin"); if (np->in_flags & IPN_FRAG) PRINTF(" frag"); if (np->in_age[0] != 0 || np->in_age[1] != 0) { PRINTF(" age %d/%d", np->in_age[0], np->in_age[1]); } if (np->in_flags & IPN_STICKY) PRINTF(" sticky"); if (np->in_mssclamp != 0) PRINTF(" mssclamp %d", np->in_mssclamp); if (np->in_plabel != -1) PRINTF(" proxy %s", np->in_names + np->in_plabel); if (np->in_tag.ipt_tag[0] != '\0') PRINTF(" tag %-.*s", IPFTAG_LEN, np->in_tag.ipt_tag); if ((np->in_flags & IPN_PURGE) != 0) PRINTF(" purge"); PRINTF("\n"); if (opts & OPT_DEBUG) PRINTF("\tpmax %u\n", np->in_dpmax); } else { int protoprinted = 0; if (!(np->in_flags & IPN_FILTER)) { printnataddr(np->in_v[0], np->in_names, &np->in_osrc, np->in_ifnames[0]); } if (np->in_flags & IPN_NO) { putchar(' '); printproto(pr, proto, np); PRINTF(";\n"); return; } PRINTF(" -> "); if (np->in_flags & IPN_SIPRANGE) { PRINTF("range "); printnataddr(np->in_v[1], np->in_names, &np->in_nsrc, np->in_ifnames[0]); } else { printnataddr(np->in_v[1], np->in_names, &np->in_nsrc, np->in_ifnames[0]); } if (np->in_plabel != -1) { PRINTF(" proxy port "); if (np->in_odport != 0) { char *s; s = portname(proto, np->in_odport); if (s != NULL) fputs(s, stdout); else fputs("???", stdout); } PRINTF(" %s/", np->in_names + np->in_plabel); printproto(pr, proto, NULL); protoprinted = 1; } else if (np->in_redir == NAT_MAPBLK) { if ((np->in_spmin == 0) && (np->in_flags & IPN_AUTOPORTMAP)) PRINTF(" ports auto"); else PRINTF(" ports %d", np->in_spmin); if (opts & OPT_DEBUG) PRINTF("\n\tip modulous %d", np->in_spmax); } else if (np->in_spmin || np->in_spmax) { if (np->in_flags & IPN_ICMPQUERY) { PRINTF(" icmpidmap "); } else { PRINTF(" portmap "); } printproto(pr, proto, np); protoprinted = 1; if (np->in_flags & IPN_AUTOPORTMAP) { PRINTF(" auto"); if (opts & OPT_DEBUG) PRINTF(" [%d:%d %d %d]", np->in_spmin, np->in_spmax, np->in_ippip, np->in_ppip); } else { PRINTF(" %d:%d", np->in_spmin, np->in_spmax); } if (np->in_flags & IPN_SEQUENTIAL) PRINTF(" sequential"); } if (np->in_flags & IPN_FRAG) PRINTF(" frag"); if (np->in_age[0] != 0 || np->in_age[1] != 0) { PRINTF(" age %d/%d", np->in_age[0], np->in_age[1]); } if (np->in_mssclamp != 0) PRINTF(" mssclamp %d", np->in_mssclamp); if (np->in_tag.ipt_tag[0] != '\0') PRINTF(" tag %s", np->in_tag.ipt_tag); if (!protoprinted && (np->in_flags & IPN_TCPUDP || proto)) { putchar(' '); printproto(pr, proto, np); } if ((np->in_flags & IPN_PURGE) != 0) PRINTF(" purge"); PRINTF("\n"); if (opts & OPT_DEBUG) { PRINTF("\tnextip "); printip(family, &np->in_snip); PRINTF(" pnext %d\n", np->in_spnext); } } if (opts & OPT_DEBUG) { PRINTF("\tspace %lu use %u hits %lu flags %#x proto %d/%d", np->in_space, np->in_use, np->in_hits, np->in_flags, np->in_pr[0], np->in_pr[1]); PRINTF(" hv %u/%u\n", np->in_hv[0], np->in_hv[1]); PRINTF("\tifp[0] %p ifp[1] %p apr %p\n", np->in_ifps[0], np->in_ifps[1], np->in_apr); PRINTF("\ttqehead %p/%p comment %p\n", np->in_tqehead[0], np->in_tqehead[1], np->in_comment); } } diff --git a/sbin/ipf/libipf/printnataddr.c b/sbin/ipf/libipf/printnataddr.c index ee00b5b14d6c..e6003f0b076b 100644 --- a/sbin/ipf/libipf/printnataddr.c +++ b/sbin/ipf/libipf/printnataddr.c @@ -1,44 +1,41 @@ /* * Copyright (C) 2012 by Darren Reed. * * See the IPFILTER.LICENCE file for details on licencing. * * Added redirect stuff and a variety of bug fixes. (mcn@EnGarde.com) */ #include "ipf.h" #include "kmem.h" -#if !defined(lint) -static const char rcsid[] = "@(#)$Id: printnataddr.c,v 1.4.2.2 2012/07/22 08:04:24 darren_r Exp $"; -#endif void printnataddr( int v, char *base, nat_addr_t *addr, int ifidx) { switch (v) { case 4 : if (addr->na_atype == FRI_NORMAL && addr->na_addr[0].in4.s_addr == 0) { PRINTF("0/%d", count4bits(addr->na_addr[1].in4.s_addr)); } else { printaddr(AF_INET, addr->na_atype, base, ifidx, (u_32_t *)&addr->na_addr[0].in4.s_addr, (u_32_t *)&addr->na_addr[1].in4.s_addr); } break; #ifdef USE_INET6 case 6 : printaddr(AF_INET6, addr->na_atype, base, ifidx, (u_32_t *)&addr->na_addr[0].in6, (u_32_t *)&addr->na_addr[1].in6); break; #endif default : printf("{v=%d}", v); break; } } diff --git a/sbin/ipf/libipf/printproto.c b/sbin/ipf/libipf/printproto.c index 7bc4952b3b7c..3d4c881ff6d0 100644 --- a/sbin/ipf/libipf/printproto.c +++ b/sbin/ipf/libipf/printproto.c @@ -1,39 +1,36 @@ /* * Copyright (C) 2012 by Darren Reed. * * See the IPFILTER.LICENCE file for details on licencing. */ #include "ipf.h" -#if !defined(lint) -static const char rcsid[] = "@(#)$Id$"; -#endif void printproto(struct protoent *pr, int p, ipnat_t *np) { if (np != NULL) { if ((np->in_flags & IPN_TCPUDP) == IPN_TCPUDP) PRINTF("tcp/udp"); else if (np->in_flags & IPN_TCP) PRINTF("tcp"); else if (np->in_flags & IPN_UDP) PRINTF("udp"); else if (np->in_flags & IPN_ICMPQUERY) PRINTF("icmp"); else if (np->in_pr[0] == 0) PRINTF("ip"); else if (pr != NULL) PRINTF("%s", pr->p_name); else PRINTF("%d", np->in_pr[0]); } else { if (pr != NULL) PRINTF("%s", pr->p_name); else PRINTF("%d", p); } } diff --git a/sbin/md5/Makefile b/sbin/md5/Makefile index 359c4b96f9fd..c9bf16796459 100644 --- a/sbin/md5/Makefile +++ b/sbin/md5/Makefile @@ -1,75 +1,74 @@ -# @(#)Makefile 8.1 (Berkeley) 6/9/93 PACKAGE=runtime PROG= md5 LINKS= ${BINDIR}/md5 ${BINDIR}/md5sum \ ${BINDIR}/md5 ${BINDIR}/rmd160 \ ${BINDIR}/md5 ${BINDIR}/rmd160sum \ ${BINDIR}/md5 ${BINDIR}/sha1 \ ${BINDIR}/md5 ${BINDIR}/sha1sum \ ${BINDIR}/md5 ${BINDIR}/sha224 \ ${BINDIR}/md5 ${BINDIR}/sha224sum \ ${BINDIR}/md5 ${BINDIR}/sha256 \ ${BINDIR}/md5 ${BINDIR}/sha256sum \ ${BINDIR}/md5 ${BINDIR}/sha384 \ ${BINDIR}/md5 ${BINDIR}/sha384sum \ ${BINDIR}/md5 ${BINDIR}/sha512 \ ${BINDIR}/md5 ${BINDIR}/sha512sum \ ${BINDIR}/md5 ${BINDIR}/sha512t224 \ ${BINDIR}/md5 ${BINDIR}/sha512t224sum \ ${BINDIR}/md5 ${BINDIR}/sha512t256 \ ${BINDIR}/md5 ${BINDIR}/sha512t256sum \ ${BINDIR}/md5 ${BINDIR}/skein256 \ ${BINDIR}/md5 ${BINDIR}/skein256sum \ ${BINDIR}/md5 ${BINDIR}/skein512 \ ${BINDIR}/md5 ${BINDIR}/skein512sum \ ${BINDIR}/md5 ${BINDIR}/skein1024 \ ${BINDIR}/md5 ${BINDIR}/skein1024sum MLINKS= md5.1 md5sum.1 \ md5.1 rmd160.1 \ md5.1 rmd160sum.1 \ md5.1 sha1.1 \ md5.1 sha1sum.1 \ md5.1 sha224.1 \ md5.1 sha224sum.1 \ md5.1 sha256.1 \ md5.1 sha256sum.1 \ md5.1 sha384.1 \ md5.1 sha384sum.1 \ md5.1 sha512.1 \ md5.1 sha512sum.1 \ md5.1 sha512t224.1 \ md5.1 sha512t224sum.1 \ md5.1 sha512t256.1 \ md5.1 sha512t256sum.1 \ md5.1 skein256.1 \ md5.1 skein256sum.1 \ md5.1 skein512.1 \ md5.1 skein512sum.1 \ md5.1 skein1024.1 \ md5.1 skein1024sum.1 # md5 can also emulate the shasum script that comes with Perl, except # that, in bits input mode, it can only handle input lengths that are # a multiple of 8 (see manual page). #LINKS+= ${BINDIR}/md5 ${BINDIR}/shasum #MLINKS+= md5.1 shasum.1 LIBADD= md .ifndef(BOOTSTRAPPING) # Avoid depending on capsicum during bootstrap. caph_limit_stdout() is not # available when building for Linux/MacOS or older FreeBSD hosts. # We need to bootstrap md5 when building on Linux since the md5sum command there # produces different output. CFLAGS+=-DHAVE_CAPSICUM .endif .include HAS_TESTS= SUBDIR.${MK_TESTS}+= tests .include diff --git a/sbin/mdconfig/mdconfig.8 b/sbin/mdconfig/mdconfig.8 index 757e38cc4841..938d6ddf12b0 100644 --- a/sbin/mdconfig/mdconfig.8 +++ b/sbin/mdconfig/mdconfig.8 @@ -1,388 +1,386 @@ .\" Copyright (c) 1993 University of Utah. .\" Copyright (c) 1980, 1989, 1991, 1993 .\" The Regents of the University of California. All rights reserved. .\" Copyright (c) 2000 .\" Poul-Henning Kamp All rights reserved. .\" .\" This code is derived from software contributed to Berkeley by .\" the Systems Programming Group of the University of Utah Computer .\" Science Department. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: .\" 1. Redistributions of source code must retain the above copyright .\" notice, this list of conditions and the following disclaimer. .\" 2. Redistributions in binary form must reproduce the above copyright .\" notice, this list of conditions and the following disclaimer in the .\" documentation and/or other materials provided with the distribution. .\" 3. Neither the name of the University nor the names of its contributors .\" may be used to endorse or promote products derived from this software .\" without specific prior written permission. .\" .\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE .\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. -.\" -.\" @(#)vnconfig.8 8.1 (Berkeley) 6/5/93 .\" from: src/usr.sbin/vnconfig/vnconfig.8,v 1.19 2000/12/27 15:30:29 .\" .Dd August 27, 2021 .Dt MDCONFIG 8 .Os .Sh NAME .Nm mdconfig .Nd create and control memory disks .Sh SYNOPSIS .Nm .Fl a .Fl t Ar type .Op Fl n .Oo Fl o Oo Cm no Oc Ns Ar option Oc ... .Op Fl f Ar file .Op Fl s Ar size .Op Fl S Ar sectorsize .Op Fl u Ar unit .Op Fl x Ar sectors/track .Op Fl y Ar heads/cylinder .Op Fl L Ar label .Nm .Fl d .Fl u Ar unit .Op Fl o Oo Cm no Oc Ns Ar force .Nm .Fl r .Fl u Ar unit .Fl s Ar size .Op Fl o Oo Cm no Oc Ns Ar force .Nm .Fl l .Op Fl n .Op Fl v .Op Fl f Ar file .Op Fl u Ar unit .Nm .Ar file .Sh DESCRIPTION The .Nm utility creates and controls .Xr md 4 devices. .Pp Options indicate an action to be performed: .Bl -tag -width indent .It Fl a Attach a memory disk. This will configure and attach a memory disk with the parameters specified and attach it to the system. If the .Fl u Ar unit option is not provided, the newly created device name will be printed on stdout. .It Fl d Detach a memory disk from the system and release all resources. .It Fl r Resize a memory disk. .It Fl t Ar type Select the type of the memory disk. .Bl -tag -width "malloc" .It Cm malloc Storage for this type of memory disk is allocated with .Xr malloc 9 . This limits the size to the malloc bucket limit in the kernel. If the .Fl o Cm reserve option is not set, creating and filling a large malloc-backed memory disk is a very easy way to panic the system. .It Cm vnode A file specified with .Fl f Ar file becomes the backing store for this memory disk. .It Cm swap Storage for this type of memory disk is allocated from buffer memory. Pages get pushed out to swap when the system is under memory pressure, otherwise they stay in the operating memory. Using .Cm swap backing is generally preferred instead of using .Cm malloc backing. .It Cm null Bitsink; all writes do nothing, all reads return zeroes. .El .It Fl f Ar file Filename to use for the vnode type memory disk. The .Fl a and .Fl t Cm vnode options are implied if not specified. .It Fl l List configured devices. If given with .Fl u , display details about that particular device. If given with .Fl f Ar file , display .Xr md 4 device names of which .Ar file is used as the backing store. If both of .Fl u and .Fl f options are specified, display devices which match the two conditions. If the .Fl v option is specified, show all details. .It Fl n When printing .Xr md 4 device names, print only the unit number without the .Xr md 4 prefix. .It Fl s Ar size Size of the memory disk. .Ar Size is the number of 512 byte sectors unless suffixed with a .Cm b , k , m , g , t , or .Cm p which denotes byte, kilobyte, megabyte, gigabyte, terabyte and petabyte respectively. When used without the .Fl r option, the .Fl a and .Fl t Cm swap options are implied if not specified. .It Fl S Ar sectorsize Sectorsize to use for the memory disk, in bytes. .It Fl x Ar sectors/track See the description of the .Fl y option below. .It Fl y Ar heads/cylinder For .Cm malloc or .Cm vnode backed devices, the .Fl x and .Fl y options can be used to specify a synthetic geometry. This is useful for constructing bootable images for later download to other devices. .It Fl L Ar label Associate a label (arbitrary string) with the new memory disk. The label can then be inspected with .Bd -literal -offset indent .Nm Fl l v .Ed .It Fl o Oo Cm no Oc Ns Ar option Set or reset options. .Bl -tag -width indent .It Oo Cm no Oc Ns Cm async For .Cm vnode backed devices: avoid .Dv IO_SYNC for increased performance but at the risk of deadlocking the entire kernel. .It Oo Cm no Oc Ns Cm cache For .Cm vnode backed devices: enable/disable caching of data in system caches. The default is to not cache. .Pp Accesses via the device are converted to accesses via the vnode. The caching policy for the vnode is used initially. This is normally to cache. This caching policy is retained if the .Cm cache option is used. Otherwise, caching is limited by releasing data from caches soon after each access. The release has the same semantics as the .Dv POSIX_FADV_DONTNEED feature of .Xr posix_fadvise 2 . The result is that with normal (non-zfs) caching, buffers are released from the buffer cache soon after they are constructed, but their data is kept in the page cache at lower priority. .Pp The .Cm cache option tends to waste memory by giving unwanted double caching, but it saves time if there is memory to spare. .It Oo Cm no Oc Ns Cm reserve Allocate and reserve all needed storage from the start, rather than as needed. .It Oo Cm no Oc Ns Cm cluster Enable clustering on this disk. .It Oo Cm no Oc Ns Cm compress Enable/disable compression features to reduce memory usage. .It Oo Cm no Oc Ns Cm force Disable/enable extra sanity checks to prevent the user from doing something that might adversely affect the system. This can be used with the .Fl d flag to forcibly destroy an .Xr md 4 disk that is still in use. .It Oo Cm no Oc Ns Cm mustdealloc For .Cm vnode backed devices: detect whether hole-punching is supported by the underlying file system. If the file system supports hole-punching, then to handle a .Dv BIO_DELETE request, some or all of the request's operation range may be turned into a hole in the file used for backing store. Any parts which are not turned into holes are zero-filled in the file. If the file system does not support hole-punching, .Dv BIO_DELETE requests to the device are not handled and will fail with .Er EOPNOTSUPP . .Pp When .Cm mustdealloc is not specified or .Oo Cm no Oc Ns Cm mustdealloc is specified, for a .Dv BIO_DELETE request, if the file system supports hole-punching, some or all of the request's operation range may be turned into a hole in the file used for backing store. Any parts which are not turned into holes are zero-filled in the file. If the file system of the vnode type memory disk does not support hole-punching, the request's operation range is zero-filled in the file. .It Oo Cm no Oc Ns Cm readonly Enable/disable readonly mode. .It Oo Cm no Oc Ns Cm verify For .Cm vnode backed devices: enable/disable requesting verification of the file used for backing store. The type of verification depends on which security features are available. One example of verification is testing file integrity with checksums or cryptographic signatures. .El .It Fl u Ar unit Request a specific unit number or device name for the .Xr md 4 device instead of automatic allocation. If a device name is specified, it must start with .Dq md followed by the unit number. .El .Pp The last form, .Nm .Ar file , is provided for convenience as an abbreviation of .Nm .Fl a .Fl t Cm vnode .Fl f Ar file . .Sh EXAMPLES Create a disk with .Pa /tmp/boot.flp as backing storage. The name of the allocated unit will be printed on stdout, such as .Dq Li md0 : .Bd -literal -offset indent mdconfig /tmp/boot.flp .Ed .Pp Create a 1 gigabyte swap backed memory disk named .Dq Li md3 : .Bd -literal -offset indent mdconfig -s 1g -u md3 .Ed .Pp Detach and free all resources used by .Pa /dev/md3 : .Bd -literal -offset indent mdconfig -du md3 .Ed .Pp Show detailed information on current memory disks: .Bd -literal -offset indent mdconfig -lv .Ed .Pp Resize the .Dq Li md3 memory disk to 2 gigabytes: .Bd -literal -offset indent mdconfig -rs 2g -u md3 .Ed .Pp Create a 1 gigabyte swap backed disk, initialize an .Xr ffs 7 file system on it, and mount it on .Pa /tmp : .Bd -literal -offset indent mdconfig -s 1g -u md10 newfs -U /dev/md10 mount /dev/md10 /tmp chmod 1777 /tmp .Ed .Pp Create a memory disk out of an ISO 9660 CD image file, using the first available .Xr md 4 device, and then mount it: .Bd -literal -offset indent mount -t cd9660 /dev/`mdconfig -f cdimage.iso` /mnt .Ed .Pp Create a file-backed device from a hard disk image that begins with 512K of raw header information. .Xr gnop 8 is used to skip over the header information, positioning .Pa md1.nop to the start of the filesystem in the image. .Bd -literal -offset indent mdconfig -u md1 -f diskimage.img gnop create -o 512K md1 mount /dev/md1.nop /mnt .Ed .Sh SEE ALSO .Xr fpathconf 2 , .Xr fspacectl 2 , .Xr open 2 , .Xr md 4 , .Xr ffs 7 , .Xr gpart 8 , .Xr mdmfs 8 , .Xr malloc 9 , .Xr vn_deallocate 9 .Sh HISTORY The .Nm utility first appeared in .Fx 5.0 as a cleaner replacement for the vn kernel module and the vnconfig utility combo. .Sh AUTHORS The .Nm utility was written by .An Poul-Henning Kamp Aq Mt phk@FreeBSD.org . diff --git a/sbin/mknod/Makefile b/sbin/mknod/Makefile index 3a3be17f9cf7..ce2c8d0cd97d 100644 --- a/sbin/mknod/Makefile +++ b/sbin/mknod/Makefile @@ -1,7 +1,6 @@ -# @(#)Makefile 8.1 (Berkeley) 6/5/93 PACKAGE=runtime PROG= mknod MAN= mknod.8 .include diff --git a/sbin/mknod/mknod.8 b/sbin/mknod/mknod.8 index 7bac489f4a2e..99337bd34767 100644 --- a/sbin/mknod/mknod.8 +++ b/sbin/mknod/mknod.8 @@ -1,151 +1,149 @@ .\" Copyright (c) 1980, 1991, 1993 .\" The Regents of the University of California. All rights reserved. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: .\" 1. Redistributions of source code must retain the above copyright .\" notice, this list of conditions and the following disclaimer. .\" 2. Redistributions in binary form must reproduce the above copyright .\" notice, this list of conditions and the following disclaimer in the .\" documentation and/or other materials provided with the distribution. .\" 3. Neither the name of the University nor the names of its contributors .\" may be used to endorse or promote products derived from this software .\" without specific prior written permission. .\" .\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE .\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" @(#)mknod.8 8.2 (Berkeley) 12/11/93 -.\" .Dd October 3, 2016 .Dt MKNOD 8 .Os .Sh NAME .Nm mknod .Nd build special file .Sh SYNOPSIS .Nm .Ar name .Nm .Ar name .Op Cm b | c .Ar major minor .Op Ar owner : Ns Ar group .Sh DESCRIPTION .Bf -symbolic The .Nm utility is deprecated on modern .Fx systems. .Ef .Pp The .Nm utility creates device special files. To make nodes manually, the arguments are: .Bl -tag -width indent .It Ar name Device name, for example .Pa /dev/da0 for a SCSI disk or .Pa /dev/pts/0 for pseudo-terminals. .It Cm b | c Type of device. If the device is a block type device such as a tape or disk drive which needs both cooked and raw special files, the type is .Cm b . All other devices are character type devices, such as terminal and pseudo devices, and are type .Cm c . .It Ar major The major device number is an integer number which tells the kernel which device driver entry point to use. .It Ar minor The minor device number tells the kernel which subunit the node corresponds to on the device; for example, a subunit may be a file system partition or a tty line. .It Ar owner : Ns Ar group The .Ar owner .Ar group operand pair is optional, however, if one is specified, they both must be specified. The .Ar owner may be either a numeric user ID or a user name. If a user name is also a numeric user ID, the operand is used as a user name. The .Ar group may be either a numeric group ID or a group name. Similar to the user name, if a group name is also a numeric group ID, the operand is used as a group name. .El .Pp Major and minor device numbers can be given in any format acceptable to .Xr strtoul 3 , so that a leading .Ql 0x indicates a hexadecimal number, and a leading .Ql 0 will cause the number to be interpreted as octal. .Pp The .Nm utility can be used to recreate deleted device nodes under a .Xr devfs 5 mount point by invoking it with only a filename as an argument. Example: .Pp .Dl "mknod /dev/cd0" .Pp where .Pa /dev/cd0 is the name of the deleted device node. .Sh COMPATIBILITY The .Xr chown 8 Ns - Ns like functionality is specific to .Fx . .Pp As of .Fx 4.0 , block devices were deprecated in favour of character devices. As of .Fx 5.0 , device nodes are managed by the device file system .Xr devfs 5 , making the .Nm utility superfluous. As of .Fx 6.0 device nodes may be created in regular file systems but such nodes cannot be used to access devices. .Sh SEE ALSO .Xr mkfifo 1 , .Xr mknod 2 , .Xr devfs 5 , .Xr chown 8 .Sh HISTORY A .Nm utility appeared in .At v4 . diff --git a/sbin/mknod/mknod.c b/sbin/mknod/mknod.c index 091c05cbfac2..aeee4c12508f 100644 --- a/sbin/mknod/mknod.c +++ b/sbin/mknod/mknod.c @@ -1,167 +1,164 @@ /* * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1989, 1993 * The Regents of the University of California. All rights reserved. * * This code is derived from software contributed to Berkeley by * Kevin Fall. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #ifndef lint static const char copyright[] = "@(#) Copyright (c) 1989, 1993\n\ The Regents of the University of California. All rights reserved.\n"; #endif /* not lint */ #ifndef lint -#if 0 -static char sccsid[] = "@(#)mknod.c 8.1 (Berkeley) 6/5/93"; -#endif #endif /* not lint */ #include #include #include #include #include #include #include #include #include #include static void usage(void) { (void)fprintf(stderr, "usage: mknod name\n" " mknod name [b | c] major minor [owner:group]\n"); exit(1); } static u_long id(const char *name, const char *type) { u_long val; char *ep; /* * XXX * We know that uid_t's and gid_t's are unsigned longs. */ errno = 0; val = strtoul(name, &ep, 10); if (errno) err(1, "%s", name); if (*ep != '\0') errx(1, "%s: illegal %s name", name, type); return (val); } static gid_t a_gid(const char *s) { struct group *gr; if (*s == '\0') /* Argument was "uid[:.]". */ errx(1, "group must be specified when the owner is"); return ((gr = getgrnam(s)) == NULL) ? id(s, "group") : gr->gr_gid; } static uid_t a_uid(const char *s) { struct passwd *pw; if (*s == '\0') /* Argument was "[:.]gid". */ errx(1, "owner must be specified when the group is"); return ((pw = getpwnam(s)) == NULL) ? id(s, "user") : pw->pw_uid; } int main(int argc, char **argv) { int range_error; uid_t uid; gid_t gid; mode_t mode; dev_t dev; char *cp, *endp; long mymajor, myminor; if (argc != 2 && argc != 5 && argc != 6) usage(); if (argc >= 5) { mode = 0666; if (argv[2][0] == 'c') mode |= S_IFCHR; else if (argv[2][0] == 'b') mode |= S_IFBLK; else errx(1, "node must be type 'b' or 'c'"); errno = 0; mymajor = (long)strtoul(argv[3], &endp, 0); if (endp == argv[3] || *endp != '\0') errx(1, "%s: non-numeric major number", argv[3]); range_error = errno; errno = 0; myminor = (long)strtoul(argv[4], &endp, 0); if (endp == argv[4] || *endp != '\0') errx(1, "%s: non-numeric minor number", argv[4]); range_error |= errno; dev = makedev(mymajor, myminor); if (range_error || major(dev) != mymajor || (long)(u_int)minor(dev) != myminor) errx(1, "major or minor number too large"); } else { mode = 0666 | S_IFCHR; dev = 0; } uid = gid = -1; if (6 == argc) { /* have owner:group */ if ((cp = strchr(argv[5], ':')) != NULL) { *cp++ = '\0'; gid = a_gid(cp); } else usage(); uid = a_uid(argv[5]); } if (mknod(argv[1], mode, dev) != 0) err(1, "%s", argv[1]); if (6 == argc) if (chown(argv[1], uid, gid)) err(1, "setting ownership on %s", argv[1]); exit(0); } diff --git a/sbin/mount/Makefile b/sbin/mount/Makefile index 98ac87c2d741..ad5a27f7d76d 100644 --- a/sbin/mount/Makefile +++ b/sbin/mount/Makefile @@ -1,18 +1,17 @@ -# @(#)Makefile 8.6 (Berkeley) 5/8/95 PACKAGE=runtime PROG= mount SRCS= mount.c mount_fs.c getmntopts.c vfslist.c MAN= mntopts.3 mount.8 MLINKS+= mntopts.3 getmntopts.3 MLINKS+= mntopts.3 getmntpoint.3 MLINKS+= mntopts.3 chkdoreload.3 MLINKS+= mntopts.3 build_iovec.3 MLINKS+= mntopts.3 build_iovec_argf.3 MLINKS+= mntopts.3 free_iovec.3 MLINKS+= mntopts.3 checkpath.3 MLINKS+= mntopts.3 rmslashes.3 LIBADD= util xo .include diff --git a/sbin/mount/getmntopts.c b/sbin/mount/getmntopts.c index 31987f7b0b78..331584d885cb 100644 --- a/sbin/mount/getmntopts.c +++ b/sbin/mount/getmntopts.c @@ -1,307 +1,304 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1994 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #if 0 -#ifndef lint -static char sccsid[] = "@(#)getmntopts.c 8.3 (Berkeley) 3/29/95"; -#endif /* not lint */ #endif #include #include #include #include #include #include #include #include #include #include #include #include #include "mntopts.h" int getmnt_silent = 0; void getmntopts(const char *options, const struct mntopt *m0, int *flagp, int *altflagp) { const struct mntopt *m; int negative, len; char *opt, *optbuf, *p; int *thisflagp; /* Copy option string, since it is about to be torn asunder... */ if ((optbuf = strdup(options)) == NULL) err(1, NULL); for (opt = optbuf; (opt = strtok(opt, ",")) != NULL; opt = NULL) { /* Check for "no" prefix. */ if (opt[0] == 'n' && opt[1] == 'o') { negative = 1; opt += 2; } else negative = 0; /* * for options with assignments in them (ie. quotas) * ignore the assignment as it's handled elsewhere */ p = strchr(opt, '='); if (p != NULL) *++p = '\0'; /* Scan option table. */ for (m = m0; m->m_option != NULL; ++m) { len = strlen(m->m_option); if (strncasecmp(opt, m->m_option, len) == 0) if (opt[len] == '\0' || opt[len] == '=') break; } /* Save flag, or fail if option is not recognized. */ if (m->m_option) { thisflagp = m->m_altloc ? altflagp : flagp; if (negative == m->m_inverse) *thisflagp |= m->m_flag; else *thisflagp &= ~m->m_flag; } else if (!getmnt_silent) { errx(1, "-o %s: option not supported", opt); } } free(optbuf); } void rmslashes(char *rrpin, char *rrpout) { char *rrpoutstart; *rrpout = *rrpin; for (rrpoutstart = rrpout; *rrpin != '\0'; *rrpout++ = *rrpin++) { /* skip all double slashes */ while (*rrpin == '/' && *(rrpin + 1) == '/') rrpin++; } /* remove trailing slash if necessary */ if (rrpout - rrpoutstart > 1 && *(rrpout - 1) == '/') *(rrpout - 1) = '\0'; else *rrpout = '\0'; } int checkpath(const char *path, char *resolved) { struct stat sb; if (realpath(path, resolved) == NULL || stat(resolved, &sb) != 0) return (1); if (!S_ISDIR(sb.st_mode)) { errno = ENOTDIR; return (1); } return (0); } int checkpath_allow_file(const char *path, char *resolved) { struct stat sb; if (realpath(path, resolved) == NULL || stat(resolved, &sb) != 0) return (1); if (!S_ISDIR(sb.st_mode) && !S_ISREG(sb.st_mode)) { errno = ENOTDIR; return (1); } return (0); } /* * Get the mount point information for name. Name may be mount point name * or device name (with or without /dev/ preprended). */ struct statfs * getmntpoint(const char *name) { struct stat devstat, mntdevstat; char device[sizeof(_PATH_DEV) - 1 + MNAMELEN]; char *ddevname; struct statfs *mntbuf, *statfsp; int i, mntsize, isdev; u_long len; if (stat(name, &devstat) != 0) return (NULL); if (S_ISCHR(devstat.st_mode) || S_ISBLK(devstat.st_mode)) isdev = 1; else isdev = 0; mntsize = getmntinfo(&mntbuf, MNT_NOWAIT); for (i = 0; i < mntsize; i++) { statfsp = &mntbuf[i]; if (isdev == 0) { if (strcmp(name, statfsp->f_mntonname)) continue; return (statfsp); } ddevname = statfsp->f_mntfromname; if (*ddevname != '/') { if ((len = strlen(_PATH_DEV) + strlen(ddevname) + 1) > sizeof(statfsp->f_mntfromname) || len > sizeof(device)) continue; strncpy(device, _PATH_DEV, len); strncat(device, ddevname, len); if (stat(device, &mntdevstat) == 0) strncpy(statfsp->f_mntfromname, device, len); } if (stat(ddevname, &mntdevstat) == 0 && mntdevstat.st_rdev == devstat.st_rdev) return (statfsp); } return (NULL); } /* * If possible reload a mounted filesystem. * When prtmsg != NULL print a warning if a reload is attempted, but fails. * Return 0 on success, 1 on failure. */ int chkdoreload(struct statfs *mntp, void (*prtmsg)(const char *, ...) __printflike(1,2)) { struct iovec *iov; int iovlen, error; char errmsg[255]; /* * If the filesystem is not mounted it does not need to be reloaded. * If it is mounted for writing, then it could not have been opened * for writing by a utility, so does not need to be reloaded. */ if (mntp == NULL || (mntp->f_flags & MNT_RDONLY) == 0) return (0); /* * We modified a mounted file system. Do a mount update on * it so we can continue using it as safely as possible. */ iov = NULL; iovlen = 0; errmsg[0] = '\0'; build_iovec(&iov, &iovlen, "fstype", __DECONST(void *, "ffs"), 4); build_iovec(&iov, &iovlen, "from", mntp->f_mntfromname, (size_t)-1); build_iovec(&iov, &iovlen, "fspath", mntp->f_mntonname, (size_t)-1); build_iovec(&iov, &iovlen, "errmsg", errmsg, sizeof(errmsg)); build_iovec(&iov, &iovlen, "update", NULL, 0); build_iovec(&iov, &iovlen, "reload", NULL, 0); /* * XX: We need the following line until we clean up * nmount parsing of root mounts and NFS root mounts. */ build_iovec(&iov, &iovlen, "ro", NULL, 0); error = nmount(iov, iovlen, mntp->f_flags); free_iovec(&iov, &iovlen); if (error == 0) return (0); if (prtmsg != NULL) prtmsg("mount reload of '%s' failed: %s %s\n\n", mntp->f_mntonname, strerror(errno), errmsg); return (1); } void build_iovec(struct iovec **iov, int *iovlen, const char *name, void *val, size_t len) { int i; if (*iovlen < 0) return; i = *iovlen; *iov = realloc(*iov, sizeof **iov * (i + 2)); if (*iov == NULL) { *iovlen = -1; return; } (*iov)[i].iov_base = strdup(name); (*iov)[i].iov_len = strlen(name) + 1; i++; (*iov)[i].iov_base = val; if (len == (size_t)-1) { if (val != NULL) len = strlen(val) + 1; else len = 0; } (*iov)[i].iov_len = (int)len; *iovlen = ++i; } /* * This function is needed for compatibility with parameters * which used to use the mount_argf() command for the old mount() syscall. */ void build_iovec_argf(struct iovec **iov, int *iovlen, const char *name, const char *fmt, ...) { va_list ap; char val[255] = { 0 }; va_start(ap, fmt); vsnprintf(val, sizeof(val), fmt, ap); va_end(ap); build_iovec(iov, iovlen, name, strdup(val), (size_t)-1); } /* * Free the iovec and reset to NULL with zero length. Useful for calling * nmount in a loop. */ void free_iovec(struct iovec **iov, int *iovlen) { int i; for (i = 0; i < *iovlen; i += 2) free((*iov)[i].iov_base); free(*iov); } diff --git a/sbin/mount/mntopts.3 b/sbin/mount/mntopts.3 index 782acabef1a0..fe2073c3dc71 100644 --- a/sbin/mount/mntopts.3 +++ b/sbin/mount/mntopts.3 @@ -1,381 +1,379 @@ .\" Copyright (c) 2023 Marshall Kirk McKusick .\" Copyright (c) 1994 The Regents of the University of California. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: .\" 1. Redistributions of source code must retain the above copyright .\" notice, this list of conditions and the following disclaimer. .\" 2. Redistributions in binary form must reproduce the above copyright .\" notice, this list of conditions and the following disclaimer in the .\" documentation and/or other materials provided with the distribution. .\" .\" THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE .\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" @(#)getmntopts.3 8.3 (Berkeley) 3/30/95 -.\" .Dd January 19, 2023 .Dt MNTOPTS 3 .Os .Sh NAME .Nm getmntopts , .Nm getmntpoint , .Nm chkdoreload , .Nm build_iovec , .Nm build_iovec_argf , .Nm free_iovec , .Nm checkpath , .Nm rmslashes .Nd "mount point operations" .Sh SYNOPSIS .In mntopts.h .Ft void .Fo getmntopts .Fa "const char *options" "const struct mntopt *mopts" .Fa "int *flagp" "int *altflagp" .Fc .Ft struct statfs * .Fn getmntpoint "const char *name" .Ft int .Fo chkdoreload .Fa "struct statfs *mntp" .Fa "void (*prtmsg)(const char *fmt, ...)" .Fc .Ft void .Fo build_iovec .Fa "struct iovec **iov" "int *iovlen" "const char *name" "void *val" .Fa "size_t len" .Fc .Ft void .Fo build_iovec_argf .Fa "struct iovec **iov" "int *iovlen" "const char *name" .Fa "const char *fmt" "..." .Fc .Ft void .Fn free_iovec "struct iovec **iov" "int *iovlen" .Ft int .Fn checkpath "const char *path" "char *resolved" .Ft void .Fn rmslashes "char *rrpin" "char *rrpout" .Sh DESCRIPTION The .Nm mntopts functions support operations associated with a mount point. For historic reasons are in a file in the sources for the .Xr mount 8 program. Thus, to access them the following lines need to be added to the .Nm Makefile of the program wanting to use them: .Bd -literal SRCS+= getmntopts.c MOUNT= ${SRCTOP}/sbin/mount CFLAGS+= -I${MOUNT} \&.PATH: ${MOUNT} .Ed .Pp The .Fn getmntopts function takes a comma separated option list and a list of valid option names, and computes the bitmask corresponding to the requested set of options. .Pp The string .Fa options is broken down into a sequence of comma separated tokens. Each token is looked up in the table described by .Fa mopts and the bits in the word referenced by either .Fa flagp or .Fa altflagp (depending on the .Va m_altloc field of the option's table entry) are updated. The flag words are not initialized by .Fn getmntopts . The table, .Fa mopts , has the following format: .Bd -literal struct mntopt { char *m_option; /* option name */ int m_inverse; /* is this a negative option, e.g., "dev" */ int m_flag; /* bit to set, e.g., MNT_RDONLY */ int m_altloc; /* non-zero to use altflagp rather than flagp */ }; .Ed .Pp The members of this structure are: .Bl -tag -width m_inverse .It Va m_option the option name, for example .Dq Li suid . .It Va m_inverse tells .Fn getmntopts that the name has the inverse meaning of the bit. For example, .Dq Li suid is the string, whereas the mount flag is .Dv MNT_NOSUID . In this case, the sense of the string and the flag are inverted, so the .Va m_inverse flag should be set. .It Va m_flag the value of the bit to be set or cleared in the flag word when the option is recognized. The bit is set when the option is discovered, but cleared if the option name was preceded by the letters .Dq Li no . The .Va m_inverse flag causes these two operations to be reversed. .It Va m_altloc the bit should be set or cleared in .Fa altflagp rather than .Fa flagp . .El .Pp Each of the user visible .Dv MNT_ flags has a corresponding .Dv MOPT_ macro which defines an appropriate .Vt "struct mntopt" entry. To simplify the program interface and ensure consistency across all programs, a general purpose macro, .Dv MOPT_STDOPTS , is defined which contains an entry for all the generic VFS options. In addition, the macros .Dv MOPT_FORCE and .Dv MOPT_UPDATE exist to enable the .Dv MNT_FORCE and .Dv MNT_UPDATE flags to be set. Finally, the table must be terminated by an entry with a .Dv NULL first element. .Pp The .Fn getmntpoint function takes the pathname of a possible mount point or of a device (with or without .Pa /dev/ prepended to it). If the pathname is a directory or a file, .Fn getmntpoint checks to see if the mount point currently has a filesystem mounted on it. If the pathname is a device, .Fn getmntpoint checks to see if it is currently mounted. If there is an associated mount, a pointer to a .Vt "struct statfs" is returned. The returned result is stored in a static buffer that is over-written each time the .Fn getmntpoint function or the .Xr getmntinfo 3 library routine is called. If no mount is found, NULL is returned. .Pp The .Fn chkdoreload function takes a pointer to a .Vt "struct statfs" . If the filesystem associated with the mount point is mounted read-only, .Fn chkdoreload requests the filesystem to reload all of its metadata from its backing store. The second parameter is the function to call to print an error message if the reload fails. If no error message is desired, a .Dv NULL can be passed as the second argument. The .Fn chkdoreload function returns zero on success or non-zero on failure. .Pp The .Fn build_iovec function adds a parameter to a list of parameters to be passed to the .Xr nmount 2 system call. The parameter list is built up in .Va iov and its length is kept in .Va iovlen . Before the first call to .Fn build_iovec , .Va iov should be set to .Dv NULL and .Va iovlen should be set to 0. The parameter name is passed in .Va name . The value of the parameter name is pointed to by .Va val . The size of the value is passed in .Va len . If the value is a string, a .Va len of -1 is passed to indicate that the length should be determined using .Xr strlen 3 . If the parameter has no value, .Va name should be .Dv NULL and .Va len should be 0. .Pp The .Fn build_iovec_argf function adds a formatted parameter to a list of parameters to be passed to the .Xr nmount 2 system call. The parameter list is built up in .Va iov and its length is kept in .Va iovlen . Before the first call to .Fn build_iovec_argf , .Va iov should be set to .Dv NULL and .Va iovlen should be set to 0. The parameter name is passed in .Va name . The value of the parameter name is described by a format string pointed to by .Va fmt . If the parameter has no value, .Va name should be .Dv NULL . .Pp The .Fn free_iovec function frees the memory in the .Va iov vector of the length specified in .Va iovlen that was previously allocated by the .Fn build_iovec and / or .Fn build_iovec_argf functions. The .Va iov is set to .Dv NULL and the .Va iovlen is set to 0 to indicate that the space has been freed. .Pp The .Fn checkpath function uses .Xr realpath 3 to verify that its .Va path argument is valid and references a directory. The .Fn checkpath function returns zero on success or non-zero on failure. .Pp The .Fn rmslashes function removes all double slashes and trailing slashes from its .Va rrpin pathname parameter and returns the resulting pathname in its .Va rrpout parameter. .Sh EXAMPLES Most commands will use the standard option set. Local file systems which support the .Dv MNT_UPDATE flag, would also have an .Dv MOPT_UPDATE entry. This can be declared and used as follows: .Bd -literal #include "mntopts.h" struct mntopt mopts[] = { MOPT_STDOPTS, MOPT_UPDATE, { NULL } }; ... mntflags = mntaltflags = 0; ... getmntopts(options, mopts, &mntflags, &mntaltflags); ... .Ed .Sh DIAGNOSTICS If the external integer variable .Va getmnt_silent is zero, then the .Fn getmntopts function displays an error message and exits if an unrecognized option is encountered. Otherwise unrecognized options are silently ignored. By default .Va getmnt_silent is zero. .Sh SEE ALSO .Xr err 3 , .Xr mount 8 , .Xr nmount 8 .Sh HISTORY The .Fn getmntopts function appeared in .Bx 4.4 . The .Fn build_iovec , .Fn build_iovec_argf , .Fn free_iovec , .Fn checkpath , and .Fn rmslashes functions were added with .Xr nmount 8 in .Fx 5.0 . The .Fn getmntpoint and .Fn chkdoreload functions were added in .Fx 14.0 . diff --git a/sbin/mount/mntopts.h b/sbin/mount/mntopts.h index 21d4965ea39b..dc1452097ed8 100644 --- a/sbin/mount/mntopts.h +++ b/sbin/mount/mntopts.h @@ -1,111 +1,109 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1994 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. - * - * @(#)mntopts.h 8.7 (Berkeley) 3/29/95 */ struct mntopt { const char *m_option; /* option name */ int m_inverse; /* if a negative option, e.g. "atime" */ long long m_flag; /* bit to set, e.g. MNT_RDONLY */ int m_altloc; /* 1 => set bit in altflags */ }; /* User-visible MNT_ flags. */ #define MOPT_ASYNC { "async", 0, MNT_ASYNC, 0 } #define MOPT_NOATIME { "atime", 1, MNT_NOATIME, 0 } #define MOPT_NOEXEC { "exec", 1, MNT_NOEXEC, 0 } #define MOPT_NOSUID { "suid", 1, MNT_NOSUID, 0 } #define MOPT_NOSYMFOLLOW { "symfollow", 1, MNT_NOSYMFOLLOW, 0 } #define MOPT_RDONLY { "rdonly", 0, MNT_RDONLY, 0 } #define MOPT_SYNC { "sync", 0, MNT_SYNCHRONOUS, 0 } #define MOPT_UNION { "union", 0, MNT_UNION, 0 } #define MOPT_USERQUOTA { "userquota", 0, 0, 0 } #define MOPT_GROUPQUOTA { "groupquota", 0, 0, 0 } #define MOPT_NOCLUSTERR { "clusterr", 1, MNT_NOCLUSTERR, 0 } #define MOPT_NOCLUSTERW { "clusterw", 1, MNT_NOCLUSTERW, 0 } #define MOPT_SUIDDIR { "suiddir", 0, MNT_SUIDDIR, 0 } #define MOPT_SNAPSHOT { "snapshot", 0, MNT_SNAPSHOT, 0 } #define MOPT_MULTILABEL { "multilabel", 0, MNT_MULTILABEL, 0 } #define MOPT_ACLS { "acls", 0, MNT_ACLS, 0 } #define MOPT_NFS4ACLS { "nfsv4acls", 0, MNT_NFS4ACLS, 0 } #define MOPT_AUTOMOUNTED { "automounted",0, MNT_AUTOMOUNTED, 0 } #define MOPT_UNTRUSTED { "untrusted", 0, MNT_UNTRUSTED, 0 } /* Control flags. */ #define MOPT_FORCE { "force", 0, MNT_FORCE, 0 } #define MOPT_UPDATE { "update", 0, MNT_UPDATE, 0 } #define MOPT_RO { "ro", 0, MNT_RDONLY, 0 } #define MOPT_RW { "rw", 1, MNT_RDONLY, 0 } #define MOPT_NOCOVER { "cover", 1, MNT_NOCOVER, 0 } #define MOPT_EMPTYDIR { "emptydir", 0, MNT_EMPTYDIR, 0 } /* This is parsed by mount(8), but is ignored by specific mount_*(8)s. */ #define MOPT_AUTO { "auto", 0, 0, 0 } /* A handy macro as terminator of MNT_ array. */ #define MOPT_END { NULL, 0, 0, 0 } #define MOPT_FSTAB_COMPAT \ MOPT_RO, \ MOPT_RW, \ MOPT_AUTO /* Standard options which all mounts can understand. */ #define MOPT_STDOPTS \ MOPT_USERQUOTA, \ MOPT_GROUPQUOTA, \ MOPT_FSTAB_COMPAT, \ MOPT_NOATIME, \ MOPT_NOEXEC, \ MOPT_SUIDDIR, /* must be before MOPT_NOSUID */ \ MOPT_NOSUID, \ MOPT_NOSYMFOLLOW, \ MOPT_RDONLY, \ MOPT_UNION, \ MOPT_NOCLUSTERR, \ MOPT_NOCLUSTERW, \ MOPT_MULTILABEL, \ MOPT_ACLS, \ MOPT_NFS4ACLS, \ MOPT_AUTOMOUNTED, \ MOPT_UNTRUSTED, \ MOPT_NOCOVER, \ MOPT_EMPTYDIR void getmntopts(const char *, const struct mntopt *, int *, int *); void rmslashes(char *, char *); int checkpath(const char *, char resolved_path[]); int checkpath_allow_file(const char *, char resolved_path[]); struct statfs *getmntpoint(const char *); int chkdoreload(struct statfs *, void (*)(const char *, ...) __printflike(1,2)); extern int getmnt_silent; void build_iovec(struct iovec **iov, int *iovlen, const char *name, void *val, size_t len); void build_iovec_argf(struct iovec **iov, int *iovlen, const char *name, const char *fmt, ...); void free_iovec(struct iovec **iovec, int *iovlen); diff --git a/sbin/mount/mount.8 b/sbin/mount/mount.8 index 91e697bdc3b8..fbca8aef9999 100644 --- a/sbin/mount/mount.8 +++ b/sbin/mount/mount.8 @@ -1,615 +1,613 @@ .\" Copyright (c) 1980, 1989, 1991, 1993 .\" The Regents of the University of California. All rights reserved. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: .\" 1. Redistributions of source code must retain the above copyright .\" notice, this list of conditions and the following disclaimer. .\" 2. Redistributions in binary form must reproduce the above copyright .\" notice, this list of conditions and the following disclaimer in the .\" documentation and/or other materials provided with the distribution. .\" 3. Neither the name of the University nor the names of its contributors .\" may be used to endorse or promote products derived from this software .\" without specific prior written permission. .\" .\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE .\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" @(#)mount.8 8.8 (Berkeley) 6/16/94 -.\" .Dd October 4, 2023 .Dt MOUNT 8 .Os .Sh NAME .Nm mount .Nd mount file systems .Sh SYNOPSIS .Nm .Op Fl -libxo .Op Fl adflpruvw .Op Fl F Ar fstab .Op Fl o Ar options .Op Fl t Oo Cm no Oc Ns Cm Ar type Ns Op Cm , Ns Ar type ... .Nm .Op Fl -libxo .Op Fl dfpruvw .Ar special | node .Nm .Op Fl -libxo .Op Fl dfpruvw .Op Fl o Ar options .Op Fl t Oo Cm no Oc Ns Cm Ar type Ns Op Cm , Ns Ar type ... .Ar special node .Sh DESCRIPTION The .Nm utility calls the .Xr nmount 2 system call to prepare and graft a .Ar special device or the remote node (rhost:path) on to the file system tree at the point .Ar node . If either .Ar special or .Ar node are not provided, the appropriate information is taken from the .Xr fstab 5 file. .Pp The system maintains a list of currently mounted file systems. If no arguments are given to .Nm , this list is printed. .Pp The options are as follows: .Bl -tag -width indent .It Fl -libxo Generate output via .Xr libxo 3 in a selection of different human and machine readable formats. See .Xr xo_parse_args 3 for details on command line arguments. .It Fl a All the file systems described in .Xr fstab 5 are mounted. Exceptions are those marked as .Dq Li noauto , those marked as .Dq Li late (unless the .Fl l option was specified), those excluded by the .Fl t flag (see below), or if they are already mounted (except the root file system which is always remounted to preserve traditional single user mode behavior). .It Fl d Causes everything to be done except for the actual system call. This option is useful in conjunction with the .Fl v flag to determine what the .Nm command is trying to do. .It Fl F Ar fstab Specify the .Pa fstab file to use. .It Fl f Forces the revocation of write access when trying to downgrade a file system mount status from read-write to read-only. Also forces the R/W mount of an unclean file system (dangerous; use with caution). .It Fl L When used in conjunction with the .Fl a option, mount .Em only those file systems which are marked as .Dq Li late . .It Fl l When used in conjunction with the .Fl a option, also mount those file systems which are marked as .Dq Li late . .It Fl n For compatibility with some other implementations, this flag is currently a no-op. .It Fl o Options are specified with a .Fl o flag followed by a comma separated string of options. In case of conflicting options being specified, the rightmost option takes effect. The following options are available: .Bl -tag -width indent .It Cm acls Enable POSIX.1e Access Control Lists, or ACLs, which can be customized via the .Xr setfacl 1 and .Xr getfacl 1 commands. This flag is mutually exclusive with .Cm nfsv4acls flag. .It Cm async All I/O to the file system should be done asynchronously. This is a .Em dangerous flag to set, since it does not guarantee that the file system structure on the disk will remain consistent. For this reason, the .Cm async flag should be used sparingly, and only when some data recovery mechanism is present. .It Cm automounted This flag indicates that the file system was mounted by .Xr automountd 8 . Automounted file systems are automatically unmounted by .Xr autounmountd 8 . .It Cm autoro Mount the file system read-write. If that fails with an error that suggests that the media could be read-only, then automatically try to mount the file system read-only. .It Cm current When used with the .Fl u flag, this is the same as specifying the options currently in effect for the mounted file system. .It Cm emptydir Require that the mount point directory be empty. .It Cm force The same as .Fl f ; forces the revocation of write access when trying to downgrade a file system mount status from read-write to read-only. Also forces the R/W mount of an unclean file system (dangerous; use with caution). .It Cm fstab When used with the .Fl u flag, this is the same as specifying all the options listed in the .Xr fstab 5 file for the file system. .It Cm late This file system should be skipped when .Nm is run with the .Fl a flag but without the .Fl l flag. .It Cm mountprog Ns = Ns Aq Ar program Force .Nm to use the specified program to mount the file system, instead of calling .Xr nmount 2 directly. For example: .Bd -literal mount -t foofs -o mountprog=/mydir/fooprog /dev/cd0 /mnt .Ed .It Cm multilabel Enable multi-label Mandatory Access Control, or MAC, on the specified file system. If the file system supports multilabel operation, individual labels will be maintained for each object in the file system, rather than using a single label for all objects. An alternative to the .Fl l flag in .Xr tunefs 8 . See .Xr mac 4 for more information, which cause the multilabel mount flag to be set automatically at mount-time. .It Cm nfsv4acls Enable NFSv4 ACLs, which can be customized via the .Xr setfacl 1 and .Xr getfacl 1 commands. This flag is mutually exclusive with .Cm acls flag. .It Cm noasync Metadata I/O should be done synchronously, while data I/O should be done asynchronously. This is the default. .It Cm noatime Do not update the file access time when reading from a file. This option is useful on file systems where there are large numbers of files and performance is more critical than updating the file access time (which is rarely ever important). This option is currently only supported on local file systems. .It Cm noauto This file system should be skipped when .Nm is run with the .Fl a flag. .It Cm noclusterr Disable read clustering. .It Cm noclusterw Disable write clustering. .It Cm nocover Do not mount if the requested mount point is already the root of a mount point. .It Cm noexec Do not allow execution of any binaries on the mounted file system. This option is useful for a server that has file systems containing binaries for architectures other than its own. Note: This option was not designed as a security feature and no guarantee is made that it will prevent malicious code execution; for example, it is still possible to execute scripts which reside on a .Cm noexec mounted partition. .It Cm nosuid Do not allow set-user-identifier or set-group-identifier bits to take effect. Note: this option is worthless if a public available suid or sgid wrapper is installed on your system. It is set automatically when the user does not have super-user privileges. .It Cm nosymfollow Do not follow symlinks on the mounted file system. .It Cm ro The same as .Fl r ; mount the file system read-only (even the super-user may not write it). .It Cm snapshot Take a snapshot of the specified filesystem. When this option is used, all other options are ignored. The .Fl u flag is required with this option. .Pp Snapshot files must be created in the file system that is being snapshotted. You may create up to 20 snapshots per file system. Active snapshots are recorded in the superblock, so they persist across unmount and remount operations and across system reboots. When you are done with a snapshot, it can be removed with the .Xr rm 1 command. Snapshots may be removed in any order, however you may not get back all the space contained in the snapshot as another snapshot may claim some of the blocks that it is releasing. Note that the schg flag is set on snapshots to ensure that not even the root user can write to them. The unlink command makes an exception for snapshot files in that it allows them to be removed even though they have the schg flag set, so it is not necessary to clear the schg flag before removing a snapshot file. .Pp Once you have taken a snapshot, there are three interesting things that you can do with it: .Pp .Bl -enum -compact .It Run .Xr fsck 8 on the snapshot file. Assuming that the file system was clean when it was mounted, you should always get a clean (and unchanging) result from running fsck on the snapshot. This is essentially what the background fsck process does. .Pp .It Run .Xr dump 8 on the snapshot. You will get a dump that is consistent with the file system as of the timestamp of the snapshot. .Pp .It Mount the snapshot as a frozen image of the file system. To mount the snapshot .Pa /var/snapshot/snap1 : .Bd -literal mdconfig -a -t vnode -f /var/snapshot/snap1 -u 4 mount -r /dev/md4 /mnt .Ed .Pp You can now cruise around your frozen .Pa /var file system at .Pa /mnt . Everything will be in the same state that it was at the time the snapshot was taken. The one exception is that any earlier snapshots will appear as zero length files. When you are done with the mounted snapshot: .Bd -literal umount /mnt mdconfig -d -u 4 .Ed .El .It Cm suiddir A directory on the mounted file system will respond to the SUID bit being set, by setting the owner of any new files to be the same as the owner of the directory. New directories will inherit the bit from their parents. Execute bits are removed from the file, and it will not be given to root. .Pp This feature is designed for use on fileservers serving PC users via ftp, SAMBA, or netatalk. It provides security holes for shell users and as such should not be used on shell machines, especially on home directories. This option requires the SUIDDIR option in the kernel to work. Only UFS file systems support this option. See .Xr chmod 2 for more information. .It Cm sync All I/O to the file system should be done synchronously. .It Cm update The same as .Fl u ; indicate that the status of an already mounted file system should be changed. .It Cm union Causes the namespace at the mount point to appear as the union of the mounted file system root and the existing directory. Lookups will be done in the mounted file system first. If those operations fail due to a non-existent file the underlying directory is then accessed. All creates are done in the mounted file system. .It Cm untrusted The file system is untrusted and the kernel should use more extensive checks on the file-system's metadata before using it. This option is intended to be used when mounting file systems from untrusted media such as USB memory sticks or other externally-provided media. .El .Pp Any additional options specific to a file system type that is not one of the internally known types (see the .Fl t option) may be passed as a comma separated list; these options are distinguished by a leading .Dq \&- (dash). For example, the .Nm command: .Bd -literal -offset indent mount -t cd9660 -o -e /dev/cd0 /cdrom .Ed .Pp causes .Nm to execute the equivalent of: .Bd -literal -offset indent /sbin/mount_cd9660 -e /dev/cd0 /cdrom .Ed .Pp Options that take a value are specified using the -option=value syntax: .Bd -literal -offset indent mount -t msdosfs -o -u=fred,-g=wheel /dev/da0s1 /mnt .Ed .Pp is equivalent to .Bd -literal -offset indent /sbin/mount_msdosfs -u fred -g wheel /dev/da0s1 /mnt .Ed .Pp Additional options specific to file system types which are not internally known (see the description of the .Fl t option below) may be described in the manual pages for the associated .Pa /sbin/mount_ Ns Sy XXX utilities. .It Fl p Print mount information in .Xr fstab 5 format. Implies also the .Fl v option. .It Fl r The file system is to be mounted read-only. Mount the file system read-only (even the super-user may not write it). The same as the .Cm ro argument to the .Fl o option. .It Fl t Oo Cm no Oc Ns Cm Ar type Ns Op Cm , Ns Ar type ... The argument following the .Fl t is used to indicate the file system type. The type .Cm ufs is the default. The .Fl t option can be used to indicate that the actions should only be taken on file systems of the specified type. More than one type may be specified in a comma separated list. The list of file system types can be prefixed with .Cm no to specify the file system types for which action should .Em not be taken. For example, the .Nm command: .Bd -literal -offset indent mount -a -t nonfs,nullfs .Ed .Pp mounts all file systems except those of type NFS and NULLFS. .Pp The default behavior of .Nm is to pass the .Fl t option directly to the .Xr nmount 2 system call in the .Li fstype option. .Pp However, for the following file system types: .Cm cd9660 , .Cm mfs , .Cm msdosfs , .Cm nfs , .Cm nullfs , .Cm smbfs , .Cm udf , and .Cm unionfs .Nm will not call .Xr nmount 2 directly and will instead attempt to execute a program in .Pa /sbin/mount_ Ns Ar type where .Ar type is replaced by the file system type name. For example, .Cm nfs file systems are mounted by the program .Pa /sbin/mount_nfs . .Pp Most file systems will be dynamically loaded by the kernel if not already present, and if the kernel module is available. .It Fl u The .Fl u flag indicates that the status of an already mounted file system should be changed. Any of the options discussed above (the .Fl o option) may be changed; also a file system can be changed from read-only to read-write or vice versa. An attempt to change from read-write to read-only will fail if any files on the file system are currently open for writing unless the .Fl f flag is also specified. The set of options is determined by applying the options specified in the argument to .Fl o and finally applying the .Fl r or .Fl w option. .It Fl v Verbose mode. If the .Fl v is used alone, show all file systems, including those that were mounted with the .Dv MNT_IGNORE flag and show additional information about each file system (including fsid when run by root). .It Fl w The file system object is to be read and write. .El .Sh ENVIRONMENT .Bl -tag -width ".Ev PATH_FSTAB" .It Ev PATH_FSTAB If the environment variable .Ev PATH_FSTAB is set, all operations are performed against the specified file. .Ev PATH_FSTAB will not be honored if the process environment or memory address space is considered .Dq tainted . (See .Xr issetugid 2 for more information.) .El .Sh FILES .Bl -tag -width /etc/fstab -compact .It Pa /etc/fstab file system table .El .Sh DIAGNOSTICS Various, most of them are self-explanatory. .Pp .Dl XXXXX file system is not available .Pp The kernel does not support the respective file system type. Note that support for a particular file system might be provided either on a static (kernel compile-time), or dynamic basis (loaded as a kernel module by .Xr kldload 8 ) . .Sh SEE ALSO .Xr getfacl 1 , .Xr setfacl 1 , .Xr nmount 2 , .Xr acl 3 , .Xr libxo 3 , .Xr xo_parse_args 3 , .Xr mac 4 , .Xr cd9660 5 , .Xr devfs 5 , .Xr ext2fs 5 , .Xr fstab 5 , .Xr procfs 5 , .Xr tarfs 5 , .Xr tmpfs 5 , .Xr automount 8 , .Xr fstyp 8 , .Xr kldload 8 , .Xr mount_cd9660 8 , .Xr mount_msdosfs 8 , .Xr mount_nfs 8 , .Xr mount_nullfs 8 , .Xr mount_smbfs 8 , .Xr mount_udf 8 , .Xr mount_unionfs 8 , .Xr umount 8 , .Xr zfs 8 , .Xr zpool 8 .Sh HISTORY A .Nm utility appeared in .At v1 . .Sh CAVEATS After a successful .Nm , the permissions on the original mount point determine if .Pa ..\& is accessible from the mounted file system. The minimum permissions for the mount point for traversal across the mount point in both directions to be possible for all users is 0111 (execute for all). .Pp Use of the .Nm is preferred over the use of the file system specific .Pa mount_ Ns Sy XXX commands. In particular, .Xr mountd 8 gets a .Dv SIGHUP signal (that causes an update of the export list) only when the file system is mounted via .Nm . .Sh BUGS It is possible for a corrupted file system to cause a crash. diff --git a/sbin/mount/mount.c b/sbin/mount/mount.c index 2fcc94e40818..0b22056118aa 100644 --- a/sbin/mount/mount.c +++ b/sbin/mount/mount.c @@ -1,984 +1,981 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1980, 1989, 1993, 1994 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #ifndef lint static const char copyright[] = "@(#) Copyright (c) 1980, 1989, 1993, 1994\n\ The Regents of the University of California. All rights reserved.\n"; -#if 0 -static char sccsid[] = "@(#)mount.c 8.25 (Berkeley) 5/8/95"; -#endif #endif /* not lint */ #include #include #define _WANT_MNTOPTNAMES #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include "extern.h" #include "mntopts.h" #include "pathnames.h" #define EXIT(a) { \ xo_close_container("mount"); \ xo_finish(); \ exit(a); \ } /* `meta' options */ #define MOUNT_META_OPTION_FSTAB "fstab" #define MOUNT_META_OPTION_CURRENT "current" static int debug, fstab_style, verbose; struct cpa { char **a; ssize_t sz; int c; }; char *catopt(char *, const char *); int hasopt(const char *, const char *); int ismounted(struct fstab *, struct statfs *, int); int isremountable(const char *); int allow_file_mount(const char *); void mangle(char *, struct cpa *); char *update_options(char *, char *, int); int mountfs(const char *, const char *, const char *, int, const char *, const char *); void remopt(char *, const char *); void prmount(struct statfs *); void putfsent(struct statfs *); void usage(void); char *flags2opts(int); /* Map from mount options to printable formats. */ static struct mntoptnames optnames[] = { MNTOPT_NAMES }; /* * List of VFS types that can be remounted without becoming mounted on top * of each other. * XXX Is this list correct? */ static const char * remountable_fs_names[] = { "ufs", "ffs", "ext2fs", 0 }; static const char userquotaeq[] = "userquota="; static const char groupquotaeq[] = "groupquota="; static char *mountprog = NULL; static int use_mountprog(const char *vfstype) { /* XXX: We need to get away from implementing external mount * programs for every filesystem, and move towards having * each filesystem properly implement the nmount() system call. */ unsigned int i; const char *fs[] = { "cd9660", "mfs", "msdosfs", "nfs", "nullfs", "smbfs", "udf", "unionfs", NULL }; if (mountprog != NULL) return (1); for (i = 0; fs[i] != NULL; ++i) { if (strcmp(vfstype, fs[i]) == 0) return (1); } return (0); } static int exec_mountprog(const char *name, const char *execname, char *const argv[]) { pid_t pid; int status; switch (pid = fork()) { case -1: /* Error. */ xo_warn("fork"); EXIT(1); case 0: /* Child. */ /* Go find an executable. */ execvP(execname, _PATH_SYSPATH, argv); if (errno == ENOENT) { xo_warn("exec %s not found", execname); if (execname[0] != '/') { xo_warnx("in path: %s", _PATH_SYSPATH); } } EXIT(1); default: /* Parent. */ if (waitpid(pid, &status, 0) < 0) { xo_warn("waitpid"); return (1); } if (WIFEXITED(status)) { if (WEXITSTATUS(status) != 0) return (WEXITSTATUS(status)); } else if (WIFSIGNALED(status)) { xo_warnx("%s: %s", name, sys_siglist[WTERMSIG(status)]); return (1); } break; } return (0); } static int specified_ro(const char *arg) { char *optbuf, *opt; int ret = 0; optbuf = strdup(arg); if (optbuf == NULL) xo_err(1, "strdup failed"); for (opt = optbuf; (opt = strtok(opt, ",")) != NULL; opt = NULL) { if (strcmp(opt, "ro") == 0) { ret = 1; break; } } free(optbuf); return (ret); } static void restart_mountd(void) { pidfile_signal(_PATH_MOUNTDPID, SIGHUP, NULL); } int main(int argc, char *argv[]) { const char *mntfromname, **vfslist, *vfstype; struct fstab *fs; struct statfs *mntbuf; int all, ch, i, init_flags, late, failok, mntsize, rval, have_fstab, ro; int onlylate; char *cp, *ep, *options; all = init_flags = late = onlylate = 0; ro = 0; options = NULL; vfslist = NULL; vfstype = "ufs"; argc = xo_parse_args(argc, argv); if (argc < 0) exit(1); xo_open_container("mount"); while ((ch = getopt(argc, argv, "adF:fLlno:prt:uvw")) != -1) switch (ch) { case 'a': all = 1; break; case 'd': debug = 1; break; case 'F': setfstab(optarg); break; case 'f': init_flags |= MNT_FORCE; break; case 'L': onlylate = 1; late = 1; break; case 'l': late = 1; break; case 'n': /* For compatibility with the Linux version of mount. */ break; case 'o': if (*optarg) { options = catopt(options, optarg); if (specified_ro(optarg)) ro = 1; } break; case 'p': fstab_style = 1; verbose = 1; break; case 'r': options = catopt(options, "ro"); ro = 1; break; case 't': if (vfslist != NULL) xo_errx(1, "only one -t option may be specified"); vfslist = makevfslist(optarg); vfstype = optarg; break; case 'u': init_flags |= MNT_UPDATE; break; case 'v': verbose = 1; break; case 'w': options = catopt(options, "noro"); break; case '?': default: usage(); /* NOTREACHED */ } argc -= optind; argv += optind; #define BADTYPE(type) \ (strcmp(type, FSTAB_RO) && \ strcmp(type, FSTAB_RW) && strcmp(type, FSTAB_RQ)) if ((init_flags & MNT_UPDATE) && (ro == 0)) options = catopt(options, "noro"); rval = 0; switch (argc) { case 0: if ((mntsize = getmntinfo(&mntbuf, verbose ? MNT_WAIT : MNT_NOWAIT)) == 0) xo_err(1, "getmntinfo"); if (all) { while ((fs = getfsent()) != NULL) { if (BADTYPE(fs->fs_type)) continue; if (checkvfsname(fs->fs_vfstype, vfslist)) continue; if (hasopt(fs->fs_mntops, "noauto")) continue; if (!hasopt(fs->fs_mntops, "late") && onlylate) continue; if (hasopt(fs->fs_mntops, "late") && !late) continue; if (hasopt(fs->fs_mntops, "failok")) failok = 1; else failok = 0; if (!(init_flags & MNT_UPDATE) && !hasopt(fs->fs_mntops, "update") && ismounted(fs, mntbuf, mntsize)) continue; options = update_options(options, fs->fs_mntops, mntbuf->f_flags); if (mountfs(fs->fs_vfstype, fs->fs_spec, fs->fs_file, init_flags, options, fs->fs_mntops) && !failok) rval = 1; } } else if (fstab_style) { xo_open_list("fstab"); for (i = 0; i < mntsize; i++) { if (checkvfsname(mntbuf[i].f_fstypename, vfslist)) continue; xo_open_instance("fstab"); putfsent(&mntbuf[i]); xo_close_instance("fstab"); } xo_close_list("fstab"); } else { xo_open_list("mounted"); for (i = 0; i < mntsize; i++) { if (checkvfsname(mntbuf[i].f_fstypename, vfslist)) continue; if (!verbose && (mntbuf[i].f_flags & MNT_IGNORE) != 0) continue; xo_open_instance("mounted"); prmount(&mntbuf[i]); xo_close_instance("mounted"); } xo_close_list("mounted"); } EXIT(rval); case 1: if (vfslist != NULL) usage(); rmslashes(*argv, *argv); if (init_flags & MNT_UPDATE) { mntfromname = NULL; have_fstab = 0; if ((mntbuf = getmntpoint(*argv)) == NULL) xo_errx(1, "not currently mounted %s", *argv); /* * Only get the mntflags from fstab if both mntpoint * and mntspec are identical. Also handle the special * case where just '/' is mounted and 'spec' is not * identical with the one from fstab ('/dev' is missing * in the spec-string at boot-time). */ if ((fs = getfsfile(mntbuf->f_mntonname)) != NULL) { if (strcmp(fs->fs_spec, mntbuf->f_mntfromname) == 0 && strcmp(fs->fs_file, mntbuf->f_mntonname) == 0) { have_fstab = 1; mntfromname = mntbuf->f_mntfromname; } else if (argv[0][0] == '/' && argv[0][1] == '\0' && strcmp(fs->fs_vfstype, mntbuf->f_fstypename) == 0) { fs = getfsfile("/"); have_fstab = 1; mntfromname = fs->fs_spec; } } if (have_fstab) { options = update_options(options, fs->fs_mntops, mntbuf->f_flags); } else { mntfromname = mntbuf->f_mntfromname; options = update_options(options, NULL, mntbuf->f_flags); } rval = mountfs(mntbuf->f_fstypename, mntfromname, mntbuf->f_mntonname, init_flags, options, 0); break; } if ((fs = getfsfile(*argv)) == NULL && (fs = getfsspec(*argv)) == NULL) xo_errx(1, "%s: unknown special file or file system", *argv); if (BADTYPE(fs->fs_type)) xo_errx(1, "%s has unknown file system type", *argv); rval = mountfs(fs->fs_vfstype, fs->fs_spec, fs->fs_file, init_flags, options, fs->fs_mntops); break; case 2: /* * If -t flag has not been specified, the path cannot be * found, spec contains either a ':' or a '@', then assume * that an NFS file system is being specified ala Sun. * Check if the hostname contains only allowed characters * to reduce false positives. IPv6 addresses containing * ':' will be correctly parsed only if the separator is '@'. * The definition of a valid hostname is taken from RFC 1034. */ if (vfslist == NULL && ((ep = strchr(argv[0], '@')) != NULL || (ep = strchr(argv[0], ':')) != NULL)) { if (*ep == '@') { cp = ep + 1; ep = cp + strlen(cp); } else cp = argv[0]; while (cp != ep) { if (!isdigit(*cp) && !isalpha(*cp) && *cp != '.' && *cp != '-' && *cp != ':') break; cp++; } if (cp == ep) vfstype = "nfs"; } rval = mountfs(vfstype, argv[0], argv[1], init_flags, options, NULL); break; default: usage(); /* NOTREACHED */ } /* * If the mount was successfully, and done by root, tell mountd the * good news. */ if (rval == 0 && getuid() == 0) restart_mountd(); EXIT(rval); } int ismounted(struct fstab *fs, struct statfs *mntbuf, int mntsize) { char realfsfile[PATH_MAX]; int i; if (fs->fs_file[0] == '/' && fs->fs_file[1] == '\0') /* the root file system can always be remounted */ return (0); /* The user may have specified a symlink in fstab, resolve the path */ if (realpath(fs->fs_file, realfsfile) == NULL) { /* Cannot resolve the path, use original one */ strlcpy(realfsfile, fs->fs_file, sizeof(realfsfile)); } /* * Consider the filesystem to be mounted if: * It has the same mountpoint as a mounted filesystem, and * It has the same type as that same mounted filesystem, and * It has the same device name as that same mounted filesystem, OR * It is a nonremountable filesystem */ for (i = mntsize - 1; i >= 0; --i) if (strcmp(realfsfile, mntbuf[i].f_mntonname) == 0 && strcmp(fs->fs_vfstype, mntbuf[i].f_fstypename) == 0 && (!isremountable(fs->fs_vfstype) || (strcmp(fs->fs_spec, mntbuf[i].f_mntfromname) == 0))) return (1); return (0); } int isremountable(const char *vfsname) { const char **cp; for (cp = remountable_fs_names; *cp; cp++) if (strcmp(*cp, vfsname) == 0) return (1); return (0); } int allow_file_mount(const char *vfsname) { if (strcmp(vfsname, "nullfs") == 0) return (1); return (0); } int hasopt(const char *mntopts, const char *option) { int negative, found; char *opt, *optbuf; if (option[0] == 'n' && option[1] == 'o') { negative = 1; option += 2; } else negative = 0; optbuf = strdup(mntopts); found = 0; for (opt = optbuf; (opt = strtok(opt, ",")) != NULL; opt = NULL) { if (opt[0] == 'n' && opt[1] == 'o') { if (!strcasecmp(opt + 2, option)) found = negative; } else if (!strcasecmp(opt, option)) found = !negative; } free(optbuf); return (found); } static void append_arg(struct cpa *sa, char *arg) { if (sa->c + 1 == sa->sz) { sa->sz = sa->sz == 0 ? 8 : sa->sz * 2; sa->a = realloc(sa->a, sizeof(*sa->a) * sa->sz); if (sa->a == NULL) xo_errx(1, "realloc failed"); } sa->a[++sa->c] = arg; } int mountfs(const char *vfstype, const char *spec, const char *name, int flags, const char *options, const char *mntopts) { struct statfs sf; int i, ret; char *optbuf, execname[PATH_MAX], mntpath[PATH_MAX]; static struct cpa mnt_argv; /* resolve the mountpoint with realpath(3) */ if (allow_file_mount(vfstype)) { if (checkpath_allow_file(name, mntpath) != 0) { xo_warn("%s", mntpath); return (1); } } else { if (checkpath(name, mntpath) != 0) { xo_warn("%s", mntpath); return (1); } } name = mntpath; if (mntopts == NULL) mntopts = ""; optbuf = catopt(strdup(mntopts), options); if (strcmp(name, "/") == 0) flags |= MNT_UPDATE; if (flags & MNT_FORCE) optbuf = catopt(optbuf, "force"); if (flags & MNT_RDONLY) optbuf = catopt(optbuf, "ro"); /* * XXX * The mount_mfs (newfs) command uses -o to select the * optimization mode. We don't pass the default "-o rw" * for that reason. */ if (flags & MNT_UPDATE) optbuf = catopt(optbuf, "update"); /* Compatibility glue. */ if (strcmp(vfstype, "msdos") == 0) vfstype = "msdosfs"; /* Construct the name of the appropriate mount command */ (void)snprintf(execname, sizeof(execname), "mount_%s", vfstype); mnt_argv.c = -1; append_arg(&mnt_argv, execname); mangle(optbuf, &mnt_argv); if (mountprog != NULL) strlcpy(execname, mountprog, sizeof(execname)); append_arg(&mnt_argv, strdup(spec)); append_arg(&mnt_argv, strdup(name)); append_arg(&mnt_argv, NULL); if (debug) { if (use_mountprog(vfstype)) xo_emit("{Lwc:exec}{:execname/%s}", execname); else xo_emit("{:execname/mount}{P: }{l:opts/-t}{P: }{l:opts/%s}", vfstype); for (i = 1; i < mnt_argv.c; i++) xo_emit("{P: }{l:opts}", mnt_argv.a[i]); xo_emit("\n"); free(optbuf); free(mountprog); mountprog = NULL; return (0); } if (use_mountprog(vfstype)) { ret = exec_mountprog(name, execname, mnt_argv.a); } else { ret = mount_fs(vfstype, mnt_argv.c, mnt_argv.a); } free(optbuf); free(mountprog); mountprog = NULL; if (verbose) { if (statfs(name, &sf) < 0) { xo_warn("statfs %s", name); return (1); } if (fstab_style) { xo_open_list("fstab"); xo_open_instance("fstab"); putfsent(&sf); xo_close_instance("fstab"); xo_close_list("fstab"); } else { xo_open_list("mounted"); xo_open_instance("mounted"); prmount(&sf); xo_close_instance("mounted"); xo_close_list("mounted"); } } return (ret); } void prmount(struct statfs *sfp) { uint64_t flags; unsigned int i; struct mntoptnames *o; struct passwd *pw; char *fsidbuf; xo_emit("{:special/%hs}{L: on }{:node/%hs}{L: (}{:fstype}", sfp->f_mntfromname, sfp->f_mntonname, sfp->f_fstypename); flags = sfp->f_flags & MNT_VISFLAGMASK; for (o = optnames; flags != 0 && o->o_opt != 0; o++) if (flags & o->o_opt) { xo_emit("{D:, }{l:opts}", o->o_name); flags &= ~o->o_opt; } /* * Inform when file system is mounted by an unprivileged user * or privileged non-root user. */ if ((flags & MNT_USER) != 0 || sfp->f_owner != 0) { xo_emit("{D:, }{L:mounted by }"); if ((pw = getpwuid(sfp->f_owner)) != NULL) xo_emit("{:mounter/%hs}", pw->pw_name); else xo_emit("{:mounter/%hs}", sfp->f_owner); } if (verbose) { if (sfp->f_syncwrites != 0 || sfp->f_asyncwrites != 0) { xo_open_container("writes"); xo_emit("{D:, }{Lwc:writes}{Lw:sync}{w:sync/%ju}{Lw:async}{:async/%ju}", (uintmax_t)sfp->f_syncwrites, (uintmax_t)sfp->f_asyncwrites); xo_close_container("writes"); } if (sfp->f_syncreads != 0 || sfp->f_asyncreads != 0) { xo_open_container("reads"); xo_emit("{D:, }{Lwc:reads}{Lw:sync}{w:sync/%ju}{Lw:async}{:async/%ju}", (uintmax_t)sfp->f_syncreads, (uintmax_t)sfp->f_asyncreads); xo_close_container("reads"); } if (sfp->f_fsid.val[0] != 0 || sfp->f_fsid.val[1] != 0) { fsidbuf = malloc(sizeof(sfp->f_fsid) * 2 + 1); if (fsidbuf == NULL) xo_errx(1, "malloc failed"); for (i = 0; i < sizeof(sfp->f_fsid); i++) sprintf(&fsidbuf[i * 2], "%02x", ((u_char *)&sfp->f_fsid)[i]); fsidbuf[i * 2] = '\0'; xo_emit("{D:, }{Lw:fsid}{:fsid}", fsidbuf); free(fsidbuf); } if (sfp->f_nvnodelistsize != 0) { xo_open_container("vnodes"); xo_emit("{D:, }{Lwc:vnodes}{Lw:count}{w:count/%ju}", (uintmax_t)sfp->f_nvnodelistsize); xo_close_container("vnodes"); } } xo_emit("{D:)}\n"); } char * catopt(char *s0, const char *s1) { char *cp; if (s1 == NULL || *s1 == '\0') return (s0); if (s0 && *s0) { if (asprintf(&cp, "%s,%s", s0, s1) == -1) xo_errx(1, "asprintf failed"); } else cp = strdup(s1); if (s0) free(s0); return (cp); } void mangle(char *options, struct cpa *a) { char *p, *s, *val; for (s = options; (p = strsep(&s, ",")) != NULL;) if (*p != '\0') { if (strcmp(p, "noauto") == 0) { /* * Do not pass noauto option to nmount(). * or external mount program. noauto is * only used to prevent mounting a filesystem * when 'mount -a' is specified, and is * not a real mount option. */ continue; } else if (strcmp(p, "late") == 0) { /* * "late" is used to prevent certain file * systems from being mounted before late * in the boot cycle; for instance, * loopback NFS mounts can't be mounted * before mountd starts. */ continue; } else if (strcmp(p, "failok") == 0) { /* * "failok" is used to prevent certain file * systems from being causing the system to * drop into single user mode in the boot * cycle, and is not a real mount option. */ continue; } else if (strncmp(p, "mountprog", 9) == 0) { /* * "mountprog" is used to force the use of * userland mount programs. */ val = strchr(p, '='); if (val != NULL) { ++val; if (*val != '\0') mountprog = strdup(val); } if (mountprog == NULL) { xo_errx(1, "Need value for -o mountprog"); } continue; } else if (strcmp(p, "userquota") == 0) { continue; } else if (strncmp(p, userquotaeq, sizeof(userquotaeq) - 1) == 0) { continue; } else if (strcmp(p, "groupquota") == 0) { continue; } else if (strncmp(p, groupquotaeq, sizeof(groupquotaeq) - 1) == 0) { continue; } else if (*p == '-') { append_arg(a, p); p = strchr(p, '='); if (p != NULL) { *p = '\0'; append_arg(a, p + 1); } } else { append_arg(a, strdup("-o")); append_arg(a, p); } } } char * update_options(char *opts, char *fstab, int curflags) { char *o, *p; char *cur; char *expopt, *newopt, *tmpopt; if (opts == NULL) return (strdup("")); /* remove meta options from list */ remopt(fstab, MOUNT_META_OPTION_FSTAB); remopt(fstab, MOUNT_META_OPTION_CURRENT); cur = flags2opts(curflags); /* * Expand all meta-options passed to us first. */ expopt = NULL; for (p = opts; (o = strsep(&p, ",")) != NULL;) { if (strcmp(MOUNT_META_OPTION_FSTAB, o) == 0) expopt = catopt(expopt, fstab); else if (strcmp(MOUNT_META_OPTION_CURRENT, o) == 0) expopt = catopt(expopt, cur); else expopt = catopt(expopt, o); } free(cur); free(opts); /* * Remove previous contradictory arguments. Given option "foo" we * remove all the "nofoo" options. Given "nofoo" we remove "nonofoo" * and "foo" - so we can deal with possible options like "notice". */ newopt = NULL; for (p = expopt; (o = strsep(&p, ",")) != NULL;) { if ((tmpopt = malloc( strlen(o) + 2 + 1 )) == NULL) xo_errx(1, "malloc failed"); strcpy(tmpopt, "no"); strcat(tmpopt, o); remopt(newopt, tmpopt); free(tmpopt); if (strncmp("no", o, 2) == 0) remopt(newopt, o+2); newopt = catopt(newopt, o); } free(expopt); return (newopt); } void remopt(char *string, const char *opt) { char *o, *p, *r; if (string == NULL || *string == '\0' || opt == NULL || *opt == '\0') return; r = string; for (p = string; (o = strsep(&p, ",")) != NULL;) { if (strcmp(opt, o) != 0) { if (*r == ',' && *o != '\0') r++; while ((*r++ = *o++) != '\0') ; *--r = ','; } } *r = '\0'; } void usage(void) { xo_error("%s\n%s\n%s\n", "usage: mount [-adflpruvw] [-F fstab] [-o options] [-t ufs | external_type]", " mount [-dfpruvw] special | node", " mount [-dfpruvw] [-o options] [-t ufs | external_type] special node"); EXIT(1); } void putfsent(struct statfs *ent) { struct fstab *fst; char *opts, *rw; int l; opts = NULL; /* flags2opts() doesn't return the "rw" option. */ if ((ent->f_flags & MNT_RDONLY) != 0) rw = NULL; else rw = catopt(NULL, "rw"); opts = flags2opts(ent->f_flags); opts = catopt(rw, opts); if (strncmp(ent->f_mntfromname, "", 7) == 0 || strncmp(ent->f_mntfromname, "", 7) == 0) { strlcpy(ent->f_mntfromname, (strnstr(ent->f_mntfromname, ":", 8) +1), sizeof(ent->f_mntfromname)); } l = strlen(ent->f_mntfromname); xo_emit("{:device}{P:/%s}{P:/%s}{P:/%s}", ent->f_mntfromname, l < 8 ? "\t" : "", l < 16 ? "\t" : "", l < 24 ? "\t" : " "); l = strlen(ent->f_mntonname); xo_emit("{:mntpoint}{P:/%s}{P:/%s}{P:/%s}", ent->f_mntonname, l < 8 ? "\t" : "", l < 16 ? "\t" : "", l < 24 ? "\t" : " "); xo_emit("{:fstype}{P:\t}", ent->f_fstypename); l = strlen(opts); xo_emit("{:opts}{P:/%s}", opts, l < 8 ? "\t" : " "); free(opts); if ((fst = getfsspec(ent->f_mntfromname))) xo_emit("{P:\t}{n:dump/%u}{P: }{n:pass/%u}\n", fst->fs_freq, fst->fs_passno); else if ((fst = getfsfile(ent->f_mntonname))) xo_emit("{P:\t}{n:dump/%u}{P: }{n:pass/%u}\n", fst->fs_freq, fst->fs_passno); else if (strcmp(ent->f_fstypename, "ufs") == 0) { if (strcmp(ent->f_mntonname, "/") == 0) xo_emit("{P:\t}{n:dump/1}{P: }{n:pass/1}\n"); else xo_emit("{P:\t}{n:dump/2}{P: }{n:pass/2}\n"); } else xo_emit("{P:\t}{n:dump/0}{P: }{n:pass/0}\n"); } char * flags2opts(int flags) { char *res; res = NULL; if (flags & MNT_RDONLY) res = catopt(res, "ro"); if (flags & MNT_SYNCHRONOUS) res = catopt(res, "sync"); if (flags & MNT_NOEXEC) res = catopt(res, "noexec"); if (flags & MNT_NOSUID) res = catopt(res, "nosuid"); if (flags & MNT_UNION) res = catopt(res, "union"); if (flags & MNT_ASYNC) res = catopt(res, "async"); if (flags & MNT_NOATIME) res = catopt(res, "noatime"); if (flags & MNT_NOCLUSTERR) res = catopt(res, "noclusterr"); if (flags & MNT_NOCLUSTERW) res = catopt(res, "noclusterw"); if (flags & MNT_NOSYMFOLLOW) res = catopt(res, "nosymfollow"); if (flags & MNT_SUIDDIR) res = catopt(res, "suiddir"); if (flags & MNT_MULTILABEL) res = catopt(res, "multilabel"); if (flags & MNT_ACLS) res = catopt(res, "acls"); if (flags & MNT_NFS4ACLS) res = catopt(res, "nfsv4acls"); if (flags & MNT_UNTRUSTED) res = catopt(res, "untrusted"); if (flags & MNT_NOCOVER) res = catopt(res, "nocover"); if (flags & MNT_EMPTYDIR) res = catopt(res, "emptydir"); return (res); } diff --git a/sbin/mount/mount_fs.c b/sbin/mount/mount_fs.c index 7aac2b0ce104..b7000c46e576 100644 --- a/sbin/mount/mount_fs.c +++ b/sbin/mount/mount_fs.c @@ -1,139 +1,136 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1992, 1993, 1994 * The Regents of the University of California. All rights reserved. * * This code is derived from software donated to Berkeley by * Jan-Simon Pendry. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #ifndef lint static const char copyright[] = "@(#) Copyright (c) 1992, 1993, 1994\n\ The Regents of the University of California. All rights reserved.\n"; #endif /* not lint */ #ifndef lint -#if 0 -static char sccsid[] = "@(#)mount_fs.c 8.6 (Berkeley) 4/26/95"; -#endif #endif /* not lint */ #include #include #include #include #include #include #include #include #include #include "extern.h" #include "mntopts.h" static struct mntopt mopts[] = { MOPT_STDOPTS, MOPT_END }; static void usage(void) { (void)fprintf(stderr, "usage: mount [-t fstype] [-o options] target_fs mount_point\n"); exit(1); } int mount_fs(const char *vfstype, int argc, char *argv[]) { struct iovec *iov; int iovlen; int mntflags = 0; int ch; char *dev, *dir, mntpath[MAXPATHLEN]; char fstype[32]; char errmsg[255]; char *p, *val; strlcpy(fstype, vfstype, sizeof(fstype)); memset(errmsg, 0, sizeof(errmsg)); getmnt_silent = 1; iov = NULL; iovlen = 0; optind = optreset = 1; /* Reset for parse of new argv. */ while ((ch = getopt(argc, argv, "o:")) != -1) { switch(ch) { case 'o': getmntopts(optarg, mopts, &mntflags, 0); p = strchr(optarg, '='); val = NULL; if (p != NULL) { *p = '\0'; val = p + 1; } build_iovec(&iov, &iovlen, optarg, val, (size_t)-1); break; case '?': default: usage(); } } argc -= optind; argv += optind; if (argc != 2) usage(); dev = argv[0]; dir = argv[1]; if (checkpath(dir, mntpath) != 0) { warn("%s", mntpath); return (1); } (void)rmslashes(dev, dev); build_iovec(&iov, &iovlen, "fstype", fstype, (size_t)-1); build_iovec(&iov, &iovlen, "fspath", mntpath, (size_t)-1); build_iovec(&iov, &iovlen, "from", dev, (size_t)-1); build_iovec(&iov, &iovlen, "errmsg", errmsg, sizeof(errmsg)); if (nmount(iov, iovlen, mntflags) == -1) { if (*errmsg != '\0') warn("%s: %s", dev, errmsg); else warn("%s", dev); return (1); } return (0); } diff --git a/sbin/mount/pathnames.h b/sbin/mount/pathnames.h index f584d7ce9f12..169d5384cc7b 100644 --- a/sbin/mount/pathnames.h +++ b/sbin/mount/pathnames.h @@ -1,34 +1,32 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1989, 1993, 1994 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. - * - * @(#)pathnames.h 8.2 (Berkeley) 3/27/94 */ #define _PATH_MOUNTDPID "/var/run/mountd.pid" diff --git a/sbin/mount/vfslist.c b/sbin/mount/vfslist.c index 3785451e65b2..6648866234b0 100644 --- a/sbin/mount/vfslist.c +++ b/sbin/mount/vfslist.c @@ -1,90 +1,87 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1995 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #ifndef lint -#if 0 -static char sccsid[] = "@(#)vfslist.c 8.1 (Berkeley) 5/8/95"; -#endif #endif /* not lint */ #include #include #include #include #include "extern.h" static int skipvfs; int checkvfsname(const char *vfsname, const char **vfslist) { if (vfslist == NULL) return (0); while (*vfslist != NULL) { if (strcmp(vfsname, *vfslist) == 0) return (skipvfs); ++vfslist; } return (!skipvfs); } const char ** makevfslist(char *fslist) { const char **av; int i; char *nextcp; if (fslist == NULL) return (NULL); skipvfs = 0; if (fslist[0] == 'n' && fslist[1] == 'o') { fslist += 2; skipvfs = 1; } for (i = 0, nextcp = fslist; *nextcp; nextcp++) if (*nextcp == ',') i++; if ((av = malloc((size_t)(i + 2) * sizeof(char *))) == NULL) { warnx("malloc failed"); return (NULL); } nextcp = fslist; i = 0; av[i++] = nextcp; while ((nextcp = strchr(nextcp, ',')) != NULL) { *nextcp++ = '\0'; av[i++] = nextcp; } av[i++] = NULL; return (av); } diff --git a/sbin/mount_cd9660/Makefile b/sbin/mount_cd9660/Makefile index 30c2b39afd96..ae9cde8080a4 100644 --- a/sbin/mount_cd9660/Makefile +++ b/sbin/mount_cd9660/Makefile @@ -1,18 +1,17 @@ -# @(#)Makefile 8.3 (Berkeley) 3/27/94 PACKAGE=runtime PROG= mount_cd9660 SRCS= mount_cd9660.c getmntopts.c MAN= mount_cd9660.8 LIBADD= kiconv MOUNT= ${.CURDIR:H}/mount CFLAGS+= -I${MOUNT} # Needs to be dynamically linked for optional dlopen() access to # userland libiconv NO_SHARED?= NO .PATH: ${MOUNT} .include diff --git a/sbin/mount_cd9660/mount_cd9660.8 b/sbin/mount_cd9660/mount_cd9660.8 index a31e6d833245..cd6f7a19f6eb 100644 --- a/sbin/mount_cd9660/mount_cd9660.8 +++ b/sbin/mount_cd9660/mount_cd9660.8 @@ -1,161 +1,159 @@ .\" Copyright (c) 1993, 1994 .\" The Regents of the University of California. All rights reserved. .\" All rights reserved. .\" .\" This code is derived from software donated to Berkeley by .\" Christopher G. Demetriou. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: .\" 1. Redistributions of source code must retain the above copyright .\" notice, this list of conditions and the following disclaimer. .\" 2. Redistributions in binary form must reproduce the above copyright .\" notice, this list of conditions and the following disclaimer in the .\" documentation and/or other materials provided with the distribution. .\" 3. Neither the name of the University nor the names of its contributors .\" may be used to endorse or promote products derived from this software .\" without specific prior written permission. .\" .\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE .\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" @(#)mount_cd9660.8 8.3 (Berkeley) 3/27/94 -.\" .Dd August 11, 2018 .Dt MOUNT_CD9660 8 .Os .Sh NAME .Nm mount_cd9660 .Nd mount an ISO-9660 file system .Sh SYNOPSIS .Nm .Op Fl begjrv .Op Fl C Ar charset .Op Fl o Ar options .Op Fl s Ar startsector .Ar special node .Sh DESCRIPTION The .Nm utility attaches the ISO-9660 file system residing on the device .Pa special to the global file system namespace at the location indicated by .Pa node . This command is normally executed by .Xr mount 8 at boot time. .Pp The options are as follows: .Bl -tag -width indent .It Fl b Relax checking for Supplementary Volume Descriptor Flags field which is set to a wrong value on some Joliet formatted disks. .It Fl e Enable the use of extended attributes. .It Fl g Do not strip version numbers on files. (By default, if there are files with different version numbers on the disk, only the last one will be listed.) In either case, files may be opened without explicitly stating a version number. .It Fl j Do not use any Joliet extensions included in the file system. .It Fl o Options are specified with a .Fl o flag followed by a comma separated string of options. See the .Xr mount 8 man page for possible options and their meanings. The following cd9660 specific options are available: .Pp .Bl -tag -width "brokenjoliet" -compact .It Cm extatt Same as .Fl e . .It Cm gens Same as .Fl g . .It Cm nojoliet Same as .Fl j . .It Cm norrip Same as .Fl r . .It Cm brokenjoliet Same as .Fl b . .El .It Fl r Do not use any Rockridge extensions included in the file system. .It Fl s Ar startsector Start the file system at .Ar startsector . Normally, if the underlying device is a CD-ROM drive, .Nm will try to figure out the last track from the CD-ROM containing data, and start the file system there. If the device is not a CD-ROM, or the table of contents cannot be examined, the file system will be started at sector 0. This option can be used to override the behaviour. Note that .Ar startsector is measured in CD-ROM blocks, with 2048 bytes each. This is the same as for example the .Cm info command of .Xr cdcontrol 1 is printing. It is possible to mount an arbitrary session of a multi-session CD by specifying the correct .Ar startsector here. .It Fl C Ar charset Specify local .Ar charset to convert Unicode file names when using Joliet extensions. .It Fl v Be verbose about the starting sector decisions made. .El .Sh EXAMPLES The following command can be used to mount a Kodak Photo-CD: .Pp .Dl "mount_cd9660 -o rw -v -s 0 /dev/cd0 /cdrom" .Sh SEE ALSO .Xr cdcontrol 1 , .Xr mount 2 , .Xr unmount 2 , .Xr cd9660 5 , .Xr fstab 5 , .Xr mdconfig 8 , .Xr mount 8 .Sh HISTORY The .Nm utility first appeared in .Bx 4.4 . .Pp The Unicode conversion routine was added by .An Ryuichiro Imura Aq Mt imura@ryu16.org in 2003. .Sh BUGS POSIX device node mapping is currently not supported. .Pp Version numbers are not stripped if Rockridge extensions are in use. In this case, accessing files that do not have Rockridge names without version numbers gets the one with the lowest version number and not the one with the highest. .Pp There is no ECMA support. diff --git a/sbin/mount_cd9660/mount_cd9660.c b/sbin/mount_cd9660/mount_cd9660.c index f867e94da417..0699c6802114 100644 --- a/sbin/mount_cd9660/mount_cd9660.c +++ b/sbin/mount_cd9660/mount_cd9660.c @@ -1,270 +1,268 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1992, 1993, 1994 * The Regents of the University of California. All rights reserved. * * This code is derived from software contributed to Berkeley * by Pace Willisson (pace@blitz.com). The Rock Ridge Extension * Support code is derived from software contributed to Berkeley * by Atsushi Murai (amurai@spec.co.jp). * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. - * - * @(#)mount_cd9660.c 8.7 (Berkeley) 5/1/95 */ #ifndef lint static const char copyright[] = "@(#) Copyright (c) 1992, 1993, 1994\n\ The Regents of the University of California. All rights reserved.\n"; #endif /* not lint */ #ifndef lint /* static char sccsid[] = "@(#)mount_cd9660.c 8.7 (Berkeley) 5/1/95"; */ #endif /* not lint */ #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include "mntopts.h" static struct mntopt mopts[] = { MOPT_STDOPTS, MOPT_UPDATE, MOPT_END }; static int get_ssector(const char *dev); static int set_charset(struct iovec **, int *iovlen, const char *); void usage(void); int main(int argc, char **argv) { struct iovec *iov; int iovlen; int ch, mntflags; char *dev, *dir, *p, *val, mntpath[MAXPATHLEN]; int verbose; int ssector; /* starting sector, 0 for 1st session */ char fstype[] = "cd9660"; iov = NULL; iovlen = 0; mntflags = verbose = 0; ssector = -1; while ((ch = getopt(argc, argv, "begjo:rs:vC:")) != -1) switch (ch) { case 'b': build_iovec(&iov, &iovlen, "brokenjoliet", NULL, (size_t)-1); break; case 'e': build_iovec(&iov, &iovlen, "extatt", NULL, (size_t)-1); break; case 'g': build_iovec(&iov, &iovlen, "gens", NULL, (size_t)-1); break; case 'j': build_iovec(&iov, &iovlen, "nojoliet", NULL, (size_t)-1); break; case 'o': getmntopts(optarg, mopts, &mntflags, NULL); p = strchr(optarg, '='); val = NULL; if (p != NULL) { *p = '\0'; val = p + 1; } build_iovec(&iov, &iovlen, optarg, val, (size_t)-1); break; case 'r': build_iovec(&iov, &iovlen, "norrip", NULL, (size_t)-1); break; case 's': ssector = atoi(optarg); break; case 'v': verbose++; break; case 'C': if (set_charset(&iov, &iovlen, optarg) == -1) err(EX_OSERR, "cd9660_iconv"); build_iovec(&iov, &iovlen, "kiconv", NULL, (size_t)-1); break; case '?': default: usage(); } argc -= optind; argv += optind; if (argc != 2) usage(); dev = argv[0]; dir = argv[1]; /* * Resolve the mountpoint with realpath(3) and remove unnecessary * slashes from the devicename if there are any. */ if (checkpath(dir, mntpath) != 0) err(1, "%s", mntpath); (void)rmslashes(dev, dev); if (ssector == -1) { /* * The start of the session has not been specified on * the command line. If we can successfully read the * TOC of a CD-ROM, use the last data track we find. * Otherwise, just use 0, in order to mount the very * first session. This is compatible with the * historic behaviour of mount_cd9660(8). If the user * has specified -s above, we don't get here * and leave the user's will. */ if ((ssector = get_ssector(dev)) == -1) { if (verbose) printf("could not determine starting sector, " "using very first session\n"); ssector = 0; } else if (verbose) printf("using starting sector %d\n", ssector); } mntflags |= MNT_RDONLY; build_iovec(&iov, &iovlen, "fstype", fstype, (size_t)-1); build_iovec(&iov, &iovlen, "fspath", mntpath, (size_t)-1); build_iovec(&iov, &iovlen, "from", dev, (size_t)-1); build_iovec_argf(&iov, &iovlen, "ssector", "%d", ssector); if (nmount(iov, iovlen, mntflags) < 0) err(1, "%s", dev); exit(0); } void usage(void) { (void)fprintf(stderr, "usage: mount_cd9660 [-begjrv] [-C charset] [-o options] [-s startsector]\n" " special node\n"); exit(EX_USAGE); } static int get_ssector(const char *dev) { struct ioc_toc_header h; struct ioc_read_toc_entry t; struct cd_toc_entry toc_buffer[100]; int fd, ntocentries, i; if ((fd = open(dev, O_RDONLY)) == -1) return -1; if (ioctl(fd, CDIOREADTOCHEADER, &h) == -1) { close(fd); return -1; } ntocentries = h.ending_track - h.starting_track + 1; if (ntocentries > 100) { /* unreasonable, only 100 allowed */ close(fd); return -1; } t.address_format = CD_LBA_FORMAT; t.starting_track = 0; t.data_len = ntocentries * sizeof(struct cd_toc_entry); t.data = toc_buffer; if (ioctl(fd, CDIOREADTOCENTRYS, (char *) &t) == -1) { close(fd); return -1; } close(fd); for (i = ntocentries - 1; i >= 0; i--) if ((toc_buffer[i].control & 4) != 0) /* found a data track */ break; if (i < 0) return -1; return ntohl(toc_buffer[i].addr.lba); } static int set_charset(struct iovec **iov, int *iovlen, const char *localcs) { int error; char *cs_disk; /* disk charset for Joliet cs conversion */ char *cs_local; /* local charset for Joliet cs conversion */ cs_disk = NULL; cs_local = NULL; if (modfind("cd9660_iconv") < 0) if (kldload("cd9660_iconv") < 0 || modfind("cd9660_iconv") < 0) { warnx( "cannot find or load \"cd9660_iconv\" kernel module"); return (-1); } if ((cs_disk = malloc(ICONV_CSNMAXLEN)) == NULL) return (-1); if ((cs_local = malloc(ICONV_CSNMAXLEN)) == NULL) { free(cs_disk); return (-1); } strncpy(cs_disk, ENCODING_UNICODE, ICONV_CSNMAXLEN); strncpy(cs_local, kiconv_quirkcs(localcs, KICONV_VENDOR_MICSFT), ICONV_CSNMAXLEN); error = kiconv_add_xlat16_cspairs(cs_disk, cs_local); if (error) return (-1); build_iovec(iov, iovlen, "cs_disk", cs_disk, (size_t)-1); build_iovec(iov, iovlen, "cs_local", cs_local, (size_t)-1); return (0); } diff --git a/sbin/mount_nfs/Makefile b/sbin/mount_nfs/Makefile index 567dff2fc150..2af94bff3a97 100644 --- a/sbin/mount_nfs/Makefile +++ b/sbin/mount_nfs/Makefile @@ -1,15 +1,13 @@ -# @(#)Makefile 8.2 (Berkeley) 3/27/94 -# PACKAGE=nfs PROG= mount_nfs SRCS= mount_nfs.c getmntopts.c mounttab.c MAN= mount_nfs.8 MOUNT= ${.CURDIR:H}/mount UMNTALL= ${SRCTOP}/usr.sbin/rpc.umntall CFLAGS+= -DNFS -I${MOUNT} -I${UMNTALL} .PATH: ${MOUNT} ${UMNTALL} .include diff --git a/sbin/mount_nfs/mount_nfs.8 b/sbin/mount_nfs/mount_nfs.8 index d7b1ffdb7543..3ef622a96dc0 100644 --- a/sbin/mount_nfs/mount_nfs.8 +++ b/sbin/mount_nfs/mount_nfs.8 @@ -1,706 +1,704 @@ .\" Copyright (c) 1992, 1993, 1994, 1995 .\" The Regents of the University of California. All rights reserved. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: .\" 1. Redistributions of source code must retain the above copyright .\" notice, this list of conditions and the following disclaimer. .\" 2. Redistributions in binary form must reproduce the above copyright .\" notice, this list of conditions and the following disclaimer in the .\" documentation and/or other materials provided with the distribution. .\" 3. Neither the name of the University nor the names of its contributors .\" may be used to endorse or promote products derived from this software .\" without specific prior written permission. .\" .\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE .\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" @(#)mount_nfs.8 8.3 (Berkeley) 3/29/95 -.\" .Dd October 8, 2023 .Dt MOUNT_NFS 8 .Os .Sh NAME .Nm mount_nfs .Nd mount NFS file systems .Sh SYNOPSIS .Nm .Op Fl 23bcdiLlNPsTU .Op Fl a Ar maxreadahead .Op Fl D Ar deadthresh .Op Fl g Ar maxgroups .Op Fl I Ar readdirsize .Op Fl o Ar options .Op Fl R Ar retrycnt .Op Fl r Ar readsize .Op Fl t Ar timeout .Op Fl w Ar writesize .Op Fl x Ar retrans .Ar rhost : Ns Ar path node .Sh DESCRIPTION The .Nm utility calls the .Xr nmount 2 system call to prepare and graft a remote NFS file system .Pq Ar rhost : Ns Ar path on to the file system tree at the point .Ar node . This command is normally executed by .Xr mount 8 . For NFSv2 and NFSv3, it implements the mount protocol as described in RFC 1094, Appendix A and RFC 1813, Appendix I. For NFSv4, it uses the NFSv4 protocol as described in RFC 7530, RFC 5661 and RFC 7862. .Pp By default, .Nm keeps retrying until the mount succeeds. This behaviour is intended for file systems listed in .Xr fstab 5 that are critical to the boot process. For non-critical file systems, the .Cm bg and .Cm retrycnt options provide mechanisms to prevent the boot process from hanging if the server is unavailable. .Pp If the server becomes unresponsive while an NFS file system is mounted, any new or outstanding file operations on that file system will hang uninterruptibly until the server comes back. To modify this default behaviour, see the .Cm intr and .Cm soft options. .Pp The options are: .Bl -tag -width indent .It Fl o Options are specified with a .Fl o flag followed by a comma separated string of options. See the .Xr mount 8 man page for possible options and their meanings. The following NFS specific options are also available: .Bl -tag -width indent .It Cm acregmin Ns = Ns Aq Ar seconds .It Cm acregmax Ns = Ns Aq Ar seconds .It Cm acdirmin Ns = Ns Aq Ar seconds .It Cm acdirmax Ns = Ns Aq Ar seconds When attributes of files are cached, a timeout calculated to determine whether a given cache entry has expired. These four values determine the upper and lower bounds of the timeouts for .Dq directory attributes and .Dq regular (ie: everything else). The default values are 3 -> 60 seconds for regular files, and 30 -> 60 seconds for directories. The algorithm to calculate the timeout is based on the age of the file. The older the file, the longer the cache is considered valid, subject to the limits above. .It Cm actimeo Ns = Ns Aq Ar seconds Set four cache timeouts above to specified value. .It Cm allgssname This option can be used along with .Fl o Cm gssname to specify that all operations should use the host-based initiator credential. This may be used for clients that run system daemons that need to access files on the NFSv4 mounted volume. .It Cm bg If an initial attempt to contact the server fails, fork off a child to keep trying the mount in the background. Useful for .Xr fstab 5 , where the file system mount is not critical to multiuser operation. .It Cm bgnow Like .Cm bg , fork off a child to keep trying the mount in the background, but do not attempt to mount in the foreground first. This eliminates a 60+ second timeout when the server is not responding. Useful for speeding up the boot process of a client when the server is likely to be unavailable. This is often the case for interdependent servers such as cross-mounted servers (each of two servers is an NFS client of the other) and for cluster nodes that must boot before the file servers. .It Cm deadthresh Ns = Ns Aq Ar value Set the .Dq "dead server threshold" to the specified number of round trip timeout intervals before a .Dq "server not responding" message is displayed. .It Cm dumbtimer Turn off the dynamic retransmit timeout estimator. This may be useful for UDP mounts that exhibit high retry rates, since it is possible that the dynamically estimated timeout interval is too short. .It Cm fg Same as not specifying .Cm bg . .It Cm gssname Ns = Ns Aq Ar service-principal-name This option can be used with the KerberosV security flavors for NFSv4 mounts to specify the .Dq "service-principal-name" of a host-based entry in the default keytab file that is used for system operations. It allows the mount to be performed by .Dq "root" and avoids problems with cached credentials for the system operations expiring. The .Dq "service-principal-name" should be specified without instance or domain and is typically .Dq "host" , .Dq "nfs" or .Dq "root" , although the form .Sm off .Aq Ar service @ .Aq Ar fqdn .Sm on can also be used if the local system's .Xr gethostname 3 value does not match the host-based principal in the keytab. .It Cm hard Same as not specifying .Cm soft . .It Cm intr Make the mount interruptible, which implies that file system calls that are delayed due to an unresponsive server will fail with EINTR when a termination signal is posted for the process. To avoid leaving file locks in an indeterminate state on the NFS server, it is recommended that the .Cm nolockd option be used with this option. .It Cm maxgroups Ns = Ns Aq Ar value Set the maximum size of the group list for the credentials to the specified value. This should be used for mounts on old servers that cannot handle a group list size of 16, as specified in RFC 1057. Try 8, if users in a lot of groups cannot get response from the mount point. .It Cm mntudp Force the mount protocol to use UDP transport, even for TCP NFS mounts. (Necessary for some old .Bx servers.) .It Cm nametimeo Ns = Ns Aq Ar value Override the default of NFS_DEFAULT_NAMETIMEO for the timeout (in seconds) for positive name cache entries. If this is set to 0 it disables positive name caching for the mount point. .It Cm negnametimeo Ns = Ns Aq Ar value Override the default of NFS_DEFAULT_NEGNAMETIMEO for the timeout (in seconds) for negative name cache entries. If this is set to 0 it disables negative name caching for the mount point. .It Cm nconnect Ns = Ns Aq Ar value Specify the number of TCP connections (1-16) to be used for an NFS Version 4, minor version 1 or 2 mount. Multiple TCP connections can provide more client to server network bandwidth for certain network configurations such as: .Bd -literal - Multiple network interfaces that are aggregated together. - A fast network interface that uses multiple queues. .Ed .sp The first TCP connection will be used for all RPCs that consist entirely of small RPC messages. The RPCs that can have large RPC messages (Read/Readdir/Write) are distributed over the additional TCP connections in a round robin fashion. This option will result in more IP port#s being used. This option requires the .Cm nfsv4 option. Note that for NFS servers such as AmazonEFS, where each new TCP connection can connect to a different cluster that maintains lock state separately, this option cannot be used. .It Cm nfsv2 Use the NFS Version 2 protocol (the default is to try version 3 first then version 2). Note that NFS version 2 has a file size limit of 2 gigabytes. .It Cm nfsv3 Use the NFS Version 3 protocol. .It Cm nfsv4 Use the NFS Version 4 protocol. This option will force the mount to use TCP transport. By default, the highest minor version of NFS Version 4 that is supported by the NFS Version 4 server will be used. See the .Cm minorversion option. Make sure that all your NFS Version 4 clients have unique values in .Pa /etc/hostid . .It Cm minorversion Ns = Ns Aq Ar value Use the specified minor version for a NFS Version 4 mount, overriding the default. The minor versions supported are 0, 1, and 2. This option is only meaningful when used with the .Cm nfsv4 option. .It Cm oneopenown Make a minor version 1 or 2 of the NFS Version 4 protocol mount use a single OpenOwner for all Opens. This may be useful for a server with a very low limit on OpenOwners, such as AmazonEFS. It may be required when an accumulation of NFS version 4 Opens occurs, as indicated by the .Dq Opens count displayed by .Xr nfsstat 1 with the .Fl c and .Fl E command-line options. A common case for an accumulation of Opens is a shared library within the NFS mount that is used by several processes, where at least one of these processes is always running. This option cannot be used for an NFS Version 4, minor version 0 mount. It may not work correctly when Delegations are being issued by a server, but note that the AmazonEFS server does not issued delegations at this time. This option is only meaningful when used with the .Cm nfsv4 option. .It Cm pnfs Enable support for parallel NFS (pNFS) for minor version 1 or 2 of the NFS Version 4 protocol. This option is only meaningful when used with the .Cm nfsv4 option. .It Cm noac Disable attribute caching. .It Cm noconn For UDP mount points, do not do a .Xr connect 2 . This must be used if the server does not reply to requests from the standard NFS port number 2049 or replies to requests using a different IP address (which can occur if the server is multi-homed). Setting the .Va vfs.nfs.nfs_ip_paranoia sysctl to 0 will make this option the default. .It Cm nocto Normally, NFS clients maintain the close-to-open cache coherency. This works by flushing at close time and checking at open time. Checking at open time is implemented by getting attributes from the server and purging the data cache if they do not match attributes cached by the client. .Pp This option disables checking at open time. It may improve performance for read-only mounts, but should only be used if the data on the server changes rarely. Be sure to understand the consequences before enabling this option. .It Cm noinet4 , noinet6 Disables .Dv AF_INET or .Dv AF_INET6 connections. Useful for hosts that have both an A record and an AAAA record for the same name. .It Cm nolockd Do .Em not forward .Xr fcntl 2 locks over the wire via the NLM protocol for NFSv3 mounts or via the NFSv4 protocol for NFSv4 mounts. All locks will be local and not seen by the server and likewise not seen by other NFS clients for NFSv3 or NFSv4 mounts. This removes the need to run the .Xr rpcbind 8 service and the .Xr rpc.statd 8 and .Xr rpc.lockd 8 servers on the client for NFSv3 mounts. Note that this option will only be honored when performing the initial mount, it will be silently ignored if used while updating the mount options. Also, note that NFSv4 mounts do not use these daemons. The NFSv4 protocol handles locks, unless this option is specified. .It Cm noncontigwr This mount option allows the NFS client to combine non-contiguous byte ranges being written such that the dirty byte range becomes a superset of the bytes that are dirty. This reduces the number of writes significantly for software builds. The merging of byte ranges is not done if the file has been file locked, since most applications modifying a file from multiple clients will use file locking. As such, this option could result in a corrupted file for the rare case of an application modifying the file from multiple clients concurrently without using file locking. .It Cm principal For the RPCSEC_GSS security flavors, such as krb5, krb5i and krb5p, this option sets the name of the host based principal name expected by the server. This option overrides the default, which will be ``nfs@'' and should normally be sufficient. .It Cm noresvport Do .Em not use a reserved socket port number (see below). .It Cm port Ns = Ns Aq Ar port_number Use specified port number for NFS requests. The default is to query the portmapper for the NFS port. .It Cm proto Ns = Ns Aq Ar protocol Specify transport protocol version to use. Currently, they are: .Bd -literal udp - Use UDP over IPv4 tcp - Use TCP over IPv4 udp6 - Use UDP over IPv6 tcp6 - Use TCP over IPv6 .Ed .It Cm rdirplus Used with NFSV3 to specify that the \fBReaddirPlus\fR RPC should be used. For NFSV4, setting this option has a similar effect, in that it will make the Readdir Operation get more attributes. This option reduces RPC traffic for cases such as .Dq "ls -l" , but tends to flood the attribute and name caches with prefetched entries. Try this option and see whether performance improves or degrades. Probably most useful for client to server network interconnects with a large bandwidth times delay product. .It Cm readahead Ns = Ns Aq Ar value Set the read-ahead count to the specified value. This may be in the range of 0 - 4, and determines how many blocks will be read ahead when a large file is being read sequentially. Trying a value greater than 1 for this is suggested for mounts with a large bandwidth * delay product. .It Cm readdirsize Ns = Ns Aq Ar value Set the readdir read size to the specified value. The value should normally be a multiple of .Dv DIRBLKSIZ that is <= the read size for the mount. .It Cm resvport Use a reserved socket port number. This flag is obsolete, and only retained for compatibility reasons. Reserved port numbers are used by default now. (For the rare case where the client has a trusted root account but untrustworthy users and the network cables are in secure areas this does help, but for normal desktop clients this does not apply.) .It Cm retrans Ns = Ns Aq Ar value Set the retransmit timeout count for soft mounts to the specified value. .It Cm retrycnt Ns = Ns Aq Ar count Set the mount retry count to the specified value. The default is a retry count of zero, which means to keep retrying forever. There is a 60 second delay between each attempt. .It Cm rsize Ns = Ns Aq Ar value Set the read data size to the specified value. It should normally be a power of 2 greater than or equal to 1024. This should be used for UDP mounts when the .Dq "fragments dropped due to timeout" value is getting large while actively using a mount point. (Use .Xr netstat 1 with the .Fl s option to see what the .Dq "fragments dropped due to timeout" value is.) .It Cm sec Ns = Ns Aq Ar flavor This option specifies what security flavor should be used for the mount. Currently, they are: .Bd -literal krb5 - Use KerberosV authentication krb5i - Use KerberosV authentication and apply integrity checksums to RPCs krb5p - Use KerberosV authentication and encrypt the RPC data sys - The default AUTH_SYS, which uses a uid + gid list authenticator .Ed .It Cm soft A soft mount, which implies that file system calls will fail after .Ar retrycnt round trip timeout intervals. .It Cm syskrb5 This option specifies that a KerberosV NFSv4 minor version 1 or 2 mount uses AUTH_SYS for system operations. Using this option avoids the need for a KerberosV mount to have a host-based principal entry in the default keytab file (no .Cm gssname option) or a requirement for the user doing the mount to have a valid KerberosV ticket granting ticket (TGT) when the mount is done. This option is intended to be used with the .Cm sec Ns = Ns krb5 and .Cm tls options and can only be used for NFSv4 mounts with minor version 1 or 2. .It Cm tcp Use TCP transport. This is the default option, as it provides for increased reliability on both LAN and WAN configurations compared to UDP. Some old NFS servers do not support this method; UDP mounts may be required for interoperability. .It Cm timeout Ns = Ns Aq Ar value Set the initial retransmit timeout to the specified value, expressed in tenths of a second. May be useful for fine tuning UDP mounts over internetworks with high packet loss rates or an overloaded server. Try increasing the interval if .Xr nfsstat 1 shows high retransmit rates while the file system is active or reducing the value if there is a low retransmit rate but long response delay observed. (Normally, the .Cm dumbtimer option should be specified when using this option to manually tune the timeout interval.) .It Cm timeo Ns = Ns Aq Ar value Alias for .Cm timeout . .It Cm tls This option specifies that the connection to the server must use TLS per RFC 9289. TLS is only supported for TCP connections and the .Xr rpc.tlsclntd 8 daemon must be running for an NFS over TCP connection to use TLS. .It Cm tlscertname Ns = Ns Aq Ar name This option specifies the name of an alternate certificate to be presented to the NFS server during TLS handshake. The default certificate file names are .Dq cert.pem and .Dq certkey.pem . When this option is specified, .Ar name replaces .Dq cert in the above file names. For example, if the value of .Ar name is specified as .Dq other the certificate file names to be used will be .Dq other.pem and .Dq otherkey.pem . These files are stored in .Pa /etc/rpc.tlsclntd by default. This option is only meaningful when used with the .Cm tls option and the .Xr rpc.tlsclntd 8 is running with the .Fl m command line flag set. .It Cm udp Use UDP transport. .It Cm vers Ns = Ns Aq Ar vers_number Use the specified version number for NFS requests. See the .Cm nfsv2 , .Cm nfsv3 , and .Cm nfsv4 options for details. .It Cm wcommitsize Ns = Ns Aq Ar value Set the maximum pending write commit size to the specified value. This determines the maximum amount of pending write data that the NFS client is willing to cache for each file. .It Cm wsize Ns = Ns Aq Ar value Set the write data size to the specified value. Ditto the comments w.r.t.\& the .Cm rsize option, but using the .Dq "fragments dropped due to timeout" value on the server instead of the client. Note that both the .Cm rsize and .Cm wsize options should only be used as a last ditch effort at improving performance when mounting servers that do not support TCP mounts. .El .El .Sh IMPLEMENTATION NOTES When neither the .Cm rsize nor .Cm wsize options are specified, the I/O size will be set to the largest value supported by both the NFS client and server. The largest value supported by the NFS client is defined by the tunable .Cd vfs.maxbcachebuf which can be set to a power of two up to .Cd kern.maxphys . .Pp The .Xr nfsstat 1 command with the .Ic -m command line option will show what .Nm option settings are actually in use for the mount. .Sh COMPATIBILITY The following command line flags are equivalent to .Fl o named options and are supported for compatibility with older installations. .Bl -tag -width indent .It Fl 2 Same as .Fl o Cm nfsv2 .It Fl 3 Same as .Fl o Cm nfsv3 .It Fl D Same as .Fl o Cm deadthresh .It Fl I Same as .Fl o Cm readdirsize Ns = Ns Aq Ar value .It Fl L Same as .Fl o Cm nolockd .It Fl N Same as .Fl o Cm noresvport .It Fl P Use a reserved socket port number. This flag is obsolete, and only retained for compatibility reasons. (For the rare case where the client has a trusted root account but untrustworthy users and the network cables are in secure areas this does help, but for normal desktop clients this does not apply.) .It Fl R Same as .Fl o Cm retrycnt Ns = Ns Aq Ar value .It Fl T Same as .Fl o Cm tcp .It Fl U Same as .Fl o Cm mntudp .It Fl a Same as .Fl o Cm readahead Ns = Ns Aq Ar value .It Fl b Same as .Fl o Cm bg .It Fl c Same as .Fl o Cm noconn .It Fl d Same as .Fl o Cm dumbtimer .It Fl g Same as .Fl o Cm maxgroups .It Fl i Same as .Fl o Cm intr .It Fl l Same as .Fl o Cm rdirplus .It Fl r Same as .Fl o Cm rsize Ns = Ns Aq Ar value .It Fl s Same as .Fl o Cm soft .It Fl t Same as .Fl o Cm retransmit Ns = Ns Aq Ar value (deprecated) .It Fl w Same as .Fl o Cm wsize Ns = Ns Aq Ar value .It Fl x Same as .Fl o Cm retrans Ns = Ns Aq Ar value .El .Pp The following .Fl o named options are equivalent to other .Fl o named options and are supported for compatibility with other operating systems (e.g., Linux, Solaris, and OSX) to ease usage of .Xr autofs 5 support. .Bl -tag -width indent .It Fl o Cm vers Ns = Ns 2 Same as .Fl o Cm nfsv2 .It Fl o Cm vers Ns = Ns 3 Same as .Fl o Cm nfsv3 .It Fl o Cm vers Ns = Ns 4 Same as .Fl o Cm nfsv4 .El .Sh SEE ALSO .Xr nfsstat 1 , .Xr nmount 2 , .Xr unmount 2 , .Xr lagg 4 , .Xr nfsv4 4 , .Xr fstab 5 , .Xr gssd 8 , .Xr mount 8 , .Xr nfsd 8 , .Xr nfsiod 8 , .Xr rpc.tlsclntd 8 , .Xr showmount 8 .Sh HISTORY A version of the .Nm utility appeared in .Bx 4.4 . .Sh BUGS Since NFSv4 performs open/lock operations that have their ordering strictly enforced by the server, the options .Cm intr and .Cm soft cannot be safely used. For NFSv4 minor version 1 or 2 mounts, the ordering is done via session slots and the NFSv4 client now handles broken session slots fairly well. As such, if the .Cm nolockd option is used along with .Cm intr and/or .Cm soft , an NFSv4 minor version 1 or 2 mount should work fairly well, although still not completely correctly. For NFSv4 minor version 0 mounts, .Cm hard mounts without the .Cm intr mount option is strongly recommended. diff --git a/sbin/mount_nfs/mount_nfs.c b/sbin/mount_nfs/mount_nfs.c index f2f22e0a0ccd..0c01c41b4290 100644 --- a/sbin/mount_nfs/mount_nfs.c +++ b/sbin/mount_nfs/mount_nfs.c @@ -1,1127 +1,1124 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1992, 1993, 1994 * The Regents of the University of California. All rights reserved. * * This code is derived from software contributed to Berkeley by * Rick Macklem at The University of Guelph. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #if 0 #ifndef lint static const char copyright[] = "@(#) Copyright (c) 1992, 1993, 1994\n\ The Regents of the University of California. All rights reserved.\n"; #endif /* not lint */ -#ifndef lint -static char sccsid[] = "@(#)mount_nfs.c 8.11 (Berkeley) 5/4/95"; -#endif /* not lint */ #endif #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include "mntopts.h" #include "mounttab.h" /* Table for af,sotype -> netid conversions. */ static struct nc_protos { const char *netid; int af; int sotype; } nc_protos[] = { {"udp", AF_INET, SOCK_DGRAM}, {"tcp", AF_INET, SOCK_STREAM}, {"udp6", AF_INET6, SOCK_DGRAM}, {"tcp6", AF_INET6, SOCK_STREAM}, {NULL, 0, 0} }; struct nfhret { u_long stat; long vers; long auth; long fhsize; u_char nfh[NFS3_FHSIZE]; }; #define BGRND 0x01 #define ISBGRND 0x02 #define OF_NOINET4 0x04 #define OF_NOINET6 0x08 #define BGRNDNOW 0x10 static int retrycnt = -1; static int opflags = 0; static int nfsproto = IPPROTO_TCP; static int mnttcp_ok = 1; static int noconn = 0; /* The 'portspec' is the server nfs port; NULL means look up via rpcbind. */ static const char *portspec = NULL; static struct sockaddr *addr; static int addrlen = 0; static u_char *fh = NULL; static int fhsize = 0; static int secflavor = -1; static int got_principal = 0; static enum mountmode { ANY, V2, V3, V4 } mountmode = ANY; /* Return codes for nfs_tryproto. */ enum tryret { TRYRET_SUCCESS, TRYRET_TIMEOUT, /* No response received. */ TRYRET_REMOTEERR, /* Error received from remote server. */ TRYRET_LOCALERR /* Local failure. */ }; static int sec_name_to_num(const char *sec); static const char *sec_num_to_name(int num); static int getnfsargs(char **, char **, struct iovec **iov, int *iovlen); /* void set_rpc_maxgrouplist(int); */ static struct netconfig *getnetconf_cached(const char *netid); static const char *netidbytype(int af, int sotype); static void usage(void) __dead2; static int xdr_dir(XDR *, char *); static int xdr_fh(XDR *, struct nfhret *); static enum tryret nfs_tryproto(struct addrinfo *ai, char *hostp, char *spec, char **errstr, struct iovec **iov, int *iovlen); static enum tryret returncode(enum clnt_stat stat, struct rpc_err *rpcerr); int main(int argc, char *argv[]) { int c; struct iovec *iov; int num, iovlen; char *host, *mntname, *p, *spec, *tmp; char mntpath[MAXPATHLEN], errmsg[255]; char hostname[MAXHOSTNAMELEN + 1], gssn[MAXHOSTNAMELEN + 50]; const char *gssname, *nmount_errstr; bool softintr; softintr = false; iov = NULL; iovlen = 0; memset(errmsg, 0, sizeof(errmsg)); gssname = NULL; while ((c = getopt(argc, argv, "23a:bcdD:g:I:iLlNo:PR:r:sTt:w:x:U")) != -1) switch (c) { case '2': mountmode = V2; break; case '3': mountmode = V3; break; case 'a': printf("-a deprecated, use -o readahead=\n"); build_iovec(&iov, &iovlen, "readahead", optarg, (size_t)-1); break; case 'b': opflags |= BGRND; break; case 'c': printf("-c deprecated, use -o noconn\n"); build_iovec(&iov, &iovlen, "noconn", NULL, 0); noconn = 1; break; case 'D': printf("-D deprecated, use -o deadthresh=\n"); build_iovec(&iov, &iovlen, "deadthresh", optarg, (size_t)-1); break; case 'd': printf("-d deprecated, use -o dumbtimer"); build_iovec(&iov, &iovlen, "dumbtimer", NULL, 0); break; case 'g': printf("-g deprecated, use -o maxgroups"); num = strtol(optarg, &p, 10); if (*p || num <= 0) errx(1, "illegal -g value -- %s", optarg); //set_rpc_maxgrouplist(num); build_iovec(&iov, &iovlen, "maxgroups", optarg, (size_t)-1); break; case 'I': printf("-I deprecated, use -o readdirsize=\n"); build_iovec(&iov, &iovlen, "readdirsize", optarg, (size_t)-1); break; case 'i': printf("-i deprecated, use -o intr\n"); build_iovec(&iov, &iovlen, "intr", NULL, 0); softintr = true; break; case 'L': printf("-L deprecated, use -o nolockd\n"); build_iovec(&iov, &iovlen, "nolockd", NULL, 0); break; case 'l': printf("-l deprecated, -o rdirplus\n"); build_iovec(&iov, &iovlen, "rdirplus", NULL, 0); break; case 'N': printf("-N deprecated, do not specify -o resvport\n"); break; case 'o': { int pass_flag_to_nmount; char *opt = optarg; while (opt) { char *pval = NULL; char *pnextopt = NULL; const char *val = ""; pass_flag_to_nmount = 1; pnextopt = strchr(opt, ','); if (pnextopt != NULL) { *pnextopt = '\0'; pnextopt++; } pval = strchr(opt, '='); if (pval != NULL) { *pval = '\0'; val = pval + 1; } if (strcmp(opt, "bg") == 0) { opflags |= BGRND; pass_flag_to_nmount=0; } else if (strcmp(opt, "bgnow") == 0) { opflags |= BGRNDNOW; pass_flag_to_nmount=0; } else if (strcmp(opt, "fg") == 0) { /* same as not specifying -o bg */ pass_flag_to_nmount=0; } else if (strcmp(opt, "gssname") == 0) { pass_flag_to_nmount = 0; gssname = val; } else if (strcmp(opt, "mntudp") == 0) { mnttcp_ok = 0; nfsproto = IPPROTO_UDP; } else if (strcmp(opt, "udp") == 0) { nfsproto = IPPROTO_UDP; } else if (strcmp(opt, "tcp") == 0) { nfsproto = IPPROTO_TCP; } else if (strcmp(opt, "noinet4") == 0) { pass_flag_to_nmount=0; opflags |= OF_NOINET4; } else if (strcmp(opt, "noinet6") == 0) { pass_flag_to_nmount=0; opflags |= OF_NOINET6; } else if (strcmp(opt, "noconn") == 0) { noconn = 1; } else if (strcmp(opt, "nfsv2") == 0) { pass_flag_to_nmount=0; mountmode = V2; } else if (strcmp(opt, "nfsv3") == 0) { mountmode = V3; } else if (strcmp(opt, "nfsv4") == 0) { pass_flag_to_nmount=0; mountmode = V4; nfsproto = IPPROTO_TCP; if (portspec == NULL) portspec = "2049"; } else if (strcmp(opt, "port") == 0) { pass_flag_to_nmount=0; asprintf(&tmp, "%d", atoi(val)); if (tmp == NULL) err(1, "asprintf"); portspec = tmp; } else if (strcmp(opt, "principal") == 0) { got_principal = 1; } else if (strcmp(opt, "proto") == 0) { pass_flag_to_nmount=0; if (strcmp(val, "tcp") == 0) { nfsproto = IPPROTO_TCP; opflags |= OF_NOINET6; build_iovec(&iov, &iovlen, "tcp", NULL, 0); } else if (strcmp(val, "udp") == 0) { mnttcp_ok = 0; nfsproto = IPPROTO_UDP; opflags |= OF_NOINET6; build_iovec(&iov, &iovlen, "udp", NULL, 0); } else if (strcmp(val, "tcp6") == 0) { nfsproto = IPPROTO_TCP; opflags |= OF_NOINET4; build_iovec(&iov, &iovlen, "tcp", NULL, 0); } else if (strcmp(val, "udp6") == 0) { mnttcp_ok = 0; nfsproto = IPPROTO_UDP; opflags |= OF_NOINET4; build_iovec(&iov, &iovlen, "udp", NULL, 0); } else { errx(1, "illegal proto value -- %s", val); } } else if (strcmp(opt, "sec") == 0) { /* * Don't add this option to * the iovec yet - we will * negotiate which sec flavor * to use with the remote * mountd. */ pass_flag_to_nmount=0; secflavor = sec_name_to_num(val); if (secflavor < 0) { errx(1, "illegal sec value -- %s", val); } } else if (strcmp(opt, "retrycnt") == 0) { pass_flag_to_nmount=0; num = strtol(val, &p, 10); if (*p || num < 0) errx(1, "illegal retrycnt value -- %s", val); retrycnt = num; } else if (strcmp(opt, "maxgroups") == 0) { num = strtol(val, &p, 10); if (*p || num <= 0) errx(1, "illegal maxgroups value -- %s", val); //set_rpc_maxgrouplist(num); } else if (strcmp(opt, "vers") == 0) { num = strtol(val, &p, 10); if (*p || num <= 0) errx(1, "illegal vers value -- " "%s", val); switch (num) { case 2: mountmode = V2; break; case 3: mountmode = V3; build_iovec(&iov, &iovlen, "nfsv3", NULL, 0); break; case 4: mountmode = V4; nfsproto = IPPROTO_TCP; if (portspec == NULL) portspec = "2049"; break; default: errx(1, "illegal nfs version " "value -- %s", val); } pass_flag_to_nmount=0; } else if (strcmp(opt, "soft") == 0) { softintr = true; } else if (strcmp(opt, "intr") == 0) { softintr = true; } if (pass_flag_to_nmount) { build_iovec(&iov, &iovlen, opt, __DECONST(void *, val), strlen(val) + 1); } opt = pnextopt; } } break; case 'P': /* obsolete for -o noresvport now default */ printf("-P deprecated, use -o noresvport\n"); build_iovec(&iov, &iovlen, "noresvport", NULL, 0); break; case 'R': printf("-R deprecated, use -o retrycnt=\n"); num = strtol(optarg, &p, 10); if (*p || num < 0) errx(1, "illegal -R value -- %s", optarg); retrycnt = num; break; case 'r': printf("-r deprecated, use -o rsize=\n"); build_iovec(&iov, &iovlen, "rsize", optarg, (size_t)-1); break; case 's': printf("-s deprecated, use -o soft\n"); build_iovec(&iov, &iovlen, "soft", NULL, 0); softintr = true; break; case 'T': nfsproto = IPPROTO_TCP; printf("-T deprecated, use -o tcp\n"); break; case 't': printf("-t deprecated, use -o timeout=\n"); build_iovec(&iov, &iovlen, "timeout", optarg, (size_t)-1); break; case 'w': printf("-w deprecated, use -o wsize=\n"); build_iovec(&iov, &iovlen, "wsize", optarg, (size_t)-1); break; case 'x': printf("-x deprecated, use -o retrans=\n"); build_iovec(&iov, &iovlen, "retrans", optarg, (size_t)-1); break; case 'U': printf("-U deprecated, use -o mntudp\n"); mnttcp_ok = 0; nfsproto = IPPROTO_UDP; build_iovec(&iov, &iovlen, "mntudp", NULL, 0); break; default: usage(); break; } argc -= optind; argv += optind; if ((opflags & (BGRND | BGRNDNOW)) == (BGRND | BGRNDNOW)) errx(1, "Options bg and bgnow are mutually exclusive"); if (argc != 2) { usage(); /* NOTREACHED */ } /* Warn that NFSv4 mounts only work correctly as hard mounts. */ if (mountmode == V4 && softintr) warnx("Warning, options soft and/or intr cannot be safely used" " for NFSv4. See the BUGS section of mount_nfs(8)"); spec = *argv++; mntname = *argv; if (retrycnt == -1) /* The default is to keep retrying forever. */ retrycnt = 0; if (modfind("nfscl") < 0) { /* Not present in kernel, try loading it */ if (kldload("nfscl") < 0 || modfind("nfscl") < 0) errx(1, "nfscl is not available"); } /* * Add the fqdn to the gssname, as required. */ if (gssname != NULL) { if (strchr(gssname, '@') == NULL && gethostname(hostname, MAXHOSTNAMELEN) == 0) { snprintf(gssn, sizeof (gssn), "%s@%s", gssname, hostname); gssname = gssn; } build_iovec(&iov, &iovlen, "gssname", __DECONST(void *, gssname), strlen(gssname) + 1); } if (!getnfsargs(&spec, &host, &iov, &iovlen)) exit(1); /* resolve the mountpoint with realpath(3) */ if (checkpath(mntname, mntpath) != 0) err(1, "%s", mntpath); build_iovec_argf(&iov, &iovlen, "fstype", "nfs"); build_iovec(&iov, &iovlen, "fspath", mntpath, (size_t)-1); build_iovec(&iov, &iovlen, "errmsg", errmsg, sizeof(errmsg)); if (nmount(iov, iovlen, 0)) { nmount_errstr = nfsv4_geterrstr(errno); if (mountmode == V4 && nmount_errstr != NULL) errx(1, "nmount: %s, %s", mntpath, nmount_errstr); else err(1, "nmount: %s%s%s", mntpath, errmsg[0] ? ", " : "", errmsg); } else if (mountmode != V4 && !add_mtab(host, spec)) { /* Add mounted file system to PATH_MOUNTTAB */ warnx("can't update %s for %s:%s", PATH_MOUNTTAB, host, spec); } exit(0); } static int sec_name_to_num(const char *sec) { if (!strcmp(sec, "krb5")) return (RPCSEC_GSS_KRB5); if (!strcmp(sec, "krb5i")) return (RPCSEC_GSS_KRB5I); if (!strcmp(sec, "krb5p")) return (RPCSEC_GSS_KRB5P); if (!strcmp(sec, "sys")) return (AUTH_SYS); return (-1); } static const char * sec_num_to_name(int flavor) { switch (flavor) { case RPCSEC_GSS_KRB5: return ("krb5"); case RPCSEC_GSS_KRB5I: return ("krb5i"); case RPCSEC_GSS_KRB5P: return ("krb5p"); case AUTH_SYS: return ("sys"); } return (NULL); } /* * Wait for RTM_IFINFO message with interface that is IFF_UP and with * link on, or until timeout expires. Returns seconds left. */ static time_t rtm_ifinfo_sleep(time_t sec) { char buf[2048] __aligned(__alignof(struct if_msghdr)); fd_set rfds; struct timeval tv, start; ssize_t nread; int n, s; s = socket(PF_ROUTE, SOCK_RAW, 0); if (s < 0) err(EX_OSERR, "socket"); (void)gettimeofday(&start, NULL); for (tv.tv_sec = sec, tv.tv_usec = 0; tv.tv_sec > 0; (void)gettimeofday(&tv, NULL), tv.tv_sec = sec - (tv.tv_sec - start.tv_sec)) { FD_ZERO(&rfds); FD_SET(s, &rfds); n = select(s + 1, &rfds, NULL, NULL, &tv); if (n == 0) continue; if (n == -1) { if (errno == EINTR) continue; else err(EX_SOFTWARE, "select"); } nread = read(s, buf, 2048); if (nread < 0) err(EX_OSERR, "read"); if ((size_t)nread >= sizeof(struct if_msghdr)) { struct if_msghdr *ifm; ifm = (struct if_msghdr *)buf; if (ifm->ifm_version == RTM_VERSION && ifm->ifm_type == RTM_IFINFO && (ifm->ifm_flags & IFF_UP) && ifm->ifm_data.ifi_link_state != LINK_STATE_DOWN) break; } } close(s); return (tv.tv_sec); } static int getnfsargs(char **specp, char **hostpp, struct iovec **iov, int *iovlen) { struct addrinfo hints, *ai_nfs, *ai; enum tryret ret; int ecode, speclen, remoteerr, offset, have_bracket = 0; char *hostp, *delimp, *errstr, *spec; size_t len; static char nam[MNAMELEN + 1], pname[MAXHOSTNAMELEN + 5]; spec = *specp; if (*spec == '[' && (delimp = strchr(spec + 1, ']')) != NULL && *(delimp + 1) == ':') { hostp = spec + 1; spec = delimp + 2; have_bracket = 1; } else if ((delimp = strrchr(spec, ':')) != NULL) { hostp = spec; spec = delimp + 1; } else if ((delimp = strrchr(spec, '@')) != NULL) { warnx("path@server syntax is deprecated, use server:path"); hostp = delimp + 1; } else { warnx("no : nfs-name"); return (0); } *delimp = '\0'; /* * If there has been a trailing slash at mounttime it seems * that some mountd implementations fail to remove the mount * entries from their mountlist while unmounting. */ for (speclen = strlen(spec); speclen > 1 && spec[speclen - 1] == '/'; speclen--) spec[speclen - 1] = '\0'; if (strlen(hostp) + strlen(spec) + 1 > MNAMELEN) { warnx("%s:%s: %s", hostp, spec, strerror(ENAMETOOLONG)); return (0); } /* Make both '@' and ':' notations equal */ if (*hostp != '\0') { len = strlen(hostp); offset = 0; if (have_bracket) nam[offset++] = '['; memmove(nam + offset, hostp, len); if (have_bracket) nam[len + offset++] = ']'; nam[len + offset++] = ':'; memmove(nam + len + offset, spec, speclen); nam[len + speclen + offset] = '\0'; } /* * Handle an internet host address. */ memset(&hints, 0, sizeof hints); hints.ai_flags = AI_NUMERICHOST; if (nfsproto == IPPROTO_TCP) hints.ai_socktype = SOCK_STREAM; else if (nfsproto == IPPROTO_UDP) hints.ai_socktype = SOCK_DGRAM; if (getaddrinfo(hostp, portspec, &hints, &ai_nfs) != 0) { hints.ai_flags = AI_CANONNAME; if ((ecode = getaddrinfo(hostp, portspec, &hints, &ai_nfs)) != 0) { if (portspec == NULL) errx(1, "%s: %s", hostp, gai_strerror(ecode)); else errx(1, "%s:%s: %s", hostp, portspec, gai_strerror(ecode)); return (0); } /* * For a Kerberized nfs mount where the "principal" * argument has not been set, add it here. */ if (got_principal == 0 && secflavor != AUTH_SYS && ai_nfs->ai_canonname != NULL) { snprintf(pname, sizeof (pname), "nfs@%s", ai_nfs->ai_canonname); build_iovec(iov, iovlen, "principal", pname, strlen(pname) + 1); } } if ((opflags & (BGRNDNOW | ISBGRND)) == BGRNDNOW) { warnx("Mount %s:%s, backgrounding", hostp, spec); opflags |= ISBGRND; if (daemon(0, 0) != 0) err(1, "daemon"); } ret = TRYRET_LOCALERR; for (;;) { /* * Try each entry returned by getaddrinfo(). Note the * occurrence of remote errors by setting `remoteerr'. */ remoteerr = 0; for (ai = ai_nfs; ai != NULL; ai = ai->ai_next) { if ((ai->ai_family == AF_INET6) && (opflags & OF_NOINET6)) continue; if ((ai->ai_family == AF_INET) && (opflags & OF_NOINET4)) continue; ret = nfs_tryproto(ai, hostp, spec, &errstr, iov, iovlen); if (ret == TRYRET_SUCCESS) break; if (ret != TRYRET_LOCALERR) remoteerr = 1; if ((opflags & ISBGRND) == 0) fprintf(stderr, "%s\n", errstr); } if (ret == TRYRET_SUCCESS) break; /* Exit if all errors were local. */ if (!remoteerr) exit(1); /* * If retrycnt == 0, we are to keep retrying forever. * Otherwise decrement it, and exit if it hits zero. */ if (retrycnt != 0 && --retrycnt == 0) exit(1); if ((opflags & (BGRND | ISBGRND)) == BGRND) { warnx("Cannot immediately mount %s:%s, backgrounding", hostp, spec); opflags |= ISBGRND; if (daemon(0, 0) != 0) err(1, "daemon"); } /* * If rtm_ifinfo_sleep() returns non-zero, don't count * that as a retry attempt. */ if (rtm_ifinfo_sleep(60) && retrycnt != 0) retrycnt++; } freeaddrinfo(ai_nfs); build_iovec(iov, iovlen, "hostname", nam, (size_t)-1); *specp = spec; *hostpp = hostp; return (1); } /* * Try to set up the NFS arguments according to the address * family, protocol (and possibly port) specified in `ai'. * * Returns TRYRET_SUCCESS if successful, or: * TRYRET_TIMEOUT The server did not respond. * TRYRET_REMOTEERR The server reported an error. * TRYRET_LOCALERR Local failure. * * In all error cases, *errstr will be set to a statically-allocated string * describing the error. */ static enum tryret nfs_tryproto(struct addrinfo *ai, char *hostp, char *spec, char **errstr, struct iovec **iov, int *iovlen) { static char errbuf[256]; struct sockaddr_storage nfs_ss; struct netbuf nfs_nb; struct nfhret nfhret; struct timeval try; struct rpc_err rpcerr; CLIENT *clp; struct netconfig *nconf, *nconf_mnt; const char *netid, *netid_mnt, *secname; int doconnect, nfsvers, mntvers, sotype; enum clnt_stat clntstat; enum mountmode trymntmode; sotype = 0; trymntmode = mountmode; errbuf[0] = '\0'; *errstr = errbuf; if (nfsproto == IPPROTO_TCP) sotype = SOCK_STREAM; else if (nfsproto == IPPROTO_UDP) sotype = SOCK_DGRAM; if ((netid = netidbytype(ai->ai_family, sotype)) == NULL) { snprintf(errbuf, sizeof errbuf, "af %d sotype %d not supported", ai->ai_family, sotype); return (TRYRET_LOCALERR); } if ((nconf = getnetconf_cached(netid)) == NULL) { snprintf(errbuf, sizeof errbuf, "%s: %s", netid, nc_sperror()); return (TRYRET_LOCALERR); } /* The RPCPROG_MNT netid may be different. */ if (mnttcp_ok) { netid_mnt = netid; nconf_mnt = nconf; } else { if ((netid_mnt = netidbytype(ai->ai_family, SOCK_DGRAM)) == NULL) { snprintf(errbuf, sizeof errbuf, "af %d sotype SOCK_DGRAM not supported", ai->ai_family); return (TRYRET_LOCALERR); } if ((nconf_mnt = getnetconf_cached(netid_mnt)) == NULL) { snprintf(errbuf, sizeof errbuf, "%s: %s", netid_mnt, nc_sperror()); return (TRYRET_LOCALERR); } } tryagain: if (trymntmode == V4) { nfsvers = 4; mntvers = 3; /* Workaround for GCC. */ } else if (trymntmode == V2) { nfsvers = 2; mntvers = 1; } else { nfsvers = 3; mntvers = 3; } if (portspec != NULL) { /* `ai' contains the complete nfsd sockaddr. */ nfs_nb.buf = ai->ai_addr; nfs_nb.len = nfs_nb.maxlen = ai->ai_addrlen; } else { /* Ask the remote rpcbind. */ nfs_nb.buf = &nfs_ss; nfs_nb.len = nfs_nb.maxlen = sizeof nfs_ss; if (!rpcb_getaddr(NFS_PROGRAM, nfsvers, nconf, &nfs_nb, hostp)) { if (rpc_createerr.cf_stat == RPC_PROGVERSMISMATCH && trymntmode == ANY) { trymntmode = V2; goto tryagain; } snprintf(errbuf, sizeof errbuf, "[%s] %s:%s: %s", netid, hostp, spec, clnt_spcreateerror("RPCPROG_NFS")); return (returncode(rpc_createerr.cf_stat, &rpc_createerr.cf_error)); } } /* Check that the server (nfsd) responds on the port we have chosen. */ clp = clnt_tli_create(RPC_ANYFD, nconf, &nfs_nb, NFS_PROGRAM, nfsvers, 0, 0); if (clp == NULL) { snprintf(errbuf, sizeof errbuf, "[%s] %s:%s: %s", netid, hostp, spec, clnt_spcreateerror("nfsd: RPCPROG_NFS")); return (returncode(rpc_createerr.cf_stat, &rpc_createerr.cf_error)); } if (sotype == SOCK_DGRAM && noconn == 0) { /* * Use connect(), to match what the kernel does. This * catches cases where the server responds from the * wrong source address. */ doconnect = 1; if (!clnt_control(clp, CLSET_CONNECT, (char *)&doconnect)) { clnt_destroy(clp); snprintf(errbuf, sizeof errbuf, "[%s] %s:%s: CLSET_CONNECT failed", netid, hostp, spec); return (TRYRET_LOCALERR); } } try.tv_sec = 10; try.tv_usec = 0; clntstat = clnt_call(clp, NFSPROC_NULL, (xdrproc_t)xdr_void, NULL, (xdrproc_t)xdr_void, NULL, try); if (clntstat != RPC_SUCCESS) { if (clntstat == RPC_PROGVERSMISMATCH && trymntmode == ANY) { clnt_destroy(clp); trymntmode = V2; goto tryagain; } clnt_geterr(clp, &rpcerr); snprintf(errbuf, sizeof errbuf, "[%s] %s:%s: %s", netid, hostp, spec, clnt_sperror(clp, "NFSPROC_NULL")); clnt_destroy(clp); return (returncode(clntstat, &rpcerr)); } clnt_destroy(clp); /* * For NFSv4, there is no mount protocol. */ if (trymntmode == V4) { /* * Store the server address in nfsargsp, making * sure to copy any locally allocated structures. */ addrlen = nfs_nb.len; addr = malloc(addrlen); if (addr == NULL) err(1, "malloc"); bcopy(nfs_nb.buf, addr, addrlen); build_iovec(iov, iovlen, "addr", addr, addrlen); secname = sec_num_to_name(secflavor); if (secname != NULL) { build_iovec(iov, iovlen, "sec", __DECONST(void *, secname), (size_t)-1); } build_iovec(iov, iovlen, "nfsv4", NULL, 0); build_iovec(iov, iovlen, "dirpath", spec, (size_t)-1); return (TRYRET_SUCCESS); } /* Send the MOUNTPROC_MNT RPC to get the root filehandle. */ try.tv_sec = 10; try.tv_usec = 0; clp = clnt_tp_create(hostp, MOUNTPROG, mntvers, nconf_mnt); if (clp == NULL) { snprintf(errbuf, sizeof errbuf, "[%s] %s:%s: %s", netid_mnt, hostp, spec, clnt_spcreateerror("RPCMNT: clnt_create")); return (returncode(rpc_createerr.cf_stat, &rpc_createerr.cf_error)); } clp->cl_auth = authsys_create_default(); nfhret.auth = secflavor; nfhret.vers = mntvers; clntstat = clnt_call(clp, MOUNTPROC_MNT, (xdrproc_t)xdr_dir, spec, (xdrproc_t)xdr_fh, &nfhret, try); auth_destroy(clp->cl_auth); if (clntstat != RPC_SUCCESS) { if (clntstat == RPC_PROGVERSMISMATCH && trymntmode == ANY) { clnt_destroy(clp); trymntmode = V2; goto tryagain; } clnt_geterr(clp, &rpcerr); snprintf(errbuf, sizeof errbuf, "[%s] %s:%s: %s", netid_mnt, hostp, spec, clnt_sperror(clp, "RPCPROG_MNT")); clnt_destroy(clp); return (returncode(clntstat, &rpcerr)); } clnt_destroy(clp); if (nfhret.stat != 0) { snprintf(errbuf, sizeof errbuf, "[%s] %s:%s: %s", netid_mnt, hostp, spec, strerror(nfhret.stat)); return (TRYRET_REMOTEERR); } /* * Store the filehandle and server address in nfsargsp, making * sure to copy any locally allocated structures. */ addrlen = nfs_nb.len; addr = malloc(addrlen); fhsize = nfhret.fhsize; fh = malloc(fhsize); if (addr == NULL || fh == NULL) err(1, "malloc"); bcopy(nfs_nb.buf, addr, addrlen); bcopy(nfhret.nfh, fh, fhsize); build_iovec(iov, iovlen, "addr", addr, addrlen); build_iovec(iov, iovlen, "fh", fh, fhsize); secname = sec_num_to_name(nfhret.auth); if (secname) { build_iovec(iov, iovlen, "sec", __DECONST(void *, secname), (size_t)-1); } if (nfsvers == 3) build_iovec(iov, iovlen, "nfsv3", NULL, 0); return (TRYRET_SUCCESS); } /* * Catagorise a RPC return status and error into an `enum tryret' * return code. */ static enum tryret returncode(enum clnt_stat clntstat, struct rpc_err *rpcerr) { switch (clntstat) { case RPC_TIMEDOUT: return (TRYRET_TIMEOUT); case RPC_PMAPFAILURE: case RPC_PROGNOTREGISTERED: case RPC_PROGVERSMISMATCH: /* XXX, these can be local or remote. */ case RPC_CANTSEND: case RPC_CANTRECV: return (TRYRET_REMOTEERR); case RPC_SYSTEMERROR: switch (rpcerr->re_errno) { case ETIMEDOUT: return (TRYRET_TIMEOUT); case ENOMEM: break; default: return (TRYRET_REMOTEERR); } /* FALLTHROUGH */ default: break; } return (TRYRET_LOCALERR); } /* * Look up a netid based on an address family and socket type. * `af' is the address family, and `sotype' is SOCK_DGRAM or SOCK_STREAM. * * XXX there should be a library function for this. */ static const char * netidbytype(int af, int sotype) { struct nc_protos *p; for (p = nc_protos; p->netid != NULL; p++) { if (af != p->af || sotype != p->sotype) continue; return (p->netid); } return (NULL); } /* * Look up a netconfig entry based on a netid, and cache the result so * that we don't need to remember to call freenetconfigent(). * * Otherwise it behaves just like getnetconfigent(), so nc_*error() * work on failure. */ static struct netconfig * getnetconf_cached(const char *netid) { static struct nc_entry { struct netconfig *nconf; struct nc_entry *next; } *head; struct nc_entry *p; struct netconfig *nconf; for (p = head; p != NULL; p = p->next) if (strcmp(netid, p->nconf->nc_netid) == 0) return (p->nconf); if ((nconf = getnetconfigent(netid)) == NULL) return (NULL); if ((p = malloc(sizeof(*p))) == NULL) err(1, "malloc"); p->nconf = nconf; p->next = head; head = p; return (p->nconf); } /* * xdr routines for mount rpc's */ static int xdr_dir(XDR *xdrsp, char *dirp) { return (xdr_string(xdrsp, &dirp, MNTPATHLEN)); } static int xdr_fh(XDR *xdrsp, struct nfhret *np) { int i; long auth, authcnt, authfnd = 0; if (!xdr_u_long(xdrsp, &np->stat)) return (0); if (np->stat) return (1); switch (np->vers) { case 1: np->fhsize = NFS_FHSIZE; return (xdr_opaque(xdrsp, (caddr_t)np->nfh, NFS_FHSIZE)); case 3: if (!xdr_long(xdrsp, &np->fhsize)) return (0); if (np->fhsize <= 0 || np->fhsize > NFS3_FHSIZE) return (0); if (!xdr_opaque(xdrsp, (caddr_t)np->nfh, np->fhsize)) return (0); if (!xdr_long(xdrsp, &authcnt)) return (0); for (i = 0; i < authcnt; i++) { if (!xdr_long(xdrsp, &auth)) return (0); if (np->auth == -1) { np->auth = auth; authfnd++; } else if (auth == np->auth) { authfnd++; } } /* * Some servers, such as DEC's OSF/1 return a nil authenticator * list to indicate RPCAUTH_UNIX. */ if (authcnt == 0 && np->auth == -1) np->auth = AUTH_SYS; if (!authfnd && (authcnt > 0 || np->auth != AUTH_SYS)) np->stat = EAUTH; return (1); } return (0); } static void usage(void) { (void)fprintf(stderr, "%s\n%s\n%s\n%s\n", "usage: mount_nfs [-23bcdiLlNPsTU] [-a maxreadahead] [-D deadthresh]", " [-g maxgroups] [-I readdirsize] [-o options] [-R retrycnt]", " [-r readsize] [-t timeout] [-w writesize] [-x retrans]", " rhost:path node"); exit(1); } diff --git a/sbin/mount_nullfs/Makefile b/sbin/mount_nullfs/Makefile index 3063cb6030fe..591ee9a9e240 100644 --- a/sbin/mount_nullfs/Makefile +++ b/sbin/mount_nullfs/Makefile @@ -1,13 +1,12 @@ -# @(#)Makefile 8.3 (Berkeley) 3/27/94 PACKAGE=runtime PROG= mount_nullfs SRCS= mount_nullfs.c getmntopts.c MAN= mount_nullfs.8 MOUNT= ${.CURDIR:H}/mount CFLAGS+=-I${MOUNT} .PATH: ${MOUNT} .include diff --git a/sbin/mount_nullfs/mount_nullfs.8 b/sbin/mount_nullfs/mount_nullfs.8 index e3648a2fb2f2..940cb1650a31 100644 --- a/sbin/mount_nullfs/mount_nullfs.8 +++ b/sbin/mount_nullfs/mount_nullfs.8 @@ -1,269 +1,267 @@ .\" .\" Copyright (c) 1992, 1993, 1994 .\" The Regents of the University of California. All rights reserved. .\" .\" This code is derived from software donated to Berkeley by .\" John Heidemann of the UCLA Ficus project. .\" .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: .\" 1. Redistributions of source code must retain the above copyright .\" notice, this list of conditions and the following disclaimer. .\" 2. Redistributions in binary form must reproduce the above copyright .\" notice, this list of conditions and the following disclaimer in the .\" documentation and/or other materials provided with the distribution. .\" 3. Neither the name of the University nor the names of its contributors .\" may be used to endorse or promote products derived from this software .\" without specific prior written permission. .\" .\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE .\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" @(#)mount_null.8 8.6 (Berkeley) 5/1/95 -.\" .Dd June 11, 2023 .Dt MOUNT_NULLFS 8 .Os .Sh NAME .Nm mount_nullfs .Nd "mount a loopback file system sub-tree; demonstrate the use of a null file system layer" .Sh SYNOPSIS .Nm .Op Fl o Ar options .Ar target .Ar mount-point .Sh DESCRIPTION The .Nm utility creates a .Xr nullfs 5 layer, duplicating a sub-tree of the file system name space under another part of the global file system namespace. This allows existing files and directories to be accessed using a different pathname. .Pp The primary differences between a virtual copy of the file system and a symbolic link are that the .Xr getcwd 3 functions work correctly in the virtual copy, and that other file systems may be mounted on the virtual copy without affecting the original. A different device number for the virtual copy is returned by .Xr stat 2 , but in other respects it is indistinguishable from the original. .Pp The .Nm utility supports mounting both directories and single files. Both .Ar target and .Ar mount_point must be the same type. Mounting directories to files or files to directories is not supported. .Pp The .Nm file system differs from a traditional loopback file system in two respects: it is implemented using a stackable layers techniques, and its .Do null-node Dc Ns s stack above all lower-layer vnodes, not just over directory vnodes. .Pp The options are as follows: .Bl -tag -width indent .It Fl o Options are specified with a .Fl o flag followed by a comma separated string of options. See the .Xr mount 8 man page for possible options and their meanings. Additionally the following option is supported: .Bl -tag -width indent .It Cm nocache Disable metadata caching in the null layer. Some lower-layer file systems may force this option. Depending on the access pattern, this may result in increased lock contention. .El .El .Pp The null layer has two purposes. First, it serves as a demonstration of layering by providing a layer which does nothing. (It actually does everything the loopback file system does, which is slightly more than nothing.) Second, the null layer can serve as a prototype layer. Since it provides all necessary layer framework, new file system layers can be created very easily by starting with a null layer. .Pp The remainder of this man page examines the null layer as a basis for constructing new layers. .\" .\" .Sh INSTANTIATING NEW NULL LAYERS New null layers are created with .Nm . The .Nm utility takes two arguments, the pathname of the lower vfs (target-pn) and the pathname where the null layer will appear in the namespace (mount-point-pn). After the null layer is put into place, the contents of target-pn subtree will be aliased under mount-point-pn. .\" .\" .Sh OPERATION OF A NULL LAYER The null layer is the minimum file system layer, simply bypassing all possible operations to the lower layer for processing there. The majority of its activity centers on the bypass routine, through which nearly all vnode operations pass. .Pp The bypass routine accepts arbitrary vnode operations for handling by the lower layer. It begins by examining vnode operation arguments and replacing any null-nodes by their lower-layer equivalents. It then invokes the operation on the lower layer. Finally, it replaces the null-nodes in the arguments and, if a vnode is returned by the operation, stacks a null-node on top of the returned vnode. .Pp Although bypass handles most operations, .Em vop_getattr , .Em vop_inactive , .Em vop_reclaim , and .Em vop_print are not bypassed. .Em Vop_getattr must change the fsid being returned. .Em Vop_inactive and .Em vop_reclaim are not bypassed so that they can handle freeing null-layer specific data. .Em Vop_print is not bypassed to avoid excessive debugging information. .\" .\" .Sh INSTANTIATING VNODE STACKS Mounting associates the null layer with a lower layer, in effect stacking two VFSes. Vnode stacks are instead created on demand as files are accessed. .Pp The initial mount creates a single vnode stack for the root of the new null layer. All other vnode stacks are created as a result of vnode operations on this or other null vnode stacks. .Pp New vnode stacks come into existence as a result of an operation which returns a vnode. The bypass routine stacks a null-node above the new vnode before returning it to the caller. .Pp For example, imagine mounting a null layer with .Bd -literal -offset indent mount_nullfs /usr/include /dev/layer/null .Ed .Pp Changing directory to .Pa /dev/layer/null will assign the root null-node (which was created when the null layer was mounted). Now consider opening .Pa sys . A vop_lookup would be done on the root null-node. This operation would bypass through to the lower layer which would return a vnode representing the UFS .Pa sys . Null_bypass then builds a null-node aliasing the UFS .Pa sys and returns this to the caller. Later operations on the null-node .Pa sys will repeat this process when constructing other vnode stacks. .\" .\" .Sh CREATING OTHER FILE SYSTEM LAYERS One of the easiest ways to construct new file system layers is to make a copy of the null layer, rename all files and variables, and then begin modifying the copy. The .Xr sed 1 utility can be used to easily rename all variables. .Pp The umap layer is an example of a layer descended from the null layer. .\" .\" .Sh INVOKING OPERATIONS ON LOWER LAYERS There are two techniques to invoke operations on a lower layer when the operation cannot be completely bypassed. Each method is appropriate in different situations. In both cases, it is the responsibility of the aliasing layer to make the operation arguments "correct" for the lower layer by mapping a vnode argument to the lower layer. .Pp The first approach is to call the aliasing layer's bypass routine. This method is most suitable when you wish to invoke the operation currently being handled on the lower layer. It has the advantage that the bypass routine already must do argument mapping. An example of this is .Em null_getattrs in the null layer. .Pp A second approach is to directly invoke vnode operations on the lower layer with the .Em VOP_OPERATIONNAME interface. The advantage of this method is that it is easy to invoke arbitrary operations on the lower layer. The disadvantage is that vnode arguments must be manually mapped. .\" .\" .Sh SEE ALSO .Xr nullfs 5 , .Xr mount 8 .Pp UCLA Technical Report CSD-910056, .Em "Stackable Layers: an Architecture for File System Development" . .Sh HISTORY The .Nm mount_null utility first appeared in .Bx 4.4 . It was renamed to .Nm in .Fx 5.0 . diff --git a/sbin/mount_nullfs/mount_nullfs.c b/sbin/mount_nullfs/mount_nullfs.c index c6bf09a1ca1c..dbaa295d5df2 100644 --- a/sbin/mount_nullfs/mount_nullfs.c +++ b/sbin/mount_nullfs/mount_nullfs.c @@ -1,142 +1,139 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1992, 1993, 1994 * The Regents of the University of California. All rights reserved. * * This code is derived from software donated to Berkeley by * Jan-Simon Pendry. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #ifndef lint static const char copyright[] = "@(#) Copyright (c) 1992, 1993, 1994\n\ The Regents of the University of California. All rights reserved.\n"; #endif /* not lint */ #ifndef lint -#if 0 -static char sccsid[] = "@(#)mount_null.c 8.6 (Berkeley) 4/26/95"; -#endif #endif /* not lint */ #include #include #include #include #include #include #include #include #include #include #include "mntopts.h" static void usage(void) __dead2; static int stat_realpath(const char *path, char *resolved, struct stat *sbp) { if (realpath(path, resolved) == NULL || stat(resolved, sbp) != 0) return (1); return (0); } int main(int argc, char *argv[]) { struct iovec *iov; char *p, *val; char mountpoint[MAXPATHLEN]; char target[MAXPATHLEN]; char errmsg[255]; int ch, iovlen; char nullfs[] = "nullfs"; struct stat target_stat; struct stat mountpoint_stat; iov = NULL; iovlen = 0; errmsg[0] = '\0'; while ((ch = getopt(argc, argv, "o:")) != -1) switch(ch) { case 'o': val = strdup(""); p = strchr(optarg, '='); if (p != NULL) { free(val); *p = '\0'; val = p + 1; } build_iovec(&iov, &iovlen, optarg, val, (size_t)-1); break; case '?': default: usage(); } argc -= optind; argv += optind; if (argc != 2) usage(); /* resolve target and mountpoint with realpath(3) */ if (stat_realpath(argv[0], target, &target_stat) != 0) err(EX_USAGE, "%s", target); if (stat_realpath(argv[1], mountpoint, &mountpoint_stat) != 0) err(EX_USAGE, "%s", mountpoint); if (!S_ISDIR(target_stat.st_mode) && !S_ISREG(target_stat.st_mode)) errx(EX_USAGE, "%s: must be either a file or directory", target); if ((target_stat.st_mode & S_IFMT) != (mountpoint_stat.st_mode & S_IFMT)) errx(EX_USAGE, "%s: must be same type as %s (file or directory)", mountpoint, target); build_iovec(&iov, &iovlen, "fstype", nullfs, (size_t)-1); build_iovec(&iov, &iovlen, "fspath", mountpoint, (size_t)-1); build_iovec(&iov, &iovlen, "target", target, (size_t)-1); build_iovec(&iov, &iovlen, "errmsg", errmsg, sizeof(errmsg)); if (nmount(iov, iovlen, 0) < 0) { if (errmsg[0] != 0) err(1, "%s: %s", mountpoint, errmsg); else err(1, "%s", mountpoint); } exit(0); } static void usage(void) { (void)fprintf(stderr, "usage: mount_nullfs [-o options] target mount-point\n"); exit(1); } diff --git a/sbin/mount_unionfs/Makefile b/sbin/mount_unionfs/Makefile index 6cd7eeace1e0..a548429b03c6 100644 --- a/sbin/mount_unionfs/Makefile +++ b/sbin/mount_unionfs/Makefile @@ -1,13 +1,12 @@ -# @(#)Makefile 8.3 (Berkeley) 3/27/94 PACKAGE=runtime PROG= mount_unionfs SRCS= mount_unionfs.c getmntopts.c MAN= mount_unionfs.8 MOUNT= ${.CURDIR:H}/mount CFLAGS+=-I${MOUNT} .PATH: ${MOUNT} .include diff --git a/sbin/mount_unionfs/mount_unionfs.8 b/sbin/mount_unionfs/mount_unionfs.8 index 879198f51a89..5469fef4ad35 100644 --- a/sbin/mount_unionfs/mount_unionfs.8 +++ b/sbin/mount_unionfs/mount_unionfs.8 @@ -1,394 +1,392 @@ .\" Copyright (c) 1994 .\" The Regents of the University of California. All rights reserved. .\" .\" This code is derived from software donated to Berkeley by .\" Jan-Simon Pendry. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: .\" 1. Redistributions of source code must retain the above copyright .\" notice, this list of conditions and the following disclaimer. .\" 2. Redistributions in binary form must reproduce the above copyright .\" notice, this list of conditions and the following disclaimer in the .\" documentation and/or other materials provided with the distribution. .\" 3. Neither the name of the University nor the names of its contributors .\" may be used to endorse or promote products derived from this software .\" without specific prior written permission. .\" .\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE .\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" @(#)mount_union.8 8.6 (Berkeley) 3/27/94 -.\" .Dd October 3, 2016 .Dt MOUNT_UNIONFS 8 .Os .Sh NAME .Nm mount_unionfs .Nd mount union file systems .Sh SYNOPSIS .Nm .Op Fl b .Op Fl o Ar options .Ar directory .Ar uniondir .Sh DESCRIPTION The .Nm utility attaches .Ar directory above .Ar uniondir in such a way that the contents of both directory trees remain visible. By default, .Ar directory becomes the .Em upper layer and .Ar uniondir becomes the .Em lower layer. .Pp The options are as follows: .Bl -tag -width indent .It Fl b Deprecated. Use .Fl o Cm below instead. .It Fl o Options are specified with the .Fl o flag followed by an option. The following options are available: .Bl -tag -width indent .It Cm below Inverts the default position, so that .Ar directory becomes the lower layer and .Ar uniondir becomes the upper layer. However, .Ar uniondir remains the mount point. .It Cm copymode No = Cm traditional | transparent | masquerade Specifies the way to create a file or a directory in the upper layer automatically when needed. The .Cm traditional mode uses the same way as the old unionfs for backward compatibility, and .Cm transparent duplicates the file and directory mode bits and the ownership in the lower layer to the created file in the upper layer. For behavior of the .Cm masquerade mode, see .Sx MASQUERADE MODE below. .It Cm whiteout No = Cm always | whenneeded Specifies whether whiteouts should always be made in the upper layer when removing a file or directory or only when it already exists in the lower layer. .It Cm udir Ns = Ns Ar mode Specifies directory mode bits in octal for .Cm masquerade mode. .It Cm ufile Ns = Ns Ar mode Specifies file mode bits in octal for .Cm masquerade mode. .It Cm gid Ns = Ns Ar gid Specifies group for .Cm masquerade mode. .It Cm uid Ns = Ns Ar uid Specifies user for .Cm masquerade mode. .El .El .Pp To enforce file system security, the user mounting a file system must be superuser or else have write permission on the mounted-on directory. In addition, the .Va vfs.usermount .Xr sysctl 8 variable must be set to 1 to permit file system mounting by ordinary users. However, note that .Cm transparent and .Cm masquerade modes require .Va vfs.usermount to be set to 0 because this functionality can only be used by superusers. .Pp Filenames are looked up in the upper layer and then in the lower layer. If a directory is found in the lower layer, and there is no entry in the upper layer, then a .Em shadow directory will be created in the upper layer. The ownership and the mode bits are set depending on the .Cm copymode option. In .Cm traditional mode, it will be owned by the user who originally did the union mount, with mode 0777 .Pq Dq Li rwxrwxrwx modified by the umask in effect at that time. .Pp If a file exists in the upper layer then there is no way to access a file with the same name in the lower layer. If necessary, a combination of loopback and union mounts can be made which will still allow the lower files to be accessed by a different pathname. .Pp Except in the case of a directory, access to an object is granted via the normal file system access checks. For directories, the current user must have access to both the upper and lower directories (should they both exist). .Pp Requests to create or modify objects in .Ar uniondir are passed to the upper layer with the exception of a few special cases. An attempt to open for writing a file which exists in the lower layer causes a copy of the .Em entire file to be made to the upper layer, and then for the upper layer copy to be opened. Similarly, an attempt to truncate a lower layer file to zero length causes an empty file to be created in the upper layer. Any other operation which would ultimately require modification to the lower layer fails with .Er EROFS . .Pp The union file system manipulates the namespace, rather than individual file systems. The union operation applies recursively down the directory tree now rooted at .Ar uniondir . Thus any file systems which are mounted under .Ar uniondir will take part in the union operation. This differs from the .Cm union option to .Xr mount 8 which only applies the union operation to the mount point itself, and then only for lookups. .Sh MASQUERADE MODE When a file (or a directory) is created in the upper layer, the .Cm masquerade mode sets it the fixed access mode bits given in .Cm ufile (for files) or .Cm udir (for directories) option and the owner given in .Cm udir and .Cm gid options, instead of ones in the lower layer. Note that in the .Cm masquerade mode and when owner of the file or directory matches one specified in .Cm uid option, only mode bits for the owner will be modified. More specifically, the file mode bits in the upper layer will be (mode in the lower layer) OR (mode given in .Cm ufile AND 0700), and the ownership will be the same as one in the lower layer. .Pp The default values for .Cm ufile , udir , uid , and .Cm gid are as follow: .Pp .Bl -bullet -compact .It If none of .Cm ufile and .Cm udir were specified, access mode bits in the mount point will be used. .It If none of .Cm uid and .Cm gid were specified, ownership in the mount point will be used. .It If one of .Cm udir or .Cm ufile is not specified, the value of the other option will be used. .It If one of .Cm uid or .Cm gid is not specified, the value of the other option will be used. .El .Sh EXAMPLES The commands .Bd -literal -offset indent mount -t cd9660 -o ro /dev/cd0 /usr/src mount -t unionfs -o noatime /var/obj /usr/src .Ed .Pp mount the CD-ROM drive .Pa /dev/cd0 on .Pa /usr/src and then attaches .Pa /var/obj on top. For most purposes the effect of this is to make the source tree appear writable even though it is stored on a CD-ROM. The .Fl o Cm noatime option is useful to avoid unnecessary copying from the lower to the upper layer. .Pp The commands .Bd -literal -offset indent mount -t cd9660 -o ro /dev/cd0 /usr/src chown 2020 /usr/src mount -t unionfs -o noatime -o copymode=masquerade -o uid=builder \\ -o udir=755 -o ufile=644 /var/obj /usr/src .Ed .Pp also mount the CD-ROM drive .Pa /dev/cd0 on .Pa /usr/src and then attaches .Pa /var/obj on top. Furthermore, the owner of all files and directories in .Pa /usr/src is a regular user with UID 2020 when seen from the upper layer. Note that for the access mode bits, ones in the lower layer (on the CD-ROM, in this example) are still used without change. Thus, write privilege to the upper layer can be controlled independently from access mode bits and ownership in the lower layer. If a user does not have read privilege from the lower layer, one cannot still read even when the upper layer is mounted by using .Cm masquerade mode. .Pp The command .Bd -literal -offset indent mount -t unionfs -o noatime -o below /sys $HOME/sys .Ed .Pp attaches the system source tree below the .Pa sys directory in the user's home directory. This allows individual users to make private changes to the source, and build new kernels, without those changes becoming visible to other users. Note that the files in the lower layer remain accessible via .Pa /sys . .Sh SEE ALSO .Xr intro 2 , .Xr mount 2 , .Xr unmount 2 , .Xr fstab 5 , .Xr mount 8 , .Xr mount_nullfs 8 .Sh HISTORY The .Nm mount_null utility first appeared in .Bx 4.4 . It was renamed to .Nm in .Fx 5.0 . .Pp The .Fl r option for hiding the lower layer completely was removed in .Fx 7.0 because this is identical to using .Xr mount_nullfs 8 . .Sh AUTHORS .An -nosplit In .Fx 7.0 , .An Masanori OZAWA Aq Mt ozawa@ongs.co.jp reimplemented handling of locking, whiteout, and file mode bits, and .An Hiroki Sato Aq Mt hrs@FreeBSD.org wrote about the changes in this manual page. .Sh BUGS THIS FILE SYSTEM TYPE IS NOT YET FULLY SUPPORTED (READ: IT DOESN'T WORK) AND USING IT MAY, IN FACT, DESTROY DATA ON YOUR SYSTEM. USE AT YOUR OWN RISK. .Pp This code also needs an owner in order to be less dangerous - serious hackers can apply by sending mail to .Aq Mt freebsd-fs@FreeBSD.org and announcing their intent to take it over. .Pp Without whiteout support from the file system backing the upper layer, there is no way that delete and rename operations on lower layer objects can be done. .Er EOPNOTSUPP is returned for this kind of operations as generated by VOP_WHITEOUT() along with any others which would make modifications to the lower layer, such as .Xr chmod 1 . .Pp Running .Xr find 1 over a union tree has the side-effect of creating a tree of shadow directories in the upper layer. .Pp The current implementation does not support copying extended attributes for .Xr acl 9 , .Xr mac 9 , or so on to the upper layer. Note that this may be a security issue. .Pp A shadow directory, which is one automatically created in the upper layer when it exists in the lower layer and does not exist in the upper layer, is always created with the superuser privilege. However, a file copied from the lower layer in the same way is created by the user who accessed it. Because of this, if the user is not the superuser, even in .Cm transparent mode the access mode bits in the copied file in the upper layer will not always be the same as ones in the lower layer. This behavior should be fixed. diff --git a/sbin/mount_unionfs/mount_unionfs.c b/sbin/mount_unionfs/mount_unionfs.c index 01c32f267923..ff5650efb02e 100644 --- a/sbin/mount_unionfs/mount_unionfs.c +++ b/sbin/mount_unionfs/mount_unionfs.c @@ -1,194 +1,191 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1992, 1993, 1994 * The Regents of the University of California. * Copyright (c) 2005, 2006 Masanori Ozawa , ONGS Inc. * Copyright (c) 2006 Daichi Goto * All rights reserved. * * This code is derived from software donated to Berkeley by * Jan-Simon Pendry. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #ifndef lint static const char copyright[] = "@(#) Copyright (c) 1992, 1993, 1994\n\ The Regents of the University of California. All rights reserved.\n"; #endif /* not lint */ #ifndef lint -#if 0 -static char sccsid[] = "@(#)mount_union.c 8.5 (Berkeley) 3/27/94"; -#endif #endif /* not lint */ #include #include #include #include #include #include #include #include #include #include #include #include #include "mntopts.h" static int subdir(const char *p, const char *dir) { int l; l = strlen(dir); if (l <= 1) return (1); if ((strncmp(p, dir, l) == 0) && (p[l] == '/' || p[l] == '\0')) return (1); return (0); } static void usage(void) { (void)fprintf(stderr, "usage: mount_unionfs [-o options] directory uniondir\n"); exit(EX_USAGE); } static void parse_gid(const char *s, char *buf, size_t bufsize) { struct group *gr; char *inval; if ((gr = getgrnam(s)) != NULL) snprintf(buf, bufsize, "%d", gr->gr_gid); else { strtol(s, &inval, 10); if (*inval != 0) { errx(EX_NOUSER, "unknown group id: %s", s); usage(); } else { strncpy(buf, s, bufsize); } } } static void parse_uid(const char *s, char *buf, size_t bufsize) { struct passwd *pw; char *inval; if ((pw = getpwnam(s)) != NULL) snprintf(buf, bufsize, "%d", pw->pw_uid); else { strtol(s, &inval, 10); if (*inval != 0) { errx(EX_NOUSER, "unknown user id: %s", s); usage(); } else { strncpy(buf, s, bufsize); } } } int main(int argc, char *argv[]) { struct iovec *iov; int ch, iovlen; char source [MAXPATHLEN], target[MAXPATHLEN], errmsg[255]; char uid_str[20], gid_str[20]; char fstype[] = "unionfs"; char *p, *val; iov = NULL; iovlen = 0; memset(errmsg, 0, sizeof(errmsg)); while ((ch = getopt(argc, argv, "bo:")) != -1) { switch (ch) { case 'b': printf("\n -b is deprecated. Use \"-o below\" instead\n"); build_iovec(&iov, &iovlen, "below", NULL, 0); break; case 'o': p = strchr(optarg, '='); val = NULL; if (p != NULL) { *p = '\0'; val = p + 1; if (strcmp(optarg, "gid") == 0) { parse_gid(val, gid_str, sizeof(gid_str)); val = gid_str; } else if (strcmp(optarg, "uid") == 0) { parse_uid(val, uid_str, sizeof(uid_str)); val = uid_str; } } build_iovec(&iov, &iovlen, optarg, val, (size_t)-1); break; case '?': default: usage(); /* NOTREACHED */ } } argc -= optind; argv += optind; if (argc != 2) usage(); /* resolve both target and source with realpath(3) */ if (checkpath(argv[0], target) != 0) err(EX_USAGE, "%s", target); if (checkpath(argv[1], source) != 0) err(EX_USAGE, "%s", source); if (subdir(target, source) || subdir(source, target)) errx(EX_USAGE, "%s (%s) and %s (%s) are not distinct paths", argv[0], target, argv[1], source); build_iovec(&iov, &iovlen, "fstype", fstype, (size_t)-1); build_iovec(&iov, &iovlen, "fspath", source, (size_t)-1); build_iovec(&iov, &iovlen, "from", target, (size_t)-1); build_iovec(&iov, &iovlen, "errmsg", errmsg, sizeof(errmsg)); if (nmount(iov, iovlen, 0)) err(EX_OSERR, "%s: %s", source, errmsg); exit(0); } diff --git a/sbin/newfs/Makefile b/sbin/newfs/Makefile index 50834666fba4..b8070d90257e 100644 --- a/sbin/newfs/Makefile +++ b/sbin/newfs/Makefile @@ -1,19 +1,18 @@ -# @(#)Makefile 8.2 (Berkeley) 3/27/94 .PATH: ${SRCTOP}/sys/geom PACKAGE= ufs PROG= newfs LIBADD= ufs util SRCS= newfs.c mkfs.c geom_bsd_enc.c WARNS?= 3 MAN= newfs.8 .include test: ${PROG} sh ${.CURDIR}/runtest01.sh sh ${.CURDIR}/runtest00.sh | tee _.test diff --ignore-matching-lines=FreeBSD _.test ${.CURDIR}/ref.test echo All Tests Passed diff --git a/sbin/newfs/mkfs.c b/sbin/newfs/mkfs.c index b0d178de984e..6b5263aef3f4 100644 --- a/sbin/newfs/mkfs.c +++ b/sbin/newfs/mkfs.c @@ -1,1236 +1,1233 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 2002 Networks Associates Technology, Inc. * All rights reserved. * * This software was developed for the FreeBSD Project by Marshall * Kirk McKusick and Network Associates Laboratories, the Security * Research Division of Network Associates, Inc. under DARPA/SPAWAR * contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA CHATS * research program. * * Copyright (c) 1980, 1989, 1993 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #if 0 -#ifndef lint -static char sccsid[] = "@(#)mkfs.c 8.11 (Berkeley) 5/3/95"; -#endif /* not lint */ #endif #include #define _WANT_P_OSREL #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include "newfs.h" /* * make file system for cylinder-group style file systems */ #define UMASK 0755 #define POWEROF2(num) (((num) & ((num) - 1)) == 0) /* * The definition of "struct cg" used to contain an extra field at the end * to represent the variable-length data that followed the fixed structure. * This had the effect of artificially limiting the number of blocks that * newfs would put in a CG, since newfs thought that the fixed-size header * was bigger than it really was. When we started validating that the CG * header data actually fit into one fs block, the placeholder field caused * a problem because it caused struct cg to be a different size depending on * platform. The placeholder field was later removed, but this caused a * backward compatibility problem with older binaries that still thought * struct cg was larger, and a new file system could fail validation if * viewed by the older binaries. To avoid this compatibility problem, we * now artificially reduce the amount of space that the variable-length data * can use such that new file systems will pass validation by older binaries. */ #define CGSIZEFUDGE 8 static struct csum *fscs; #define sblock disk.d_fs #define acg disk.d_cg union dinode { struct ufs1_dinode dp1; struct ufs2_dinode dp2; }; #define DIP(dp, field) \ ((sblock.fs_magic == FS_UFS1_MAGIC) ? \ (dp)->dp1.field : (dp)->dp2.field) static caddr_t iobuf; static long iobufsize; static ufs2_daddr_t alloc(int size, int mode); static int charsperline(void); static void clrblock(struct fs *, unsigned char *, int); static void fsinit(time_t); static int ilog2(int); static void initcg(int, time_t); static int isblock(struct fs *, unsigned char *, int); static void iput(union dinode *, ino_t); static int makedir(struct direct *, int); static void setblock(struct fs *, unsigned char *, int); static void wtfs(ufs2_daddr_t, int, char *); static u_int32_t newfs_random(void); void mkfs(struct partition *pp, char *fsys) { int fragsperinode, optimalfpg, origdensity, minfpg, lastminfpg; long i, j, csfrags; uint cg; time_t utime; quad_t sizepb; int width; ino_t maxinum; int minfragsperinode; /* minimum ratio of frags to inodes */ char tmpbuf[100]; /* XXX this will break in about 2,500 years */ struct fsrecovery *fsr; char *fsrbuf; union { struct fs fdummy; char cdummy[SBLOCKSIZE]; } dummy; #define fsdummy dummy.fdummy #define chdummy dummy.cdummy /* * Our blocks == sector size, and the version of UFS we are using is * specified by Oflag. */ disk.d_bsize = sectorsize; disk.d_ufs = Oflag; if (Rflag) utime = 1000000000; else time(&utime); if ((sblock.fs_si = malloc(sizeof(struct fs_summary_info))) == NULL) { printf("Superblock summary info allocation failed.\n"); exit(18); } sblock.fs_old_flags = FS_FLAGS_UPDATED; sblock.fs_flags = 0; if (Uflag) sblock.fs_flags |= FS_DOSOFTDEP; if (Lflag) strlcpy(sblock.fs_volname, volumelabel, MAXVOLLEN); if (Jflag) sblock.fs_flags |= FS_GJOURNAL; if (lflag) sblock.fs_flags |= FS_MULTILABEL; if (tflag) sblock.fs_flags |= FS_TRIM; /* * Validate the given file system size. * Verify that its last block can actually be accessed. * Convert to file system fragment sized units. */ if (fssize <= 0) { printf("preposterous size %jd\n", (intmax_t)fssize); exit(13); } wtfs(fssize - (realsectorsize / DEV_BSIZE), realsectorsize, (char *)&sblock); /* * collect and verify the file system density info */ sblock.fs_avgfilesize = avgfilesize; sblock.fs_avgfpdir = avgfilesperdir; if (sblock.fs_avgfilesize <= 0) printf("illegal expected average file size %d\n", sblock.fs_avgfilesize), exit(14); if (sblock.fs_avgfpdir <= 0) printf("illegal expected number of files per directory %d\n", sblock.fs_avgfpdir), exit(15); restart: /* * collect and verify the block and fragment sizes */ sblock.fs_bsize = bsize; sblock.fs_fsize = fsize; if (!POWEROF2(sblock.fs_bsize)) { printf("block size must be a power of 2, not %d\n", sblock.fs_bsize); exit(16); } if (!POWEROF2(sblock.fs_fsize)) { printf("fragment size must be a power of 2, not %d\n", sblock.fs_fsize); exit(17); } if (sblock.fs_fsize < sectorsize) { printf("increasing fragment size from %d to sector size (%d)\n", sblock.fs_fsize, sectorsize); sblock.fs_fsize = sectorsize; } if (sblock.fs_bsize > MAXBSIZE) { printf("decreasing block size from %d to maximum (%d)\n", sblock.fs_bsize, MAXBSIZE); sblock.fs_bsize = MAXBSIZE; } if (sblock.fs_bsize < MINBSIZE) { printf("increasing block size from %d to minimum (%d)\n", sblock.fs_bsize, MINBSIZE); sblock.fs_bsize = MINBSIZE; } if (sblock.fs_fsize > MAXBSIZE) { printf("decreasing fragment size from %d to maximum (%d)\n", sblock.fs_fsize, MAXBSIZE); sblock.fs_fsize = MAXBSIZE; } if (sblock.fs_bsize < sblock.fs_fsize) { printf("increasing block size from %d to fragment size (%d)\n", sblock.fs_bsize, sblock.fs_fsize); sblock.fs_bsize = sblock.fs_fsize; } if (sblock.fs_fsize * MAXFRAG < sblock.fs_bsize) { printf( "increasing fragment size from %d to block size / %d (%d)\n", sblock.fs_fsize, MAXFRAG, sblock.fs_bsize / MAXFRAG); sblock.fs_fsize = sblock.fs_bsize / MAXFRAG; } if (maxbsize == 0) maxbsize = bsize; if (maxbsize < bsize || !POWEROF2(maxbsize)) { sblock.fs_maxbsize = sblock.fs_bsize; printf("Extent size set to %d\n", sblock.fs_maxbsize); } else if (maxbsize > FS_MAXCONTIG * sblock.fs_bsize) { sblock.fs_maxbsize = FS_MAXCONTIG * sblock.fs_bsize; printf("Extent size reduced to %d\n", sblock.fs_maxbsize); } else { sblock.fs_maxbsize = maxbsize; } /* * Maxcontig sets the default for the maximum number of blocks * that may be allocated sequentially. With file system clustering * it is possible to allocate contiguous blocks up to the maximum * transfer size permitted by the controller or buffering. */ if (maxcontig == 0) maxcontig = MAX(1, MAXPHYS / bsize); sblock.fs_maxcontig = maxcontig; if (sblock.fs_maxcontig < sblock.fs_maxbsize / sblock.fs_bsize) { sblock.fs_maxcontig = sblock.fs_maxbsize / sblock.fs_bsize; printf("Maxcontig raised to %d\n", sblock.fs_maxbsize); } if (sblock.fs_maxcontig > 1) sblock.fs_contigsumsize = MIN(sblock.fs_maxcontig,FS_MAXCONTIG); sblock.fs_bmask = ~(sblock.fs_bsize - 1); sblock.fs_fmask = ~(sblock.fs_fsize - 1); sblock.fs_qbmask = ~sblock.fs_bmask; sblock.fs_qfmask = ~sblock.fs_fmask; sblock.fs_bshift = ilog2(sblock.fs_bsize); sblock.fs_fshift = ilog2(sblock.fs_fsize); sblock.fs_frag = numfrags(&sblock, sblock.fs_bsize); sblock.fs_fragshift = ilog2(sblock.fs_frag); if (sblock.fs_frag > MAXFRAG) { printf("fragment size %d is still too small (can't happen)\n", sblock.fs_bsize / MAXFRAG); exit(21); } sblock.fs_fsbtodb = ilog2(sblock.fs_fsize / sectorsize); sblock.fs_size = fssize = dbtofsb(&sblock, fssize); sblock.fs_providersize = dbtofsb(&sblock, mediasize / sectorsize); /* * Before the filesystem is finally initialized, mark it * as incompletely initialized. */ sblock.fs_magic = FS_BAD_MAGIC; if (Oflag == 1) { sblock.fs_sblockloc = SBLOCK_UFS1; sblock.fs_sblockactualloc = SBLOCK_UFS1; sblock.fs_nindir = sblock.fs_bsize / sizeof(ufs1_daddr_t); sblock.fs_inopb = sblock.fs_bsize / sizeof(struct ufs1_dinode); sblock.fs_maxsymlinklen = ((UFS_NDADDR + UFS_NIADDR) * sizeof(ufs1_daddr_t)); sblock.fs_old_inodefmt = FS_44INODEFMT; sblock.fs_old_cgoffset = 0; sblock.fs_old_cgmask = 0xffffffff; sblock.fs_old_size = sblock.fs_size; sblock.fs_old_rotdelay = 0; sblock.fs_old_rps = 60; sblock.fs_old_nspf = sblock.fs_fsize / sectorsize; sblock.fs_old_cpg = 1; sblock.fs_old_interleave = 1; sblock.fs_old_trackskew = 0; sblock.fs_old_cpc = 0; sblock.fs_old_postblformat = 1; sblock.fs_old_nrpos = 1; } else { sblock.fs_sblockloc = SBLOCK_UFS2; sblock.fs_sblockactualloc = SBLOCK_UFS2; sblock.fs_nindir = sblock.fs_bsize / sizeof(ufs2_daddr_t); sblock.fs_inopb = sblock.fs_bsize / sizeof(struct ufs2_dinode); sblock.fs_maxsymlinklen = ((UFS_NDADDR + UFS_NIADDR) * sizeof(ufs2_daddr_t)); } sblock.fs_sblkno = roundup(howmany(sblock.fs_sblockloc + SBLOCKSIZE, sblock.fs_fsize), sblock.fs_frag); sblock.fs_cblkno = sblock.fs_sblkno + roundup(howmany(SBLOCKSIZE, sblock.fs_fsize), sblock.fs_frag); sblock.fs_iblkno = sblock.fs_cblkno + sblock.fs_frag; sblock.fs_maxfilesize = sblock.fs_bsize * UFS_NDADDR - 1; for (sizepb = sblock.fs_bsize, i = 0; i < UFS_NIADDR; i++) { sizepb *= NINDIR(&sblock); sblock.fs_maxfilesize += sizepb; } /* * It's impossible to create a snapshot in case that fs_maxfilesize * is smaller than the fssize. */ if (sblock.fs_maxfilesize < (u_quad_t)fssize) { warnx("WARNING: You will be unable to create snapshots on this " "file system. Correct by using a larger blocksize."); } /* * Calculate the number of blocks to put into each cylinder group. * * This algorithm selects the number of blocks per cylinder * group. The first goal is to have at least enough data blocks * in each cylinder group to meet the density requirement. Once * this goal is achieved we try to expand to have at least * MINCYLGRPS cylinder groups. Once this goal is achieved, we * pack as many blocks into each cylinder group map as will fit. * * We start by calculating the smallest number of blocks that we * can put into each cylinder group. If this is too big, we reduce * the density until it fits. */ retry: maxinum = (((int64_t)(1)) << 32) - INOPB(&sblock); minfragsperinode = 1 + fssize / maxinum; if (density == 0) { density = MAX(NFPI, minfragsperinode) * fsize; } else if (density < minfragsperinode * fsize) { origdensity = density; density = minfragsperinode * fsize; fprintf(stderr, "density increased from %d to %d\n", origdensity, density); } origdensity = density; for (;;) { fragsperinode = MAX(numfrags(&sblock, density), 1); if (fragsperinode < minfragsperinode) { bsize <<= 1; fsize <<= 1; printf("Block size too small for a file system %s %d\n", "of this size. Increasing blocksize to", bsize); goto restart; } minfpg = fragsperinode * INOPB(&sblock); if (minfpg > sblock.fs_size) minfpg = sblock.fs_size; sblock.fs_ipg = INOPB(&sblock); sblock.fs_fpg = roundup(sblock.fs_iblkno + sblock.fs_ipg / INOPF(&sblock), sblock.fs_frag); if (sblock.fs_fpg < minfpg) sblock.fs_fpg = minfpg; sblock.fs_ipg = roundup(howmany(sblock.fs_fpg, fragsperinode), INOPB(&sblock)); sblock.fs_fpg = roundup(sblock.fs_iblkno + sblock.fs_ipg / INOPF(&sblock), sblock.fs_frag); if (sblock.fs_fpg < minfpg) sblock.fs_fpg = minfpg; sblock.fs_ipg = roundup(howmany(sblock.fs_fpg, fragsperinode), INOPB(&sblock)); if (CGSIZE(&sblock) < (unsigned long)sblock.fs_bsize - CGSIZEFUDGE) break; density -= sblock.fs_fsize; } if (density != origdensity) printf("density reduced from %d to %d\n", origdensity, density); /* * Start packing more blocks into the cylinder group until * it cannot grow any larger, the number of cylinder groups * drops below MINCYLGRPS, or we reach the size requested. * For UFS1 inodes per cylinder group are stored in an int16_t * so fs_ipg is limited to 2^15 - 1. */ for ( ; sblock.fs_fpg < maxblkspercg; sblock.fs_fpg += sblock.fs_frag) { sblock.fs_ipg = roundup(howmany(sblock.fs_fpg, fragsperinode), INOPB(&sblock)); if (Oflag > 1 || (Oflag == 1 && sblock.fs_ipg <= 0x7fff)) { if (sblock.fs_size / sblock.fs_fpg < MINCYLGRPS) break; if (CGSIZE(&sblock) < (unsigned long)sblock.fs_bsize - CGSIZEFUDGE) continue; if (CGSIZE(&sblock) == (unsigned long)sblock.fs_bsize - CGSIZEFUDGE) break; } sblock.fs_fpg -= sblock.fs_frag; sblock.fs_ipg = roundup(howmany(sblock.fs_fpg, fragsperinode), INOPB(&sblock)); break; } /* * Check to be sure that the last cylinder group has enough blocks * to be viable. If it is too small, reduce the number of blocks * per cylinder group which will have the effect of moving more * blocks into the last cylinder group. */ optimalfpg = sblock.fs_fpg; for (;;) { sblock.fs_ncg = howmany(sblock.fs_size, sblock.fs_fpg); lastminfpg = roundup(sblock.fs_iblkno + sblock.fs_ipg / INOPF(&sblock), sblock.fs_frag); if (sblock.fs_size < lastminfpg) { printf("Filesystem size %jd < minimum size of %d\n", (intmax_t)sblock.fs_size, lastminfpg); exit(28); } if (sblock.fs_size % sblock.fs_fpg >= lastminfpg || sblock.fs_size % sblock.fs_fpg == 0) break; sblock.fs_fpg -= sblock.fs_frag; sblock.fs_ipg = roundup(howmany(sblock.fs_fpg, fragsperinode), INOPB(&sblock)); } if (optimalfpg != sblock.fs_fpg) printf("Reduced frags per cylinder group from %d to %d %s\n", optimalfpg, sblock.fs_fpg, "to enlarge last cyl group"); sblock.fs_cgsize = fragroundup(&sblock, CGSIZE(&sblock)); sblock.fs_dblkno = sblock.fs_iblkno + sblock.fs_ipg / INOPF(&sblock); if (Oflag == 1) { sblock.fs_old_spc = sblock.fs_fpg * sblock.fs_old_nspf; sblock.fs_old_nsect = sblock.fs_old_spc; sblock.fs_old_npsect = sblock.fs_old_spc; sblock.fs_old_ncyl = sblock.fs_ncg; } /* * fill in remaining fields of the super block */ sblock.fs_csaddr = cgdmin(&sblock, 0); sblock.fs_cssize = fragroundup(&sblock, sblock.fs_ncg * sizeof(struct csum)); fscs = (struct csum *)calloc(1, sblock.fs_cssize); if (fscs == NULL) errx(31, "calloc failed"); sblock.fs_sbsize = fragroundup(&sblock, sizeof(struct fs)); if (sblock.fs_sbsize > SBLOCKSIZE) sblock.fs_sbsize = SBLOCKSIZE; if (sblock.fs_sbsize < realsectorsize) sblock.fs_sbsize = realsectorsize; sblock.fs_minfree = minfree; if (metaspace > 0 && metaspace < sblock.fs_fpg / 2) sblock.fs_metaspace = blknum(&sblock, metaspace); else if (metaspace != -1) /* reserve half of minfree for metadata blocks */ sblock.fs_metaspace = blknum(&sblock, (sblock.fs_fpg * minfree) / 200); if (maxbpg == 0) sblock.fs_maxbpg = MAXBLKPG(sblock.fs_bsize); else sblock.fs_maxbpg = maxbpg; sblock.fs_optim = opt; sblock.fs_cgrotor = 0; sblock.fs_pendingblocks = 0; sblock.fs_pendinginodes = 0; sblock.fs_fmod = 0; sblock.fs_ronly = 0; sblock.fs_state = 0; sblock.fs_clean = 1; sblock.fs_id[0] = (long)utime; sblock.fs_id[1] = newfs_random(); sblock.fs_fsmnt[0] = '\0'; csfrags = howmany(sblock.fs_cssize, sblock.fs_fsize); sblock.fs_dsize = sblock.fs_size - sblock.fs_sblkno - sblock.fs_ncg * (sblock.fs_dblkno - sblock.fs_sblkno); sblock.fs_cstotal.cs_nbfree = fragstoblks(&sblock, sblock.fs_dsize) - howmany(csfrags, sblock.fs_frag); sblock.fs_cstotal.cs_nffree = fragnum(&sblock, sblock.fs_size) + (fragnum(&sblock, csfrags) > 0 ? sblock.fs_frag - fragnum(&sblock, csfrags) : 0); sblock.fs_cstotal.cs_nifree = sblock.fs_ncg * sblock.fs_ipg - UFS_ROOTINO; sblock.fs_cstotal.cs_ndir = 0; sblock.fs_dsize -= csfrags; sblock.fs_time = utime; if (Oflag == 1) { sblock.fs_old_time = utime; sblock.fs_old_dsize = sblock.fs_dsize; sblock.fs_old_csaddr = sblock.fs_csaddr; sblock.fs_old_cstotal.cs_ndir = sblock.fs_cstotal.cs_ndir; sblock.fs_old_cstotal.cs_nbfree = sblock.fs_cstotal.cs_nbfree; sblock.fs_old_cstotal.cs_nifree = sblock.fs_cstotal.cs_nifree; sblock.fs_old_cstotal.cs_nffree = sblock.fs_cstotal.cs_nffree; } /* * Set flags for metadata that is being check-hashed. * * Metadata check hashes are not supported in the UFS version 1 * filesystem to keep it as small and simple as possible. */ if (Oflag > 1) { sblock.fs_flags |= FS_METACKHASH; if (getosreldate() >= P_OSREL_CK_CYLGRP) sblock.fs_metackhash |= CK_CYLGRP; if (getosreldate() >= P_OSREL_CK_SUPERBLOCK) sblock.fs_metackhash |= CK_SUPERBLOCK; if (getosreldate() >= P_OSREL_CK_INODE) sblock.fs_metackhash |= CK_INODE; } /* * Dump out summary information about file system. */ # define B2MBFACTOR (1 / (1024.0 * 1024.0)) printf("%s: %.1fMB (%jd sectors) block size %d, fragment size %d\n", fsys, (float)sblock.fs_size * sblock.fs_fsize * B2MBFACTOR, (intmax_t)fsbtodb(&sblock, sblock.fs_size), sblock.fs_bsize, sblock.fs_fsize); printf("\tusing %d cylinder groups of %.2fMB, %d blks, %d inodes.\n", sblock.fs_ncg, (float)sblock.fs_fpg * sblock.fs_fsize * B2MBFACTOR, sblock.fs_fpg / sblock.fs_frag, sblock.fs_ipg); if (sblock.fs_flags & FS_DOSOFTDEP) printf("\twith soft updates\n"); # undef B2MBFACTOR if (Eflag && !Nflag) { printf("Erasing sectors [%jd...%jd]\n", sblock.fs_sblockloc / disk.d_bsize, fsbtodb(&sblock, sblock.fs_size) - 1); berase(&disk, sblock.fs_sblockloc / disk.d_bsize, sblock.fs_size * sblock.fs_fsize - sblock.fs_sblockloc); } /* * Wipe out old UFS1 superblock(s) if necessary. */ if (!Nflag && Oflag != 1 && realsectorsize <= SBLOCK_UFS1) { i = bread(&disk, part_ofs + SBLOCK_UFS1 / disk.d_bsize, chdummy, SBLOCKSIZE); if (i == -1) err(1, "can't read old UFS1 superblock: %s", disk.d_error); if (fsdummy.fs_magic == FS_UFS1_MAGIC) { fsdummy.fs_magic = 0; bwrite(&disk, part_ofs + SBLOCK_UFS1 / disk.d_bsize, chdummy, SBLOCKSIZE); for (cg = 0; cg < fsdummy.fs_ncg; cg++) { if (fsbtodb(&fsdummy, cgsblock(&fsdummy, cg)) > fssize) break; bwrite(&disk, part_ofs + fsbtodb(&fsdummy, cgsblock(&fsdummy, cg)), chdummy, SBLOCKSIZE); } } } /* * Reference the summary information so it will also be written. */ sblock.fs_csp = fscs; if (!Nflag && sbwrite(&disk, 0) != 0) err(1, "sbwrite: %s", disk.d_error); if (Xflag == 1) { printf("** Exiting on Xflag 1\n"); exit(0); } if (Xflag == 2) printf("** Leaving BAD MAGIC on Xflag 2\n"); else sblock.fs_magic = (Oflag != 1) ? FS_UFS2_MAGIC : FS_UFS1_MAGIC; /* * Now build the cylinders group blocks and * then print out indices of cylinder groups. */ printf("super-block backups (for fsck_ffs -b #) at:\n"); i = 0; width = charsperline(); /* * Allocate space for two sets of inode blocks. */ iobufsize = 2 * sblock.fs_bsize; if ((iobuf = calloc(1, iobufsize)) == 0) { printf("Cannot allocate I/O buffer\n"); exit(38); } /* * Write out all the cylinder groups and backup superblocks. */ for (cg = 0; cg < sblock.fs_ncg; cg++) { if (!Nflag) initcg(cg, utime); j = snprintf(tmpbuf, sizeof(tmpbuf), " %jd%s", (intmax_t)fsbtodb(&sblock, cgsblock(&sblock, cg)), cg < (sblock.fs_ncg-1) ? "," : ""); if (j < 0) tmpbuf[j = 0] = '\0'; if (i + j >= width) { printf("\n"); i = 0; } i += j; printf("%s", tmpbuf); fflush(stdout); } printf("\n"); if (Nflag) exit(0); /* * Now construct the initial file system, * then write out the super-block. */ fsinit(utime); if (Oflag == 1) { sblock.fs_old_cstotal.cs_ndir = sblock.fs_cstotal.cs_ndir; sblock.fs_old_cstotal.cs_nbfree = sblock.fs_cstotal.cs_nbfree; sblock.fs_old_cstotal.cs_nifree = sblock.fs_cstotal.cs_nifree; sblock.fs_old_cstotal.cs_nffree = sblock.fs_cstotal.cs_nffree; } if (Xflag == 3) { printf("** Exiting on Xflag 3\n"); exit(0); } if (sbwrite(&disk, 0) != 0) err(1, "sbwrite: %s", disk.d_error); /* * For UFS1 filesystems with a blocksize of 64K, the first * alternate superblock resides at the location used for * the default UFS2 superblock. As there is a valid * superblock at this location, the boot code will use * it as its first choice. Thus we have to ensure that * all of its statistcs on usage are correct. */ if (Oflag == 1 && sblock.fs_bsize == 65536) wtfs(fsbtodb(&sblock, cgsblock(&sblock, 0)), sblock.fs_bsize, (char *)&sblock); /* * Read the last sector of the boot block, replace the last * 20 bytes with the recovery information, then write it back. * The recovery information only works for UFS2 filesystems. * For UFS1, zero out the area to ensure that an old UFS2 * recovery block is not accidentally found. */ if ((fsrbuf = malloc(realsectorsize)) == NULL || bread(&disk, part_ofs + (SBLOCK_UFS2 - realsectorsize) / disk.d_bsize, fsrbuf, realsectorsize) == -1) err(1, "can't read recovery area: %s", disk.d_error); fsr = (struct fsrecovery *)&fsrbuf[realsectorsize - sizeof *fsr]; if (sblock.fs_magic != FS_UFS2_MAGIC) { memset(fsr, 0, sizeof *fsr); } else { fsr->fsr_magic = sblock.fs_magic; fsr->fsr_fpg = sblock.fs_fpg; fsr->fsr_fsbtodb = sblock.fs_fsbtodb; fsr->fsr_sblkno = sblock.fs_sblkno; fsr->fsr_ncg = sblock.fs_ncg; } wtfs((SBLOCK_UFS2 - realsectorsize) / disk.d_bsize, realsectorsize, fsrbuf); free(fsrbuf); /* * Update information about this partition in pack * label, to that it may be updated on disk. */ if (pp != NULL) { pp->p_fstype = FS_BSDFFS; pp->p_fsize = sblock.fs_fsize; pp->p_frag = sblock.fs_frag; pp->p_cpg = sblock.fs_fpg; } /* * This should NOT happen. If it does complain loudly and * take evasive action. */ if ((int32_t)CGSIZE(&sblock) > sblock.fs_bsize) { printf("INTERNAL ERROR: ipg %d, fpg %d, contigsumsize %d, ", sblock.fs_ipg, sblock.fs_fpg, sblock.fs_contigsumsize); printf("old_cpg %d, size_cg %zu, CGSIZE %zu\n", sblock.fs_old_cpg, sizeof(struct cg), CGSIZE(&sblock)); printf("Please file a FreeBSD bug report and include this " "output\n"); maxblkspercg = fragstoblks(&sblock, sblock.fs_fpg) - 1; density = 0; goto retry; } } /* * Initialize a cylinder group. */ void initcg(int cylno, time_t utime) { long blkno, start; off_t savedactualloc; uint i, j, d, dlower, dupper; ufs2_daddr_t cbase, dmax; struct ufs1_dinode *dp1; struct ufs2_dinode *dp2; struct csum *cs; /* * Determine block bounds for cylinder group. * Allow space for super block summary information in first * cylinder group. */ cbase = cgbase(&sblock, cylno); dmax = cbase + sblock.fs_fpg; if (dmax > sblock.fs_size) dmax = sblock.fs_size; dlower = cgsblock(&sblock, cylno) - cbase; dupper = cgdmin(&sblock, cylno) - cbase; if (cylno == 0) dupper += howmany(sblock.fs_cssize, sblock.fs_fsize); cs = &fscs[cylno]; memset(&acg, 0, sblock.fs_cgsize); acg.cg_time = utime; acg.cg_magic = CG_MAGIC; acg.cg_cgx = cylno; acg.cg_niblk = sblock.fs_ipg; acg.cg_initediblk = MIN(sblock.fs_ipg, 2 * INOPB(&sblock)); acg.cg_ndblk = dmax - cbase; if (sblock.fs_contigsumsize > 0) acg.cg_nclusterblks = acg.cg_ndblk / sblock.fs_frag; start = sizeof(acg); if (Oflag == 2) { acg.cg_iusedoff = start; } else { acg.cg_old_ncyl = sblock.fs_old_cpg; acg.cg_old_time = acg.cg_time; acg.cg_time = 0; acg.cg_old_niblk = acg.cg_niblk; acg.cg_niblk = 0; acg.cg_initediblk = 0; acg.cg_old_btotoff = start; acg.cg_old_boff = acg.cg_old_btotoff + sblock.fs_old_cpg * sizeof(int32_t); acg.cg_iusedoff = acg.cg_old_boff + sblock.fs_old_cpg * sizeof(u_int16_t); } acg.cg_freeoff = acg.cg_iusedoff + howmany(sblock.fs_ipg, CHAR_BIT); acg.cg_nextfreeoff = acg.cg_freeoff + howmany(sblock.fs_fpg, CHAR_BIT); if (sblock.fs_contigsumsize > 0) { acg.cg_clustersumoff = roundup(acg.cg_nextfreeoff, sizeof(u_int32_t)); acg.cg_clustersumoff -= sizeof(u_int32_t); acg.cg_clusteroff = acg.cg_clustersumoff + (sblock.fs_contigsumsize + 1) * sizeof(u_int32_t); acg.cg_nextfreeoff = acg.cg_clusteroff + howmany(fragstoblks(&sblock, sblock.fs_fpg), CHAR_BIT); } if (acg.cg_nextfreeoff > (unsigned)sblock.fs_cgsize) { printf("Panic: cylinder group too big by %d bytes\n", acg.cg_nextfreeoff - (unsigned)sblock.fs_cgsize); exit(37); } acg.cg_cs.cs_nifree += sblock.fs_ipg; if (cylno == 0) for (i = 0; i < (long)UFS_ROOTINO; i++) { setbit(cg_inosused(&acg), i); acg.cg_cs.cs_nifree--; } if (cylno > 0) { /* * In cylno 0, beginning space is reserved * for boot and super blocks. */ for (d = 0; d < dlower; d += sblock.fs_frag) { blkno = d / sblock.fs_frag; setblock(&sblock, cg_blksfree(&acg), blkno); if (sblock.fs_contigsumsize > 0) setbit(cg_clustersfree(&acg), blkno); acg.cg_cs.cs_nbfree++; } } if ((i = dupper % sblock.fs_frag)) { acg.cg_frsum[sblock.fs_frag - i]++; for (d = dupper + sblock.fs_frag - i; dupper < d; dupper++) { setbit(cg_blksfree(&acg), dupper); acg.cg_cs.cs_nffree++; } } for (d = dupper; d + sblock.fs_frag <= acg.cg_ndblk; d += sblock.fs_frag) { blkno = d / sblock.fs_frag; setblock(&sblock, cg_blksfree(&acg), blkno); if (sblock.fs_contigsumsize > 0) setbit(cg_clustersfree(&acg), blkno); acg.cg_cs.cs_nbfree++; } if (d < acg.cg_ndblk) { acg.cg_frsum[acg.cg_ndblk - d]++; for (; d < acg.cg_ndblk; d++) { setbit(cg_blksfree(&acg), d); acg.cg_cs.cs_nffree++; } } if (sblock.fs_contigsumsize > 0) { int32_t *sump = cg_clustersum(&acg); u_char *mapp = cg_clustersfree(&acg); int map = *mapp++; int bit = 1; int run = 0; for (i = 0; i < acg.cg_nclusterblks; i++) { if ((map & bit) != 0) run++; else if (run != 0) { if (run > sblock.fs_contigsumsize) run = sblock.fs_contigsumsize; sump[run]++; run = 0; } if ((i & (CHAR_BIT - 1)) != CHAR_BIT - 1) bit <<= 1; else { map = *mapp++; bit = 1; } } if (run != 0) { if (run > sblock.fs_contigsumsize) run = sblock.fs_contigsumsize; sump[run]++; } } *cs = acg.cg_cs; /* * Write out the duplicate super block. Then write the cylinder * group map and two blocks worth of inodes in a single write. */ savedactualloc = sblock.fs_sblockactualloc; sblock.fs_sblockactualloc = dbtob(fsbtodb(&sblock, cgsblock(&sblock, cylno))); if (sbwrite(&disk, 0) != 0) err(1, "sbwrite: %s", disk.d_error); sblock.fs_sblockactualloc = savedactualloc; if (cgwrite(&disk) != 0) err(1, "initcg: cgwrite: %s", disk.d_error); start = 0; dp1 = (struct ufs1_dinode *)(&iobuf[start]); dp2 = (struct ufs2_dinode *)(&iobuf[start]); for (i = 0; i < acg.cg_initediblk; i++) { if (sblock.fs_magic == FS_UFS1_MAGIC) { dp1->di_gen = newfs_random(); dp1++; } else { dp2->di_gen = newfs_random(); dp2++; } } wtfs(fsbtodb(&sblock, cgimin(&sblock, cylno)), iobufsize, iobuf); /* * For the old file system, we have to initialize all the inodes. */ if (Oflag == 1) { for (i = 2 * sblock.fs_frag; i < sblock.fs_ipg / INOPF(&sblock); i += sblock.fs_frag) { dp1 = (struct ufs1_dinode *)(&iobuf[start]); for (j = 0; j < INOPB(&sblock); j++) { dp1->di_gen = newfs_random(); dp1++; } wtfs(fsbtodb(&sblock, cgimin(&sblock, cylno) + i), sblock.fs_bsize, &iobuf[start]); } } } /* * initialize the file system */ #define ROOTLINKCNT 3 static struct direct root_dir[] = { { UFS_ROOTINO, sizeof(struct direct), DT_DIR, 1, "." }, { UFS_ROOTINO, sizeof(struct direct), DT_DIR, 2, ".." }, { UFS_ROOTINO + 1, sizeof(struct direct), DT_DIR, 5, ".snap" }, }; #define SNAPLINKCNT 2 static struct direct snap_dir[] = { { UFS_ROOTINO + 1, sizeof(struct direct), DT_DIR, 1, "." }, { UFS_ROOTINO, sizeof(struct direct), DT_DIR, 2, ".." }, }; void fsinit(time_t utime) { union dinode node; struct group *grp; gid_t gid; int entries; memset(&node, 0, sizeof node); if ((grp = getgrnam("operator")) != NULL) { gid = grp->gr_gid; } else { warnx("Cannot retrieve operator gid, using gid 0."); gid = 0; } entries = (nflag) ? ROOTLINKCNT - 1: ROOTLINKCNT; if (sblock.fs_magic == FS_UFS1_MAGIC) { /* * initialize the node */ node.dp1.di_atime = utime; node.dp1.di_mtime = utime; node.dp1.di_ctime = utime; /* * create the root directory */ node.dp1.di_mode = IFDIR | UMASK; node.dp1.di_nlink = entries; node.dp1.di_size = makedir(root_dir, entries); node.dp1.di_db[0] = alloc(sblock.fs_fsize, node.dp1.di_mode); node.dp1.di_blocks = btodb(fragroundup(&sblock, node.dp1.di_size)); wtfs(fsbtodb(&sblock, node.dp1.di_db[0]), sblock.fs_fsize, iobuf); iput(&node, UFS_ROOTINO); if (!nflag) { /* * create the .snap directory */ node.dp1.di_mode |= 020; node.dp1.di_gid = gid; node.dp1.di_nlink = SNAPLINKCNT; node.dp1.di_size = makedir(snap_dir, SNAPLINKCNT); node.dp1.di_db[0] = alloc(sblock.fs_fsize, node.dp1.di_mode); node.dp1.di_blocks = btodb(fragroundup(&sblock, node.dp1.di_size)); node.dp1.di_dirdepth = 1; wtfs(fsbtodb(&sblock, node.dp1.di_db[0]), sblock.fs_fsize, iobuf); iput(&node, UFS_ROOTINO + 1); } } else { /* * initialize the node */ node.dp2.di_atime = utime; node.dp2.di_mtime = utime; node.dp2.di_ctime = utime; node.dp2.di_birthtime = utime; /* * create the root directory */ node.dp2.di_mode = IFDIR | UMASK; node.dp2.di_nlink = entries; node.dp2.di_size = makedir(root_dir, entries); node.dp2.di_db[0] = alloc(sblock.fs_fsize, node.dp2.di_mode); node.dp2.di_blocks = btodb(fragroundup(&sblock, node.dp2.di_size)); wtfs(fsbtodb(&sblock, node.dp2.di_db[0]), sblock.fs_fsize, iobuf); iput(&node, UFS_ROOTINO); if (!nflag) { /* * create the .snap directory */ node.dp2.di_mode |= 020; node.dp2.di_gid = gid; node.dp2.di_nlink = SNAPLINKCNT; node.dp2.di_size = makedir(snap_dir, SNAPLINKCNT); node.dp2.di_db[0] = alloc(sblock.fs_fsize, node.dp2.di_mode); node.dp2.di_blocks = btodb(fragroundup(&sblock, node.dp2.di_size)); node.dp2.di_dirdepth = 1; wtfs(fsbtodb(&sblock, node.dp2.di_db[0]), sblock.fs_fsize, iobuf); iput(&node, UFS_ROOTINO + 1); } } } /* * construct a set of directory entries in "iobuf". * return size of directory. */ int makedir(struct direct *protodir, int entries) { char *cp; int i, spcleft; spcleft = DIRBLKSIZ; memset(iobuf, 0, DIRBLKSIZ); for (cp = iobuf, i = 0; i < entries - 1; i++) { protodir[i].d_reclen = DIRSIZ(0, &protodir[i]); memmove(cp, &protodir[i], protodir[i].d_reclen); cp += protodir[i].d_reclen; spcleft -= protodir[i].d_reclen; } protodir[i].d_reclen = spcleft; memmove(cp, &protodir[i], DIRSIZ(0, &protodir[i])); return (DIRBLKSIZ); } /* * allocate a block or frag */ ufs2_daddr_t alloc(int size, int mode) { int i, blkno, frag; uint d; bread(&disk, part_ofs + fsbtodb(&sblock, cgtod(&sblock, 0)), (char *)&acg, sblock.fs_cgsize); if (acg.cg_magic != CG_MAGIC) { printf("cg 0: bad magic number\n"); exit(38); } if (acg.cg_cs.cs_nbfree == 0) { printf("first cylinder group ran out of space\n"); exit(39); } for (d = 0; d < acg.cg_ndblk; d += sblock.fs_frag) if (isblock(&sblock, cg_blksfree(&acg), d / sblock.fs_frag)) goto goth; printf("internal error: can't find block in cyl 0\n"); exit(40); goth: blkno = fragstoblks(&sblock, d); clrblock(&sblock, cg_blksfree(&acg), blkno); if (sblock.fs_contigsumsize > 0) clrbit(cg_clustersfree(&acg), blkno); acg.cg_cs.cs_nbfree--; sblock.fs_cstotal.cs_nbfree--; fscs[0].cs_nbfree--; if (mode & IFDIR) { acg.cg_cs.cs_ndir++; sblock.fs_cstotal.cs_ndir++; fscs[0].cs_ndir++; } if (size != sblock.fs_bsize) { frag = howmany(size, sblock.fs_fsize); fscs[0].cs_nffree += sblock.fs_frag - frag; sblock.fs_cstotal.cs_nffree += sblock.fs_frag - frag; acg.cg_cs.cs_nffree += sblock.fs_frag - frag; acg.cg_frsum[sblock.fs_frag - frag]++; for (i = frag; i < sblock.fs_frag; i++) setbit(cg_blksfree(&acg), d + i); } if (cgwrite(&disk) != 0) err(1, "alloc: cgwrite: %s", disk.d_error); return ((ufs2_daddr_t)d); } /* * Allocate an inode on the disk */ void iput(union dinode *ip, ino_t ino) { union dinodep dp; bread(&disk, part_ofs + fsbtodb(&sblock, cgtod(&sblock, 0)), (char *)&acg, sblock.fs_cgsize); if (acg.cg_magic != CG_MAGIC) { printf("cg 0: bad magic number\n"); exit(31); } acg.cg_cs.cs_nifree--; setbit(cg_inosused(&acg), ino); if (cgwrite(&disk) != 0) err(1, "iput: cgwrite: %s", disk.d_error); sblock.fs_cstotal.cs_nifree--; fscs[0].cs_nifree--; if (getinode(&disk, &dp, ino) == -1) { printf("iput: %s\n", disk.d_error); exit(32); } if (sblock.fs_magic == FS_UFS1_MAGIC) *dp.dp1 = ip->dp1; else *dp.dp2 = ip->dp2; putinode(&disk); } /* * possibly write to disk */ static void wtfs(ufs2_daddr_t bno, int size, char *bf) { if (Nflag) return; if (bwrite(&disk, part_ofs + bno, bf, size) < 0) err(36, "wtfs: %d bytes at sector %jd", size, (intmax_t)bno); } /* * check if a block is available */ static int isblock(struct fs *fs, unsigned char *cp, int h) { unsigned char mask; switch (fs->fs_frag) { case 8: return (cp[h] == 0xff); case 4: mask = 0x0f << ((h & 0x1) << 2); return ((cp[h >> 1] & mask) == mask); case 2: mask = 0x03 << ((h & 0x3) << 1); return ((cp[h >> 2] & mask) == mask); case 1: mask = 0x01 << (h & 0x7); return ((cp[h >> 3] & mask) == mask); default: fprintf(stderr, "isblock bad fs_frag %d\n", fs->fs_frag); return (0); } } /* * take a block out of the map */ static void clrblock(struct fs *fs, unsigned char *cp, int h) { switch ((fs)->fs_frag) { case 8: cp[h] = 0; return; case 4: cp[h >> 1] &= ~(0x0f << ((h & 0x1) << 2)); return; case 2: cp[h >> 2] &= ~(0x03 << ((h & 0x3) << 1)); return; case 1: cp[h >> 3] &= ~(0x01 << (h & 0x7)); return; default: fprintf(stderr, "clrblock bad fs_frag %d\n", fs->fs_frag); return; } } /* * put a block into the map */ static void setblock(struct fs *fs, unsigned char *cp, int h) { switch (fs->fs_frag) { case 8: cp[h] = 0xff; return; case 4: cp[h >> 1] |= (0x0f << ((h & 0x1) << 2)); return; case 2: cp[h >> 2] |= (0x03 << ((h & 0x3) << 1)); return; case 1: cp[h >> 3] |= (0x01 << (h & 0x7)); return; default: fprintf(stderr, "setblock bad fs_frag %d\n", fs->fs_frag); return; } } /* * Determine the number of characters in a * single line. */ static int charsperline(void) { int columns; char *cp; struct winsize ws; columns = 0; if (ioctl(0, TIOCGWINSZ, &ws) != -1) columns = ws.ws_col; if (columns == 0 && (cp = getenv("COLUMNS"))) columns = atoi(cp); if (columns == 0) columns = 80; /* last resort */ return (columns); } static int ilog2(int val) { u_int n; for (n = 0; n < sizeof(n) * CHAR_BIT; n++) if (1 << n == val) return (n); errx(1, "ilog2: %d is not a power of 2\n", val); } /* * For the regression test, return predictable random values. * Otherwise use a true random number generator. */ static u_int32_t newfs_random(void) { static u_int32_t nextnum = 1; if (Rflag) return (nextnum++); return (arc4random()); } diff --git a/sbin/newfs/newfs.8 b/sbin/newfs/newfs.8 index e1496af814ca..05d2413a44e4 100644 --- a/sbin/newfs/newfs.8 +++ b/sbin/newfs/newfs.8 @@ -1,383 +1,381 @@ .\" Copyright (c) 1983, 1987, 1991, 1993, 1994 .\" The Regents of the University of California. All rights reserved. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: .\" 1. Redistributions of source code must retain the above copyright .\" notice, this list of conditions and the following disclaimer. .\" 2. Redistributions in binary form must reproduce the above copyright .\" notice, this list of conditions and the following disclaimer in the .\" documentation and/or other materials provided with the distribution. .\" 3. Neither the name of the University nor the names of its contributors .\" may be used to endorse or promote products derived from this software .\" without specific prior written permission. .\" .\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE .\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" @(#)newfs.8 8.6 (Berkeley) 5/3/95 -.\" .Dd October 21, 2022 .Dt NEWFS 8 .Os .Sh NAME .Nm newfs .Nd construct a new UFS1/UFS2 file system .Sh SYNOPSIS .Nm .Op Fl EJNUjlnt .Op Fl L Ar volname .Op Fl O Ar filesystem-type .Op Fl S Ar sector-size .Op Fl T Ar disktype .Op Fl a Ar maxcontig .Op Fl b Ar block-size .Op Fl c Ar blocks-per-cylinder-group .Op Fl d Ar max-extent-size .Op Fl e Ar maxbpg .Op Fl f Ar frag-size .Op Fl g Ar avgfilesize .Op Fl h Ar avgfpdir .Op Fl i Ar bytes .Op Fl k Ar held-for-metadata-blocks .Op Fl m Ar free-space .Op Fl o Ar optimization .Op Fl p Ar partition .Op Fl r Ar reserved .Op Fl s Ar size .Ar special .Sh DESCRIPTION The .Nm utility is used to initialize and clear file systems before first use. The .Nm utility builds a file system on the specified special file. (We often refer to the .Dq special file as the .Dq disk , although the special file need not be a physical disk. In fact, it need not even be special.) Typically the defaults are reasonable, however .Nm has numerous options to allow the defaults to be selectively overridden. .Pp The following options define the general layout policies: .Bl -tag -width indent .It Fl E Erase the content of the disk before making the filesystem. The reserved area in front of the superblock (for bootcode) will not be erased. Erasing is only relevant to flash-memory or thinly provisioned devices. Erasing may take a long time. If the device does not support BIO_DELETE, the command will fail. .It Fl J Enable journaling on the new file system via gjournal. See .Xr gjournal 8 for details. .It Fl L Ar volname Add a volume label to the new file system. Legal characters are alphanumerics, dashes, and underscores. .It Fl N Cause the file system parameters to be printed out without really creating the file system. .It Fl O Ar filesystem-type Use 1 to specify that a UFS1 format file system be built; use 2 to specify that a UFS2 format file system be built. The default format is UFS2. .It Fl T Ar disktype For backward compatibility. .It Fl U Enable soft updates on the new file system. .It Fl a Ar maxcontig Specify the maximum number of contiguous blocks that will be laid out before forcing a rotational delay. The default value is 16. See .Xr tunefs 8 for more details on how to set this option. .It Fl b Ar block-size The block size of the file system, in bytes. It must be a power of 2. .\" If changing the default block size and it causes the default .\" fragment size to change, be sure to update the location of .\" the first backup superblock on the fsck_ffs.8 manual page. The default size is 32768 bytes, and the smallest allowable size is 4096 bytes. The optimal block:fragment ratio is 8:1. Other ratios are possible, but are not recommended, and may produce poor results. .It Fl c Ar blocks-per-cylinder-group The number of blocks per cylinder group in a file system. The default is to compute the maximum allowed by the other parameters. This value is dependent on a number of other parameters, in particular the block size and the number of bytes per inode. .It Fl d Ar max-extent-size The file system may choose to store large files using extents. This parameter specifies the largest extent size that may be used. The default value is the file system blocksize. It is presently limited to a maximum value of 16 times the file system blocksize and a minimum value of the file system blocksize. .It Fl e Ar maxbpg Indicate the maximum number of blocks any single file can allocate out of a cylinder group before it is forced to begin allocating blocks from another cylinder group. The default is about one quarter of the total blocks in a cylinder group. See .Xr tunefs 8 for more details on how to set this option. .It Fl f Ar frag-size The fragment size of the file system in bytes. It must be a power of two ranging in value between .Ar blocksize Ns /8 and .Ar blocksize . .\" If changing the default fragment size or it changes because of a .\" change to the default block size, be sure to update the location .\" of the first backup superblock on the fsck_ffs.8 manual page. The default is 4096 bytes. .It Fl g Ar avgfilesize The expected average file size for the file system. .It Fl h Ar avgfpdir The expected average number of files per directory on the file system. .It Fl i Ar bytes Specify the density of inodes in the file system. The default is to create an inode for every .Pq 2 * Ar frag-size bytes of data space. If fewer inodes are desired, a larger number should be used; to create more inodes a smaller number should be given. One inode is required for each distinct file, so this value effectively specifies the average file size on the file system. .It Fl j Enable soft updates journaling on the new file system. This flag is implemented by running the .Xr tunefs 8 utility found in the user's .Dv $PATH . .Pp Enabling journaling reduces the time spent by .Xr fsck_ffs 8 cleaning up a filesystem after a crash to a few seconds from minutes to hours. Without journaling, the time to recover after a crash is a function of the number of files in the filesystem and the size of the filesystem. With journaling, the time to recover after a crash is a function of the amount of activity in the filesystem in the minute before the crash. Journaled recovery time is usually only a few seconds and never exceeds a minute. .Pp The drawback to using journaling is that the writes to its log adds an extra write load to the media containing the filesystem. Thus a write-intensive workload will have reduced throughput on a filesystem running with journaling. .Pp Like all journaling filesystems, the journal recovery will only fix issues known to the journal. Specifically if a media error occurs, the journal will not know about it and hence will not fix it. Thus when using journaling, it is still necessary to run a full fsck every few months or after a filesystem panic to check for and fix any errors brought on by media failure. A full fsck can be done by running a background fsck on a live filesystem or by running with the .Fl f flag on an unmounted filesystem. When running .Xr fsck_ffs 8 in background on a live filesystem the filesystem performance will be about half of normal during the time that the background .Xr fsck_ffs 8 is running. Running a full fsck on a UFS filesystem is the equivalent of running a scrub on a ZFS filesystem. .It Fl k Ar held-for-metadata-blocks Set the amount of space to be held for metadata blocks in each cylinder group. When set, the file system preference routines will try to save the specified amount of space immediately following the inode blocks in each cylinder group for use by metadata blocks. Clustering the metadata blocks speeds up random file access and decreases the running time of .Xr fsck 8 . By default .Nm sets it to half of the space reserved to minfree. .It Fl l Enable multilabel MAC on the new file system. .It Fl m Ar free-space The percentage of space reserved from normal users; the minimum free space threshold. The default value used is defined by .Dv MINFREE from .In ufs/ffs/fs.h , currently 8%. See .Xr tunefs 8 for more details on how to set this option. .It Fl n Do not create a .Pa .snap directory on the new file system. The resulting file system will not support snapshot generation, so .Xr dump 8 in live mode and background .Xr fsck 8 will not function properly. The traditional .Xr fsck 8 and offline .Xr dump 8 will work on the file system. This option is intended primarily for memory or vnode-backed file systems that do not require .Xr dump 8 or .Xr fsck 8 support. .It Fl o Ar optimization .Cm ( space or .Cm time ) . The file system can either be instructed to try to minimize the time spent allocating blocks, or to try to minimize the space fragmentation on the disk. If the value of minfree (see above) is less than 8%, the default is to optimize for .Cm space ; if the value of minfree is greater than or equal to 8%, the default is to optimize for .Cm time . See .Xr tunefs 8 for more details on how to set this option. .It Fl p Ar partition The partition name (a..h) you want to use in case the underlying image is a file, so you do not have access to individual partitions through the filesystem. Can also be used with a device, e.g., .Nm .Fl p Ar f .Ar /dev/da1s3 is equivalent to .Nm .Ar /dev/da1s3f . .It Fl r Ar reserved The size, in sectors, of reserved space at the end of the partition specified in .Ar special . This space will not be occupied by the file system; it can be used by other consumers such as .Xr geom 4 . Defaults to 0. .It Fl s Ar size The size of the file system in sectors. This value defaults to the size of the raw partition specified in .Ar special less the .Ar reserved space at its end (see .Fl r ) . A .Ar size of 0 can also be used to choose the default value. A valid .Ar size value cannot be larger than the default one, which means that the file system cannot extend into the reserved space. .It Fl t Turn on the TRIM enable flag. If enabled, and if the underlying device supports the BIO_DELETE command, the file system will send a delete request to the underlying device for each freed block. The trim enable flag is typically set for flash-memory devices to reduce write amplification which reduces wear on write-limited flash-memory and often improves long-term performance. Thinly provisioned storage also benefits by returning unused blocks to the global pool. .El .Pp The following options override the standard sizes for the disk geometry. Their default values are taken from the disk label. Changing these defaults is useful only when using .Nm to build a file system whose raw image will eventually be used on a different type of disk than the one on which it is initially created (for example on a write-once disk). Note that changing any of these values from their defaults will make it impossible for .Xr fsck 8 to find the alternate superblocks if the standard superblock is lost. .Bl -tag -width indent .It Fl S Ar sector-size The size of a sector in bytes (almost never anything but 512). .El .Sh NOTES ON THE NAMING .Dq newfs is a common name prefix for utilities creating filesystems, with the suffix indicating the type of the filesystem, for instance .Xr newfs_msdos 8 . The .Nm utility is a special case which predates that convention. .Sh EXAMPLES .Dl newfs /dev/ada3s1a .Pp Creates a new ufs file system on .Pa ada3s1a . The .Nm utility will use a block size of 32768 bytes, a fragment size of 4096 bytes and the largest possible number of blocks per cylinders group. These values tend to produce better performance for most applications than the historical defaults (8192 byte block size and 1024 byte fragment size). This large fragment size may lead to much wasted space on file systems that contain many small files. .Sh SEE ALSO .Xr fdformat 8 , .Xr geom 4 , .Xr disktab 5 , .Xr fs 5 , .Xr camcontrol 8 , .Xr dump 8 , .Xr dumpfs 8 , .Xr fsck 8 , .Xr gjournal 8 , .Xr gpart 8 , .Xr growfs 8 , .Xr gvinum 8 , .Xr makefs 8 , .Xr mount 8 , .Xr newfs_msdos 8 , .Xr tunefs 8 .Rs .%A M. McKusick .%A W. Joy .%A S. Leffler .%A R. Fabry .%T A Fast File System for UNIX .%J ACM Transactions on Computer Systems 2 .%V 3 .%P pp 181-197 .%D August 1984 .%O (reprinted in the BSD System Manager's Manual) .Re .Sh HISTORY The .Nm utility appeared in .Bx 4.2 . diff --git a/sbin/newfs/newfs.c b/sbin/newfs/newfs.c index afb71f9f25b4..820874b5570a 100644 --- a/sbin/newfs/newfs.c +++ b/sbin/newfs/newfs.c @@ -1,514 +1,511 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 2002 Networks Associates Technology, Inc. * All rights reserved. * * This software was developed for the FreeBSD Project by Marshall * Kirk McKusick and Network Associates Laboratories, the Security * Research Division of Network Associates, Inc. under DARPA/SPAWAR * contract N66001-01-C-8035 ("CBOSS"), as part of the DARPA CHATS * research program. * * Copyright (c) 1983, 1989, 1993, 1994 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #if 0 #ifndef lint static const char copyright[] = "@(#) Copyright (c) 1983, 1989, 1993, 1994\n\ The Regents of the University of California. All rights reserved.\n"; #endif /* not lint */ -#ifndef lint -static char sccsid[] = "@(#)newfs.c 8.13 (Berkeley) 5/1/95"; -#endif /* not lint */ #endif #include /* * newfs: friendly front end to mkfs */ #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include "newfs.h" int Eflag; /* Erase previous disk contents */ int Lflag; /* add a volume label */ int Nflag; /* run without writing file system */ int Oflag = 2; /* file system format (1 => UFS1, 2 => UFS2) */ int Rflag; /* regression test */ int Uflag; /* enable soft updates for file system */ int jflag; /* enable soft updates journaling for filesys */ int Xflag = 0; /* exit in middle of newfs for testing */ int Jflag; /* enable gjournal for file system */ int lflag; /* enable multilabel for file system */ int nflag; /* do not create .snap directory */ int tflag; /* enable TRIM */ intmax_t fssize; /* file system size */ off_t mediasize; /* device size */ int sectorsize; /* bytes/sector */ int realsectorsize; /* bytes/sector in hardware */ int fsize = 0; /* fragment size */ int bsize = 0; /* block size */ int maxbsize = 0; /* maximum clustering */ int maxblkspercg = MAXBLKSPERCG; /* maximum blocks per cylinder group */ int minfree = MINFREE; /* free space threshold */ int metaspace; /* space held for metadata blocks */ int opt = DEFAULTOPT; /* optimization preference (space or time) */ int density; /* number of bytes per inode */ int maxcontig = 0; /* max contiguous blocks to allocate */ int maxbpg; /* maximum blocks per file in a cyl group */ int avgfilesize = AVFILESIZ;/* expected average file size */ int avgfilesperdir = AFPDIR;/* expected number of files per directory */ u_char *volumelabel = NULL; /* volume label for filesystem */ struct uufsd disk; /* libufs disk structure */ static char device[MAXPATHLEN]; static u_char bootarea[BBSIZE]; static int is_file; /* work on a file, not a device */ static char *dkname; static char *disktype; static void getfssize(intmax_t *, const char *p, intmax_t, intmax_t); static struct disklabel *getdisklabel(void); static void usage(void) __dead2; static int expand_number_int(const char *buf, int *num); ufs2_daddr_t part_ofs; /* partition offset in blocks, used with files */ int main(int argc, char *argv[]) { struct partition *pp; struct disklabel *lp; struct stat st; char *cp, *special; intmax_t reserved; int ch, rval; size_t i; char part_name; /* partition name, default to full disk */ part_name = 'c'; reserved = 0; while ((ch = getopt(argc, argv, "EJL:NO:RS:T:UXa:b:c:d:e:f:g:h:i:jk:lm:no:p:r:s:t")) != -1) switch (ch) { case 'E': Eflag = 1; break; case 'J': Jflag = 1; break; case 'L': volumelabel = optarg; for (i = 0; isalnum(volumelabel[i]) || volumelabel[i] == '_' || volumelabel[i] == '-'; i++) continue; if (volumelabel[i] != '\0') { errx(1, "bad volume label. Valid characters " "are alphanumerics, dashes, and underscores."); } if (strlen(volumelabel) >= MAXVOLLEN) { errx(1, "bad volume label. Length is longer than %d.", MAXVOLLEN); } Lflag = 1; break; case 'N': Nflag = 1; break; case 'O': if ((Oflag = atoi(optarg)) < 1 || Oflag > 2) errx(1, "%s: bad file system format value", optarg); break; case 'R': Rflag = 1; break; case 'S': rval = expand_number_int(optarg, §orsize); if (rval < 0 || sectorsize <= 0) errx(1, "%s: bad sector size", optarg); break; case 'T': disktype = optarg; break; case 'j': jflag = 1; /* fall through to enable soft updates */ /* FALLTHROUGH */ case 'U': Uflag = 1; break; case 'X': Xflag++; break; case 'a': rval = expand_number_int(optarg, &maxcontig); if (rval < 0 || maxcontig <= 0) errx(1, "%s: bad maximum contiguous blocks", optarg); break; case 'b': rval = expand_number_int(optarg, &bsize); if (rval < 0) errx(1, "%s: bad block size", optarg); if (bsize < MINBSIZE) errx(1, "%s: block size too small, min is %d", optarg, MINBSIZE); if (bsize > MAXBSIZE) errx(1, "%s: block size too large, max is %d", optarg, MAXBSIZE); break; case 'c': rval = expand_number_int(optarg, &maxblkspercg); if (rval < 0 || maxblkspercg <= 0) errx(1, "%s: bad blocks per cylinder group", optarg); break; case 'd': rval = expand_number_int(optarg, &maxbsize); if (rval < 0 || maxbsize < MINBSIZE) errx(1, "%s: bad extent block size", optarg); break; case 'e': rval = expand_number_int(optarg, &maxbpg); if (rval < 0 || maxbpg <= 0) errx(1, "%s: bad blocks per file in a cylinder group", optarg); break; case 'f': rval = expand_number_int(optarg, &fsize); if (rval < 0 || fsize <= 0) errx(1, "%s: bad fragment size", optarg); break; case 'g': rval = expand_number_int(optarg, &avgfilesize); if (rval < 0 || avgfilesize <= 0) errx(1, "%s: bad average file size", optarg); break; case 'h': rval = expand_number_int(optarg, &avgfilesperdir); if (rval < 0 || avgfilesperdir <= 0) errx(1, "%s: bad average files per dir", optarg); break; case 'i': rval = expand_number_int(optarg, &density); if (rval < 0 || density <= 0) errx(1, "%s: bad bytes per inode", optarg); break; case 'l': lflag = 1; break; case 'k': if ((metaspace = atoi(optarg)) < 0) errx(1, "%s: bad metadata space %%", optarg); if (metaspace == 0) /* force to stay zero in mkfs */ metaspace = -1; break; case 'm': if ((minfree = atoi(optarg)) < 0 || minfree > 99) errx(1, "%s: bad free space %%", optarg); break; case 'n': nflag = 1; break; case 'o': if (strcmp(optarg, "space") == 0) opt = FS_OPTSPACE; else if (strcmp(optarg, "time") == 0) opt = FS_OPTTIME; else errx(1, "%s: unknown optimization preference: use `space' or `time'", optarg); break; case 'r': errno = 0; reserved = strtoimax(optarg, &cp, 0); if (errno != 0 || cp == optarg || *cp != '\0' || reserved < 0) errx(1, "%s: bad reserved size", optarg); break; case 'p': is_file = 1; part_name = optarg[0]; break; case 's': errno = 0; fssize = strtoimax(optarg, &cp, 0); if (errno != 0 || cp == optarg || *cp != '\0' || fssize < 0) errx(1, "%s: bad file system size", optarg); break; case 't': tflag = 1; break; case '?': default: usage(); } argc -= optind; argv += optind; if (argc != 1) usage(); special = argv[0]; if (!special[0]) err(1, "empty file/special name"); cp = strrchr(special, '/'); if (cp == NULL) { /* * No path prefix; try prefixing _PATH_DEV. */ snprintf(device, sizeof(device), "%s%s", _PATH_DEV, special); special = device; } if (is_file) { /* bypass ufs_disk_fillout_blank */ bzero( &disk, sizeof(disk)); disk.d_bsize = 1; disk.d_name = special; disk.d_fd = open(special, O_RDONLY); if (disk.d_fd < 0 || (!Nflag && ufs_disk_write(&disk) == -1)) errx(1, "%s: ", special); } else if (ufs_disk_fillout_blank(&disk, special) == -1 || (!Nflag && ufs_disk_write(&disk) == -1)) { if (disk.d_error != NULL) errx(1, "%s: %s", special, disk.d_error); else err(1, "%s", special); } if (fstat(disk.d_fd, &st) < 0) err(1, "%s", special); if ((st.st_mode & S_IFMT) != S_IFCHR) { warn("%s: not a character-special device", special); is_file = 1; /* assume it is a file */ dkname = special; if (sectorsize == 0) sectorsize = 512; mediasize = st.st_size; /* set fssize from the partition */ } else { if (sectorsize == 0) if (ioctl(disk.d_fd, DIOCGSECTORSIZE, §orsize) == -1) sectorsize = 0; /* back out on error for safety */ if (sectorsize && ioctl(disk.d_fd, DIOCGMEDIASIZE, &mediasize) != -1) getfssize(&fssize, special, mediasize / sectorsize, reserved); } pp = NULL; lp = getdisklabel(); if (lp != NULL) { if (!is_file) /* already set for files */ part_name = special[strlen(special) - 1]; if ((part_name < 'a' || part_name - 'a' >= MAXPARTITIONS) && !isdigit(part_name)) errx(1, "%s: can't figure out file system partition", special); cp = &part_name; if (isdigit(*cp)) pp = &lp->d_partitions[RAW_PART]; else pp = &lp->d_partitions[*cp - 'a']; if (pp->p_size == 0) errx(1, "%s: `%c' partition is unavailable", special, *cp); if (pp->p_fstype == FS_BOOT) errx(1, "%s: `%c' partition overlaps boot program", special, *cp); getfssize(&fssize, special, pp->p_size, reserved); if (sectorsize == 0) sectorsize = lp->d_secsize; if (fsize == 0) fsize = pp->p_fsize; if (bsize == 0) bsize = pp->p_frag * pp->p_fsize; if (is_file) part_ofs = pp->p_offset; } if (sectorsize <= 0) errx(1, "%s: no default sector size", special); if (fsize <= 0) fsize = MAX(DFL_FRAGSIZE, sectorsize); if (bsize <= 0) bsize = MIN(DFL_BLKSIZE, 8 * fsize); if (minfree < MINFREE && opt != FS_OPTSPACE) { fprintf(stderr, "Warning: changing optimization to space "); fprintf(stderr, "because minfree is less than %d%%\n", MINFREE); opt = FS_OPTSPACE; } realsectorsize = sectorsize; if (sectorsize != DEV_BSIZE) { /* XXX */ int secperblk = sectorsize / DEV_BSIZE; sectorsize = DEV_BSIZE; fssize *= secperblk; if (pp != NULL) pp->p_size *= secperblk; } mkfs(pp, special); ufs_disk_close(&disk); if (!jflag) exit(0); if (execlp("tunefs", "newfs", "-j", "enable", special, NULL) < 0) err(1, "Cannot enable soft updates journaling, tunefs"); /* NOT REACHED */ } void getfssize(intmax_t *fsz, const char *s, intmax_t disksize, intmax_t reserved) { intmax_t available; available = disksize - reserved; if (available <= 0) errx(1, "%s: reserved not less than device size %jd", s, disksize); if (*fsz == 0) *fsz = available; else if (*fsz > available) errx(1, "%s: maximum file system size is %jd", s, available); } struct disklabel * getdisklabel(void) { static struct disklabel lab; struct disklabel *lp; if (is_file) { if (read(disk.d_fd, bootarea, BBSIZE) != BBSIZE) err(4, "cannot read bootarea"); if (bsd_disklabel_le_dec( bootarea + (0 /* labeloffset */ + 1 /* labelsoffset */ * sectorsize), &lab, MAXPARTITIONS)) errx(1, "no valid label found"); lp = &lab; return &lab; } if (disktype) { lp = getdiskbyname(disktype); if (lp != NULL) return (lp); } return (NULL); } static void usage(void) { fprintf(stderr, "usage: %s [ -fsoptions ] special-device%s\n", getprogname(), " [device-type]"); fprintf(stderr, "where fsoptions are:\n"); fprintf(stderr, "\t-E Erase previous disk content\n"); fprintf(stderr, "\t-J Enable journaling via gjournal\n"); fprintf(stderr, "\t-L volume label to add to superblock\n"); fprintf(stderr, "\t-N do not create file system, just print out parameters\n"); fprintf(stderr, "\t-O file system format: 1 => UFS1, 2 => UFS2\n"); fprintf(stderr, "\t-R regression test, suppress random factors\n"); fprintf(stderr, "\t-S sector size\n"); fprintf(stderr, "\t-T disktype\n"); fprintf(stderr, "\t-U enable soft updates\n"); fprintf(stderr, "\t-a maximum contiguous blocks\n"); fprintf(stderr, "\t-b block size\n"); fprintf(stderr, "\t-c blocks per cylinders group\n"); fprintf(stderr, "\t-d maximum extent size\n"); fprintf(stderr, "\t-e maximum blocks per file in a cylinder group\n"); fprintf(stderr, "\t-f frag size\n"); fprintf(stderr, "\t-g average file size\n"); fprintf(stderr, "\t-h average files per directory\n"); fprintf(stderr, "\t-i number of bytes per inode\n"); fprintf(stderr, "\t-j enable soft updates journaling\n"); fprintf(stderr, "\t-k space to hold for metadata blocks\n"); fprintf(stderr, "\t-l enable multilabel MAC\n"); fprintf(stderr, "\t-n do not create .snap directory\n"); fprintf(stderr, "\t-m minimum free space %%\n"); fprintf(stderr, "\t-o optimization preference (`space' or `time')\n"); fprintf(stderr, "\t-p partition name (a..h)\n"); fprintf(stderr, "\t-r reserved sectors at the end of device\n"); fprintf(stderr, "\t-s file system size (sectors)\n"); fprintf(stderr, "\t-t enable TRIM\n"); exit(1); } static int expand_number_int(const char *buf, int *num) { int64_t num64; int rval; rval = expand_number(buf, &num64); if (rval < 0) return (rval); if (num64 > INT_MAX || num64 < INT_MIN) { errno = ERANGE; return (-1); } *num = (int)num64; return (0); } diff --git a/sbin/nfsiod/Makefile b/sbin/nfsiod/Makefile index 78e3e77da608..c75b1075c4e0 100644 --- a/sbin/nfsiod/Makefile +++ b/sbin/nfsiod/Makefile @@ -1,8 +1,7 @@ -# @(#)Makefile 8.1 (Berkeley) 6/5/93 PROG= nfsiod MAN= nfsiod.8 PACKAGE= nfs .include diff --git a/sbin/nfsiod/nfsiod.8 b/sbin/nfsiod/nfsiod.8 index cb9ab471dddb..7abe5a832bbf 100644 --- a/sbin/nfsiod/nfsiod.8 +++ b/sbin/nfsiod/nfsiod.8 @@ -1,99 +1,97 @@ .\" Copyright (c) 1989, 1991, 1993 .\" The Regents of the University of California. All rights reserved. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: .\" 1. Redistributions of source code must retain the above copyright .\" notice, this list of conditions and the following disclaimer. .\" 2. Redistributions in binary form must reproduce the above copyright .\" notice, this list of conditions and the following disclaimer in the .\" documentation and/or other materials provided with the distribution. .\" 3. Neither the name of the University nor the names of its contributors .\" may be used to endorse or promote products derived from this software .\" without specific prior written permission. .\" .\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE .\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" From: @(#)nfsiod.8 8.2 (Berkeley) 2/22/94 -.\" .Dd December 26, 2009 .Dt NFSIOD 8 .Os .Sh NAME .Nm nfsiod .Nd local .Tn NFS asynchronous I/O server .Sh SYNOPSIS .Nm .Op Fl n Ar num_servers .Sh DESCRIPTION The .Nm utility controls the maximum number of .Nm kernel processes which run on an .Tn NFS client machine to service asynchronous I/O requests to its server. Having .Nm kernel processes improves performance but is not required for correct operation. .Pp The option is as follows: .Bl -tag -width indent .It Fl n Specify how many processes are permitted to be started. .El .Pp Without an option, .Nm displays the current settings. A client should allow enough number of processes to handle its maximum level of concurrency, typically four to six. .Pp If .Nm detects that the running kernel does not include .Tn NFS support, it will attempt to load a kernel module containing .Tn NFS code, using .Xr kldload 2 . If this fails, or no .Tn NFS module was available, .Nm exits with an error. .Sh EXIT STATUS .Ex -std .Sh SEE ALSO .Xr nfsstat 1 , .Xr kldload 2 , .Xr nfssvc 2 , .Xr mountd 8 , .Xr nfsd 8 , .Xr rpcbind 8 .Sh HISTORY The .Nm utility first appeared in .Bx 4.4 . .Pp Starting with .Fx 5.0 , the utility no longer starts daemons, but only serves as a vfs loader and .Xr sysctl 3 wrapper. diff --git a/sbin/nfsiod/nfsiod.c b/sbin/nfsiod/nfsiod.c index 45a0ec0a9741..330f5efce784 100644 --- a/sbin/nfsiod/nfsiod.c +++ b/sbin/nfsiod/nfsiod.c @@ -1,139 +1,136 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1989, 1993 * The Regents of the University of California. All rights reserved. * * This code is derived from software contributed to Berkeley by * Rick Macklem at The University of Guelph. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #if 0 #ifndef lint static const char copyright[] = "@(#) Copyright (c) 1989, 1993\n\ The Regents of the University of California. All rights reserved.\n"; #endif -#ifndef lint -static char sccsid[] = "@(#)nfsiod.c 8.4 (Berkeley) 5/3/95"; -#endif #endif #include #include #include #include #include #include #include #include #include #include #include #define MAXNFSDCNT 20 static void usage(void) { (void)fprintf(stderr, "usage: nfsiod [-n num_servers]\n"); exit(1); } int main(int argc, char *argv[]) { int ch; struct xvfsconf vfc; int error; unsigned int iodmin, iodmax, num_servers; size_t len; error = getvfsbyname("nfs", &vfc); if (error) { if (kldload("nfs") == -1) err(1, "kldload(nfs)"); error = getvfsbyname("nfs", &vfc); } if (error) errx(1, "NFS support is not available in the running kernel"); num_servers = 0; while ((ch = getopt(argc, argv, "n:")) != -1) switch (ch) { case 'n': num_servers = atoi(optarg); if (num_servers < 1) { warnx("nfsiod count %u; reset to %d", num_servers, 1); num_servers = 1; } if (num_servers > MAXNFSDCNT) { warnx("nfsiod count %u; reset to %d", num_servers, MAXNFSDCNT); num_servers = MAXNFSDCNT; } break; case '?': default: usage(); } argc -= optind; argv += optind; if (argc > 0) usage(); len = sizeof iodmin; error = sysctlbyname("vfs.nfs.iodmin", &iodmin, &len, NULL, 0); if (error < 0) err(1, "sysctlbyname(\"vfs.nfs.iodmin\")"); len = sizeof iodmax; error = sysctlbyname("vfs.nfs.iodmax", &iodmax, &len, NULL, 0); if (error < 0) err(1, "sysctlbyname(\"vfs.nfs.iodmax\")"); if (num_servers == 0) { /* no change */ printf("vfs.nfs.iodmin=%u\nvfs.nfs.iodmax=%u\n", iodmin, iodmax); exit(0); } /* Catch the case where we're lowering num_servers below iodmin */ if (iodmin > num_servers) { iodmin = num_servers; error = sysctlbyname("vfs.nfs.iodmin", NULL, 0, &iodmin, sizeof iodmin); if (error < 0) err(1, "sysctlbyname(\"vfs.nfs.iodmin\")"); } iodmax = num_servers; error = sysctlbyname("vfs.nfs.iodmax", NULL, 0, &iodmax, sizeof iodmax); if (error < 0) err(1, "sysctlbyname(\"vfs.nfs.iodmax\")"); exit (0); } diff --git a/sbin/ping/Makefile b/sbin/ping/Makefile index 1483a93ace37..a710629cb242 100644 --- a/sbin/ping/Makefile +++ b/sbin/ping/Makefile @@ -1,42 +1,41 @@ -# @(#)Makefile 8.1 (Berkeley) 6/5/93 .include PACKAGE=runtime PROG= ping SRCS= main.c MAN= ping.8 BINOWN= root BINMODE=4555 LIBADD= m .if ${MK_INET_SUPPORT}!= "no" CFLAGS+= -DINET SRCS+= ping.c utils.c .endif .if ${MK_INET6_SUPPORT} != "no" CFLAGS+= -DINET6 -DKAME_SCOPEID SRCS+= ping6.c LIBADD+= md LINKS= ${BINDIR}/ping ${BINDIR}/ping6 MLINKS= ping.8 ping6.8 .endif .if ${MK_DYNAMICROOT} == "no" .warning ${PROG} built without libcasper support .elif ${MK_CASPER} != "no" && !defined(RESCUE) LIBADD+= casper LIBADD+= cap_dns CFLAGS+=-DWITH_CASPER .endif CFLAGS+=-DIPSEC LIBADD+= ipsec CFLAGS+= -Wno-error=unused-but-set-variable HAS_TESTS= SUBDIR.${MK_TESTS}+= tests .include diff --git a/sbin/ping/ping.8 b/sbin/ping/ping.8 index 34ffc98c3a40..0eaec196e1e3 100644 --- a/sbin/ping/ping.8 +++ b/sbin/ping/ping.8 @@ -1,830 +1,828 @@ .\" Copyright (c) 1985, 1991, 1993 .\" The Regents of the University of California. All rights reserved. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: .\" 1. Redistributions of source code must retain the above copyright .\" notice, this list of conditions and the following disclaimer. .\" 2. Redistributions in binary form must reproduce the above copyright .\" notice, this list of conditions and the following disclaimer in the .\" documentation and/or other materials provided with the distribution. .\" 3. Neither the name of the University nor the names of its contributors .\" may be used to endorse or promote products derived from this software .\" without specific prior written permission. .\" .\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE .\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" @(#)ping.8 8.2 (Berkeley) 12/11/93 -.\" .Dd September 15, 2023 .Dt PING 8 .Os .Sh NAME .Nm ping .Nd send ICMP or ICMPv6 ECHO_REQUEST packets to network hosts .Sh SYNOPSIS .Nm .Op Fl 4AaDdfHnoQqRrv .Op Fl .\& Ns Ar chars .Op Fl C Ar pcp .Op Fl c Ar count .Op Fl G Ar sweepmaxsize .Op Fl g Ar sweepminsize .Op Fl h Ar sweepincrsize .Op Fl i Ar wait .Op Fl l Ar preload .Op Fl M Cm mask | time .Op Fl m Ar ttl .Op Fl P Ar policy .Op Fl p Ar pattern .Op Fl S Ar src_addr .Op Fl s Ar packetsize .Op Fl t Ar timeout .Op Fl W Ar waittime .Op Fl z Ar tos .Ar IPv4-host .Nm .Op Fl 4AaDdfHLnoQqRrv .Op Fl .\& Ns Ar chars .Op Fl C Ar pcp .Op Fl c Ar count .Op Fl I Ar iface .Op Fl i Ar wait .Op Fl l Ar preload .Op Fl M Cm mask | time .Op Fl m Ar ttl .Op Fl P Ar policy .Op Fl p Ar pattern .Op Fl S Ar src_addr .Op Fl s Ar packetsize .Op Fl T Ar ttl .Op Fl t Ar timeout .Op Fl W Ar waittime .Op Fl z Ar tos .Ar IPv4-mcast-group .Nm .Op Fl 6AaDdEfHNnOoquvYyZ .Op Fl .\& Ns Ar chars .Op Fl b Ar bufsiz .Op Fl C Ar pcp .Op Fl c Ar count .Op Fl e Ar gateway .Op Fl I Ar interface .Op Fl i Ar wait .Op Fl k Ar addrtype .Op Fl l Ar preload .Op Fl m Ar hoplimit .Op Fl P Ar policy .Op Fl p Ar pattern .Op Fl S Ar sourceaddr .Op Fl s Ar packetsize .Op Fl t Ar timeout .Op Fl W Ar waittime .Op Ar IPv6-hops ... .Ar IPv6-host .Sh DESCRIPTION The .Nm utility invoked with an IPv4 target .Ar ( IPv4-host or .Ar IPv4-mcast-group ) uses the ICMP .No protocol Ap s mandatory ECHO_REQUEST datagram to elicit an ICMP ECHO_RESPONSE from a host or gateway. ECHO_REQUEST datagrams .Pq Dq pings have an IP and ICMP header, followed by a .Dq struct timeval and then an arbitrary number of .Dq pad bytes used to fill out the packet. .Pp When invoked with an IPv6 target .Ar ( IPv6-host ) , it uses the ICMPv6 protocol's mandatory ICMP6_ECHO_REQUEST datagram to elicit an ICMP6_ECHO_REPLY. ICMP6_ECHO_REQUEST datagrams have an IPv6 header and ICMPv6 header formatted as documented in RFC 2463. .Pp When invoked with a hostname, the version to which the target is resolved first is used. In that case, the options and arguments used must be valid for the specific IP version, otherwise .Nm exits with an error. If the target is resolved to both IPv4 and IPv6, the specific IP version can be requested by .Fl 4 or .Fl 6 options, respectively. For backwards-compatibility, ICMPv6 can also be selected by invoking the binary as .Nm ping6 . .Ss Options common to both IPv4 and IPv6 targets .Bl -tag -width indent .It Fl .\& Ns Ar chars By default, for every ECHO_REQUEST sent, a period .Dq .\& is printed, while for every ECHO_REPLY received, a backspace is printed. This option takes an optional string argument listing characters that will be printed one by one in the provided order instead of the default period. .Pp Example usage: .Bd -literal -offset indent ping -.0123456789 freebsd.org .Ed .It Fl A Audible. Output a bell (ASCII 0x07) character when no packet is received before the next packet is transmitted. To cater for round-trip times that are longer than the interval between transmissions, further missing packets cause a bell only if the maximum number of unreceived packets has increased. .It Fl a Audible. Include a bell (ASCII 0x07) character in the output when any packet is received. .It Fl C Ar pcp Add an 802.1p Ethernet Priority Code Point when sending a packet. 0..7 uses that specific PCP, -1 uses the interface default PCP (or none). .It Fl c Ar count Stop after sending (and receiving) .Ar count ECHO_RESPONSE packets. If this option is not specified, .Nm will operate until interrupted. .Pp For an IPv4 target, if this option is specified in conjunction with ping sweeps, each sweep will consist of .Ar count packets. .It Fl D Disable fragmentation. .It Fl d Set the .Dv SO_DEBUG option on the socket being used. .It Fl f Flood ping. Outputs packets as fast as they come back or one hundred times per second, whichever is more. Implies .Fl .\& to print a period for every ECHO_REQUEST sent and a backspace for every ECHO_REPLY received. This provides a rapid display of how many packets are being dropped. Only the super-user may use this option. .Bf -emphasis This can be very hard on a network and should be used with caution. .Ef .It Fl H Hostname output. Try to do a reverse DNS lookup when displaying addresses. This is the opposite of the .Fl n option. .It Fl I Ar iface For an IPv4 target, .Ar iface is an IP address indentifying an interface from which the packets will be sent. This flag applies only if the ping target is a multicast address. .Pp For an IPv6 target, .Ar iface is a name of an interface (e.g., `em0') from which the packets will be sent. This flag applies if the ping target is a multicast address, or link-local/site-local unicast address. .It Fl i Ar wait Wait .Ar wait seconds .Em between sending each packet . The default is to wait for one second between each packet. The wait time may be fractional, but only the super-user may specify values less than 1 second. This option is incompatible with the .Fl f option. .It Fl l Ar preload If .Ar preload is specified, .Nm sends that many packets as fast as possible before falling into its normal mode of behavior. Only the super-user may use this option. .It Fl m Ar ttl For an IPv4 target, set the IP Time To Live for outgoing packets. If not specified, the kernel uses the value of the .Va net.inet.ip.ttl MIB variable. .Pp For an IPv6 target, set the IPv6 hoplimit. .It Fl n Numeric output only. No attempt will be made to lookup symbolic names for host addresses. This is the opposite of .Fl H , and it is the default behavior. .It Fl o Exit successfully after receiving one reply packet. .It Fl P Ar policy .Ar policy specifies IPsec policy for the ping session. For details please refer to .Xr ipsec 4 and .Xr ipsec_set_policy 3 . .It Fl p Ar pattern You may specify up to 16 .Dq pad bytes to fill out the packet you send. This is useful for diagnosing data-dependent problems in a network. For example, .Dq Li \-p ff will cause the sent packet to be filled with all ones. .It Fl q Quiet output. Nothing is displayed except the summary lines at startup time and when finished. .It Fl S Ar src_addr Use the following IP address as the source address in outgoing packets. On hosts with more than one IP address, this option can be used to force the source address to be something other than the IP address of the interface the probe packet is sent on. .Pp For IPv4, if the IP address is not one of this machine's interface addresses, an error is returned and nothing is sent. .Pp For IPv6, the source address must be one of the unicast addresses of the sending node, and must be numeric. .It Fl s Ar packetsize Specify the number of data bytes to be sent. The default is 56, which translates into 64 ICMP data bytes when combined with the 8 bytes of ICMP header data. .Pp For IPv4, only the super-user may specify values more than default. This option cannot be used with ping sweeps. .Pp For IPv6, you may need to specify .Fl b as well to extend socket buffer size. .It Fl t Ar timeout Specify a timeout, in seconds, before ping exits regardless of how many packets have been received. .It Fl v Verbose output. ICMP packets other than ECHO_RESPONSE that are received are listed. .It Fl W Ar waittime Time in milliseconds to wait for a reply for each packet sent. If a reply arrives later, the packet is not printed as replied, but considered as replied when calculating statistics. .El .Ss Options only for IPv4 targets .Bl -tag -width indent .It Fl 4 Use IPv4 regardless of how the target is resolved. .It Fl G Ar sweepmaxsize Specify the maximum size of ICMP payload when sending sweeping pings. This option is required for ping sweeps. .It Fl g Ar sweepminsize Specify the size of ICMP payload to start with when sending sweeping pings. The default value is 0. .It Fl h Ar sweepincrsize Specify the number of bytes to increment the size of ICMP payload after each sweep when sending sweeping pings. The default value is 1. .It Fl L Suppress loopback of multicast packets. This flag only applies if the ping destination is a multicast address. .It Fl M Cm mask | time Use .Dv ICMP_MASKREQ or .Dv ICMP_TSTAMP instead of .Dv ICMP_ECHO . For .Cm mask , print the netmask of the remote machine. Set the .Va net.inet.icmp.maskrepl MIB variable to enable .Dv ICMP_MASKREPLY and .Va net.inet.icmp.maskfake if you want to override the netmask in the response. For .Cm time , print the origination, reception and transmission timestamps. Set the .Va net.inet.icmp.tstamprepl MIB variable to enable or disable .Dv ICMP_TSTAMPREPLY . .It Fl Q Somewhat quiet output. .No Don Ap t display ICMP error messages that are in response to our query messages. Originally, the .Fl v flag was required to display such errors, but .Fl v displays all ICMP error messages. On a busy machine, this output can be overbearing. Without the .Fl Q flag, .Nm prints out any ICMP error messages caused by its own ECHO_REQUEST messages. .It Fl R Record route. Includes the RECORD_ROUTE option in the ECHO_REQUEST packet and displays the route buffer on returned packets. Note that the IP header is only large enough for nine such routes; the .Xr traceroute 8 command is usually better at determining the route packets take to a particular destination. If more routes come back than should, such as due to an illegal spoofed packet, ping will print the route list and then truncate it at the correct spot. Many hosts ignore or discard the RECORD_ROUTE option. .It Fl r Bypass the normal routing tables and send directly to a host on an attached network. If the host is not on a directly-attached network, an error is returned. This option can be used to ping a local host through an interface that has no route through it (e.g., after the interface was dropped by .Xr routed 8 ) . .It Fl T Ar ttl Set the IP Time To Live for multicasted packets. This flag only applies if the ping destination is a multicast address. .It Fl z Ar tos Use the specified type of service. .It Ar IPv4-host hostname or IPv4 address of the final destination node. .It Ar IPv4-mcast-group IPv4 multicast address of the final destination nodes. .El .Ss Options only for IPv6 targets .Bl -tag -width indent .It Fl 6 Use IPv6 regardless of how the target is resolved. .It Fl b Ar bufsiz Set socket buffer size. .It Fl e Ar gateway Specifies to use .Ar gateway as the next hop to the destination. The gateway must be a neighbor of the sending node. .It Fl k Ar addrtype Generate ICMPv6 Node Information Node Addresses query, rather than echo-request. .Ar addrtype must be a string constructed of the following characters. .Bl -tag -width Ds -compact .It Ic a requests unicast addresses from all of the responder's interfaces. If the character is omitted, only those addresses which belong to the interface which has the responder's address are requests. .It Ic c requests responder's IPv4-compatible and IPv4-mapped addresses. .It Ic g requests responder's global-scope addresses. .It Ic s requests responder's site-local addresses. .It Ic l requests responder's link-local addresses. .It Ic A requests responder's anycast addresses. Without this character, the responder will return unicast addresses only. With this character, the responder will return anycast addresses only. Note that the specification does not specify how to get responder's anycast addresses. This is an experimental option. .El .It Fl N Probe node information multicast group address .Pq Li ff02::2:ffxx:xxxx . .Ar host must be string hostname of the target (must not be a numeric IPv6 address). Node information multicast group will be computed based on given .Ar host , and will be used as the final destination. Since node information multicast group is a link-local multicast group, outgoing interface needs to be specified by .Fl I option. .Pp When specified twice, the address .Pq Li ff02::2:xxxx:xxxx is used instead. The former is in RFC 4620, the latter is in an old Internet Draft draft-ietf-ipngwg-icmp-name-lookup. Note that KAME-derived implementations including .Fx use the latter. .It Fl O Generate ICMPv6 Node Information supported query types query, rather than echo-request. .Fl s has no effect if .Fl O is specified. .It Fl u By default, .Nm asks the kernel to fragment packets to fit into the minimum IPv6 MTU. The .Fl u option will suppress the behavior in the following two levels: when the option is specified once, the behavior will be disabled for unicast packets. When the option is more than once, it will be disabled for both unicast and multicast packets. .It Fl Y Same as .Fl y , but with old packet format based on 03 draft. This option is present for backward compatibility. .Fl s has no effect if .Fl y is specified. .It Fl y Generate ICMPv6 Node Information DNS Name query, rather than echo-request. .Fl s has no effect if .Fl y is specified. .It Ar IPv6-hops IPv6 addresses for intermediate nodes, which will be put into type 0 routing header. .It Ar IPv6-host IPv6 address of the final destination node. .El .Ss Experimental options only for IPv6 target .Bl -tag -width indent .It Fl E Enables transport-mode IPsec encapsulated security payload. .It Fl Z Enables transport-mode IPsec authentication header. .El .Pp When using .Nm for fault isolation, it should first be run on the local host, to verify that the local network interface is up and running. Then, hosts and gateways further and further away should be .Dq pinged . Round-trip times and packet loss statistics are computed. If duplicate packets are received, they are not included in the packet loss calculation, although the round trip time of these packets is used in calculating the round-trip time statistics. When the specified number of packets have been sent (and received) or if the program is terminated with a .Dv SIGINT , a brief summary is displayed, showing the number of packets sent and received, and the minimum, mean, maximum, and standard deviation of the round-trip times. .Pp If .Nm receives a .Dv SIGINFO (see the .Cm status argument for .Xr stty 1 ) signal, the current number of packets sent and received, and the minimum, mean, maximum, and standard deviation of the round-trip times will be written to the standard output. .Pp This program is intended for use in network testing, measurement and management. Because of the load it can impose on the network, it is unwise to use .Nm during normal operations or from automated scripts. .Sh ICMP PACKET DETAILS An IP header without options is 20 bytes. An ICMP ECHO_REQUEST packet contains an additional 8 bytes worth of ICMP header followed by an arbitrary amount of data. When a .Ar packetsize is given, this indicated the size of this extra piece of data (the default is 56). Thus the amount of data received inside of an IP packet of type ICMP ECHO_REPLY will always be 8 bytes more than the requested data space (the ICMP header). .Pp If the data space is at least eight bytes large, .Nm uses the first eight bytes of this space to include a timestamp which it uses in the computation of round trip times. If less than eight bytes of pad are specified, no round trip times are given. .Sh DUPLICATE AND DAMAGED PACKETS The .Nm utility will report duplicate and damaged packets. Duplicate packets should never occur when pinging a unicast address, and seem to be caused by inappropriate link-level retransmissions. Duplicates may occur in many situations and are rarely (if ever) a good sign, although the presence of low levels of duplicates may not always be cause for alarm. Duplicates are expected when pinging a broadcast or multicast address, since they are not really duplicates but replies from different hosts to the same request. .Pp Damaged packets are obviously serious cause for alarm and often indicate broken hardware somewhere in the .Nm packet's path (in the network or in the hosts). .Sh TRYING DIFFERENT DATA PATTERNS The (inter)network layer should never treat packets differently depending on the data contained in the data portion. Unfortunately, data-dependent problems have been known to sneak into networks and remain undetected for long periods of time. In many cases the particular pattern that will have problems is something that does not have sufficient .Dq transitions , such as all ones or all zeros, or a pattern right at the edge, such as almost all zeros. It is not necessarily enough to specify a data pattern of all zeros (for example) on the command line because the pattern that is of interest is at the data link level, and the relationship between what you type and what the controllers transmit can be complicated. .Pp This means that if you have a data-dependent problem you will probably have to do a lot of testing to find it. If you are lucky, you may manage to find a file that either cannot be sent across your network or that takes much longer to transfer than other similar length files. You can then examine this file for repeated patterns that you can test using the .Fl p option of .Nm . .Sh IPv4 TTL DETAILS The TTL value of an IP packet represents the maximum number of IP routers that the packet can go through before being thrown away. In current practice you can expect each router in the Internet to decrement the TTL field by exactly one. .Pp The TCP/IP specification recommends setting the TTL field for IP packets to 64. .Pp The maximum possible value of this field is 255, and some .Ux systems set the TTL field of ICMP ECHO_REQUEST packets to 255. This is why you will find you can .Dq ping some hosts, but not reach them with .Xr telnet 1 or .Xr ftp 1 . .Pp In normal operation .Nm prints the ttl value from the packet it receives. When a remote system receives a ping packet, it can do one of three things with the TTL field in its response: .Bl -bullet .It Not change it; this is what .Bx systems did before the .Bx 4.3 tahoe release. In this case the TTL value in the received packet will be 255 minus the number of routers in the round-trip path. .It Set it to 64; this is what current .Fx systems do. In this case the TTL value in the received packet will be 64 minus the number of routers in the path .Em from the remote system .Em to the .Nm Ns Em ing host. .It Set it to some other value. Some machines use the same value for ICMP packets that they use for TCP packets, for example either 30 or 60. Others may use completely wild values. .El .Sh EXIT STATUS The .Nm utility exits with one of the following values: .Bl -tag -width indent .It 0 At least one response was heard from the specified .Ar host . .It 2 The transmission was successful but no responses were received. .It any other value An error occurred. .El .Sh EXAMPLES The following will send ICMPv6 echo request to .Li dst.example.com . .Bd -literal -offset indent ping -6 -n dst.example.com .Ed .Pp The following will probe hostnames for all nodes on the network link attached to .Li wi0 interface. The address .Li ff02::1 is named the link-local all-node multicast address, and the packet would reach every node on the network link. .Bd -literal -offset indent ping -6 -y ff02::1%wi0 .Ed .Pp The following will probe addresses assigned to the destination node, .Li dst.example.com . .Bd -literal -offset indent ping -6 -k agl dst.example.com .Ed .Sh SEE ALSO .Xr netstat 1 , .Xr icmp 4 , .Xr icmp6 4 , .Xr inet6 4 , .Xr ip6 4 , .Xr ifconfig 8 , .Xr routed 8 , .Xr traceroute 8 , .Xr traceroute6 8 .Rs .%A A. Conta .%A S. Deering .%T "Internet Control Message Protocol (ICMPv6) for the Internet Protocol Version 6 (IPv6) Specification" .%N RFC 2463 .%D December 1998 .Re .Rs .%A Matt Crawford .%T "IPv6 Node Information Queries" .%N draft-ietf-ipngwg-icmp-name-lookups-09.txt .%D May 2002 .%O work in progress material .Re .Sh HISTORY The .Nm utility appeared in .Bx 4.3 . The .Nm ping6 utility with IPv6 support first appeared in the WIDE Hydrangea IPv6 protocol stack kit. .Pp IPv6 and IPsec support based on the KAME Project .Pq Pa https://www.kame.net/ stack was initially integrated into .Fx 4.0 . .Pp The .Nm ping6 utility was merged to .Nm in Google Summer of Code 2019. .Sh AUTHORS The original .Nm utility was written by .An Mike Muuss while at the US Army Ballistics Research Laboratory. .Sh BUGS Many Hosts and Gateways ignore the IPv4 RECORD_ROUTE option. .Pp The maximum IP header length is too small for options like RECORD_ROUTE to be completely useful. .No There Ap s not much that can be done about this, however. .Pp Flood pinging is not recommended in general, and flood pinging the broadcast address should only be done under very controlled conditions. .Pp The .Fl v option is not worth much on busy hosts. diff --git a/sbin/ping/ping.c b/sbin/ping/ping.c index 3b8663772e87..5c97496aa1f9 100644 --- a/sbin/ping/ping.c +++ b/sbin/ping/ping.c @@ -1,1696 +1,1693 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1989, 1993 * The Regents of the University of California. All rights reserved. * * This code is derived from software contributed to Berkeley by * Mike Muuss. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #if 0 #ifndef lint static const char copyright[] = "@(#) Copyright (c) 1989, 1993\n\ The Regents of the University of California. All rights reserved.\n"; #endif /* not lint */ -#ifndef lint -static char sccsid[] = "@(#)ping.c 8.1 (Berkeley) 6/5/93"; -#endif /* not lint */ #endif #include /* * P I N G . C * * Using the Internet Control Message Protocol (ICMP) "ECHO" facility, * measure round-trip-delays and packet loss across network paths. * * Author - * Mike Muuss * U. S. Army Ballistic Research Laboratory * December, 1983 * * Status - * Public Domain. Distribution Unlimited. * Bugs - * More statistics could always be gathered. * This program has to run SUID to ROOT to access the ICMP socket. */ #include /* NB: we rely on this for */ #include #include #include #include #include #include #include #include #include #include #include #include #include #ifdef IPSEC #include #endif /*IPSEC*/ #include #include #include #include #include #include #include #include #include #include #include #include #include #include "main.h" #include "ping.h" #include "utils.h" #define INADDR_LEN ((int)sizeof(in_addr_t)) #define TIMEVAL_LEN ((int)sizeof(struct tv32)) #define MASK_LEN (ICMP_MASKLEN - ICMP_MINLEN) #define TS_LEN (ICMP_TSLEN - ICMP_MINLEN) #define DEFDATALEN 56 /* default data length */ #define FLOOD_BACKOFF 20000 /* usecs to back off if F_FLOOD mode */ /* runs out of buffer space */ #define MAXIPLEN (sizeof(struct ip) + MAX_IPOPTLEN) #define MAXICMPLEN (ICMP_ADVLENMIN + MAX_IPOPTLEN) #define MAXWAIT 10000 /* max ms to wait for response */ #define MAXALARM (60 * 60) /* max seconds for alarm timeout */ #define MAXTOS 255 #define A(bit) rcvd_tbl[(bit)>>3] /* identify byte in array */ #define B(bit) (1 << ((bit) & 0x07)) /* identify bit in byte */ #define SET(bit) (A(bit) |= B(bit)) #define CLR(bit) (A(bit) &= (~B(bit))) #define TST(bit) (A(bit) & B(bit)) struct tv32 { int32_t tv32_sec; int32_t tv32_nsec; }; /* various options */ #define F_FLOOD 0x0001 #define F_INTERVAL 0x0002 #define F_PINGFILLED 0x0008 #define F_QUIET 0x0010 #define F_RROUTE 0x0020 #define F_SO_DEBUG 0x0040 #define F_SO_DONTROUTE 0x0080 #define F_VERBOSE 0x0100 #define F_QUIET2 0x0200 #define F_NOLOOP 0x0400 #define F_MTTL 0x0800 #define F_MIF 0x1000 #define F_AUDIBLE 0x2000 #ifdef IPSEC #ifdef IPSEC_POLICY_IPSEC #define F_POLICY 0x4000 #endif /*IPSEC_POLICY_IPSEC*/ #endif /*IPSEC*/ #define F_TTL 0x8000 #define F_MISSED 0x10000 #define F_ONCE 0x20000 #define F_HDRINCL 0x40000 #define F_MASK 0x80000 #define F_TIME 0x100000 #define F_SWEEP 0x200000 #define F_WAITTIME 0x400000 #define F_IP_VLAN_PCP 0x800000 #define F_DOT 0x1000000 /* * MAX_DUP_CHK is the number of bits in received table, i.e. the maximum * number of received sequence numbers we can keep track of. Change 128 * to 8192 for complete accuracy... */ #define MAX_DUP_CHK (8 * 128) static int mx_dup_ck = MAX_DUP_CHK; static char rcvd_tbl[MAX_DUP_CHK / 8]; static struct sockaddr_in whereto; /* who to ping */ static int datalen = DEFDATALEN; static int maxpayload; static int ssend; /* send socket file descriptor */ static int srecv; /* receive socket file descriptor */ static u_char outpackhdr[IP_MAXPACKET], *outpack; static char BBELL = '\a'; /* characters written for MISSED and AUDIBLE */ static char BSPACE = '\b'; /* characters written for flood */ static const char *DOT = "."; static size_t DOTlen = 1; static size_t DOTidx = 0; static char *shostname; static int ident; /* process id to identify our packets */ static int uid; /* cached uid for micro-optimization */ static u_char icmp_type = ICMP_ECHO; static u_char icmp_type_rsp = ICMP_ECHOREPLY; static int phdr_len = 0; static int send_len; /* counters */ static long nmissedmax; /* max value of ntransmitted - nreceived - 1 */ static long npackets; /* max packets to transmit */ static long snpackets; /* max packets to transmit in one sweep */ static long sntransmitted; /* # of packets we sent in this sweep */ static int sweepmax; /* max value of payload in sweep */ static int sweepmin = 0; /* start value of payload in sweep */ static int sweepincr = 1; /* payload increment in sweep */ static int interval = 1000; /* interval between packets, ms */ static int waittime = MAXWAIT; /* timeout for each packet */ static cap_channel_t *capdns; static void fill(char *, char *); static cap_channel_t *capdns_setup(void); static void pinger(void); static char *pr_addr(struct in_addr); static char *pr_ntime(n_time); static void pr_icmph(struct icmp *, struct ip *, const u_char *const); static void pr_iph(struct ip *, const u_char *); static void pr_pack(char *, ssize_t, struct sockaddr_in *, struct timespec *); int ping(int argc, char *const *argv) { struct sockaddr_in from, sock_in; struct in_addr ifaddr; struct timespec last, intvl; struct iovec iov; struct msghdr msg; struct sigaction si_sa; size_t sz; u_char *datap, packet[IP_MAXPACKET] __aligned(4); const char *errstr; char *ep, *source, *target, *payload; struct hostent *hp; #ifdef IPSEC_POLICY_IPSEC char *policy_in, *policy_out; #endif struct sockaddr_in *to; double t; u_long alarmtimeout; long long ltmp; int almost_done, ch, df, hold, i, icmp_len, mib[4], preload; int ssend_errno, srecv_errno, tos, ttl, pcp; char ctrl[CMSG_SPACE(sizeof(struct timespec))]; char hnamebuf[MAXHOSTNAMELEN], snamebuf[MAXHOSTNAMELEN]; #ifdef IP_OPTIONS char rspace[MAX_IPOPTLEN]; /* record route space */ #endif unsigned char loop, mttl; payload = source = NULL; #ifdef IPSEC_POLICY_IPSEC policy_in = policy_out = NULL; #endif cap_rights_t rights; /* * Do the stuff that we need root priv's for *first*, and * then drop our setuid bit. Save error reporting for * after arg parsing. * * Historicaly ping was using one socket 's' for sending and for * receiving. After capsicum(4) related changes we use two * sockets. It was done for special ping use case - when user * issue ping on multicast or broadcast address replies come * from different addresses, not from the address we * connect(2)'ed to, and send socket do not receive those * packets. */ ssend = socket(AF_INET, SOCK_RAW, IPPROTO_ICMP); ssend_errno = errno; srecv = socket(AF_INET, SOCK_RAW, IPPROTO_ICMP); srecv_errno = errno; if (setuid(getuid()) != 0) err(EX_NOPERM, "setuid() failed"); uid = getuid(); if (ssend < 0) { errno = ssend_errno; err(EX_OSERR, "ssend socket"); } if (srecv < 0) { errno = srecv_errno; err(EX_OSERR, "srecv socket"); } alarmtimeout = df = preload = tos = pcp = 0; outpack = outpackhdr + sizeof(struct ip); while ((ch = getopt(argc, argv, PING4OPTS)) != -1) { switch(ch) { case '.': options |= F_DOT; if (optarg != NULL) { DOT = optarg; DOTlen = strlen(optarg); } break; case '4': /* This option is processed in main(). */ break; case 'A': options |= F_MISSED; break; case 'a': options |= F_AUDIBLE; break; case 'C': options |= F_IP_VLAN_PCP; ltmp = strtonum(optarg, -1, 7, &errstr); if (errstr != NULL) errx(EX_USAGE, "invalid PCP: `%s'", optarg); pcp = ltmp; break; case 'c': ltmp = strtonum(optarg, 1, LONG_MAX, &errstr); if (errstr != NULL) errx(EX_USAGE, "invalid count of packets to transmit: `%s'", optarg); npackets = (long)ltmp; break; case 'D': options |= F_HDRINCL; df = 1; break; case 'd': options |= F_SO_DEBUG; break; case 'f': if (uid) { errno = EPERM; err(EX_NOPERM, "-f flag"); } options |= F_FLOOD; options |= F_DOT; setbuf(stdout, (char *)NULL); break; case 'G': /* Maximum packet size for ping sweep */ ltmp = strtonum(optarg, 1, INT_MAX, &errstr); if (errstr != NULL) { errx(EX_USAGE, "invalid packet size: `%s'", optarg); } sweepmax = (int)ltmp; if (uid != 0 && sweepmax > DEFDATALEN) { errc(EX_NOPERM, EPERM, "packet size too large: %d > %u", sweepmax, DEFDATALEN); } options |= F_SWEEP; break; case 'g': /* Minimum packet size for ping sweep */ ltmp = strtonum(optarg, 1, INT_MAX, &errstr); if (errstr != NULL) { errx(EX_USAGE, "invalid packet size: `%s'", optarg); } sweepmin = (int)ltmp; if (uid != 0 && sweepmin > DEFDATALEN) { errc(EX_NOPERM, EPERM, "packet size too large: %d > %u", sweepmin, DEFDATALEN); } options |= F_SWEEP; break; case 'H': options |= F_HOSTNAME; break; case 'h': /* Packet size increment for ping sweep */ ltmp = strtonum(optarg, 1, INT_MAX, &errstr); if (errstr != NULL) { errx(EX_USAGE, "invalid packet size: `%s'", optarg); } sweepincr = (int)ltmp; if (uid != 0 && sweepincr > DEFDATALEN) { errc(EX_NOPERM, EPERM, "packet size too large: %d > %u", sweepincr, DEFDATALEN); } options |= F_SWEEP; break; case 'I': /* multicast interface */ if (inet_aton(optarg, &ifaddr) == 0) errx(EX_USAGE, "invalid multicast interface: `%s'", optarg); options |= F_MIF; break; case 'i': /* wait between sending packets */ t = strtod(optarg, &ep) * 1000.0; if (*ep || ep == optarg || t > (double)INT_MAX) errx(EX_USAGE, "invalid timing interval: `%s'", optarg); options |= F_INTERVAL; interval = (int)t; if (uid && interval < 1000) { errno = EPERM; err(EX_NOPERM, "-i interval too short"); } break; case 'L': options |= F_NOLOOP; loop = 0; break; case 'l': ltmp = strtonum(optarg, 0, INT_MAX, &errstr); if (errstr != NULL) errx(EX_USAGE, "invalid preload value: `%s'", optarg); if (uid) { errno = EPERM; err(EX_NOPERM, "-l flag"); } preload = (int)ltmp; break; case 'M': switch(optarg[0]) { case 'M': case 'm': options |= F_MASK; break; case 'T': case 't': options |= F_TIME; break; default: errx(EX_USAGE, "invalid message: `%c'", optarg[0]); break; } break; case 'm': /* TTL */ ltmp = strtonum(optarg, 0, MAXTTL, &errstr); if (errstr != NULL) errx(EX_USAGE, "invalid TTL: `%s'", optarg); ttl = (int)ltmp; options |= F_TTL; break; case 'n': options &= ~F_HOSTNAME; break; case 'o': options |= F_ONCE; break; #ifdef IPSEC #ifdef IPSEC_POLICY_IPSEC case 'P': options |= F_POLICY; if (!strncmp("in", optarg, 2)) policy_in = strdup(optarg); else if (!strncmp("out", optarg, 3)) policy_out = strdup(optarg); else errx(1, "invalid security policy"); break; #endif /*IPSEC_POLICY_IPSEC*/ #endif /*IPSEC*/ case 'p': /* fill buffer with user pattern */ options |= F_PINGFILLED; payload = optarg; break; case 'Q': options |= F_QUIET2; break; case 'q': options |= F_QUIET; break; case 'R': options |= F_RROUTE; break; case 'r': options |= F_SO_DONTROUTE; break; case 'S': source = optarg; break; case 's': /* size of packet to send */ ltmp = strtonum(optarg, 0, INT_MAX, &errstr); if (errstr != NULL) errx(EX_USAGE, "invalid packet size: `%s'", optarg); datalen = (int)ltmp; if (uid != 0 && datalen > DEFDATALEN) { errno = EPERM; err(EX_NOPERM, "packet size too large: %d > %u", datalen, DEFDATALEN); } break; case 'T': /* multicast TTL */ ltmp = strtonum(optarg, 0, MAXTTL, &errstr); if (errstr != NULL) errx(EX_USAGE, "invalid multicast TTL: `%s'", optarg); mttl = (unsigned char)ltmp; options |= F_MTTL; break; case 't': alarmtimeout = strtoul(optarg, &ep, 0); if ((alarmtimeout < 1) || (alarmtimeout == ULONG_MAX)) errx(EX_USAGE, "invalid timeout: `%s'", optarg); if (alarmtimeout > MAXALARM) errx(EX_USAGE, "invalid timeout: `%s' > %d", optarg, MAXALARM); { struct itimerval itv; timerclear(&itv.it_interval); timerclear(&itv.it_value); itv.it_value.tv_sec = (time_t)alarmtimeout; if (setitimer(ITIMER_REAL, &itv, NULL) != 0) err(1, "setitimer"); } break; case 'v': options |= F_VERBOSE; break; case 'W': /* wait ms for answer */ t = strtod(optarg, &ep); if (*ep || ep == optarg || t > (double)INT_MAX) errx(EX_USAGE, "invalid timing interval: `%s'", optarg); options |= F_WAITTIME; waittime = (int)t; break; case 'z': options |= F_HDRINCL; ltmp = strtol(optarg, &ep, 0); if (*ep || ep == optarg || ltmp > MAXTOS || ltmp < 0) errx(EX_USAGE, "invalid TOS: `%s'", optarg); tos = ltmp; break; default: usage(); } } if (argc - optind != 1) usage(); target = argv[optind]; switch (options & (F_MASK|F_TIME)) { case 0: break; case F_MASK: icmp_type = ICMP_MASKREQ; icmp_type_rsp = ICMP_MASKREPLY; phdr_len = MASK_LEN; if (!(options & F_QUIET)) (void)printf("ICMP_MASKREQ\n"); break; case F_TIME: icmp_type = ICMP_TSTAMP; icmp_type_rsp = ICMP_TSTAMPREPLY; phdr_len = TS_LEN; if (!(options & F_QUIET)) (void)printf("ICMP_TSTAMP\n"); break; default: errx(EX_USAGE, "ICMP_TSTAMP and ICMP_MASKREQ are exclusive."); break; } icmp_len = sizeof(struct ip) + ICMP_MINLEN + phdr_len; if (options & F_RROUTE) icmp_len += MAX_IPOPTLEN; maxpayload = IP_MAXPACKET - icmp_len; if (datalen > maxpayload) errx(EX_USAGE, "packet size too large: %d > %d", datalen, maxpayload); send_len = icmp_len + datalen; datap = &outpack[ICMP_MINLEN + phdr_len + TIMEVAL_LEN]; if (options & F_PINGFILLED) { fill((char *)datap, payload); } capdns = capdns_setup(); if (source) { bzero((char *)&sock_in, sizeof(sock_in)); sock_in.sin_family = AF_INET; if (inet_aton(source, &sock_in.sin_addr) != 0) { shostname = source; } else { hp = cap_gethostbyname2(capdns, source, AF_INET); if (!hp) errx(EX_NOHOST, "cannot resolve %s: %s", source, hstrerror(h_errno)); sock_in.sin_len = sizeof sock_in; if ((unsigned)hp->h_length > sizeof(sock_in.sin_addr) || hp->h_length < 0) errx(1, "gethostbyname2: illegal address"); memcpy(&sock_in.sin_addr, hp->h_addr_list[0], sizeof(sock_in.sin_addr)); (void)strncpy(snamebuf, hp->h_name, sizeof(snamebuf) - 1); snamebuf[sizeof(snamebuf) - 1] = '\0'; shostname = snamebuf; } if (bind(ssend, (struct sockaddr *)&sock_in, sizeof sock_in) == -1) err(1, "bind"); } bzero(&whereto, sizeof(whereto)); to = &whereto; to->sin_family = AF_INET; to->sin_len = sizeof *to; if (inet_aton(target, &to->sin_addr) != 0) { hostname = target; } else { hp = cap_gethostbyname2(capdns, target, AF_INET); if (!hp) errx(EX_NOHOST, "cannot resolve %s: %s", target, hstrerror(h_errno)); if ((unsigned)hp->h_length > sizeof(to->sin_addr)) errx(1, "gethostbyname2 returned an illegal address"); memcpy(&to->sin_addr, hp->h_addr_list[0], sizeof to->sin_addr); (void)strncpy(hnamebuf, hp->h_name, sizeof(hnamebuf) - 1); hnamebuf[sizeof(hnamebuf) - 1] = '\0'; hostname = hnamebuf; } /* From now on we will use only reverse DNS lookups. */ #ifdef WITH_CASPER if (capdns != NULL) { const char *types[1]; types[0] = "ADDR2NAME"; if (cap_dns_type_limit(capdns, types, 1) < 0) err(1, "unable to limit access to system.dns service"); } #endif if (connect(ssend, (struct sockaddr *)&whereto, sizeof(whereto)) != 0) err(1, "connect"); if (options & F_FLOOD && options & F_INTERVAL) errx(EX_USAGE, "-f and -i: incompatible options"); if (options & F_FLOOD && IN_MULTICAST(ntohl(to->sin_addr.s_addr))) errx(EX_USAGE, "-f flag cannot be used with multicast destination"); if (options & (F_MIF | F_NOLOOP | F_MTTL) && !IN_MULTICAST(ntohl(to->sin_addr.s_addr))) errx(EX_USAGE, "-I, -L, -T flags cannot be used with unicast destination"); if (datalen >= TIMEVAL_LEN) /* can we time transfer */ timing = 1; if ((options & (F_PINGFILLED | F_SWEEP)) == 0) for (i = TIMEVAL_LEN; i < datalen; ++i) *datap++ = i; ident = getpid() & 0xFFFF; hold = 1; if (options & F_SO_DEBUG) { (void)setsockopt(ssend, SOL_SOCKET, SO_DEBUG, (char *)&hold, sizeof(hold)); (void)setsockopt(srecv, SOL_SOCKET, SO_DEBUG, (char *)&hold, sizeof(hold)); } if (options & F_SO_DONTROUTE) (void)setsockopt(ssend, SOL_SOCKET, SO_DONTROUTE, (char *)&hold, sizeof(hold)); if (options & F_IP_VLAN_PCP) { (void)setsockopt(ssend, IPPROTO_IP, IP_VLAN_PCP, (char *)&pcp, sizeof(pcp)); } #ifdef IPSEC #ifdef IPSEC_POLICY_IPSEC if (options & F_POLICY) { char *buf; if (policy_in != NULL) { buf = ipsec_set_policy(policy_in, strlen(policy_in)); if (buf == NULL) errx(EX_CONFIG, "%s", ipsec_strerror()); if (setsockopt(srecv, IPPROTO_IP, IP_IPSEC_POLICY, buf, ipsec_get_policylen(buf)) < 0) err(EX_CONFIG, "ipsec policy cannot be configured"); free(buf); } if (policy_out != NULL) { buf = ipsec_set_policy(policy_out, strlen(policy_out)); if (buf == NULL) errx(EX_CONFIG, "%s", ipsec_strerror()); if (setsockopt(ssend, IPPROTO_IP, IP_IPSEC_POLICY, buf, ipsec_get_policylen(buf)) < 0) err(EX_CONFIG, "ipsec policy cannot be configured"); free(buf); } } #endif /*IPSEC_POLICY_IPSEC*/ #endif /*IPSEC*/ if (options & F_HDRINCL) { struct ip ip; memcpy(&ip, outpackhdr, sizeof(ip)); if (!(options & (F_TTL | F_MTTL))) { mib[0] = CTL_NET; mib[1] = PF_INET; mib[2] = IPPROTO_IP; mib[3] = IPCTL_DEFTTL; sz = sizeof(ttl); if (sysctl(mib, 4, &ttl, &sz, NULL, 0) == -1) err(1, "sysctl(net.inet.ip.ttl)"); } setsockopt(ssend, IPPROTO_IP, IP_HDRINCL, &hold, sizeof(hold)); ip.ip_v = IPVERSION; ip.ip_hl = sizeof(struct ip) >> 2; ip.ip_tos = tos; ip.ip_id = 0; ip.ip_off = htons(df ? IP_DF : 0); ip.ip_ttl = ttl; ip.ip_p = IPPROTO_ICMP; ip.ip_src.s_addr = source ? sock_in.sin_addr.s_addr : INADDR_ANY; ip.ip_dst = to->sin_addr; memcpy(outpackhdr, &ip, sizeof(ip)); } /* * Here we enter capability mode. Further down access to global * namespaces (e.g filesystem) is restricted (see capsicum(4)). * We must connect(2) our socket before this point. */ caph_cache_catpages(); if (caph_enter_casper() < 0) err(1, "caph_enter_casper"); cap_rights_init(&rights, CAP_RECV, CAP_EVENT, CAP_SETSOCKOPT); if (caph_rights_limit(srecv, &rights) < 0) err(1, "cap_rights_limit srecv"); cap_rights_init(&rights, CAP_SEND, CAP_SETSOCKOPT); if (caph_rights_limit(ssend, &rights) < 0) err(1, "cap_rights_limit ssend"); /* record route option */ if (options & F_RROUTE) { #ifdef IP_OPTIONS bzero(rspace, sizeof(rspace)); rspace[IPOPT_OPTVAL] = IPOPT_RR; rspace[IPOPT_OLEN] = sizeof(rspace) - 1; rspace[IPOPT_OFFSET] = IPOPT_MINOFF; rspace[sizeof(rspace) - 1] = IPOPT_EOL; if (setsockopt(ssend, IPPROTO_IP, IP_OPTIONS, rspace, sizeof(rspace)) < 0) err(EX_OSERR, "setsockopt IP_OPTIONS"); #else errx(EX_UNAVAILABLE, "record route not available in this implementation"); #endif /* IP_OPTIONS */ } if (options & F_TTL) { if (setsockopt(ssend, IPPROTO_IP, IP_TTL, &ttl, sizeof(ttl)) < 0) { err(EX_OSERR, "setsockopt IP_TTL"); } } if (options & F_NOLOOP) { if (setsockopt(ssend, IPPROTO_IP, IP_MULTICAST_LOOP, &loop, sizeof(loop)) < 0) { err(EX_OSERR, "setsockopt IP_MULTICAST_LOOP"); } } if (options & F_MTTL) { if (setsockopt(ssend, IPPROTO_IP, IP_MULTICAST_TTL, &mttl, sizeof(mttl)) < 0) { err(EX_OSERR, "setsockopt IP_MULTICAST_TTL"); } } if (options & F_MIF) { if (setsockopt(ssend, IPPROTO_IP, IP_MULTICAST_IF, &ifaddr, sizeof(ifaddr)) < 0) { err(EX_OSERR, "setsockopt IP_MULTICAST_IF"); } } #ifdef SO_TIMESTAMP { int on = 1; int ts_clock = SO_TS_MONOTONIC; if (setsockopt(srecv, SOL_SOCKET, SO_TIMESTAMP, &on, sizeof(on)) < 0) err(EX_OSERR, "setsockopt SO_TIMESTAMP"); if (setsockopt(srecv, SOL_SOCKET, SO_TS_CLOCK, &ts_clock, sizeof(ts_clock)) < 0) err(EX_OSERR, "setsockopt SO_TS_CLOCK"); } #endif if (sweepmax) { if (sweepmin > sweepmax) errx(EX_USAGE, "Maximum packet size must be no less than the minimum packet size"); if (sweepmax > maxpayload - TIMEVAL_LEN) errx(EX_USAGE, "Invalid sweep maximum"); if (datalen != DEFDATALEN) errx(EX_USAGE, "Packet size and ping sweep are mutually exclusive"); if (npackets > 0) { snpackets = npackets; npackets = 0; } else snpackets = 1; datalen = sweepmin; send_len = icmp_len + sweepmin; } if (options & F_SWEEP && !sweepmax) errx(EX_USAGE, "Maximum sweep size must be specified"); /* * When pinging the broadcast address, you can get a lot of answers. * Doing something so evil is useful if you are trying to stress the * ethernet, or just want to fill the arp cache to get some stuff for * /etc/ethers. But beware: RFC 1122 allows hosts to ignore broadcast * or multicast pings if they wish. */ /* * XXX receive buffer needs undetermined space for mbuf overhead * as well. */ hold = IP_MAXPACKET + 128; (void)setsockopt(srecv, SOL_SOCKET, SO_RCVBUF, (char *)&hold, sizeof(hold)); /* CAP_SETSOCKOPT removed */ cap_rights_init(&rights, CAP_RECV, CAP_EVENT); if (caph_rights_limit(srecv, &rights) < 0) err(1, "cap_rights_limit srecv setsockopt"); if (uid == 0) (void)setsockopt(ssend, SOL_SOCKET, SO_SNDBUF, (char *)&hold, sizeof(hold)); /* CAP_SETSOCKOPT removed */ cap_rights_init(&rights, CAP_SEND); if (caph_rights_limit(ssend, &rights) < 0) err(1, "cap_rights_limit ssend setsockopt"); if (to->sin_family == AF_INET) { (void)printf("PING %s (%s)", hostname, inet_ntoa(to->sin_addr)); if (source) (void)printf(" from %s", shostname); if (sweepmax) (void)printf(": (%d ... %d) data bytes\n", sweepmin, sweepmax); else (void)printf(": %d data bytes\n", datalen); } else { if (sweepmax) (void)printf("PING %s: (%d ... %d) data bytes\n", hostname, sweepmin, sweepmax); else (void)printf("PING %s: %d data bytes\n", hostname, datalen); } /* * Use sigaction() instead of signal() to get unambiguous semantics, * in particular with SA_RESTART not set. */ sigemptyset(&si_sa.sa_mask); si_sa.sa_flags = 0; si_sa.sa_handler = onsignal; if (sigaction(SIGINT, &si_sa, 0) == -1) err(EX_OSERR, "sigaction SIGINT"); seenint = 0; if (sigaction(SIGINFO, &si_sa, 0) == -1) err(EX_OSERR, "sigaction SIGINFO"); seeninfo = 0; if (alarmtimeout > 0) { if (sigaction(SIGALRM, &si_sa, 0) == -1) err(EX_OSERR, "sigaction SIGALRM"); } bzero(&msg, sizeof(msg)); msg.msg_name = (caddr_t)&from; msg.msg_iov = &iov; msg.msg_iovlen = 1; #ifdef SO_TIMESTAMP msg.msg_control = (caddr_t)ctrl; msg.msg_controllen = sizeof(ctrl); #endif iov.iov_base = packet; iov.iov_len = IP_MAXPACKET; if (preload == 0) pinger(); /* send the first ping */ else { if (npackets != 0 && preload > npackets) preload = npackets; while (preload--) /* fire off them quickies */ pinger(); } (void)clock_gettime(CLOCK_MONOTONIC, &last); if (options & F_FLOOD) { intvl.tv_sec = 0; intvl.tv_nsec = 10000000; } else { intvl.tv_sec = interval / 1000; intvl.tv_nsec = interval % 1000 * 1000000; } almost_done = 0; while (seenint == 0) { struct timespec now, timeout; fd_set rfds; int n; ssize_t cc; /* signal handling */ if (seeninfo) { pr_summary(stderr); seeninfo = 0; continue; } if ((unsigned)srecv >= FD_SETSIZE) errx(EX_OSERR, "descriptor too large"); FD_ZERO(&rfds); FD_SET(srecv, &rfds); (void)clock_gettime(CLOCK_MONOTONIC, &now); timespecadd(&last, &intvl, &timeout); timespecsub(&timeout, &now, &timeout); if (timeout.tv_sec < 0) timespecclear(&timeout); n = pselect(srecv + 1, &rfds, NULL, NULL, &timeout, NULL); if (n < 0) continue; /* EINTR */ if (n == 1) { struct timespec *tv = NULL; #ifdef SO_TIMESTAMP struct cmsghdr *cmsg = CMSG_FIRSTHDR(&msg); #endif msg.msg_namelen = sizeof(from); if ((cc = recvmsg(srecv, &msg, 0)) < 0) { if (errno == EINTR) continue; warn("recvmsg"); continue; } /* If we have a 0 byte read from recvfrom continue */ if (cc == 0) continue; #ifdef SO_TIMESTAMP if (cmsg != NULL && cmsg->cmsg_level == SOL_SOCKET && cmsg->cmsg_type == SCM_TIMESTAMP && cmsg->cmsg_len == CMSG_LEN(sizeof *tv)) { /* Copy to avoid alignment problems: */ memcpy(&now, CMSG_DATA(cmsg), sizeof(now)); tv = &now; } #endif if (tv == NULL) { (void)clock_gettime(CLOCK_MONOTONIC, &now); tv = &now; } pr_pack((char *)packet, cc, &from, tv); if ((options & F_ONCE && nreceived) || (npackets && nreceived >= npackets)) break; } if (n == 0 || (options & F_FLOOD)) { if (sweepmax && sntransmitted == snpackets) { if (datalen + sweepincr > sweepmax) break; for (i = 0; i < sweepincr; i++) *datap++ = i; datalen += sweepincr; send_len = icmp_len + datalen; sntransmitted = 0; } if (!npackets || ntransmitted < npackets) pinger(); else { if (almost_done) break; almost_done = 1; /* * If we're not transmitting any more packets, * change the timer to wait two round-trip times * if we've received any packets or (waittime) * milliseconds if we haven't. */ intvl.tv_nsec = 0; if (nreceived) { intvl.tv_sec = 2 * tmax / 1000; if (intvl.tv_sec == 0) intvl.tv_sec = 1; } else { intvl.tv_sec = waittime / 1000; intvl.tv_nsec = waittime % 1000 * 1000000; } } (void)clock_gettime(CLOCK_MONOTONIC, &last); if (ntransmitted - nreceived - 1 > nmissedmax) { nmissedmax = ntransmitted - nreceived - 1; if (options & F_MISSED) (void)write(STDOUT_FILENO, &BBELL, 1); } } } pr_summary(stdout); exit(nreceived ? 0 : 2); } /* * pinger -- * Compose and transmit an ICMP ECHO REQUEST packet. The IP packet * will be added on by the kernel. The ID field is our UNIX process ID, * and the sequence number is an ascending integer. The first TIMEVAL_LEN * bytes of the data portion are used to hold a UNIX "timespec" struct in * host byte-order, to compute the round-trip time. */ static void pinger(void) { struct timespec now; struct tv32 tv32; struct icmp icp; int cc, i; u_char *packet; packet = outpack; memcpy(&icp, outpack, ICMP_MINLEN + phdr_len); icp.icmp_type = icmp_type; icp.icmp_code = 0; icp.icmp_cksum = 0; icp.icmp_seq = htons(ntransmitted); icp.icmp_id = ident; /* ID */ CLR(ntransmitted % mx_dup_ck); if ((options & F_TIME) || timing) { (void)clock_gettime(CLOCK_MONOTONIC, &now); /* * Truncate seconds down to 32 bits in order * to fit the timestamp within 8 bytes of the * packet. We're only concerned with * durations, not absolute times. */ tv32.tv32_sec = (uint32_t)htonl(now.tv_sec); tv32.tv32_nsec = (uint32_t)htonl(now.tv_nsec); if (options & F_TIME) icp.icmp_otime = htonl((now.tv_sec % (24*60*60)) * 1000 + now.tv_nsec / 1000000); if (timing) bcopy((void *)&tv32, (void *)&outpack[ICMP_MINLEN + phdr_len], sizeof(tv32)); } memcpy(outpack, &icp, ICMP_MINLEN + phdr_len); cc = ICMP_MINLEN + phdr_len + datalen; /* compute ICMP checksum here */ icp.icmp_cksum = in_cksum(outpack, cc); /* Update icmp_cksum in the raw packet data buffer. */ memcpy(outpack + offsetof(struct icmp, icmp_cksum), &icp.icmp_cksum, sizeof(icp.icmp_cksum)); if (options & F_HDRINCL) { struct ip ip; cc += sizeof(struct ip); ip.ip_len = htons(cc); /* Update ip_len in the raw packet data buffer. */ memcpy(outpackhdr + offsetof(struct ip, ip_len), &ip.ip_len, sizeof(ip.ip_len)); ip.ip_sum = in_cksum(outpackhdr, cc); /* Update ip_sum in the raw packet data buffer. */ memcpy(outpackhdr + offsetof(struct ip, ip_sum), &ip.ip_sum, sizeof(ip.ip_sum)); packet = outpackhdr; } i = send(ssend, (char *)packet, cc, 0); if (i < 0 || i != cc) { if (i < 0) { if (options & F_FLOOD && errno == ENOBUFS) { usleep(FLOOD_BACKOFF); return; } warn("sendto"); } else { warn("%s: partial write: %d of %d bytes", hostname, i, cc); } } ntransmitted++; sntransmitted++; if (!(options & F_QUIET) && options & F_DOT) (void)write(STDOUT_FILENO, &DOT[DOTidx++ % DOTlen], 1); } /* * pr_pack -- * Print out the packet, if it came from us. This logic is necessary * because ALL readers of the ICMP socket get a copy of ALL ICMP packets * which arrive ('tis only fair). This permits multiple copies of this * program to be run without having intermingled output (or statistics!). */ static void pr_pack(char *buf, ssize_t cc, struct sockaddr_in *from, struct timespec *tv) { struct in_addr ina; u_char *cp, *dp, l; struct icmp icp; struct ip ip; const u_char *icmp_data_raw; ssize_t icmp_data_raw_len; double triptime; int dupflag, i, j, recv_len; int8_t hlen; uint16_t seq; static int old_rrlen; static char old_rr[MAX_IPOPTLEN]; struct ip oip; u_char oip_header_len; struct icmp oicmp; const u_char *oicmp_raw; /* * Get size of IP header of the received packet. * The header length is contained in the lower four bits of the first * byte and represents the number of 4 byte octets the header takes up. * * The IHL minimum value is 5 (20 bytes) and its maximum value is 15 * (60 bytes). */ memcpy(&l, buf, sizeof(l)); hlen = (l & 0x0f) << 2; /* Reject IP packets with a short header */ if (hlen < (int8_t) sizeof(struct ip)) { if (options & F_VERBOSE) warn("IHL too short (%d bytes) from %s", hlen, inet_ntoa(from->sin_addr)); return; } memcpy(&ip, buf, sizeof(struct ip)); /* Check packet has enough data to carry a valid ICMP header */ recv_len = cc; if (cc < hlen + ICMP_MINLEN) { if (options & F_VERBOSE) warn("packet too short (%zd bytes) from %s", cc, inet_ntoa(from->sin_addr)); return; } icmp_data_raw_len = cc - (hlen + offsetof(struct icmp, icmp_data)); icmp_data_raw = buf + hlen + offsetof(struct icmp, icmp_data); /* Now the ICMP part */ cc -= hlen; memcpy(&icp, buf + hlen, MIN((ssize_t)sizeof(icp), cc)); if (icp.icmp_type == icmp_type_rsp) { if (icp.icmp_id != ident) return; /* 'Twas not our ECHO */ ++nreceived; triptime = 0.0; if (timing) { struct timespec tv1; struct tv32 tv32; const u_char *tp; tp = icmp_data_raw + phdr_len; if ((size_t)(cc - ICMP_MINLEN - phdr_len) >= sizeof(tv1)) { /* Copy to avoid alignment problems: */ memcpy(&tv32, tp, sizeof(tv32)); tv1.tv_sec = ntohl(tv32.tv32_sec); tv1.tv_nsec = ntohl(tv32.tv32_nsec); timespecsub(tv, &tv1, tv); triptime = ((double)tv->tv_sec) * 1000.0 + ((double)tv->tv_nsec) / 1000000.0; if (triptime < 0) { warnx("time of day goes back (%.3f ms)," " clamping time to 0", triptime); triptime = 0; } tsum += triptime; tsumsq += triptime * triptime; if (triptime < tmin) tmin = triptime; if (triptime > tmax) tmax = triptime; } else timing = 0; } seq = ntohs(icp.icmp_seq); if (TST(seq % mx_dup_ck)) { ++nrepeats; --nreceived; dupflag = 1; } else { SET(seq % mx_dup_ck); dupflag = 0; } if (options & F_QUIET) return; if (options & F_WAITTIME && triptime > waittime) { ++nrcvtimeout; return; } if (options & F_DOT) (void)write(STDOUT_FILENO, &BSPACE, 1); else { (void)printf("%zd bytes from %s: icmp_seq=%u", cc, pr_addr(from->sin_addr), seq); (void)printf(" ttl=%d", ip.ip_ttl); if (timing) (void)printf(" time=%.3f ms", triptime); if (dupflag) (void)printf(" (DUP!)"); if (options & F_AUDIBLE) (void)write(STDOUT_FILENO, &BBELL, 1); if (options & F_MASK) { /* Just prentend this cast isn't ugly */ (void)printf(" mask=%s", inet_ntoa(*(struct in_addr *)&(icp.icmp_mask))); } if (options & F_TIME) { (void)printf(" tso=%s", pr_ntime(icp.icmp_otime)); (void)printf(" tsr=%s", pr_ntime(icp.icmp_rtime)); (void)printf(" tst=%s", pr_ntime(icp.icmp_ttime)); } if (recv_len != send_len) { (void)printf( "\nwrong total length %d instead of %d", recv_len, send_len); } /* check the data */ cp = (u_char*)(buf + hlen + offsetof(struct icmp, icmp_data) + phdr_len); dp = &outpack[ICMP_MINLEN + phdr_len]; cc -= ICMP_MINLEN + phdr_len; i = 0; if (timing) { /* don't check variable timestamp */ cp += TIMEVAL_LEN; dp += TIMEVAL_LEN; cc -= TIMEVAL_LEN; i += TIMEVAL_LEN; } for (; i < datalen && cc > 0; ++i, ++cp, ++dp, --cc) { if (*cp != *dp) { (void)printf("\nwrong data byte #%d should be 0x%x but was 0x%x", i, *dp, *cp); (void)printf("\ncp:"); cp = (u_char*)(buf + hlen + offsetof(struct icmp, icmp_data)); for (i = 0; i < datalen; ++i, ++cp) { if ((i % 16) == 8) (void)printf("\n\t"); (void)printf(" %2x", *cp); } (void)printf("\ndp:"); cp = &outpack[ICMP_MINLEN]; for (i = 0; i < datalen; ++i, ++cp) { if ((i % 16) == 8) (void)printf("\n\t"); (void)printf(" %2x", *cp); } break; } } } } else { /* * We've got something other than an ECHOREPLY. * See if it's a reply to something that we sent. * We can compare IP destination, protocol, * and ICMP type and ID. * * Only print all the error messages if we are running * as root to avoid leaking information not normally * available to those not running as root. */ /* * If we don't have enough bytes for a quoted IP header and an * ICMP header then stop. */ if (icmp_data_raw_len < (ssize_t)(sizeof(struct ip) + sizeof(struct icmp))) { if (options & F_VERBOSE) warnx("quoted data too short (%zd bytes) from %s", icmp_data_raw_len, inet_ntoa(from->sin_addr)); return; } memcpy(&oip_header_len, icmp_data_raw, sizeof(oip_header_len)); oip_header_len = (oip_header_len & 0x0f) << 2; /* Reject IP packets with a short header */ if (oip_header_len < sizeof(struct ip)) { if (options & F_VERBOSE) warnx("inner IHL too short (%d bytes) from %s", oip_header_len, inet_ntoa(from->sin_addr)); return; } /* * Check against the actual IHL length, to protect against * quoated packets carrying IP options. */ if (icmp_data_raw_len < (ssize_t)(oip_header_len + sizeof(struct icmp))) { if (options & F_VERBOSE) warnx("inner packet too short (%zd bytes) from %s", icmp_data_raw_len, inet_ntoa(from->sin_addr)); return; } memcpy(&oip, icmp_data_raw, sizeof(struct ip)); oicmp_raw = icmp_data_raw + oip_header_len; memcpy(&oicmp, oicmp_raw, sizeof(struct icmp)); if (((options & F_VERBOSE) && uid == 0) || (!(options & F_QUIET2) && (oip.ip_dst.s_addr == whereto.sin_addr.s_addr) && (oip.ip_p == IPPROTO_ICMP) && (oicmp.icmp_type == ICMP_ECHO) && (oicmp.icmp_id == ident))) { (void)printf("%zd bytes from %s: ", cc, pr_addr(from->sin_addr)); pr_icmph(&icp, &oip, icmp_data_raw); } else return; } /* Display any IP options */ cp = (u_char *)buf + sizeof(struct ip); for (; hlen > (int)sizeof(struct ip); --hlen, ++cp) switch (*cp) { case IPOPT_EOL: hlen = 0; break; case IPOPT_LSRR: case IPOPT_SSRR: (void)printf(*cp == IPOPT_LSRR ? "\nLSRR: " : "\nSSRR: "); j = cp[IPOPT_OLEN] - IPOPT_MINOFF + 1; hlen -= 2; cp += 2; if (j >= INADDR_LEN && j <= hlen - (int)sizeof(struct ip)) { for (;;) { bcopy(++cp, &ina.s_addr, INADDR_LEN); if (ina.s_addr == 0) (void)printf("\t0.0.0.0"); else (void)printf("\t%s", pr_addr(ina)); hlen -= INADDR_LEN; cp += INADDR_LEN - 1; j -= INADDR_LEN; if (j < INADDR_LEN) break; (void)putchar('\n'); } } else (void)printf("\t(truncated route)"); break; case IPOPT_RR: j = cp[IPOPT_OLEN]; /* get length */ i = cp[IPOPT_OFFSET]; /* and pointer */ hlen -= 2; cp += 2; if (i > j) i = j; i = i - IPOPT_MINOFF + 1; if (i < 0 || i > (hlen - (int)sizeof(struct ip))) { old_rrlen = 0; continue; } if (i == old_rrlen && !bcmp((char *)cp, old_rr, i) && !(options & F_DOT)) { (void)printf("\t(same route)"); hlen -= i; cp += i; break; } old_rrlen = i; bcopy((char *)cp, old_rr, i); (void)printf("\nRR: "); if (i >= INADDR_LEN && i <= hlen - (int)sizeof(struct ip)) { for (;;) { bcopy(++cp, &ina.s_addr, INADDR_LEN); if (ina.s_addr == 0) (void)printf("\t0.0.0.0"); else (void)printf("\t%s", pr_addr(ina)); hlen -= INADDR_LEN; cp += INADDR_LEN - 1; i -= INADDR_LEN; if (i < INADDR_LEN) break; (void)putchar('\n'); } } else (void)printf("\t(truncated route)"); break; case IPOPT_NOP: (void)printf("\nNOP"); break; default: (void)printf("\nunknown option %x", *cp); break; } if (!(options & F_DOT)) { (void)putchar('\n'); (void)fflush(stdout); } } /* * pr_icmph -- * Print a descriptive string about an ICMP header. */ static void pr_icmph(struct icmp *icp, struct ip *oip, const u_char *const oicmp_raw) { switch(icp->icmp_type) { case ICMP_ECHOREPLY: (void)printf("Echo Reply\n"); /* XXX ID + Seq + Data */ break; case ICMP_UNREACH: switch(icp->icmp_code) { case ICMP_UNREACH_NET: (void)printf("Destination Net Unreachable\n"); break; case ICMP_UNREACH_HOST: (void)printf("Destination Host Unreachable\n"); break; case ICMP_UNREACH_PROTOCOL: (void)printf("Destination Protocol Unreachable\n"); break; case ICMP_UNREACH_PORT: (void)printf("Destination Port Unreachable\n"); break; case ICMP_UNREACH_NEEDFRAG: (void)printf("frag needed and DF set (MTU %d)\n", ntohs(icp->icmp_nextmtu)); break; case ICMP_UNREACH_SRCFAIL: (void)printf("Source Route Failed\n"); break; case ICMP_UNREACH_FILTER_PROHIB: (void)printf("Communication prohibited by filter\n"); break; default: (void)printf("Dest Unreachable, Bad Code: %d\n", icp->icmp_code); break; } /* Print returned IP header information */ pr_iph(oip, oicmp_raw); break; case ICMP_SOURCEQUENCH: (void)printf("Source Quench\n"); pr_iph(oip, oicmp_raw); break; case ICMP_REDIRECT: switch(icp->icmp_code) { case ICMP_REDIRECT_NET: (void)printf("Redirect Network"); break; case ICMP_REDIRECT_HOST: (void)printf("Redirect Host"); break; case ICMP_REDIRECT_TOSNET: (void)printf("Redirect Type of Service and Network"); break; case ICMP_REDIRECT_TOSHOST: (void)printf("Redirect Type of Service and Host"); break; default: (void)printf("Redirect, Bad Code: %d", icp->icmp_code); break; } (void)printf("(New addr: %s)\n", inet_ntoa(icp->icmp_gwaddr)); pr_iph(oip, oicmp_raw); break; case ICMP_ECHO: (void)printf("Echo Request\n"); /* XXX ID + Seq + Data */ break; case ICMP_TIMXCEED: switch(icp->icmp_code) { case ICMP_TIMXCEED_INTRANS: (void)printf("Time to live exceeded\n"); break; case ICMP_TIMXCEED_REASS: (void)printf("Frag reassembly time exceeded\n"); break; default: (void)printf("Time exceeded, Bad Code: %d\n", icp->icmp_code); break; } pr_iph(oip, oicmp_raw); break; case ICMP_PARAMPROB: (void)printf("Parameter problem: pointer = 0x%02x\n", icp->icmp_hun.ih_pptr); pr_iph(oip, oicmp_raw); break; case ICMP_TSTAMP: (void)printf("Timestamp\n"); /* XXX ID + Seq + 3 timestamps */ break; case ICMP_TSTAMPREPLY: (void)printf("Timestamp Reply\n"); /* XXX ID + Seq + 3 timestamps */ break; case ICMP_IREQ: (void)printf("Information Request\n"); /* XXX ID + Seq */ break; case ICMP_IREQREPLY: (void)printf("Information Reply\n"); /* XXX ID + Seq */ break; case ICMP_MASKREQ: (void)printf("Address Mask Request\n"); break; case ICMP_MASKREPLY: (void)printf("Address Mask Reply\n"); break; case ICMP_ROUTERADVERT: (void)printf("Router Advertisement\n"); break; case ICMP_ROUTERSOLICIT: (void)printf("Router Solicitation\n"); break; default: (void)printf("Bad ICMP type: %d\n", icp->icmp_type); } } /* * pr_iph -- * Print an IP header with options. */ static void pr_iph(struct ip *ip, const u_char *cp) { struct in_addr dst_ina, src_ina; int hlen; hlen = ip->ip_hl << 2; cp = cp + sizeof(struct ip); /* point to options */ memcpy(&src_ina, &ip->ip_src.s_addr, sizeof(src_ina)); memcpy(&dst_ina, &ip->ip_dst.s_addr, sizeof(dst_ina)); (void)printf("Vr HL TOS Len ID Flg off TTL Pro cks %*s %*s", (int)strlen(inet_ntoa(src_ina)), "Src", (int)strlen(inet_ntoa(dst_ina)), "Dst"); if (hlen > (int)sizeof(struct ip)) (void)printf(" Opts"); (void)putchar('\n'); (void)printf(" %1x %1x %02x %04x %04x", ip->ip_v, ip->ip_hl, ip->ip_tos, ntohs(ip->ip_len), ntohs(ip->ip_id)); (void)printf(" %1x %04x", (ntohs(ip->ip_off) & 0xe000) >> 13, ntohs(ip->ip_off) & 0x1fff); (void)printf(" %02x %02x %04x", ip->ip_ttl, ip->ip_p, ntohs(ip->ip_sum)); (void)printf(" %s", inet_ntoa(src_ina)); (void)printf(" %s", inet_ntoa(dst_ina)); /* dump any option bytes */ if (hlen > (int)sizeof(struct ip)) { (void)printf(" "); while (hlen-- > (int)sizeof(struct ip)) { (void)printf("%02x", *cp++); } } (void)putchar('\n'); } /* * pr_addr -- * Return an ascii host address as a dotted quad and optionally with * a hostname. */ static char * pr_addr(struct in_addr ina) { struct hostent *hp; static char buf[16 + 3 + MAXHOSTNAMELEN]; if (!(options & F_HOSTNAME)) return inet_ntoa(ina); hp = cap_gethostbyaddr(capdns, (char *)&ina, sizeof(ina), AF_INET); if (hp == NULL) return inet_ntoa(ina); (void)snprintf(buf, sizeof(buf), "%s (%s)", hp->h_name, inet_ntoa(ina)); return(buf); } static char * pr_ntime(n_time timestamp) { static char buf[11]; int hour, min, sec; sec = ntohl(timestamp) / 1000; hour = sec / 60 / 60; min = (sec % (60 * 60)) / 60; sec = (sec % (60 * 60)) % 60; (void)snprintf(buf, sizeof(buf), "%02d:%02d:%02d", hour, min, sec); return (buf); } static void fill(char *bp, char *patp) { char *cp; int pat[16]; u_int ii, jj, kk; for (cp = patp; *cp; cp++) { if (!isxdigit(*cp)) errx(EX_USAGE, "patterns must be specified as hex digits"); } ii = sscanf(patp, "%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x", &pat[0], &pat[1], &pat[2], &pat[3], &pat[4], &pat[5], &pat[6], &pat[7], &pat[8], &pat[9], &pat[10], &pat[11], &pat[12], &pat[13], &pat[14], &pat[15]); if (ii > 0) for (kk = 0; kk <= maxpayload - (TIMEVAL_LEN + ii); kk += ii) for (jj = 0; jj < ii; ++jj) bp[jj + kk] = pat[jj]; if (!(options & F_QUIET)) { (void)printf("PATTERN: 0x"); for (jj = 0; jj < ii; ++jj) (void)printf("%02x", bp[jj] & 0xFF); (void)printf("\n"); } } static cap_channel_t * capdns_setup(void) { cap_channel_t *capcas, *capdnsloc; #ifdef WITH_CASPER const char *types[2]; int families[1]; #endif capcas = cap_init(); if (capcas == NULL) err(1, "unable to create casper process"); capdnsloc = cap_service_open(capcas, "system.dns"); /* Casper capability no longer needed. */ cap_close(capcas); if (capdnsloc == NULL) err(1, "unable to open system.dns service"); #ifdef WITH_CASPER types[0] = "NAME2ADDR"; types[1] = "ADDR2NAME"; if (cap_dns_type_limit(capdnsloc, types, 2) < 0) err(1, "unable to limit access to system.dns service"); families[0] = AF_INET; if (cap_dns_family_limit(capdnsloc, families, 1) < 0) err(1, "unable to limit access to system.dns service"); #endif return (capdnsloc); } diff --git a/sbin/ping/ping6.c b/sbin/ping/ping6.c index 10deb57ad6bc..50254c3eeeb0 100644 --- a/sbin/ping/ping6.c +++ b/sbin/ping/ping6.c @@ -1,2783 +1,2780 @@ /* $KAME: ping6.c,v 1.169 2003/07/25 06:01:47 itojun Exp $ */ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (C) 1995, 1996, 1997, and 1998 WIDE Project. * All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the project nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE PROJECT AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE PROJECT OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ /* BSDI ping.c,v 2.3 1996/01/21 17:56:50 jch Exp */ /* * Copyright (c) 1989, 1993 * The Regents of the University of California. All rights reserved. * * This code is derived from software contributed to Berkeley by * Mike Muuss. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #if 0 #ifndef lint static const char copyright[] = "@(#) Copyright (c) 1989, 1993\n\ The Regents of the University of California. All rights reserved.\n"; #endif /* not lint */ -#ifndef lint -static char sccsid[] = "@(#)ping.c 8.1 (Berkeley) 6/5/93"; -#endif /* not lint */ #endif #include /* * Using the InterNet Control Message Protocol (ICMP) "ECHO" facility, * measure round-trip-delays and packet loss across network paths. * * Author - * Mike Muuss * U. S. Army Ballistic Research Laboratory * December, 1983 * * Status - * Public Domain. Distribution Unlimited. * Bugs - * More statistics could always be gathered. * This program has to run SUID to ROOT to access the ICMP socket. */ /* * NOTE: * USE_SIN6_SCOPE_ID assumes that sin6_scope_id has the same semantics * as IPV6_PKTINFO. Some people object it (sin6_scope_id specifies *link* * while IPV6_PKTINFO specifies *interface*. Link is defined as collection of * network attached to 1 or more interfaces) */ #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #ifdef IPSEC #include #include #endif #include #include "main.h" #include "ping6.h" struct tv32 { u_int32_t tv32_sec; u_int32_t tv32_nsec; }; #define MAXPACKETLEN 131072 #define IP6LEN 40 #define ICMP6ECHOLEN 8 /* icmp echo header len excluding time */ #define ICMP6ECHOTMLEN sizeof(struct tv32) #define ICMP6_NIQLEN (ICMP6ECHOLEN + 8) # define CONTROLLEN 10240 /* ancillary data buffer size RFC3542 20.1 */ /* FQDN case, 64 bits of nonce + 32 bits ttl */ #define ICMP6_NIRLEN (ICMP6ECHOLEN + 12) #define EXTRA 256 /* for AH and various other headers. weird. */ #define DEFDATALEN ICMP6ECHOTMLEN #define MAXDATALEN MAXPACKETLEN - IP6LEN - ICMP6ECHOLEN #define NROUTES 9 /* number of record route slots */ #define MAXWAIT 10000 /* max ms to wait for response */ #define MAXALARM (60 * 60) /* max seconds for alarm timeout */ #define A(bit) rcvd_tbl[(bit)>>3] /* identify byte in array */ #define B(bit) (1 << ((bit) & 0x07)) /* identify bit in byte */ #define SET(bit) (A(bit) |= B(bit)) #define CLR(bit) (A(bit) &= (~B(bit))) #define TST(bit) (A(bit) & B(bit)) #define F_FLOOD 0x0001 #define F_INTERVAL 0x0002 #define F_PINGFILLED 0x0008 #define F_QUIET 0x0010 #define F_RROUTE 0x0020 #define F_SO_DEBUG 0x0040 #define F_VERBOSE 0x0100 #ifdef IPSEC #ifdef IPSEC_POLICY_IPSEC #define F_POLICY 0x0400 #else #define F_AUTHHDR 0x0200 #define F_ENCRYPT 0x0400 #endif /*IPSEC_POLICY_IPSEC*/ #endif /*IPSEC*/ #define F_NODEADDR 0x0800 #define F_FQDN 0x1000 #define F_INTERFACE 0x2000 #define F_SRCADDR 0x4000 #define F_FQDNOLD 0x20000 #define F_NIGROUP 0x40000 #define F_SUPTYPES 0x80000 #define F_NOMINMTU 0x100000 #define F_ONCE 0x200000 #define F_AUDIBLE 0x400000 #define F_MISSED 0x800000 #define F_DONTFRAG 0x1000000 #define F_NOUSERDATA (F_NODEADDR | F_FQDN | F_FQDNOLD | F_SUPTYPES) #define F_WAITTIME 0x2000000 #define F_DOT 0x4000000 #define IN6LEN sizeof(struct in6_addr) #define SA6LEN sizeof(struct sockaddr_in6) #define DUMMY_PORT 10101 #define SIN6(s) ((struct sockaddr_in6 *)(s)) /* * MAX_DUP_CHK is the number of bits in received table, i.e. the maximum * number of received sequence numbers we can keep track of. Change 128 * to 8192 for complete accuracy... */ #define MAX_DUP_CHK (8 * 8192) static int mx_dup_ck = MAX_DUP_CHK; static char rcvd_tbl[MAX_DUP_CHK / 8]; static struct sockaddr_in6 dst; /* who to ping6 */ static struct sockaddr_in6 src; /* src addr of this packet */ static socklen_t srclen; static size_t datalen = DEFDATALEN; static int ssend; /* send socket file descriptor */ static int srecv; /* receive socket file descriptor */ static u_char outpack[MAXPACKETLEN]; static char BSPACE = '\b'; /* characters written for flood */ static char BBELL = '\a'; /* characters written for AUDIBLE */ static const char *DOT = "."; static size_t DOTlen = 1; static size_t DOTidx = 0; static int ident; /* process id to identify our packets */ static u_int8_t nonce[8]; /* nonce field for node information */ static int hoplimit = -1; /* hoplimit */ static int tclass = -1; /* traffic class */ static int pcp = -2; /* vlan priority code point */ static u_char *packet = NULL; static cap_channel_t *capdns; /* counters */ static long nmissedmax; /* max value of ntransmitted - nreceived - 1 */ static long npackets; /* max packets to transmit */ static long ntransmitfailures; /* number of transmit failures */ static int interval = 1000; /* interval between packets in ms */ static int waittime = MAXWAIT; /* timeout for each packet */ /* for node addresses */ static u_short naflags; /* for ancillary data(advanced API) */ static struct msghdr smsghdr; static struct iovec smsgiov; static char *scmsg = 0; static cap_channel_t *capdns_setup(void); static void fill(char *, char *); static int get_hoplim(struct msghdr *); static int get_pathmtu(struct msghdr *); static struct in6_pktinfo *get_rcvpktinfo(struct msghdr *); static size_t pingerlen(void); static int pinger(void); static const char *pr_addr(struct sockaddr *, int); static void pr_icmph(struct icmp6_hdr *, u_char *); static void pr_iph(struct ip6_hdr *); static void pr_suptypes(struct icmp6_nodeinfo *, size_t); static void pr_nodeaddr(struct icmp6_nodeinfo *, int); static int myechoreply(const struct icmp6_hdr *); static int mynireply(const struct icmp6_nodeinfo *); static const char *dnsdecode(const u_char *, const u_char *, const u_char *, char *, size_t); static void pr_pack(u_char *, int, struct msghdr *); static void pr_exthdrs(struct msghdr *); static void pr_ip6opt(void *, size_t); static void pr_rthdr(void *, size_t); static int pr_bitrange(u_int32_t, int, int); static void pr_retip(struct ip6_hdr *, u_char *); #ifdef IPSEC #ifdef IPSEC_POLICY_IPSEC static int setpolicy(int, char *); #endif #endif static char *nigroup(char *, int); int ping6(int argc, char *argv[]) { struct timespec last, intvl; struct sockaddr_in6 from, *sin6; struct addrinfo hints, *res; struct sigaction si_sa; int cc, i; int almost_done, ch, hold, packlen, preload, optval, error; int nig_oldmcprefix = -1; u_char *datap; char *e, *target, *ifname = NULL, *gateway = NULL; int ip6optlen = 0; struct cmsghdr *scmsgp = NULL; /* For control (ancillary) data received from recvmsg() */ u_char cm[CONTROLLEN]; #if defined(SO_SNDBUF) && defined(SO_RCVBUF) u_long lsockbufsize; int sockbufsize = 0; #endif int usepktinfo = 0; struct in6_pktinfo pktinfo; char *cmsg_pktinfo = NULL; struct ip6_rthdr *rthdr = NULL; #ifdef IPSEC_POLICY_IPSEC char *policy_in = NULL; char *policy_out = NULL; #endif double t; u_long alarmtimeout; size_t rthlen; #ifdef IPV6_USE_MIN_MTU int mflag = 0; #endif cap_rights_t rights_srecv; cap_rights_t rights_ssend; cap_rights_t rights_stdin; /* just to be sure */ memset(&smsghdr, 0, sizeof(smsghdr)); memset(&smsgiov, 0, sizeof(smsgiov)); memset(&pktinfo, 0, sizeof(pktinfo)); intvl.tv_sec = interval / 1000; intvl.tv_nsec = interval % 1000 * 1000000; alarmtimeout = preload = 0; datap = &outpack[ICMP6ECHOLEN + ICMP6ECHOTMLEN]; capdns = capdns_setup(); while ((ch = getopt(argc, argv, PING6OPTS)) != -1) { switch (ch) { case '.': options |= F_DOT; if (optarg != NULL) { DOT = optarg; DOTlen = strlen(optarg); } break; case '6': /* This option is processed in main(). */ break; case 'k': { char *cp; options &= ~F_NOUSERDATA; options |= F_NODEADDR; for (cp = optarg; *cp != '\0'; cp++) { switch (*cp) { case 'a': naflags |= NI_NODEADDR_FLAG_ALL; break; case 'c': case 'C': naflags |= NI_NODEADDR_FLAG_COMPAT; break; case 'l': case 'L': naflags |= NI_NODEADDR_FLAG_LINKLOCAL; break; case 's': case 'S': naflags |= NI_NODEADDR_FLAG_SITELOCAL; break; case 'g': case 'G': naflags |= NI_NODEADDR_FLAG_GLOBAL; break; case 'A': /* experimental. not in the spec */ #ifdef NI_NODEADDR_FLAG_ANYCAST naflags |= NI_NODEADDR_FLAG_ANYCAST; break; #else errx(1, "-a A is not supported on the platform"); /*NOTREACHED*/ #endif default: usage(); /*NOTREACHED*/ } } break; } case 'b': #if defined(SO_SNDBUF) && defined(SO_RCVBUF) errno = 0; e = NULL; lsockbufsize = strtoul(optarg, &e, 10); sockbufsize = (int)lsockbufsize; if (errno || !*optarg || *e || lsockbufsize > INT_MAX) errx(1, "invalid socket buffer size"); #else errx(1, "-b option ignored: SO_SNDBUF/SO_RCVBUF socket options not supported"); #endif break; case 'C': /* vlan priority code point */ pcp = strtol(optarg, &e, 10); if (*optarg == '\0' || *e != '\0') errx(1, "illegal vlan pcp %s", optarg); if (7 < pcp || pcp < -1) errx(1, "illegal vlan pcp -- %s", optarg); break; case 'c': npackets = strtol(optarg, &e, 10); if (npackets <= 0 || *optarg == '\0' || *e != '\0') errx(1, "illegal number of packets -- %s", optarg); break; case 'D': options |= F_DONTFRAG; break; case 'd': options |= F_SO_DEBUG; break; case 'f': if (getuid()) { errno = EPERM; errx(1, "Must be superuser to flood ping"); } options |= F_FLOOD; options |= F_DOT; setbuf(stdout, (char *)NULL); break; case 'e': gateway = optarg; break; case 'H': options |= F_HOSTNAME; break; case 'm': /* hoplimit */ hoplimit = strtol(optarg, &e, 10); if (*optarg == '\0' || *e != '\0') errx(1, "illegal hoplimit %s", optarg); if (255 < hoplimit || hoplimit < -1) errx(1, "illegal hoplimit -- %s", optarg); break; case 'I': ifname = optarg; options |= F_INTERFACE; #ifndef USE_SIN6_SCOPE_ID usepktinfo++; #endif break; case 'i': /* wait between sending packets */ t = strtod(optarg, &e); if (*optarg == '\0' || *e != '\0') errx(1, "illegal timing interval %s", optarg); if (t < 1 && getuid()) { errx(1, "%s: only root may use interval < 1s", strerror(EPERM)); } intvl.tv_sec = (time_t)t; intvl.tv_nsec = (long)((t - intvl.tv_sec) * 1000000000); if (intvl.tv_sec < 0) errx(1, "illegal timing interval %s", optarg); /* less than 1/hz does not make sense */ if (intvl.tv_sec == 0 && intvl.tv_nsec < 1000) { warnx("too small interval, raised to .000001"); intvl.tv_nsec = 1000; } options |= F_INTERVAL; break; case 'l': if (getuid()) { errno = EPERM; errx(1, "Must be superuser to preload"); } preload = strtol(optarg, &e, 10); if (preload < 0 || *optarg == '\0' || *e != '\0') errx(1, "illegal preload value -- %s", optarg); break; case 'u': #ifdef IPV6_USE_MIN_MTU mflag++; break; #else errx(1, "-%c is not supported on this platform", ch); /*NOTREACHED*/ #endif case 'n': options &= ~F_HOSTNAME; break; case 'N': options |= F_NIGROUP; nig_oldmcprefix++; break; case 'o': options |= F_ONCE; break; case 'p': /* fill buffer with user pattern */ options |= F_PINGFILLED; fill((char *)datap, optarg); break; case 'q': options |= F_QUIET; break; case 'a': options |= F_AUDIBLE; break; case 'A': options |= F_MISSED; break; case 'S': memset(&hints, 0, sizeof(struct addrinfo)); hints.ai_flags = AI_NUMERICHOST; /* allow hostname? */ hints.ai_family = AF_INET6; hints.ai_socktype = SOCK_RAW; hints.ai_protocol = IPPROTO_ICMPV6; error = cap_getaddrinfo(capdns, optarg, NULL, &hints, &res); if (error) { errx(1, "invalid source address: %s", gai_strerror(error)); } /* * res->ai_family must be AF_INET6 and res->ai_addrlen * must be sizeof(src). */ memcpy(&src, res->ai_addr, res->ai_addrlen); srclen = res->ai_addrlen; freeaddrinfo(res); options |= F_SRCADDR; break; case 's': /* size of packet to send */ datalen = strtol(optarg, &e, 10); if (datalen <= 0 || *optarg == '\0' || *e != '\0') errx(1, "illegal datalen value -- %s", optarg); if (datalen > MAXDATALEN) { errx(1, "datalen value too large, maximum is %d", MAXDATALEN); } break; case 'O': options &= ~F_NOUSERDATA; options |= F_SUPTYPES; break; case 'v': options |= F_VERBOSE; break; case 'y': options &= ~F_NOUSERDATA; options |= F_FQDN; break; case 'Y': options &= ~F_NOUSERDATA; options |= F_FQDNOLD; break; case 'W': t = strtod(optarg, &e); if (*e || e == optarg || t > (double)INT_MAX) errx(EX_USAGE, "invalid timing interval: `%s'", optarg); options |= F_WAITTIME; waittime = (int)t; break; case 't': alarmtimeout = strtoul(optarg, &e, 0); if ((alarmtimeout < 1) || (alarmtimeout == ULONG_MAX)) errx(EX_USAGE, "invalid timeout: `%s'", optarg); if (alarmtimeout > MAXALARM) errx(EX_USAGE, "invalid timeout: `%s' > %d", optarg, MAXALARM); { struct itimerval itv; timerclear(&itv.it_interval); timerclear(&itv.it_value); itv.it_value.tv_sec = (time_t)alarmtimeout; if (setitimer(ITIMER_REAL, &itv, NULL) != 0) err(1, "setitimer"); } break; case 'z': /* traffic class */ tclass = strtol(optarg, &e, 10); if (*optarg == '\0' || *e != '\0') errx(1, "illegal traffic class %s", optarg); if (255 < tclass || tclass < -1) errx(1, "illegal traffic class -- %s", optarg); break; #ifdef IPSEC #ifdef IPSEC_POLICY_IPSEC case 'P': options |= F_POLICY; if (!strncmp("in", optarg, 2)) { if ((policy_in = strdup(optarg)) == NULL) errx(1, "strdup"); } else if (!strncmp("out", optarg, 3)) { if ((policy_out = strdup(optarg)) == NULL) errx(1, "strdup"); } else errx(1, "invalid security policy"); break; #else case 'Z': options |= F_AUTHHDR; break; case 'E': options |= F_ENCRYPT; break; #endif /*IPSEC_POLICY_IPSEC*/ #endif /*IPSEC*/ default: usage(); /*NOTREACHED*/ } } argc -= optind; argv += optind; if (argc < 1) { usage(); /*NOTREACHED*/ } if (argc > 1) { #ifdef IPV6_RECVRTHDR /* 2292bis */ rthlen = CMSG_SPACE(inet6_rth_space(IPV6_RTHDR_TYPE_0, argc - 1)); #else /* RFC2292 */ rthlen = inet6_rthdr_space(IPV6_RTHDR_TYPE_0, argc - 1); #endif if (rthlen == 0) { errx(1, "too many intermediate hops"); /*NOTREACHED*/ } ip6optlen += rthlen; } if (options & F_NIGROUP) { target = nigroup(argv[argc - 1], nig_oldmcprefix); if (target == NULL) { usage(); /*NOTREACHED*/ } } else target = argv[argc - 1]; /* cap_getaddrinfo */ memset(&hints, 0, sizeof(struct addrinfo)); hints.ai_flags = AI_CANONNAME; hints.ai_family = AF_INET6; hints.ai_socktype = SOCK_RAW; hints.ai_protocol = IPPROTO_ICMPV6; error = cap_getaddrinfo(capdns, target, NULL, &hints, &res); if (error) errx(EX_NOHOST, "cannot resolve %s: %s", target, gai_strerror(error)); if (res->ai_canonname) hostname = strdup(res->ai_canonname); else hostname = target; if (!res->ai_addr) errx(EX_NOHOST, "cannot resolve %s", target); (void)memcpy(&dst, res->ai_addr, res->ai_addrlen); if ((ssend = socket(res->ai_family, res->ai_socktype, res->ai_protocol)) < 0) err(1, "socket ssend"); if ((srecv = socket(res->ai_family, res->ai_socktype, res->ai_protocol)) < 0) err(1, "socket srecv"); freeaddrinfo(res); /* set the source address if specified. */ if ((options & F_SRCADDR) != 0) { /* properly fill sin6_scope_id */ if (IN6_IS_ADDR_LINKLOCAL(&src.sin6_addr) && ( IN6_IS_ADDR_LINKLOCAL(&dst.sin6_addr) || IN6_IS_ADDR_MC_LINKLOCAL(&dst.sin6_addr) || IN6_IS_ADDR_MC_NODELOCAL(&dst.sin6_addr))) { if (src.sin6_scope_id == 0) src.sin6_scope_id = dst.sin6_scope_id; if (dst.sin6_scope_id == 0) dst.sin6_scope_id = src.sin6_scope_id; } if (bind(ssend, (struct sockaddr *)&src, srclen) != 0) err(1, "bind"); } /* set the gateway (next hop) if specified */ if (gateway) { memset(&hints, 0, sizeof(hints)); hints.ai_family = AF_INET6; hints.ai_socktype = SOCK_RAW; hints.ai_protocol = IPPROTO_ICMPV6; error = cap_getaddrinfo(capdns, gateway, NULL, &hints, &res); if (error) { errx(1, "cap_getaddrinfo for the gateway %s: %s", gateway, gai_strerror(error)); } if (res->ai_next && (options & F_VERBOSE)) warnx("gateway resolves to multiple addresses"); if (setsockopt(ssend, IPPROTO_IPV6, IPV6_NEXTHOP, res->ai_addr, res->ai_addrlen)) { err(1, "setsockopt(IPV6_NEXTHOP)"); } freeaddrinfo(res); } /* * let the kerel pass extension headers of incoming packets, * for privileged socket options */ if ((options & F_VERBOSE) != 0) { int opton = 1; #ifdef IPV6_RECVHOPOPTS if (setsockopt(srecv, IPPROTO_IPV6, IPV6_RECVHOPOPTS, &opton, sizeof(opton))) err(1, "setsockopt(IPV6_RECVHOPOPTS)"); #else /* old adv. API */ if (setsockopt(srecv, IPPROTO_IPV6, IPV6_HOPOPTS, &opton, sizeof(opton))) err(1, "setsockopt(IPV6_HOPOPTS)"); #endif #ifdef IPV6_RECVDSTOPTS if (setsockopt(srecv, IPPROTO_IPV6, IPV6_RECVDSTOPTS, &opton, sizeof(opton))) err(1, "setsockopt(IPV6_RECVDSTOPTS)"); #else /* old adv. API */ if (setsockopt(srecv, IPPROTO_IPV6, IPV6_DSTOPTS, &opton, sizeof(opton))) err(1, "setsockopt(IPV6_DSTOPTS)"); #endif #ifdef IPV6_RECVRTHDRDSTOPTS if (setsockopt(srecv, IPPROTO_IPV6, IPV6_RECVRTHDRDSTOPTS, &opton, sizeof(opton))) err(1, "setsockopt(IPV6_RECVRTHDRDSTOPTS)"); #endif } /* revoke root privilege */ if (seteuid(getuid()) != 0) err(1, "seteuid() failed"); if (setuid(getuid()) != 0) err(1, "setuid() failed"); if ((options & F_FLOOD) && (options & F_INTERVAL)) errx(1, "-f and -i incompatible options"); if ((options & F_NOUSERDATA) == 0) { if (datalen >= sizeof(struct tv32)) { /* we can time transfer */ timing = 1; } else timing = 0; /* in F_VERBOSE case, we may get non-echoreply packets*/ if (options & F_VERBOSE) packlen = 2048 + IP6LEN + ICMP6ECHOLEN + EXTRA; else packlen = datalen + IP6LEN + ICMP6ECHOLEN + EXTRA; } else { /* suppress timing for node information query */ timing = 0; datalen = 2048; packlen = 2048 + IP6LEN + ICMP6ECHOLEN + EXTRA; } if (!(packet = (u_char *)malloc((u_int)packlen))) err(1, "Unable to allocate packet"); if (!(options & F_PINGFILLED)) for (i = ICMP6ECHOLEN; i < packlen; ++i) *datap++ = i; ident = getpid() & 0xFFFF; arc4random_buf(nonce, sizeof(nonce)); optval = 1; if (options & F_DONTFRAG) if (setsockopt(ssend, IPPROTO_IPV6, IPV6_DONTFRAG, &optval, sizeof(optval)) == -1) err(1, "IPV6_DONTFRAG"); hold = 1; if (options & F_SO_DEBUG) { (void)setsockopt(ssend, SOL_SOCKET, SO_DEBUG, (char *)&hold, sizeof(hold)); (void)setsockopt(srecv, SOL_SOCKET, SO_DEBUG, (char *)&hold, sizeof(hold)); } optval = IPV6_DEFHLIM; if (IN6_IS_ADDR_MULTICAST(&dst.sin6_addr)) if (setsockopt(ssend, IPPROTO_IPV6, IPV6_MULTICAST_HOPS, &optval, sizeof(optval)) == -1) err(1, "IPV6_MULTICAST_HOPS"); #ifdef IPV6_USE_MIN_MTU if (mflag != 1) { optval = mflag > 1 ? 0 : 1; if (setsockopt(ssend, IPPROTO_IPV6, IPV6_USE_MIN_MTU, &optval, sizeof(optval)) == -1) err(1, "setsockopt(IPV6_USE_MIN_MTU)"); } #ifdef IPV6_RECVPATHMTU else { optval = 1; if (setsockopt(srecv, IPPROTO_IPV6, IPV6_RECVPATHMTU, &optval, sizeof(optval)) == -1) err(1, "setsockopt(IPV6_RECVPATHMTU)"); } #endif /* IPV6_RECVPATHMTU */ #endif /* IPV6_USE_MIN_MTU */ #ifdef IPSEC #ifdef IPSEC_POLICY_IPSEC if (options & F_POLICY) { if (setpolicy(srecv, policy_in) < 0) errx(1, "%s", ipsec_strerror()); if (setpolicy(ssend, policy_out) < 0) errx(1, "%s", ipsec_strerror()); } #else if (options & F_AUTHHDR) { optval = IPSEC_LEVEL_REQUIRE; #ifdef IPV6_AUTH_TRANS_LEVEL if (setsockopt(ssend, IPPROTO_IPV6, IPV6_AUTH_TRANS_LEVEL, &optval, sizeof(optval)) == -1) err(1, "setsockopt(IPV6_AUTH_TRANS_LEVEL)"); if (setsockopt(srecv, IPPROTO_IPV6, IPV6_AUTH_TRANS_LEVEL, &optval, sizeof(optval)) == -1) err(1, "setsockopt(IPV6_AUTH_TRANS_LEVEL)"); #else /* old def */ if (setsockopt(ssend, IPPROTO_IPV6, IPV6_AUTH_LEVEL, &optval, sizeof(optval)) == -1) err(1, "setsockopt(IPV6_AUTH_LEVEL)"); if (setsockopt(srecv, IPPROTO_IPV6, IPV6_AUTH_LEVEL, &optval, sizeof(optval)) == -1) err(1, "setsockopt(IPV6_AUTH_LEVEL)"); #endif } if (options & F_ENCRYPT) { optval = IPSEC_LEVEL_REQUIRE; if (setsockopt(ssend, IPPROTO_IPV6, IPV6_ESP_TRANS_LEVEL, &optval, sizeof(optval)) == -1) err(1, "setsockopt(IPV6_ESP_TRANS_LEVEL)"); if (setsockopt(srecv, IPPROTO_IPV6, IPV6_ESP_TRANS_LEVEL, &optval, sizeof(optval)) == -1) err(1, "setsockopt(IPV6_ESP_TRANS_LEVEL)"); } #endif /*IPSEC_POLICY_IPSEC*/ #endif #ifdef ICMP6_FILTER { struct icmp6_filter filt; if (!(options & F_VERBOSE)) { ICMP6_FILTER_SETBLOCKALL(&filt); if ((options & F_FQDN) || (options & F_FQDNOLD) || (options & F_NODEADDR) || (options & F_SUPTYPES)) ICMP6_FILTER_SETPASS(ICMP6_NI_REPLY, &filt); else ICMP6_FILTER_SETPASS(ICMP6_ECHO_REPLY, &filt); } else { ICMP6_FILTER_SETPASSALL(&filt); } if (setsockopt(srecv, IPPROTO_ICMPV6, ICMP6_FILTER, &filt, sizeof(filt)) < 0) err(1, "setsockopt(ICMP6_FILTER)"); } #endif /*ICMP6_FILTER*/ /* let the kerel pass extension headers of incoming packets */ if ((options & F_VERBOSE) != 0) { int opton = 1; #ifdef IPV6_RECVRTHDR if (setsockopt(srecv, IPPROTO_IPV6, IPV6_RECVRTHDR, &opton, sizeof(opton))) err(1, "setsockopt(IPV6_RECVRTHDR)"); #else /* old adv. API */ if (setsockopt(srecv, IPPROTO_IPV6, IPV6_RTHDR, &opton, sizeof(opton))) err(1, "setsockopt(IPV6_RTHDR)"); #endif } /* optval = 1; if (IN6_IS_ADDR_MULTICAST(&dst.sin6_addr)) if (setsockopt(ssend, IPPROTO_IPV6, IPV6_MULTICAST_LOOP, &optval, sizeof(optval)) == -1) err(1, "IPV6_MULTICAST_LOOP"); */ /* Specify the outgoing interface and/or the source address */ if (usepktinfo) ip6optlen += CMSG_SPACE(sizeof(struct in6_pktinfo)); if (hoplimit != -1) ip6optlen += CMSG_SPACE(sizeof(int)); /* set IP6 packet options */ if (ip6optlen) { if ((scmsg = (char *)malloc(ip6optlen)) == NULL) errx(1, "can't allocate enough memory"); smsghdr.msg_control = (caddr_t)scmsg; smsghdr.msg_controllen = ip6optlen; scmsgp = CMSG_FIRSTHDR(&smsghdr); } if (usepktinfo) { cmsg_pktinfo = CMSG_DATA(scmsgp); scmsgp->cmsg_len = CMSG_LEN(sizeof(struct in6_pktinfo)); scmsgp->cmsg_level = IPPROTO_IPV6; scmsgp->cmsg_type = IPV6_PKTINFO; scmsgp = CMSG_NXTHDR(&smsghdr, scmsgp); } /* set the outgoing interface */ if (ifname) { #ifndef USE_SIN6_SCOPE_ID /* pktinfo must have already been allocated */ if ((pktinfo.ipi6_ifindex = if_nametoindex(ifname)) == 0) errx(1, "%s: invalid interface name", ifname); #else if ((dst.sin6_scope_id = if_nametoindex(ifname)) == 0) errx(1, "%s: invalid interface name", ifname); #endif } if (hoplimit != -1) { scmsgp->cmsg_len = CMSG_LEN(sizeof(int)); scmsgp->cmsg_level = IPPROTO_IPV6; scmsgp->cmsg_type = IPV6_HOPLIMIT; memcpy(CMSG_DATA(scmsgp), &hoplimit, sizeof(hoplimit)); scmsgp = CMSG_NXTHDR(&smsghdr, scmsgp); } if (tclass != -1) { if (setsockopt(ssend, IPPROTO_IPV6, IPV6_TCLASS, &tclass, sizeof(tclass)) == -1) err(1, "setsockopt(IPV6_TCLASS)"); } if (pcp != -2) { if (setsockopt(ssend, IPPROTO_IPV6, IPV6_VLAN_PCP, &pcp, sizeof(pcp)) == -1) err(1, "setsockopt(IPV6_VLAN_PCP)"); } if (argc > 1) { /* some intermediate addrs are specified */ int hops; int rthdrlen; rthdrlen = inet6_rth_space(IPV6_RTHDR_TYPE_0, argc - 1); scmsgp->cmsg_len = CMSG_LEN(rthdrlen); scmsgp->cmsg_level = IPPROTO_IPV6; scmsgp->cmsg_type = IPV6_RTHDR; rthdr = (struct ip6_rthdr *)CMSG_DATA(scmsgp); rthdr = inet6_rth_init((void *)rthdr, rthdrlen, IPV6_RTHDR_TYPE_0, argc - 1); if (rthdr == NULL) errx(1, "can't initialize rthdr"); for (hops = 0; hops < argc - 1; hops++) { memset(&hints, 0, sizeof(hints)); hints.ai_family = AF_INET6; if ((error = cap_getaddrinfo(capdns, argv[hops], NULL, &hints, &res))) errx(1, "%s", gai_strerror(error)); if (res->ai_addr->sa_family != AF_INET6) errx(1, "bad addr family of an intermediate addr"); sin6 = (struct sockaddr_in6 *)(void *)res->ai_addr; if (inet6_rth_add(rthdr, &sin6->sin6_addr)) errx(1, "can't add an intermediate node"); freeaddrinfo(res); } scmsgp = CMSG_NXTHDR(&smsghdr, scmsgp); } /* From now on we will use only reverse DNS lookups. */ #ifdef WITH_CASPER if (capdns != NULL) { const char *types[1]; types[0] = "ADDR2NAME"; if (cap_dns_type_limit(capdns, types, nitems(types)) < 0) err(1, "unable to limit access to system.dns service"); } #endif if (!(options & F_SRCADDR)) { /* * get the source address. XXX since we revoked the root * privilege, we cannot use a raw socket for this. */ int dummy; socklen_t len = sizeof(src); if ((dummy = socket(AF_INET6, SOCK_DGRAM, 0)) < 0) err(1, "UDP socket"); src.sin6_family = AF_INET6; src.sin6_addr = dst.sin6_addr; src.sin6_port = ntohs(DUMMY_PORT); src.sin6_scope_id = dst.sin6_scope_id; if (usepktinfo && setsockopt(dummy, IPPROTO_IPV6, IPV6_PKTINFO, (void *)&pktinfo, sizeof(pktinfo))) err(1, "UDP setsockopt(IPV6_PKTINFO)"); if (hoplimit != -1 && setsockopt(dummy, IPPROTO_IPV6, IPV6_UNICAST_HOPS, (void *)&hoplimit, sizeof(hoplimit))) err(1, "UDP setsockopt(IPV6_UNICAST_HOPS)"); if (hoplimit != -1 && setsockopt(dummy, IPPROTO_IPV6, IPV6_MULTICAST_HOPS, (void *)&hoplimit, sizeof(hoplimit))) err(1, "UDP setsockopt(IPV6_MULTICAST_HOPS)"); if (rthdr && setsockopt(dummy, IPPROTO_IPV6, IPV6_RTHDR, (void *)rthdr, (rthdr->ip6r_len + 1) << 3)) err(1, "UDP setsockopt(IPV6_RTHDR)"); if (connect(dummy, (struct sockaddr *)&src, len) < 0) err(1, "UDP connect"); if (getsockname(dummy, (struct sockaddr *)&src, &len) < 0) err(1, "getsockname"); close(dummy); } /* Save pktinfo in the ancillary data. */ if (usepktinfo) memcpy(cmsg_pktinfo, &pktinfo, sizeof(pktinfo)); if (connect(ssend, (struct sockaddr *)&dst, sizeof(dst)) != 0) err(1, "connect() ssend"); caph_cache_catpages(); if (caph_enter_casper() < 0) err(1, "caph_enter_casper"); cap_rights_init(&rights_stdin); if (caph_rights_limit(STDIN_FILENO, &rights_stdin) < 0) err(1, "caph_rights_limit stdin"); if (caph_limit_stdout() < 0) err(1, "caph_limit_stdout"); if (caph_limit_stderr() < 0) err(1, "caph_limit_stderr"); cap_rights_init(&rights_srecv, CAP_RECV, CAP_EVENT, CAP_SETSOCKOPT); if (caph_rights_limit(srecv, &rights_srecv) < 0) err(1, "caph_rights_limit srecv"); cap_rights_init(&rights_ssend, CAP_SEND, CAP_SETSOCKOPT); if (caph_rights_limit(ssend, &rights_ssend) < 0) err(1, "caph_rights_limit ssend"); #if defined(SO_SNDBUF) && defined(SO_RCVBUF) if (sockbufsize) { if (datalen > (size_t)sockbufsize) warnx("you need -b to increase socket buffer size"); if (setsockopt(ssend, SOL_SOCKET, SO_SNDBUF, &sockbufsize, sizeof(sockbufsize)) < 0) err(1, "setsockopt(SO_SNDBUF)"); if (setsockopt(srecv, SOL_SOCKET, SO_RCVBUF, &sockbufsize, sizeof(sockbufsize)) < 0) err(1, "setsockopt(SO_RCVBUF)"); } else { if (datalen > 8 * 1024) /*XXX*/ warnx("you need -b to increase socket buffer size"); /* * When pinging the broadcast address, you can get a lot of * answers. Doing something so evil is useful if you are trying * to stress the ethernet, or just want to fill the arp cache * to get some stuff for /etc/ethers. */ hold = 48 * 1024; setsockopt(srecv, SOL_SOCKET, SO_RCVBUF, (char *)&hold, sizeof(hold)); } #endif optval = 1; #ifndef USE_SIN6_SCOPE_ID #ifdef IPV6_RECVPKTINFO if (setsockopt(srecv, IPPROTO_IPV6, IPV6_RECVPKTINFO, &optval, sizeof(optval)) < 0) warn("setsockopt(IPV6_RECVPKTINFO)"); /* XXX err? */ #else /* old adv. API */ if (setsockopt(srecv, IPPROTO_IPV6, IPV6_PKTINFO, &optval, sizeof(optval)) < 0) warn("setsockopt(IPV6_PKTINFO)"); /* XXX err? */ #endif #endif /* USE_SIN6_SCOPE_ID */ #ifdef IPV6_RECVHOPLIMIT if (setsockopt(srecv, IPPROTO_IPV6, IPV6_RECVHOPLIMIT, &optval, sizeof(optval)) < 0) warn("setsockopt(IPV6_RECVHOPLIMIT)"); /* XXX err? */ #else /* old adv. API */ if (setsockopt(srecv, IPPROTO_IPV6, IPV6_HOPLIMIT, &optval, sizeof(optval)) < 0) warn("setsockopt(IPV6_HOPLIMIT)"); /* XXX err? */ #endif cap_rights_clear(&rights_srecv, CAP_SETSOCKOPT); if (caph_rights_limit(srecv, &rights_srecv) < 0) err(1, "caph_rights_limit srecv setsockopt"); cap_rights_clear(&rights_ssend, CAP_SETSOCKOPT); if (caph_rights_limit(ssend, &rights_ssend) < 0) err(1, "caph_rights_limit ssend setsockopt"); printf("PING(%lu=40+8+%lu bytes) ", (unsigned long)(40 + pingerlen()), (unsigned long)(pingerlen() - 8)); printf("%s --> ", pr_addr((struct sockaddr *)&src, sizeof(src))); printf("%s\n", pr_addr((struct sockaddr *)&dst, sizeof(dst))); if (preload == 0) pinger(); else { if (npackets != 0 && preload > npackets) preload = npackets; while (preload--) pinger(); } clock_gettime(CLOCK_MONOTONIC, &last); sigemptyset(&si_sa.sa_mask); si_sa.sa_flags = 0; si_sa.sa_handler = onsignal; if (sigaction(SIGINT, &si_sa, 0) == -1) err(EX_OSERR, "sigaction SIGINT"); seenint = 0; if (sigaction(SIGINFO, &si_sa, 0) == -1) err(EX_OSERR, "sigaction SIGINFO"); seeninfo = 0; if (alarmtimeout > 0) { if (sigaction(SIGALRM, &si_sa, 0) == -1) err(EX_OSERR, "sigaction SIGALRM"); } if (options & F_FLOOD) { intvl.tv_sec = 0; intvl.tv_nsec = 10000000; } almost_done = 0; while (seenint == 0) { struct timespec now, timeout; struct msghdr m; struct iovec iov[2]; fd_set rfds; int n; /* signal handling */ if (seeninfo) { pr_summary(stderr); seeninfo = 0; continue; } FD_ZERO(&rfds); FD_SET(srecv, &rfds); clock_gettime(CLOCK_MONOTONIC, &now); timespecadd(&last, &intvl, &timeout); timespecsub(&timeout, &now, &timeout); if (timeout.tv_sec < 0) timespecclear(&timeout); n = pselect(srecv + 1, &rfds, NULL, NULL, &timeout, NULL); if (n < 0) continue; /* EINTR */ if (n == 1) { m.msg_name = (caddr_t)&from; m.msg_namelen = sizeof(from); memset(&iov, 0, sizeof(iov)); iov[0].iov_base = (caddr_t)packet; iov[0].iov_len = packlen; m.msg_iov = iov; m.msg_iovlen = 1; memset(cm, 0, CONTROLLEN); m.msg_control = (void *)cm; m.msg_controllen = CONTROLLEN; cc = recvmsg(srecv, &m, 0); if (cc < 0) { if (errno != EINTR) { warn("recvmsg"); sleep(1); } continue; } else if (cc == 0) { int mtu; /* * receive control messages only. Process the * exceptions (currently the only possibility is * a path MTU notification.) */ if ((mtu = get_pathmtu(&m)) > 0) { if ((options & F_VERBOSE) != 0) { printf("new path MTU (%d) is " "notified\n", mtu); } } continue; } else { /* * an ICMPv6 message (probably an echoreply) * arrived. */ pr_pack(packet, cc, &m); } if (((options & F_ONCE) != 0 && nreceived > 0) || (npackets > 0 && nreceived >= npackets)) break; } if (n == 0 || (options & F_FLOOD)) { if (npackets == 0 || ntransmitted < npackets) pinger(); else { if (almost_done) break; almost_done = 1; /* * If we're not transmitting any more packets, * change the timer to wait two round-trip times * if we've received any packets or (waittime) * milliseconds if we haven't. */ intvl.tv_nsec = 0; if (nreceived) { intvl.tv_sec = 2 * tmax / 1000; if (intvl.tv_sec == 0) intvl.tv_sec = 1; } else { intvl.tv_sec = waittime / 1000; intvl.tv_nsec = waittime % 1000 * 1000000; } } clock_gettime(CLOCK_MONOTONIC, &last); if (ntransmitted - nreceived - 1 > nmissedmax) { nmissedmax = ntransmitted - nreceived - 1; if (options & F_MISSED) (void)write(STDOUT_FILENO, &BBELL, 1); } } } sigemptyset(&si_sa.sa_mask); si_sa.sa_flags = 0; si_sa.sa_handler = SIG_IGN; sigaction(SIGINT, &si_sa, 0); sigaction(SIGALRM, &si_sa, 0); pr_summary(stdout); if(packet != NULL) free(packet); if (nreceived > 0) exit(0); else if (ntransmitted > ntransmitfailures) exit(2); else exit(EX_OSERR); } /* * pinger -- * Compose and transmit an ICMP ECHO REQUEST packet. The IP packet * will be added on by the kernel. The ID field is our UNIX process ID, * and the sequence number is an ascending integer. The first 8 bytes * of the data portion are used to hold a UNIX "timespec" struct in VAX * byte-order, to compute the round-trip time. */ static size_t pingerlen(void) { size_t l; if (options & F_FQDN) l = ICMP6_NIQLEN + sizeof(dst.sin6_addr); else if (options & F_FQDNOLD) l = ICMP6_NIQLEN; else if (options & F_NODEADDR) l = ICMP6_NIQLEN + sizeof(dst.sin6_addr); else if (options & F_SUPTYPES) l = ICMP6_NIQLEN; else l = ICMP6ECHOLEN + datalen; return l; } static int pinger(void) { struct icmp6_hdr *icp; struct iovec iov[2]; int i, cc; struct icmp6_nodeinfo *nip; uint16_t seq; if (npackets && ntransmitted >= npackets) return(-1); /* no more transmission */ icp = (struct icmp6_hdr *)outpack; nip = (struct icmp6_nodeinfo *)outpack; memset(icp, 0, sizeof(*icp)); icp->icmp6_cksum = 0; seq = ntransmitted++; CLR(seq % mx_dup_ck); if (options & F_FQDN) { uint16_t s; icp->icmp6_type = ICMP6_NI_QUERY; icp->icmp6_code = ICMP6_NI_SUBJ_IPV6; nip->ni_qtype = htons(NI_QTYPE_FQDN); nip->ni_flags = htons(0); memcpy(nip->icmp6_ni_nonce, nonce, sizeof(nip->icmp6_ni_nonce)); s = htons(seq); memcpy(nip->icmp6_ni_nonce, &s, sizeof(s)); memcpy(&outpack[ICMP6_NIQLEN], &dst.sin6_addr, sizeof(dst.sin6_addr)); cc = ICMP6_NIQLEN + sizeof(dst.sin6_addr); datalen = 0; } else if (options & F_FQDNOLD) { uint16_t s; /* packet format in 03 draft - no Subject data on queries */ icp->icmp6_type = ICMP6_NI_QUERY; icp->icmp6_code = 0; /* code field is always 0 */ nip->ni_qtype = htons(NI_QTYPE_FQDN); nip->ni_flags = htons(0); memcpy(nip->icmp6_ni_nonce, nonce, sizeof(nip->icmp6_ni_nonce)); s = htons(seq); memcpy(nip->icmp6_ni_nonce, &s, sizeof(s)); cc = ICMP6_NIQLEN; datalen = 0; } else if (options & F_NODEADDR) { uint16_t s; icp->icmp6_type = ICMP6_NI_QUERY; icp->icmp6_code = ICMP6_NI_SUBJ_IPV6; nip->ni_qtype = htons(NI_QTYPE_NODEADDR); nip->ni_flags = naflags; memcpy(nip->icmp6_ni_nonce, nonce, sizeof(nip->icmp6_ni_nonce)); s = htons(seq); memcpy(nip->icmp6_ni_nonce, &s, sizeof(s)); memcpy(&outpack[ICMP6_NIQLEN], &dst.sin6_addr, sizeof(dst.sin6_addr)); cc = ICMP6_NIQLEN + sizeof(dst.sin6_addr); datalen = 0; } else if (options & F_SUPTYPES) { uint16_t s; icp->icmp6_type = ICMP6_NI_QUERY; icp->icmp6_code = ICMP6_NI_SUBJ_FQDN; /*empty*/ nip->ni_qtype = htons(NI_QTYPE_SUPTYPES); /* we support compressed bitmap */ nip->ni_flags = NI_SUPTYPE_FLAG_COMPRESS; memcpy(nip->icmp6_ni_nonce, nonce, sizeof(nip->icmp6_ni_nonce)); s = htons(seq); memcpy(nip->icmp6_ni_nonce, &s, sizeof(s)); cc = ICMP6_NIQLEN; datalen = 0; } else { icp->icmp6_type = ICMP6_ECHO_REQUEST; icp->icmp6_code = 0; icp->icmp6_id = htons(ident); icp->icmp6_seq = htons(seq); if (timing) { struct timespec tv; struct tv32 tv32; (void)clock_gettime(CLOCK_MONOTONIC, &tv); /* * Truncate seconds down to 32 bits in order * to fit the timestamp within 8 bytes of the * packet. We're only concerned with * durations, not absolute times. */ tv32.tv32_sec = (uint32_t)htonl(tv.tv_sec); tv32.tv32_nsec = (uint32_t)htonl(tv.tv_nsec); memcpy(&outpack[ICMP6ECHOLEN], &tv32, sizeof(tv32)); } cc = ICMP6ECHOLEN + datalen; } #ifdef DIAGNOSTIC if (pingerlen() != cc) errx(1, "internal error; length mismatch"); #endif memset(&iov, 0, sizeof(iov)); iov[0].iov_base = (caddr_t)outpack; iov[0].iov_len = cc; smsghdr.msg_iov = iov; smsghdr.msg_iovlen = 1; i = sendmsg(ssend, &smsghdr, 0); if (i < 0 || i != cc) { if (i < 0) { ntransmitfailures++; warn("sendmsg"); } (void)printf("ping: wrote %s %d chars, ret=%d\n", hostname, cc, i); } if (!(options & F_QUIET) && options & F_DOT) (void)write(STDOUT_FILENO, &DOT[DOTidx++ % DOTlen], 1); return(0); } static int myechoreply(const struct icmp6_hdr *icp) { if (ntohs(icp->icmp6_id) == ident) return 1; else return 0; } static int mynireply(const struct icmp6_nodeinfo *nip) { if (memcmp(nip->icmp6_ni_nonce + sizeof(u_int16_t), nonce + sizeof(u_int16_t), sizeof(nonce) - sizeof(u_int16_t)) == 0) return 1; else return 0; } /* * Decode a name from a DNS message. * * Format of the message is described in RFC 1035 subsection 4.1.4. * * Arguments: * sp - Pointer to a DNS pointer octet or to the first octet of a label * in the message. * ep - Pointer to the end of the message (one step past the last octet). * base - Pointer to the beginning of the message. * buf - Buffer into which the decoded name will be saved. * bufsiz - Size of the buffer 'buf'. * * Return value: * Pointer to an octet immediately following the ending zero octet * of the decoded label, or NULL if an error occurred. */ static const char * dnsdecode(const u_char *sp, const u_char *ep, const u_char *base, char *buf, size_t bufsiz) { int i; const u_char *cp; char cresult[MAXDNAME + 1]; const u_char *comp; int l; cp = sp; *buf = '\0'; if (cp >= ep) return NULL; while (cp < ep) { i = *cp; if (i == 0 || cp != sp) { if (strlcat((char *)buf, ".", bufsiz) >= bufsiz) return NULL; /*result overrun*/ } if (i == 0) break; cp++; if ((i & 0xc0) == 0xc0 && cp - base > (i & 0x3f)) { /* DNS compression */ if (!base) return NULL; comp = base + (i & 0x3f); if (dnsdecode(comp, cp, base, cresult, sizeof(cresult)) == NULL) return NULL; if (strlcat(buf, cresult, bufsiz) >= bufsiz) return NULL; /*result overrun*/ break; } else if ((i & 0x3f) == i) { if (i > ep - cp) return NULL; /*source overrun*/ while (i-- > 0 && cp < ep) { l = snprintf(cresult, sizeof(cresult), isprint(*cp) ? "%c" : "\\%03o", *cp & 0xff); if ((size_t)l >= sizeof(cresult) || l < 0) return NULL; if (strlcat(buf, cresult, bufsiz) >= bufsiz) return NULL; /*result overrun*/ cp++; } } else return NULL; /*invalid label*/ } if (i != 0) return NULL; /*not terminated*/ cp++; return cp; } /* * pr_pack -- * Print out the packet, if it came from us. This logic is necessary * because ALL readers of the ICMP socket get a copy of ALL ICMP packets * which arrive ('tis only fair). This permits multiple copies of this * program to be run without having intermingled output (or statistics!). */ static void pr_pack(u_char *buf, int cc, struct msghdr *mhdr) { #define safeputc(c) printf((isprint((c)) ? "%c" : "\\%03o"), c) struct icmp6_hdr *icp; struct icmp6_nodeinfo *ni; int i; int hoplim; struct sockaddr *from; int fromlen; const u_char *cp = NULL; u_char *dp, *end = buf + cc; struct in6_pktinfo *pktinfo = NULL; struct timespec tv, tp; struct tv32 tpp; double triptime = 0; int dupflag; size_t off; int oldfqdn; u_int16_t seq; char dnsname[MAXDNAME + 1]; (void)clock_gettime(CLOCK_MONOTONIC, &tv); if (!mhdr || !mhdr->msg_name || mhdr->msg_namelen != sizeof(struct sockaddr_in6) || ((struct sockaddr *)mhdr->msg_name)->sa_family != AF_INET6) { if (options & F_VERBOSE) warnx("invalid peername"); return; } from = (struct sockaddr *)mhdr->msg_name; fromlen = mhdr->msg_namelen; if (cc < (int)sizeof(struct icmp6_hdr)) { if (options & F_VERBOSE) warnx("packet too short (%d bytes) from %s", cc, pr_addr(from, fromlen)); return; } if (((mhdr->msg_flags & MSG_CTRUNC) != 0) && (options & F_VERBOSE) != 0) warnx("some control data discarded, insufficient buffer size"); icp = (struct icmp6_hdr *)buf; ni = (struct icmp6_nodeinfo *)buf; off = 0; if ((hoplim = get_hoplim(mhdr)) == -1) { warnx("failed to get receiving hop limit"); return; } if ((pktinfo = get_rcvpktinfo(mhdr)) == NULL) { warnx("failed to get receiving packet information"); return; } if (icp->icmp6_type == ICMP6_ECHO_REPLY && myechoreply(icp)) { seq = ntohs(icp->icmp6_seq); ++nreceived; if (timing) { memcpy(&tpp, icp + 1, sizeof(tpp)); tp.tv_sec = ntohl(tpp.tv32_sec); tp.tv_nsec = ntohl(tpp.tv32_nsec); timespecsub(&tv, &tp, &tv); triptime = ((double)tv.tv_sec) * 1000.0 + ((double)tv.tv_nsec) / 1000000.0; tsum += triptime; tsumsq += triptime * triptime; if (triptime < tmin) tmin = triptime; if (triptime > tmax) tmax = triptime; } if (TST(seq % mx_dup_ck)) { ++nrepeats; --nreceived; dupflag = 1; } else { SET(seq % mx_dup_ck); dupflag = 0; } if (options & F_QUIET) return; if (options & F_WAITTIME && triptime > waittime) { ++nrcvtimeout; return; } if (options & F_DOT) (void)write(STDOUT_FILENO, &BSPACE, 1); else { if (options & F_AUDIBLE) (void)write(STDOUT_FILENO, &BBELL, 1); (void)printf("%d bytes from %s, icmp_seq=%u", cc, pr_addr(from, fromlen), seq); (void)printf(" hlim=%d", hoplim); if ((options & F_VERBOSE) != 0) { struct sockaddr_in6 dstsa; memset(&dstsa, 0, sizeof(dstsa)); dstsa.sin6_family = AF_INET6; dstsa.sin6_len = sizeof(dstsa); dstsa.sin6_scope_id = pktinfo->ipi6_ifindex; dstsa.sin6_addr = pktinfo->ipi6_addr; (void)printf(" dst=%s", pr_addr((struct sockaddr *)&dstsa, sizeof(dstsa))); } if (timing) (void)printf(" time=%.3f ms", triptime); if (dupflag) (void)printf("(DUP!)"); /* check the data */ cp = buf + off + ICMP6ECHOLEN + ICMP6ECHOTMLEN; dp = outpack + ICMP6ECHOLEN + ICMP6ECHOTMLEN; for (i = 8; cp < end; ++i, ++cp, ++dp) { if (*cp != *dp) { (void)printf("\nwrong data byte #%d should be 0x%x but was 0x%x", i, *dp, *cp); break; } } } } else if (icp->icmp6_type == ICMP6_NI_REPLY && mynireply(ni)) { memcpy(&seq, ni->icmp6_ni_nonce, sizeof(seq)); seq = ntohs(seq); ++nreceived; if (TST(seq % mx_dup_ck)) { ++nrepeats; --nreceived; dupflag = 1; } else { SET(seq % mx_dup_ck); dupflag = 0; } if (options & F_QUIET) return; (void)printf("%d bytes from %s: ", cc, pr_addr(from, fromlen)); switch (ntohs(ni->ni_code)) { case ICMP6_NI_SUCCESS: break; case ICMP6_NI_REFUSED: printf("refused, type 0x%x", ntohs(ni->ni_type)); goto fqdnend; case ICMP6_NI_UNKNOWN: printf("unknown, type 0x%x", ntohs(ni->ni_type)); goto fqdnend; default: printf("unknown code 0x%x, type 0x%x", ntohs(ni->ni_code), ntohs(ni->ni_type)); goto fqdnend; } switch (ntohs(ni->ni_qtype)) { case NI_QTYPE_NOOP: printf("NodeInfo NOOP"); break; case NI_QTYPE_SUPTYPES: pr_suptypes(ni, end - (u_char *)ni); break; case NI_QTYPE_NODEADDR: pr_nodeaddr(ni, end - (u_char *)ni); break; case NI_QTYPE_FQDN: default: /* XXX: for backward compatibility */ cp = (u_char *)ni + ICMP6_NIRLEN; if (buf[off + ICMP6_NIRLEN] == cc - off - ICMP6_NIRLEN - 1) oldfqdn = 1; else oldfqdn = 0; if (oldfqdn) { cp++; /* skip length */ while (cp < end) { safeputc(*cp & 0xff); cp++; } } else { i = 0; while (cp < end) { cp = dnsdecode((const u_char *)cp, end, (const u_char *)(ni + 1), dnsname, sizeof(dnsname)); if (cp == NULL) { printf("???"); break; } /* * name-lookup special handling for * truncated name */ if (cp + 1 <= end && !*cp && strlen(dnsname) > 0) { dnsname[strlen(dnsname) - 1] = '\0'; cp++; } printf("%s%s", i > 0 ? "," : "", dnsname); } } if (options & F_VERBOSE) { u_long t; int32_t ttl; int comma = 0; (void)printf(" ("); /*)*/ switch (ni->ni_code) { case ICMP6_NI_REFUSED: (void)printf("refused"); comma++; break; case ICMP6_NI_UNKNOWN: (void)printf("unknown qtype"); comma++; break; } if ((end - (u_char *)ni) < ICMP6_NIRLEN) { /* case of refusion, unknown */ /*(*/ putchar(')'); goto fqdnend; } memcpy(&t, &buf[off+ICMP6ECHOLEN+8], sizeof(t)); ttl = (int32_t)ntohl(t); if (comma) printf(","); if (!(ni->ni_flags & NI_FQDN_FLAG_VALIDTTL)) { (void)printf("TTL=%d:meaningless", (int)ttl); } else { if (ttl < 0) { (void)printf("TTL=%d:invalid", ttl); } else (void)printf("TTL=%d", ttl); } comma++; if (oldfqdn) { if (comma) printf(","); printf("03 draft"); comma++; } else { cp = (u_char *)ni + ICMP6_NIRLEN; if (cp == end) { if (comma) printf(","); printf("no name"); comma++; } } if (buf[off + ICMP6_NIRLEN] != cc - off - ICMP6_NIRLEN - 1 && oldfqdn) { if (comma) printf(","); (void)printf("invalid namelen:%d/%lu", buf[off + ICMP6_NIRLEN], (u_long)cc - off - ICMP6_NIRLEN - 1); comma++; } /*(*/ putchar(')'); } fqdnend: ; } } else { /* We've got something other than an ECHOREPLY */ if (!(options & F_VERBOSE)) return; (void)printf("%d bytes from %s: ", cc, pr_addr(from, fromlen)); pr_icmph(icp, end); } if (!(options & F_DOT)) { (void)putchar('\n'); if (options & F_VERBOSE) pr_exthdrs(mhdr); (void)fflush(stdout); } #undef safeputc } static void pr_exthdrs(struct msghdr *mhdr) { ssize_t bufsize; void *bufp; struct cmsghdr *cm; bufsize = 0; bufp = mhdr->msg_control; for (cm = (struct cmsghdr *)CMSG_FIRSTHDR(mhdr); cm; cm = (struct cmsghdr *)CMSG_NXTHDR(mhdr, cm)) { if (cm->cmsg_level != IPPROTO_IPV6) continue; bufsize = CONTROLLEN - ((caddr_t)CMSG_DATA(cm) - (caddr_t)bufp); if (bufsize <= 0) continue; switch (cm->cmsg_type) { case IPV6_HOPOPTS: printf(" HbH Options: "); pr_ip6opt(CMSG_DATA(cm), (size_t)bufsize); break; case IPV6_DSTOPTS: #ifdef IPV6_RTHDRDSTOPTS case IPV6_RTHDRDSTOPTS: #endif printf(" Dst Options: "); pr_ip6opt(CMSG_DATA(cm), (size_t)bufsize); break; case IPV6_RTHDR: printf(" Routing: "); pr_rthdr(CMSG_DATA(cm), (size_t)bufsize); break; } } } static void pr_ip6opt(void *extbuf, size_t bufsize) { struct ip6_hbh *ext; int currentlen; u_int8_t type; socklen_t extlen, len; void *databuf; size_t offset; u_int16_t value2; u_int32_t value4; ext = (struct ip6_hbh *)extbuf; extlen = (ext->ip6h_len + 1) * 8; printf("nxt %u, len %u (%lu bytes)\n", ext->ip6h_nxt, (unsigned int)ext->ip6h_len, (unsigned long)extlen); /* * Bounds checking on the ancillary data buffer: * subtract the size of a cmsg structure from the buffer size. */ if (bufsize < (extlen + CMSG_SPACE(0))) { extlen = bufsize - CMSG_SPACE(0); warnx("options truncated, showing only %u (total=%u)", (unsigned int)(extlen / 8 - 1), (unsigned int)(ext->ip6h_len)); } currentlen = 0; while (1) { currentlen = inet6_opt_next(extbuf, extlen, currentlen, &type, &len, &databuf); if (currentlen == -1) break; switch (type) { /* * Note that inet6_opt_next automatically skips any padding * optins. */ case IP6OPT_JUMBO: offset = 0; offset = inet6_opt_get_val(databuf, offset, &value4, sizeof(value4)); printf(" Jumbo Payload Opt: Length %u\n", (u_int32_t)ntohl(value4)); break; case IP6OPT_ROUTER_ALERT: offset = 0; offset = inet6_opt_get_val(databuf, offset, &value2, sizeof(value2)); printf(" Router Alert Opt: Type %u\n", ntohs(value2)); break; default: printf(" Received Opt %u len %lu\n", type, (unsigned long)len); break; } } return; } static void pr_rthdr(void *extbuf, size_t bufsize) { struct in6_addr *in6; char ntopbuf[INET6_ADDRSTRLEN]; struct ip6_rthdr *rh = (struct ip6_rthdr *)extbuf; int i, segments, origsegs, rthsize, size0, size1; /* print fixed part of the header */ printf("nxt %u, len %u (%d bytes), type %u, ", rh->ip6r_nxt, rh->ip6r_len, (rh->ip6r_len + 1) << 3, rh->ip6r_type); if ((segments = inet6_rth_segments(extbuf)) >= 0) { printf("%d segments, ", segments); printf("%d left\n", rh->ip6r_segleft); } else { printf("segments unknown, "); printf("%d left\n", rh->ip6r_segleft); return; } /* * Bounds checking on the ancillary data buffer. When calculating * the number of items to show keep in mind: * - The size of the cmsg structure * - The size of one segment (the size of a Type 0 routing header) * - When dividing add a fudge factor of one in case the * dividend is not evenly divisible by the divisor */ rthsize = (rh->ip6r_len + 1) * 8; if (bufsize < (rthsize + CMSG_SPACE(0))) { origsegs = segments; size0 = inet6_rth_space(IPV6_RTHDR_TYPE_0, 0); size1 = inet6_rth_space(IPV6_RTHDR_TYPE_0, 1); segments -= (rthsize - (bufsize - CMSG_SPACE(0))) / (size1 - size0) + 1; warnx("segments truncated, showing only %d (total=%d)", segments, origsegs); } for (i = 0; i < segments; i++) { in6 = inet6_rth_getaddr(extbuf, i); if (in6 == NULL) printf(" [%d]\n", i); else { if (!inet_ntop(AF_INET6, in6, ntopbuf, sizeof(ntopbuf))) strlcpy(ntopbuf, "?", sizeof(ntopbuf)); printf(" [%d]%s\n", i, ntopbuf); } } return; } static int pr_bitrange(u_int32_t v, int soff, int ii) { int off; int i; off = 0; while (off < 32) { /* shift till we have 0x01 */ if ((v & 0x01) == 0) { if (ii > 1) printf("-%u", soff + off - 1); ii = 0; switch (v & 0x0f) { case 0x00: v >>= 4; off += 4; continue; case 0x08: v >>= 3; off += 3; continue; case 0x04: case 0x0c: v >>= 2; off += 2; continue; default: v >>= 1; off += 1; continue; } } /* we have 0x01 with us */ for (i = 0; i < 32 - off; i++) { if ((v & (0x01 << i)) == 0) break; } if (!ii) printf(" %u", soff + off); ii += i; v >>= i; off += i; } return ii; } static void pr_suptypes(struct icmp6_nodeinfo *ni, size_t nilen) /* ni->qtype must be SUPTYPES */ { size_t clen; u_int32_t v; const u_char *cp, *end; u_int16_t cur; struct cbit { u_int16_t words; /*32bit count*/ u_int16_t skip; } cbit; #define MAXQTYPES (1 << 16) size_t off; int b; cp = (u_char *)(ni + 1); end = ((u_char *)ni) + nilen; cur = 0; b = 0; printf("NodeInfo Supported Qtypes"); if (options & F_VERBOSE) { if (ni->ni_flags & NI_SUPTYPE_FLAG_COMPRESS) printf(", compressed bitmap"); else printf(", raw bitmap"); } while (cp < end) { clen = (size_t)(end - cp); if ((ni->ni_flags & NI_SUPTYPE_FLAG_COMPRESS) == 0) { if (clen == 0 || clen > MAXQTYPES / 8 || clen % sizeof(v)) { printf("???"); return; } } else { if (clen < sizeof(cbit) || clen % sizeof(v)) return; memcpy(&cbit, cp, sizeof(cbit)); if (sizeof(cbit) + ntohs(cbit.words) * sizeof(v) > clen) return; cp += sizeof(cbit); clen = ntohs(cbit.words) * sizeof(v); if (cur + clen * 8 + (u_long)ntohs(cbit.skip) * 32 > MAXQTYPES) return; } for (off = 0; off < clen; off += sizeof(v)) { memcpy(&v, cp + off, sizeof(v)); v = (u_int32_t)ntohl(v); b = pr_bitrange(v, (int)(cur + off * 8), b); } /* flush the remaining bits */ b = pr_bitrange(0, (int)(cur + off * 8), b); cp += clen; cur += clen * 8; if ((ni->ni_flags & NI_SUPTYPE_FLAG_COMPRESS) != 0) cur += ntohs(cbit.skip) * 32; } } static void pr_nodeaddr(struct icmp6_nodeinfo *ni, int nilen) /* ni->qtype must be NODEADDR */ { u_char *cp = (u_char *)(ni + 1); char ntop_buf[INET6_ADDRSTRLEN]; int withttl = 0; nilen -= sizeof(struct icmp6_nodeinfo); if (options & F_VERBOSE) { switch (ni->ni_code) { case ICMP6_NI_REFUSED: (void)printf("refused"); break; case ICMP6_NI_UNKNOWN: (void)printf("unknown qtype"); break; } if (ni->ni_flags & NI_NODEADDR_FLAG_TRUNCATE) (void)printf(" truncated"); } putchar('\n'); if (nilen <= 0) printf(" no address\n"); /* * In icmp-name-lookups 05 and later, TTL of each returned address * is contained in the resposne. We try to detect the version * by the length of the data, but note that the detection algorithm * is incomplete. We assume the latest draft by default. */ if (nilen % (sizeof(u_int32_t) + sizeof(struct in6_addr)) == 0) withttl = 1; while (nilen > 0) { u_int32_t ttl = 0; if (withttl) { uint32_t t; memcpy(&t, cp, sizeof(t)); ttl = (u_int32_t)ntohl(t); cp += sizeof(u_int32_t); nilen -= sizeof(u_int32_t); } if (inet_ntop(AF_INET6, cp, ntop_buf, sizeof(ntop_buf)) == NULL) strlcpy(ntop_buf, "?", sizeof(ntop_buf)); printf(" %s", ntop_buf); if (withttl) { if (ttl == 0xffffffff) { /* * XXX: can this convention be applied to all * type of TTL (i.e. non-ND TTL)? */ printf("(TTL=infty)"); } else printf("(TTL=%u)", ttl); } putchar('\n'); nilen -= sizeof(struct in6_addr); cp += sizeof(struct in6_addr); } } static int get_hoplim(struct msghdr *mhdr) { struct cmsghdr *cm; for (cm = (struct cmsghdr *)CMSG_FIRSTHDR(mhdr); cm; cm = (struct cmsghdr *)CMSG_NXTHDR(mhdr, cm)) { if (cm->cmsg_len == 0) return(-1); if (cm->cmsg_level == IPPROTO_IPV6 && cm->cmsg_type == IPV6_HOPLIMIT && cm->cmsg_len == CMSG_LEN(sizeof(int))) { int r; memcpy(&r, CMSG_DATA(cm), sizeof(r)); return(r); } } return(-1); } static struct in6_pktinfo * get_rcvpktinfo(struct msghdr *mhdr) { static struct in6_pktinfo pi; struct cmsghdr *cm; for (cm = (struct cmsghdr *)CMSG_FIRSTHDR(mhdr); cm; cm = (struct cmsghdr *)CMSG_NXTHDR(mhdr, cm)) { if (cm->cmsg_len == 0) return(NULL); if (cm->cmsg_level == IPPROTO_IPV6 && cm->cmsg_type == IPV6_PKTINFO && cm->cmsg_len == CMSG_LEN(sizeof(struct in6_pktinfo))) { memcpy(&pi, CMSG_DATA(cm), sizeof(pi)); return(&pi); } } return(NULL); } static int get_pathmtu(struct msghdr *mhdr) { #ifdef IPV6_RECVPATHMTU struct cmsghdr *cm; struct ip6_mtuinfo mtuctl; for (cm = (struct cmsghdr *)CMSG_FIRSTHDR(mhdr); cm; cm = (struct cmsghdr *)CMSG_NXTHDR(mhdr, cm)) { if (cm->cmsg_len == 0) return(0); if (cm->cmsg_level == IPPROTO_IPV6 && cm->cmsg_type == IPV6_PATHMTU && cm->cmsg_len == CMSG_LEN(sizeof(struct ip6_mtuinfo))) { memcpy(&mtuctl, CMSG_DATA(cm), sizeof(mtuctl)); /* * If the notified destination is different from * the one we are pinging, just ignore the info. * We check the scope ID only when both notified value * and our own value have non-0 values, because we may * have used the default scope zone ID for sending, * in which case the scope ID value is 0. */ if (!IN6_ARE_ADDR_EQUAL(&mtuctl.ip6m_addr.sin6_addr, &dst.sin6_addr) || (mtuctl.ip6m_addr.sin6_scope_id && dst.sin6_scope_id && mtuctl.ip6m_addr.sin6_scope_id != dst.sin6_scope_id)) { if ((options & F_VERBOSE) != 0) { printf("path MTU for %s is notified. " "(ignored)\n", pr_addr((struct sockaddr *)&mtuctl.ip6m_addr, sizeof(mtuctl.ip6m_addr))); } return(0); } /* * Ignore an invalid MTU. XXX: can we just believe * the kernel check? */ if (mtuctl.ip6m_mtu < IPV6_MMTU) return(0); /* notification for our destination. return the MTU. */ return((int)mtuctl.ip6m_mtu); } } #endif return(0); } /*subject type*/ static const char *niqcode[] = { "IPv6 address", "DNS label", /*or empty*/ "IPv4 address", }; /*result code*/ static const char *nircode[] = { "Success", "Refused", "Unknown", }; /* * pr_icmph -- * Print a descriptive string about an ICMP header. */ static void pr_icmph(struct icmp6_hdr *icp, u_char *end) { char ntop_buf[INET6_ADDRSTRLEN]; struct nd_redirect *red; struct icmp6_nodeinfo *ni; char dnsname[MAXDNAME + 1]; const u_char *cp; size_t l; switch (icp->icmp6_type) { case ICMP6_DST_UNREACH: switch (icp->icmp6_code) { case ICMP6_DST_UNREACH_NOROUTE: (void)printf("No Route to Destination\n"); break; case ICMP6_DST_UNREACH_ADMIN: (void)printf("Destination Administratively " "Unreachable\n"); break; case ICMP6_DST_UNREACH_BEYONDSCOPE: (void)printf("Destination Unreachable Beyond Scope\n"); break; case ICMP6_DST_UNREACH_ADDR: (void)printf("Destination Host Unreachable\n"); break; case ICMP6_DST_UNREACH_NOPORT: (void)printf("Destination Port Unreachable\n"); break; default: (void)printf("Destination Unreachable, Bad Code: %d\n", icp->icmp6_code); break; } /* Print returned IP header information */ pr_retip((struct ip6_hdr *)(icp + 1), end); break; case ICMP6_PACKET_TOO_BIG: (void)printf("Packet too big mtu = %d\n", (int)ntohl(icp->icmp6_mtu)); pr_retip((struct ip6_hdr *)(icp + 1), end); break; case ICMP6_TIME_EXCEEDED: switch (icp->icmp6_code) { case ICMP6_TIME_EXCEED_TRANSIT: (void)printf("Time to live exceeded\n"); break; case ICMP6_TIME_EXCEED_REASSEMBLY: (void)printf("Frag reassembly time exceeded\n"); break; default: (void)printf("Time exceeded, Bad Code: %d\n", icp->icmp6_code); break; } pr_retip((struct ip6_hdr *)(icp + 1), end); break; case ICMP6_PARAM_PROB: (void)printf("Parameter problem: "); switch (icp->icmp6_code) { case ICMP6_PARAMPROB_HEADER: (void)printf("Erroneous Header "); break; case ICMP6_PARAMPROB_NEXTHEADER: (void)printf("Unknown Nextheader "); break; case ICMP6_PARAMPROB_OPTION: (void)printf("Unrecognized Option "); break; default: (void)printf("Bad code(%d) ", icp->icmp6_code); break; } (void)printf("pointer = 0x%02x\n", (u_int32_t)ntohl(icp->icmp6_pptr)); pr_retip((struct ip6_hdr *)(icp + 1), end); break; case ICMP6_ECHO_REQUEST: (void)printf("Echo Request"); /* XXX ID + Seq + Data */ break; case ICMP6_ECHO_REPLY: (void)printf("Echo Reply"); /* XXX ID + Seq + Data */ break; case ICMP6_MEMBERSHIP_QUERY: (void)printf("Listener Query"); break; case ICMP6_MEMBERSHIP_REPORT: (void)printf("Listener Report"); break; case ICMP6_MEMBERSHIP_REDUCTION: (void)printf("Listener Done"); break; case ND_ROUTER_SOLICIT: (void)printf("Router Solicitation"); break; case ND_ROUTER_ADVERT: (void)printf("Router Advertisement"); break; case ND_NEIGHBOR_SOLICIT: (void)printf("Neighbor Solicitation"); break; case ND_NEIGHBOR_ADVERT: (void)printf("Neighbor Advertisement"); break; case ND_REDIRECT: red = (struct nd_redirect *)icp; (void)printf("Redirect\n"); if (!inet_ntop(AF_INET6, &red->nd_rd_dst, ntop_buf, sizeof(ntop_buf))) strlcpy(ntop_buf, "?", sizeof(ntop_buf)); (void)printf("Destination: %s", ntop_buf); if (!inet_ntop(AF_INET6, &red->nd_rd_target, ntop_buf, sizeof(ntop_buf))) strlcpy(ntop_buf, "?", sizeof(ntop_buf)); (void)printf(" New Target: %s", ntop_buf); break; case ICMP6_NI_QUERY: (void)printf("Node Information Query"); /* XXX ID + Seq + Data */ ni = (struct icmp6_nodeinfo *)icp; l = end - (u_char *)(ni + 1); printf(", "); switch (ntohs(ni->ni_qtype)) { case NI_QTYPE_NOOP: (void)printf("NOOP"); break; case NI_QTYPE_SUPTYPES: (void)printf("Supported qtypes"); break; case NI_QTYPE_FQDN: (void)printf("DNS name"); break; case NI_QTYPE_NODEADDR: (void)printf("nodeaddr"); break; case NI_QTYPE_IPV4ADDR: (void)printf("IPv4 nodeaddr"); break; default: (void)printf("unknown qtype"); break; } if (options & F_VERBOSE) { switch (ni->ni_code) { case ICMP6_NI_SUBJ_IPV6: if (l == sizeof(struct in6_addr) && inet_ntop(AF_INET6, ni + 1, ntop_buf, sizeof(ntop_buf)) != NULL) { (void)printf(", subject=%s(%s)", niqcode[ni->ni_code], ntop_buf); } else { #if 1 /* backward compat to -W */ (void)printf(", oldfqdn"); #else (void)printf(", invalid"); #endif } break; case ICMP6_NI_SUBJ_FQDN: if (end == (u_char *)(ni + 1)) { (void)printf(", no subject"); break; } printf(", subject=%s", niqcode[ni->ni_code]); cp = (const u_char *)(ni + 1); cp = dnsdecode(cp, end, NULL, dnsname, sizeof(dnsname)); if (cp != NULL) printf("(%s)", dnsname); else printf("(invalid)"); break; case ICMP6_NI_SUBJ_IPV4: if (l == sizeof(struct in_addr) && inet_ntop(AF_INET, ni + 1, ntop_buf, sizeof(ntop_buf)) != NULL) { (void)printf(", subject=%s(%s)", niqcode[ni->ni_code], ntop_buf); } else (void)printf(", invalid"); break; default: (void)printf(", invalid"); break; } } break; case ICMP6_NI_REPLY: (void)printf("Node Information Reply"); /* XXX ID + Seq + Data */ ni = (struct icmp6_nodeinfo *)icp; printf(", "); switch (ntohs(ni->ni_qtype)) { case NI_QTYPE_NOOP: (void)printf("NOOP"); break; case NI_QTYPE_SUPTYPES: (void)printf("Supported qtypes"); break; case NI_QTYPE_FQDN: (void)printf("DNS name"); break; case NI_QTYPE_NODEADDR: (void)printf("nodeaddr"); break; case NI_QTYPE_IPV4ADDR: (void)printf("IPv4 nodeaddr"); break; default: (void)printf("unknown qtype"); break; } if (options & F_VERBOSE) { if (ni->ni_code > nitems(nircode)) printf(", invalid"); else printf(", %s", nircode[ni->ni_code]); } break; default: (void)printf("Bad ICMP type: %d", icp->icmp6_type); } } /* * pr_iph -- * Print an IP6 header. */ static void pr_iph(struct ip6_hdr *ip6) { u_int32_t flow = ip6->ip6_flow & IPV6_FLOWLABEL_MASK; u_int8_t tc; char ntop_buf[INET6_ADDRSTRLEN]; tc = *(&ip6->ip6_vfc + 1); /* XXX */ tc = (tc >> 4) & 0x0f; tc |= (ip6->ip6_vfc << 4); printf("Vr TC Flow Plen Nxt Hlim\n"); printf(" %1x %02x %05x %04x %02x %02x\n", (ip6->ip6_vfc & IPV6_VERSION_MASK) >> 4, tc, (u_int32_t)ntohl(flow), ntohs(ip6->ip6_plen), ip6->ip6_nxt, ip6->ip6_hlim); if (!inet_ntop(AF_INET6, &ip6->ip6_src, ntop_buf, sizeof(ntop_buf))) strlcpy(ntop_buf, "?", sizeof(ntop_buf)); printf("%s->", ntop_buf); if (!inet_ntop(AF_INET6, &ip6->ip6_dst, ntop_buf, sizeof(ntop_buf))) strlcpy(ntop_buf, "?", sizeof(ntop_buf)); printf("%s\n", ntop_buf); } /* * pr_addr -- * Return an ascii host address as a dotted quad and optionally with * a hostname. */ static const char * pr_addr(struct sockaddr *addr, int addrlen) { static char buf[NI_MAXHOST]; int flag = 0; if (!(options & F_HOSTNAME)) flag |= NI_NUMERICHOST; if (cap_getnameinfo(capdns, addr, addrlen, buf, sizeof(buf), NULL, 0, flag) == 0) return (buf); else return "?"; } /* * pr_retip -- * Dump some info on a returned (via ICMPv6) IPv6 packet. */ static void pr_retip(struct ip6_hdr *ip6, u_char *end) { u_char *cp = (u_char *)ip6, nh; int hlen; if ((size_t)(end - (u_char *)ip6) < sizeof(*ip6)) { printf("IP6"); goto trunc; } pr_iph(ip6); hlen = sizeof(*ip6); nh = ip6->ip6_nxt; cp += hlen; while (end - cp >= 8) { #ifdef IPSEC struct ah ah; #endif switch (nh) { case IPPROTO_HOPOPTS: printf("HBH "); hlen = (((struct ip6_hbh *)cp)->ip6h_len+1) << 3; nh = ((struct ip6_hbh *)cp)->ip6h_nxt; break; case IPPROTO_DSTOPTS: printf("DSTOPT "); hlen = (((struct ip6_dest *)cp)->ip6d_len+1) << 3; nh = ((struct ip6_dest *)cp)->ip6d_nxt; break; case IPPROTO_FRAGMENT: printf("FRAG "); hlen = sizeof(struct ip6_frag); nh = ((struct ip6_frag *)cp)->ip6f_nxt; break; case IPPROTO_ROUTING: printf("RTHDR "); hlen = (((struct ip6_rthdr *)cp)->ip6r_len+1) << 3; nh = ((struct ip6_rthdr *)cp)->ip6r_nxt; break; #ifdef IPSEC case IPPROTO_AH: printf("AH "); memcpy(&ah, cp, sizeof(ah)); hlen = (ah.ah_len+2) << 2; nh = ah.ah_nxt; break; #endif case IPPROTO_ICMPV6: printf("ICMP6: type = %d, code = %d\n", *cp, *(cp + 1)); return; case IPPROTO_ESP: printf("ESP\n"); return; case IPPROTO_TCP: printf("TCP: from port %u, to port %u (decimal)\n", (*cp * 256 + *(cp + 1)), (*(cp + 2) * 256 + *(cp + 3))); return; case IPPROTO_UDP: printf("UDP: from port %u, to port %u (decimal)\n", (*cp * 256 + *(cp + 1)), (*(cp + 2) * 256 + *(cp + 3))); return; default: printf("Unknown Header(%d)\n", nh); return; } if ((cp += hlen) >= end) goto trunc; } if (end - cp < 8) goto trunc; putchar('\n'); return; trunc: printf("...\n"); return; } static void fill(char *bp, char *patp) { int ii, jj, kk; int pat[16]; char *cp; for (cp = patp; *cp; cp++) if (!isxdigit(*cp)) errx(1, "patterns must be specified as hex digits"); ii = sscanf(patp, "%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x%2x", &pat[0], &pat[1], &pat[2], &pat[3], &pat[4], &pat[5], &pat[6], &pat[7], &pat[8], &pat[9], &pat[10], &pat[11], &pat[12], &pat[13], &pat[14], &pat[15]); /* xxx */ if (ii > 0) for (kk = 0; (size_t)kk <= MAXDATALEN - 8 + sizeof(struct tv32) + ii; kk += ii) for (jj = 0; jj < ii; ++jj) bp[jj + kk] = pat[jj]; if (!(options & F_QUIET)) { (void)printf("PATTERN: 0x"); for (jj = 0; jj < ii; ++jj) (void)printf("%02x", bp[jj] & 0xFF); (void)printf("\n"); } } #ifdef IPSEC #ifdef IPSEC_POLICY_IPSEC static int setpolicy(int so __unused, char *policy) { char *buf; if (policy == NULL) return 0; /* ignore */ buf = ipsec_set_policy(policy, strlen(policy)); if (buf == NULL) errx(1, "%s", ipsec_strerror()); if (setsockopt(ssend, IPPROTO_IPV6, IPV6_IPSEC_POLICY, buf, ipsec_get_policylen(buf)) < 0) warnx("Unable to set IPsec policy"); free(buf); return 0; } #endif #endif static char * nigroup(char *name, int nig_oldmcprefix) { char *p; char *q; MD5_CTX ctxt; u_int8_t digest[16]; u_int8_t c; size_t l; char hbuf[NI_MAXHOST]; struct in6_addr in6; int valid; p = strchr(name, '.'); if (!p) p = name + strlen(name); l = p - name; if (l > 63 || l > sizeof(hbuf) - 1) return NULL; /*label too long*/ strncpy(hbuf, name, l); hbuf[(int)l] = '\0'; for (q = name; *q; q++) { if (isupper(*(unsigned char *)q)) *q = tolower(*(unsigned char *)q); } /* generate 16 bytes of pseudo-random value. */ memset(&ctxt, 0, sizeof(ctxt)); MD5Init(&ctxt); c = l & 0xff; MD5Update(&ctxt, &c, sizeof(c)); MD5Update(&ctxt, (unsigned char *)name, l); MD5Final(digest, &ctxt); if (nig_oldmcprefix) { /* draft-ietf-ipngwg-icmp-name-lookup */ valid = inet_pton(AF_INET6, "ff02::2:0000:0000", &in6); } else { /* RFC 4620 */ valid = inet_pton(AF_INET6, "ff02::2:ff00:0000", &in6); } if (valid != 1) return NULL; /*XXX*/ if (nig_oldmcprefix) { /* draft-ietf-ipngwg-icmp-name-lookup */ bcopy(digest, &in6.s6_addr[12], 4); } else { /* RFC 4620 */ bcopy(digest, &in6.s6_addr[13], 3); } if (inet_ntop(AF_INET6, &in6, hbuf, sizeof(hbuf)) == NULL) return NULL; return strdup(hbuf); } static cap_channel_t * capdns_setup(void) { cap_channel_t *capcas, *capdnsloc; #ifdef WITH_CASPER const char *types[2]; int families[1]; #endif capcas = cap_init(); if (capcas == NULL) err(1, "unable to create casper process"); capdnsloc = cap_service_open(capcas, "system.dns"); /* Casper capability no longer needed. */ cap_close(capcas); if (capdnsloc == NULL) err(1, "unable to open system.dns service"); #ifdef WITH_CASPER types[0] = "NAME2ADDR"; types[1] = "ADDR2NAME"; if (cap_dns_type_limit(capdnsloc, types, nitems(types)) < 0) err(1, "unable to limit access to system.dns service"); families[0] = AF_INET6; if (cap_dns_family_limit(capdnsloc, families, nitems(families)) < 0) err(1, "unable to limit access to system.dns service"); #endif return (capdnsloc); } diff --git a/sbin/ping/utils.c b/sbin/ping/utils.c index 920102a68961..1488fdfeb06c 100644 --- a/sbin/ping/utils.c +++ b/sbin/ping/utils.c @@ -1,96 +1,93 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1989, 1993 * The Regents of the University of California. All rights reserved. * * This code is derived from software contributed to Berkeley by * Mike Muuss. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #if 0 #ifndef lint static const char copyright[] = "@(#) Copyright (c) 1989, 1993\n\ The Regents of the University of California. All rights reserved.\n"; #endif /* not lint */ -#ifndef lint -static char sccsid[] = "@(#)ping.c 8.1 (Berkeley) 6/5/93"; -#endif /* not lint */ #endif #include #include #include "utils.h" /* * in_cksum -- * Checksum routine for Internet Protocol family headers (C Version) */ u_short in_cksum(u_char *addr, int len) { int nleft, sum; u_char *w; union { u_short us; u_char uc[2]; } last; u_short answer; nleft = len; sum = 0; w = addr; /* * Our algorithm is simple, using a 32 bit accumulator (sum), we add * sequential 16 bit words to it, and at the end, fold back all the * carry bits from the top 16 bits into the lower 16 bits. */ while (nleft > 1) { u_short data; memcpy(&data, w, sizeof(data)); sum += data; w += sizeof(data); nleft -= sizeof(data); } /* mop up an odd byte, if necessary */ if (nleft == 1) { last.uc[0] = *w; last.uc[1] = 0; sum += last.us; } /* add back carry outs from top 16 bits to low 16 bits */ sum = (sum >> 16) + (sum & 0xffff); /* add hi 16 to low 16 */ sum += (sum >> 16); /* add carry */ answer = ~sum; /* truncate to 16 bits */ return(answer); } diff --git a/sbin/quotacheck/Makefile b/sbin/quotacheck/Makefile index 644e46e3a772..d737e4f04723 100644 --- a/sbin/quotacheck/Makefile +++ b/sbin/quotacheck/Makefile @@ -1,12 +1,11 @@ -# @(#)Makefile 8.1 (Berkeley) 6/5/93 PACKAGE=quotacheck PROG= quotacheck SRCS= quotacheck.c preen.c fsutil.c utilities.c WARNS?= 3 MAN= quotacheck.8 LIBADD= util ufs .PATH: ${.CURDIR:H}/fsck ${.CURDIR:H}/fsck_ffs .include diff --git a/sbin/quotacheck/quotacheck.8 b/sbin/quotacheck/quotacheck.8 index 2675245aa345..cd1b60e51060 100644 --- a/sbin/quotacheck/quotacheck.8 +++ b/sbin/quotacheck/quotacheck.8 @@ -1,202 +1,200 @@ .\" Copyright (c) 1983, 1990, 1991, 1993 .\" The Regents of the University of California. All rights reserved. .\" .\" This code is derived from software contributed to Berkeley by .\" Robert Elz at The University of Melbourne. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: .\" 1. Redistributions of source code must retain the above copyright .\" notice, this list of conditions and the following disclaimer. .\" 2. Redistributions in binary form must reproduce the above copyright .\" notice, this list of conditions and the following disclaimer in the .\" documentation and/or other materials provided with the distribution. .\" 3. Neither the name of the University nor the names of its contributors .\" may be used to endorse or promote products derived from this software .\" without specific prior written permission. .\" .\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE .\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" @(#)quotacheck.8 8.1 (Berkeley) 6/5/93 -.\" .Dd January 25, 2007 .Dt QUOTACHECK 8 .Os .Sh NAME .Nm quotacheck .Nd file system quota consistency checker .Sh SYNOPSIS .Nm .Op Fl guv .Op Fl c Ar 32 | 64 .Op Fl l Ar maxrun .Fl a .Nm .Op Fl guv .Op Fl c Ar 32 | 64 .Ar filesystem ... .Sh DESCRIPTION The .Nm utility examines each file system, builds a table of current disk usage, and compares this table against that recorded in the disk quota file for the file system. If any inconsistencies are detected, both the quota file and the current system copy of the incorrect quotas are updated (the latter only occurs if an active file system is checked). By default both user and group quotas are checked. .Pp The following options are available: .Bl -tag -width indent .It Fl a If supplied in place of any file system names, .Nm will check all the file systems indicated in .Pa /etc/fstab to be read-write with disk quotas. By default only the types of quotas listed in .Pa /etc/fstab are checked. .It Fl c Ar 32 | 64 Before performing its checks, .Nm will convert the quota file to the specified word size. A conversion size of 64 is given to request conversion to the new 64-bit quota file format. A conversion size of 32 is given to request conversion back to the old 32-bit quota file format. The original quota file is left unchanged and moved aside with an underscore and its format size plus a .Pa .orig extension added to its name. Thus, the original 32-bit .Pa quota.user quota file converted to the 64-bit format quota file will be renamed to .Pa quota.user_32.orig . .It Fl g Only group quotas listed in .Pa /etc/fstab are to be checked. .It Fl l Ar maxrun Specifies the maximum number of concurrent file systems to check in parallel. If this option is omitted, or if .Ar maxrun is zero, parallel passes are run as per .Xr fsck 8 . This option is deprecated and parallel passes are always run as per .Xr fsck 8 . .It Fl u Only user quotas listed in .Pa /etc/fstab are to be checked. .It Fl v Report discrepancies between the calculated and recorded disk quotas and other additional diagnostic messages. .El .Pp Specifying both .Fl g and .Fl u is equivalent to the default. Parallel passes are run on the file systems required, using the pass numbers in .Pa /etc/fstab in an identical fashion to .Xr fsck 8 . .Pp Normally, .Nm operates silently. .Pp The .Nm utility expects each file system to be checked to have a quota files named .Pa quota.user and .Pa quota.group which are located at the root of the associated file system. These defaults may be overridden in .Pa /etc/fstab . If a file is not present, .Nm will create it. These files should be edited with the .Xr edquota 8 utility. .Pp The .Nm utility is normally run at boot time from the .Pa /etc/rc file. The rc startup procedure is controlled by the .Pa /etc/rc.conf variable .Ar check_quotas . Note that to enable this functionality in .Pa /etc/rc you also need to enable startup quota procedures with the variable .Ar enable_quotas in .Pa /etc/rc.conf . The kernel must also be built with .Cd "options QUOTA" . .Pp The .Nm utility accesses the raw device in calculating the actual disk usage for each user. Thus, the file systems checked should be quiescent while .Nm is running. .Sh FILES .Bl -tag -width quota.group -compact .It Pa quota.user at the file system root with user quotas .It Pa quota.group at the file system root with group quotas .It Pa /etc/fstab default file systems .El .Sh SEE ALSO .Xr quota 1 , .Xr quotactl 2 , .Xr fstab 5 , .Xr rc.conf 5 , .Xr edquota 8 , .Xr fsck 8 , .Xr quotaon 8 , .Xr repquota 8 .Sh HISTORY The .Nm utility appeared in .Bx 4.2 . .Sh BUGS The quota system will ignore UIDs or GIDs that would be negative when evaluated as a signed value. Typically those types of ids can appear in the file system from NFS mounts or archive files from other operating systems. Extremely large UIDs or GIDs will cause .Nm to run for an unreasonable amount of time and also produce extremely large quota data files. diff --git a/sbin/quotacheck/quotacheck.c b/sbin/quotacheck/quotacheck.c index 3f608c103b1d..952c101a6034 100644 --- a/sbin/quotacheck/quotacheck.c +++ b/sbin/quotacheck/quotacheck.c @@ -1,722 +1,719 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1980, 1990, 1993 * The Regents of the University of California. All rights reserved. * * This code is derived from software contributed to Berkeley by * Robert Elz at The University of Melbourne. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #if 0 #ifndef lint static const char copyright[] = "@(#) Copyright (c) 1980, 1990, 1993\n\ The Regents of the University of California. All rights reserved.\n"; #endif /* not lint */ -#ifndef lint -static char sccsid[] = "@(#)quotacheck.c 8.3 (Berkeley) 1/29/94"; -#endif /* not lint */ #endif #include /* * Fix up / report on disk quotas & usage */ #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include "quotacheck.h" const char *qfname = QUOTAFILENAME; const char *qfextension[] = INITQFNAMES; const char *quotagroup = QUOTAGROUP; union { struct fs sblk; char dummy[MAXBSIZE]; } sb_un; #define sblock sb_un.sblk union { struct cg cgblk; char dummy[MAXBSIZE]; } cg_un; #define cgblk cg_un.cgblk long dev_bsize = 1; ino_t maxino; union dinode { struct ufs1_dinode dp1; struct ufs2_dinode dp2; }; #define DIP(dp, field) \ ((sblock.fs_magic == FS_UFS1_MAGIC) ? \ (dp)->dp1.field : (dp)->dp2.field) #define HASUSR 1 #define HASGRP 2 struct fileusage { struct fileusage *fu_next; u_long fu_curinodes; u_long fu_curblocks; u_long fu_id; char fu_name[1]; /* actually bigger */ }; #define FUHASH 1024 /* must be power of two */ struct fileusage *fuhead[MAXQUOTAS][FUHASH]; int aflag; /* all file systems */ int cflag; /* convert format to 32 or 64 bit size */ int gflag; /* check group quotas */ int uflag; /* check user quotas */ int vflag; /* verbose */ int fi; /* open disk file descriptor */ struct fileusage * addid(u_long, int, char *, const char *); void blkread(ufs2_daddr_t, char *, long); void freeinodebuf(void); union dinode * getnextinode(ino_t); int getquotagid(void); struct fileusage * lookup(u_long, int); int oneof(char *, char*[], int); void printchanges(const char *, int, struct dqblk *, struct fileusage *, u_long); void setinodebuf(ino_t); int update(const char *, struct quotafile *, int); void usage(void); int main(int argc, char *argv[]) { struct fstab *fs; struct passwd *pw; struct group *gr; struct quotafile *qfu, *qfg; int i, argnum, maxrun, errs, ch; long done = 0; char *name; errs = maxrun = 0; while ((ch = getopt(argc, argv, "ac:guvl:")) != -1) { switch(ch) { case 'a': aflag++; break; case 'c': if (cflag) usage(); cflag = atoi(optarg); break; case 'g': gflag++; break; case 'u': uflag++; break; case 'v': vflag++; break; case 'l': maxrun = atoi(optarg); break; default: usage(); } } argc -= optind; argv += optind; if ((argc == 0 && !aflag) || (argc > 0 && aflag)) usage(); if (cflag && cflag != 32 && cflag != 64) usage(); if (!gflag && !uflag) { gflag++; uflag++; } if (gflag) { setgrent(); while ((gr = getgrent()) != NULL) (void) addid((u_long)gr->gr_gid, GRPQUOTA, gr->gr_name, NULL); endgrent(); } if (uflag) { setpwent(); while ((pw = getpwent()) != NULL) (void) addid((u_long)pw->pw_uid, USRQUOTA, pw->pw_name, NULL); endpwent(); } /* * The maxrun (-l) option is now deprecated. */ if (maxrun > 0) warnx("the -l option is now deprecated"); if (aflag) exit(checkfstab(uflag, gflag)); if (setfsent() == 0) errx(1, "%s: can't open", FSTAB); while ((fs = getfsent()) != NULL) { if (((argnum = oneof(fs->fs_file, argv, argc)) >= 0 || (argnum = oneof(fs->fs_spec, argv, argc)) >= 0) && (name = blockcheck(fs->fs_spec))) { done |= 1 << argnum; qfu = NULL; if (uflag) qfu = quota_open(fs, USRQUOTA, O_CREAT|O_RDWR); qfg = NULL; if (gflag) qfg = quota_open(fs, GRPQUOTA, O_CREAT|O_RDWR); if (qfu == NULL && qfg == NULL) continue; errs += chkquota(name, qfu, qfg); if (qfu) quota_close(qfu); if (qfg) quota_close(qfg); } } endfsent(); for (i = 0; i < argc; i++) if ((done & (1 << i)) == 0) fprintf(stderr, "%s not found in %s\n", argv[i], FSTAB); exit(errs); } void usage(void) { (void)fprintf(stderr, "%s\n%s\n", "usage: quotacheck [-guv] [-c 32 | 64] [-l maxrun] -a", " quotacheck [-guv] [-c 32 | 64] filesystem ..."); exit(1); } /* * Scan the specified file system to check quota(s) present on it. */ int chkquota(char *specname, struct quotafile *qfu, struct quotafile *qfg) { struct fileusage *fup; union dinode *dp; struct fs *fs; int i, ret, mode, errs = 0; u_int32_t cg; ino_t curino, ino, inosused, userino = 0, groupino = 0; dev_t dev, userdev = 0, groupdev = 0; struct stat sb; const char *mntpt; char *cp; if (qfu != NULL) mntpt = quota_fsname(qfu); else if (qfg != NULL) mntpt = quota_fsname(qfg); else errx(1, "null quotafile information passed to chkquota()\n"); if (cflag) { if (vflag && qfu != NULL) printf("%s: convert user quota to %d bits\n", mntpt, cflag); if (qfu != NULL && quota_convert(qfu, cflag) < 0) { if (errno == EBADF) errx(1, "%s: cannot convert an active quota file", mntpt); err(1, "user quota conversion to size %d failed", cflag); } if (vflag && qfg != NULL) printf("%s: convert group quota to %d bits\n", mntpt, cflag); if (qfg != NULL && quota_convert(qfg, cflag) < 0) { if (errno == EBADF) errx(1, "%s: cannot convert an active quota file", mntpt); err(1, "group quota conversion to size %d failed", cflag); } } if ((fi = open(specname, O_RDONLY, 0)) < 0) { warn("%s", specname); return (1); } if ((stat(mntpt, &sb)) < 0) { warn("%s", mntpt); return (1); } dev = sb.st_dev; if (vflag) { (void)printf("*** Checking "); if (qfu) (void)printf("user%s", qfg ? " and " : ""); if (qfg) (void)printf("group"); (void)printf(" quotas for %s (%s)\n", specname, mntpt); } if (qfu) { if (stat(quota_qfname(qfu), &sb) == 0) { userino = sb.st_ino; userdev = sb.st_dev; } } if (qfg) { if (stat(quota_qfname(qfg), &sb) == 0) { groupino = sb.st_ino; groupdev = sb.st_dev; } } sync(); if ((ret = sbget(fi, &fs, UFS_STDSB, UFS_NOCSUM)) != 0) { switch (ret) { case ENOENT: warn("Cannot find file system superblock"); return (1); default: warn("Unable to read file system superblock"); return (1); } } bcopy(fs, &sblock, fs->fs_sbsize); free(fs); dev_bsize = sblock.fs_fsize / fsbtodb(&sblock, 1); maxino = sblock.fs_ncg * sblock.fs_ipg; for (cg = 0; cg < sblock.fs_ncg; cg++) { ino = cg * sblock.fs_ipg; setinodebuf(ino); blkread(fsbtodb(&sblock, cgtod(&sblock, cg)), (char *)(&cgblk), sblock.fs_cgsize); if (sblock.fs_magic == FS_UFS2_MAGIC) inosused = cgblk.cg_initediblk; else inosused = sblock.fs_ipg; /* * If we are using soft updates, then we can trust the * cylinder group inode allocation maps to tell us which * inodes are allocated. We will scan the used inode map * to find the inodes that are really in use, and then * read only those inodes in from disk. */ if (sblock.fs_flags & FS_DOSOFTDEP) { if (!cg_chkmagic(&cgblk)) errx(1, "CG %d: BAD MAGIC NUMBER\n", cg); cp = &cg_inosused(&cgblk)[(inosused - 1) / CHAR_BIT]; for ( ; inosused > 0; inosused -= CHAR_BIT, cp--) { if (*cp == 0) continue; for (i = 1 << (CHAR_BIT - 1); i > 0; i >>= 1) { if (*cp & i) break; inosused--; } break; } if (inosused <= 0) continue; } for (curino = 0; curino < inosused; curino++, ino++) { if ((dp = getnextinode(ino)) == NULL || ino < UFS_ROOTINO || (mode = DIP(dp, di_mode) & IFMT) == 0) continue; /* * XXX: Do not account for UIDs or GIDs that appear * to be negative to prevent generating 100GB+ * quota files. */ if ((int)DIP(dp, di_uid) < 0 || (int)DIP(dp, di_gid) < 0) { if (vflag) { if (aflag) (void)printf("%s: ", mntpt); (void)printf("out of range UID/GID (%u/%u) ino=%ju\n", DIP(dp, di_uid), DIP(dp,di_gid), (uintmax_t)ino); } continue; } /* * Do not account for file system snapshot files * or the actual quota data files to be consistent * with how they are handled inside the kernel. */ #ifdef SF_SNAPSHOT if (DIP(dp, di_flags) & SF_SNAPSHOT) continue; #endif if ((ino == userino && dev == userdev) || (ino == groupino && dev == groupdev)) continue; if (qfg) { fup = addid((u_long)DIP(dp, di_gid), GRPQUOTA, NULL, mntpt); fup->fu_curinodes++; if (mode == IFREG || mode == IFDIR || mode == IFLNK) fup->fu_curblocks += DIP(dp, di_blocks); } if (qfu) { fup = addid((u_long)DIP(dp, di_uid), USRQUOTA, NULL, mntpt); fup->fu_curinodes++; if (mode == IFREG || mode == IFDIR || mode == IFLNK) fup->fu_curblocks += DIP(dp, di_blocks); } } } freeinodebuf(); if (qfu) errs += update(mntpt, qfu, USRQUOTA); if (qfg) errs += update(mntpt, qfg, GRPQUOTA); close(fi); (void)fflush(stdout); return (errs); } /* * Update a specified quota file. */ int update(const char *fsname, struct quotafile *qf, int type) { struct fileusage *fup; u_long id, lastid, highid = 0; struct dqblk dqbuf; struct stat sb; static struct dqblk zerodqbuf; static struct fileusage zerofileusage; /* * Scan the on-disk quota file and record any usage changes. */ lastid = quota_maxid(qf); for (id = 0; id <= lastid; id++) { if (quota_read(qf, &dqbuf, id) < 0) dqbuf = zerodqbuf; if ((fup = lookup(id, type)) == NULL) fup = &zerofileusage; if (fup->fu_curinodes || fup->fu_curblocks || dqbuf.dqb_bsoftlimit || dqbuf.dqb_bhardlimit || dqbuf.dqb_isoftlimit || dqbuf.dqb_ihardlimit) highid = id; if (dqbuf.dqb_curinodes == fup->fu_curinodes && dqbuf.dqb_curblocks == fup->fu_curblocks) { fup->fu_curinodes = 0; fup->fu_curblocks = 0; continue; } printchanges(fsname, type, &dqbuf, fup, id); dqbuf.dqb_curinodes = fup->fu_curinodes; dqbuf.dqb_curblocks = fup->fu_curblocks; (void) quota_write_usage(qf, &dqbuf, id); fup->fu_curinodes = 0; fup->fu_curblocks = 0; } /* * Walk the hash table looking for ids with non-zero usage * that are not currently recorded in the quota file. E.g. * ids that are past the end of the current file. */ for (id = 0; id < FUHASH; id++) { for (fup = fuhead[type][id]; fup != NULL; fup = fup->fu_next) { if (fup->fu_id <= lastid) continue; if (fup->fu_curinodes == 0 && fup->fu_curblocks == 0) continue; bzero(&dqbuf, sizeof(struct dqblk)); if (fup->fu_id > highid) highid = fup->fu_id; printchanges(fsname, type, &dqbuf, fup, fup->fu_id); dqbuf.dqb_curinodes = fup->fu_curinodes; dqbuf.dqb_curblocks = fup->fu_curblocks; (void) quota_write_usage(qf, &dqbuf, fup->fu_id); fup->fu_curinodes = 0; fup->fu_curblocks = 0; } } /* * If this is old format file, then size may be smaller, * so ensure that we only truncate when it will make things * smaller, and not if it will grow an old format file. */ if (highid < lastid && stat(quota_qfname(qf), &sb) == 0 && sb.st_size > (off_t)((highid + 2) * sizeof(struct dqblk))) truncate(quota_qfname(qf), (((off_t)highid + 2) * sizeof(struct dqblk))); return (0); } /* * Check to see if target appears in list of size cnt. */ int oneof(char *target, char *list[], int cnt) { int i; for (i = 0; i < cnt; i++) if (strcmp(target, list[i]) == 0) return (i); return (-1); } /* * Determine the group identifier for quota files. */ int getquotagid(void) { struct group *gr; if ((gr = getgrnam(quotagroup)) != NULL) return (gr->gr_gid); return (-1); } /* * Routines to manage the file usage table. * * Lookup an id of a specific type. */ struct fileusage * lookup(u_long id, int type) { struct fileusage *fup; for (fup = fuhead[type][id & (FUHASH-1)]; fup != NULL; fup = fup->fu_next) if (fup->fu_id == id) return (fup); return (NULL); } /* * Add a new file usage id if it does not already exist. */ struct fileusage * addid(u_long id, int type, char *name, const char *fsname) { struct fileusage *fup, **fhp; int len; if ((fup = lookup(id, type)) != NULL) return (fup); if (name) len = strlen(name); else len = 0; if ((fup = calloc(1, sizeof(*fup) + len)) == NULL) errx(1, "calloc failed"); fhp = &fuhead[type][id & (FUHASH - 1)]; fup->fu_next = *fhp; *fhp = fup; fup->fu_id = id; if (name) bcopy(name, fup->fu_name, len + 1); else { (void)sprintf(fup->fu_name, "%lu", id); if (vflag) { if (aflag && fsname != NULL) (void)printf("%s: ", fsname); printf("unknown %cid: %lu\n", type == USRQUOTA ? 'u' : 'g', id); } } return (fup); } /* * Special purpose version of ginode used to optimize pass * over all the inodes in numerical order. */ static ino_t nextino, lastinum, lastvalidinum; static long readcnt, readpercg, fullcnt, inobufsize, partialcnt, partialsize; static caddr_t inodebuf; #define INOBUFSIZE 56*1024 /* size of buffer to read inodes */ union dinode * getnextinode(ino_t inumber) { long size; ufs2_daddr_t dblk; union dinode *dp; static caddr_t nextinop; if (inumber != nextino++ || inumber > lastvalidinum) errx(1, "bad inode number %ju to nextinode", (uintmax_t)inumber); if (inumber >= lastinum) { readcnt++; dblk = fsbtodb(&sblock, ino_to_fsba(&sblock, lastinum)); if (readcnt % readpercg == 0) { size = partialsize; lastinum += partialcnt; } else { size = inobufsize; lastinum += fullcnt; } /* * If blkread returns an error, it will already have zeroed * out the buffer, so we do not need to do so here. */ blkread(dblk, inodebuf, size); nextinop = inodebuf; } dp = (union dinode *)nextinop; if (sblock.fs_magic == FS_UFS1_MAGIC) nextinop += sizeof(struct ufs1_dinode); else nextinop += sizeof(struct ufs2_dinode); return (dp); } /* * Prepare to scan a set of inodes. */ void setinodebuf(ino_t inum) { if (inum % sblock.fs_ipg != 0) errx(1, "bad inode number %ju to setinodebuf", (uintmax_t)inum); lastvalidinum = inum + sblock.fs_ipg - 1; nextino = inum; lastinum = inum; readcnt = 0; if (inodebuf != NULL) return; inobufsize = blkroundup(&sblock, INOBUFSIZE); fullcnt = inobufsize / ((sblock.fs_magic == FS_UFS1_MAGIC) ? sizeof(struct ufs1_dinode) : sizeof(struct ufs2_dinode)); readpercg = sblock.fs_ipg / fullcnt; partialcnt = sblock.fs_ipg % fullcnt; partialsize = partialcnt * ((sblock.fs_magic == FS_UFS1_MAGIC) ? sizeof(struct ufs1_dinode) : sizeof(struct ufs2_dinode)); if (partialcnt != 0) { readpercg++; } else { partialcnt = fullcnt; partialsize = inobufsize; } if ((inodebuf = malloc((unsigned)inobufsize)) == NULL) errx(1, "cannot allocate space for inode buffer"); } /* * Free up data structures used to scan inodes. */ void freeinodebuf(void) { if (inodebuf != NULL) free(inodebuf); inodebuf = NULL; } /* * Read specified disk blocks. */ void blkread(ufs2_daddr_t bno, char *buf, long cnt) { if (lseek(fi, (off_t)bno * dev_bsize, SEEK_SET) < 0 || read(fi, buf, cnt) != cnt) errx(1, "blkread failed on block %ld", (long)bno); } /* * Display updated block and i-node counts. */ void printchanges(const char *fsname, int type, struct dqblk *dp, struct fileusage *fup, u_long id) { if (!vflag) return; if (aflag) (void)printf("%s: ", fsname); if (fup->fu_name[0] == '\0') (void)printf("%-8lu fixed ", id); else (void)printf("%-8s fixed ", fup->fu_name); switch (type) { case GRPQUOTA: (void)printf("(group):"); break; case USRQUOTA: (void)printf("(user): "); break; default: (void)printf("(unknown quota type %d)", type); break; } if (dp->dqb_curinodes != fup->fu_curinodes) (void)printf("\tinodes %lu -> %lu", (u_long)dp->dqb_curinodes, (u_long)fup->fu_curinodes); if (dp->dqb_curblocks != fup->fu_curblocks) (void)printf("\tblocks %lu -> %lu", (u_long)dp->dqb_curblocks, (u_long)fup->fu_curblocks); (void)printf("\n"); } diff --git a/sbin/rcorder/hash.h b/sbin/rcorder/hash.h index 6ccf76d002a8..d1f096a3c017 100644 --- a/sbin/rcorder/hash.h +++ b/sbin/rcorder/hash.h @@ -1,132 +1,130 @@ /* $NetBSD: hash.h,v 1.1.1.1 1999/11/19 04:30:56 mrg Exp $ */ /*- * SPDX-License-Identifier: BSD-4-Clause * * Copyright (c) 1988, 1989, 1990 The Regents of the University of California. * Copyright (c) 1988, 1989 by Adam de Boor * Copyright (c) 1989 by Berkeley Softworks * All rights reserved. * * This code is derived from software contributed to Berkeley by * Adam de Boor. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. All advertising materials mentioning features or use of this software * must display the following acknowledgement: * This product includes software developed by the University of * California, Berkeley and its contributors. * 4. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. - * - * from: @(#)hash.h 8.1 (Berkeley) 6/6/93 */ /* hash.h -- * * This file contains definitions used by the hash module, * which maintains hash tables. */ #ifndef _HASH #define _HASH /* * The following defines one entry in the hash table. */ typedef struct Hash_Entry { struct Hash_Entry *next; /* Used to link together all the * entries associated with the same * bucket. */ ClientData clientData; /* Arbitrary piece of data associated * with key. */ unsigned namehash; /* hash value of key */ char name[1]; /* key string */ } Hash_Entry; typedef struct Hash_Table { struct Hash_Entry **bucketPtr; /* Pointers to Hash_Entry, one * for each bucket in the table. */ int size; /* Actual size of array. */ int numEntries; /* Number of entries in the table. */ int mask; /* Used to select bits for hashing. */ } Hash_Table; /* * The following structure is used by the searching routines * to record where we are in the search. */ typedef struct Hash_Search { Hash_Table *tablePtr; /* Table being searched. */ int nextIndex; /* Next bucket to check (after * current). */ Hash_Entry *hashEntryPtr; /* Next entry to check in current * bucket. */ } Hash_Search; /* * Macros. */ /* * ClientData Hash_GetValue(h) * Hash_Entry *h; */ #define Hash_GetValue(h) ((h)->clientData) /* * Hash_SetValue(h, val); * Hash_Entry *h; * char *val; */ #define Hash_SetValue(h, val) ((h)->clientData = (ClientData) (val)) #ifdef ORDER /* * Hash_GetKey(h); * Hash_Entry *h; */ #define Hash_GetKey(h) ((h)->name) #endif /* ORDER */ /* * Hash_Size(n) returns the number of words in an object of n bytes */ #define Hash_Size(n) (((n) + sizeof (int) - 1) / sizeof (int)) void Hash_InitTable(Hash_Table *, int); void Hash_DeleteTable(Hash_Table *); Hash_Entry *Hash_FindEntry(Hash_Table *, char *); Hash_Entry *Hash_CreateEntry(Hash_Table *, char *, Boolean *); void Hash_DeleteEntry(Hash_Table *, Hash_Entry *); Hash_Entry *Hash_EnumFirst(Hash_Table *, Hash_Search *); Hash_Entry *Hash_EnumNext(Hash_Search *); #endif /* _HASH */ diff --git a/sbin/rcorder/sprite.h b/sbin/rcorder/sprite.h index 29b25b0ba263..8ca07f7aa6d8 100644 --- a/sbin/rcorder/sprite.h +++ b/sbin/rcorder/sprite.h @@ -1,115 +1,113 @@ /* $NetBSD: sprite.h,v 1.1 1999/11/23 05:28:22 mrg Exp $ */ /*- * SPDX-License-Identifier: BSD-4-Clause * * Copyright (c) 1988, 1989, 1990, 1993 * The Regents of the University of California. All rights reserved. * Copyright (c) 1989 by Berkeley Softworks * All rights reserved. * * This code is derived from software contributed to Berkeley by * Adam de Boor. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. All advertising materials mentioning features or use of this software * must display the following acknowledgement: * This product includes software developed by the University of * California, Berkeley and its contributors. * 4. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. - * - * from: @(#)sprite.h 8.1 (Berkeley) 6/6/93 */ /* * sprite.h -- * * Common constants and type declarations for Sprite. */ #ifndef _SPRITE #define _SPRITE /* * A boolean type is defined as an integer, not an enum. This allows a * boolean argument to be an expression that isn't strictly 0 or 1 valued. */ typedef int Boolean; #ifndef TRUE #define TRUE 1 #endif /* TRUE */ #ifndef FALSE #define FALSE 0 #endif /* FALSE */ /* * Functions that must return a status can return a ReturnStatus to * indicate success or type of failure. */ typedef int ReturnStatus; /* * The following statuses overlap with the first 2 generic statuses * defined in status.h: * * SUCCESS There was no error. * FAILURE There was a general error. */ #define SUCCESS 0x00000000 #define FAILURE 0x00000001 /* * A nil pointer must be something that will cause an exception if * referenced. There are two nils: the kernels nil and the nil used * by user processes. */ #define NIL ~0 #define USER_NIL 0 #ifndef NULL #define NULL 0 #endif /* NULL */ /* * An address is just a pointer in C. It is defined as a character pointer * so that address arithmetic will work properly, a byte at a time. */ typedef char *Address; /* * ClientData is an uninterpreted word. It is defined as an int so that * kdbx will not interpret client data as a string. Unlike an "Address", * client data will generally not be used in arithmetic. * But we don't have kdbx anymore so we define it as void (christos) */ typedef void *ClientData; #endif /* _SPRITE */ diff --git a/sbin/reboot/Makefile b/sbin/reboot/Makefile index 7f7fe4a77410..4db6d5589e97 100644 --- a/sbin/reboot/Makefile +++ b/sbin/reboot/Makefile @@ -1,22 +1,21 @@ -# @(#)Makefile 8.1 (Berkeley) 6/5/93 PACKAGE=runtime PROG= reboot MAN= reboot.8 nextboot.8 MLINKS= reboot.8 halt.8 reboot.8 fastboot.8 reboot.8 fasthalt.8 .if exists(${.CURDIR}/boot_${MACHINE}.8) MAN+= boot_${MACHINE}.8 MLINKS+= boot_${MACHINE}.8 boot.8 .endif .if ${MACHINE} == "amd64" MAN+= boot_i386.8 MLINKS+= boot_i386.8 boot.8 .endif LINKS= ${BINDIR}/reboot ${BINDIR}/halt ${BINDIR}/reboot ${BINDIR}/fastboot \ ${BINDIR}/reboot ${BINDIR}/fasthalt SCRIPTS= nextboot.sh .include diff --git a/sbin/reboot/boot_i386.8 b/sbin/reboot/boot_i386.8 index da8fc2e430ac..5e97a7594684 100644 --- a/sbin/reboot/boot_i386.8 +++ b/sbin/reboot/boot_i386.8 @@ -1,355 +1,353 @@ .\" Copyright (c) 1991, 1993 .\" The Regents of the University of California. All rights reserved. .\" .\" This code is derived from software written and contributed .\" to Berkeley by William Jolitz. .\" .\" Almost completely rewritten for FreeBSD 2.1 by Joerg Wunsch. .\" .\" Substantially revised for FreeBSD 3.1 by Robert Nordier. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: .\" 1. Redistributions of source code must retain the above copyright .\" notice, this list of conditions and the following disclaimer. .\" 2. Redistributions in binary form must reproduce the above copyright .\" notice, this list of conditions and the following disclaimer in the .\" documentation and/or other materials provided with the distribution. .\" 3. Neither the name of the University nor the names of its contributors .\" may be used to endorse or promote products derived from this software .\" without specific prior written permission. .\" .\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE .\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" @(#)boot_i386.8 8.2 (Berkeley) 4/19/94 -.\" .Dd July 11, 2020 .Dt BOOT 8 i386 .Os .Sh NAME .Nm boot .Nd system bootstrapping procedures .Sh DESCRIPTION .Sy Power fail and crash recovery . Normally, the system will reboot itself at power-up or after crashes. An automatic consistency check of the file systems will be performed, and unless this fails, the system will resume multi-user operations. .Pp .Sy Cold starts . Most i386 PCs attempt to boot first from floppy disk drive 0 (sometimes known as drive A:) and, failing that, from hard disk drive 0 (sometimes known as drive C:, or as drive 0x80 to the BIOS). Some BIOSes allow you to change this default sequence, and may also include a CD-ROM drive as a boot device. .Pp Some newer PCs boot using UEFI firmware, not BIOS. That process is described in .Xr uefi 8 . .Pp A three-stage bootstrap is employed. Control is passed from the boot blocks (bootstrap stages one and two) to a third-stage bootstrap program, .Xr loader 8 . This third stage provides more sophisticated control over the booting process than it is possible to achieve in the boot blocks, which are constrained by occupying limited fixed space on a given disk or slice. .Pp The remainder of this subsection deals only with the boot blocks. The .Xr loader 8 program is documented separately. .Pp After the boot blocks have been loaded, you should see a prompt similar to the following: .Bd -literal >> FreeBSD/x86 BOOT Default: 0:ad(0,a)/boot/loader boot: .Ed .Pp The automatic boot will attempt to load .Pa /boot/loader from partition .Ql a of either the floppy or the hard disk. This boot may be aborted by typing any character on the keyboard at the .Ql boot\&: prompt. At this time, the following input will be accepted: .Bl -tag -width indent .It Ic \&? Give a short listing of the files in the root directory of the default boot device, as a hint about available boot files. (A .Ic ?\& may also be specified as the last segment of a path, in which case the listing will be of the relevant subdirectory.) .It Xo .Sm off .Ar bios_drive : interface ( unit , Oo Ar slice , Oc Ar part ) .Ar filename .Sm on .Op Fl aCcDdghmnPprsv .Op Fl S Ns Ar speed .Xc Specify boot file and flags. .Bl -tag -width indent .It Ar bios_drive The drive number as recognized by the BIOS. 0 for the first drive, 1 for the second drive, etc. .It Ar interface The type of controller to boot from. Note that the controller is required to have BIOS support since the BIOS services are used to load the boot file image. .Pp The supported interfaces are: .Pp .Bl -tag -width "adXX" -compact .It ad ST506, IDE, ESDI, RLL disks on a WD100[2367] or lookalike controller .It fd 5 1/4" or 3 1/2" High density floppies .It da SCSI disk on any supported SCSI controller .\".It cd .\"boot from CDROM .El .It Ar unit The unit number of the drive on the interface being used. 0 for the first drive, 1 for the second drive, etc. .It Oo Ar slice , Oc Ns Ar part The partition letter inside the .Bx portion of the disk. See .Xr bsdlabel 8 . By convention, only partition .Ql a contains a bootable image. If sliced disks are used .Pq Dq fdisk partitions , any .Ar slice (1 for the first slice, 2 for the second slice, etc.\&) can be booted from, with the default (if not specified) being the active slice or, otherwise, the first .Fx slice. If .Ar slice is specified as 0, the first .Fx slice (also known as .Dq compatibility slice) is booted from. .It Ar filename The pathname of the file to boot (relative to the root directory on the specified partition). Defaults to .Pa /boot/kernel/kernel . Symbolic links are not supported (hard links are). .It Xo Op Fl aCcDdghmnPpqrsv .Op Fl S Ns Ar speed .Xc Boot flags: .Pp .Bl -tag -width "-CXX" -compact .It Fl a during kernel initialization, ask for the device to mount as the root file system. .It Fl C try to mount root file system from a CD-ROM. .It Fl c this flag is currently a no-op. .It Fl D boot with the dual console configuration. In the single configuration, the console will be either the internal display or the serial port, depending on the state of the .Fl h option below. In the dual console configuration, both the internal display and the serial port will become the console at the same time, regardless of the state of the .Fl h option. .It Fl d enter the DDB kernel debugger (see .Xr ddb 4 ) as early as possible in kernel initialization. .It Fl g use the GDB remote debugging protocol. .It Fl h force the serial console. For instance, if you boot from the internal console, you can use the .Fl h option to force the kernel to use the serial port as its console device. .It Fl m mute the console to suppress all kernel console input and output during the boot. .It Fl n ignore key press to interrupt boot before .Xr loader 8 is invoked. .It Fl P probe the keyboard. If no keyboard is found, the .Fl D and .Fl h options are automatically set. .It Fl p pause after each attached device during the device probing phase. .It Fl q be quiet, do not write anything to the console unless automatic boot fails or is disabled. This option only affects second-stage bootstrap, to prevent next stages from writing to the console use in combination with the .Fl m option. .It Fl r use the statically configured default for the device containing the root file system (see .Xr config 8 ) . Normally, the root file system is on the device that the kernel was loaded from. .It Fl s boot into single-user mode; if the console is marked as .Dq insecure (see .Xr ttys 5 ) , the root password must be entered. .It Fl S Ns Ar speed set the speed of the serial console to .Ar speed . The default is 115200 unless it has been overridden by setting .Va BOOT_COMCONSOLE_SPEED in .Xr make.conf 5 and recompiling and reinstalling the boot blocks. .It Fl v be verbose during device probing (and later). .El .El .El .Pp Use the .Pa /boot.config file to set the default configuration options for the boot block code. See .Xr boot.config 5 for more information about the .Pa /boot.config file. .Sh FILES .Bl -tag -width /boot/loader -compact .It Pa /boot.config parameters for the boot blocks (optional) .It Pa /boot/boot1 first stage bootstrap file .It Pa /boot/boot2 second stage bootstrap file .It Pa /boot/loader third stage bootstrap .It Pa /boot/kernel/kernel default kernel .It Pa /boot/kernel.old/kernel typical non-default kernel (optional) .El .Sh DIAGNOSTICS When disk-related errors occur, these are reported by the second-stage bootstrap using the same error codes returned by the BIOS, for example .Dq Disk error 0x1 (lba=0x12345678) . Here is a partial list of these error codes: .Pp .Bl -tag -width "0x80" -compact .It 0x1 Invalid argument .It 0x2 Address mark not found .It 0x4 Sector not found .It 0x8 DMA overrun .It 0x9 DMA attempt across 64K boundary .It 0xc Invalid media .It 0x10 Uncorrectable CRC/ECC error .It 0x20 Controller failure .It 0x40 Seek failed .It 0x80 Timeout .El .Pp .Sy "NOTE" : On older machines, or otherwise where EDD support (disk packet interface support) is not available, all boot-related files and structures (including the kernel) that need to be accessed during the boot phase must reside on the disk at or below cylinder 1023 (as the BIOS understands the geometry). When a .Dq Disk error 0x1 is reported by the second-stage bootstrap, it generally means that this requirement has not been adhered to. .Sh SEE ALSO .Xr ddb 4 , .Xr boot.config 5 , .Xr make.conf 5 , .Xr mount.conf 5 , .Xr ttys 5 , .Xr boot0cfg 8 , .Xr btxld 8 , .Xr config 8 , .Xr efibootmgr 8 , .Xr efivar 8 , .Xr gpart 8 , .Xr gptboot 8 , .Xr gptzfsboot 8 , .Xr halt 8 , .Xr loader 8 , .Xr nextboot 8 , .Xr reboot 8 , .Xr shutdown 8 , .Xr uefi 8 , .Xr zfsbootcfg 8 .Sh BUGS The bsdlabel format used by this version of .Bx is quite different from that of other architectures. .Pp Due to space constraints, the keyboard probe initiated by the .Fl P option is simply a test that the BIOS has detected an .Dq extended keyboard. If an .Dq XT/AT keyboard (with no F11 and F12 keys, etc.) is attached, the probe will fail. diff --git a/sbin/reboot/reboot.8 b/sbin/reboot/reboot.8 index 13119ecf64f7..e9a23ef84d69 100644 --- a/sbin/reboot/reboot.8 +++ b/sbin/reboot/reboot.8 @@ -1,195 +1,193 @@ .\" Copyright (c) 1990, 1991, 1993 .\" The Regents of the University of California. All rights reserved. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: .\" 1. Redistributions of source code must retain the above copyright .\" notice, this list of conditions and the following disclaimer. .\" 2. Redistributions in binary form must reproduce the above copyright .\" notice, this list of conditions and the following disclaimer in the .\" documentation and/or other materials provided with the distribution. .\" 3. Neither the name of the University nor the names of its contributors .\" may be used to endorse or promote products derived from this software .\" without specific prior written permission. .\" .\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE .\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" @(#)reboot.8 8.1 (Berkeley) 6/9/93 -.\" .Dd December 20, 2017 .Dt REBOOT 8 .Os .Sh NAME .Nm reboot , .Nm halt , .Nm fastboot , .Nm fasthalt .Nd stopping and restarting the system .Sh SYNOPSIS .Nm halt .Op Fl lNnpq .Op Fl k Ar kernel .Nm .Op Fl cdlNnpqr .Op Fl k Ar kernel .Nm fasthalt .Op Fl lNnpq .Op Fl k Ar kernel .Nm fastboot .Op Fl dlNnpq .Op Fl k Ar kernel .Sh DESCRIPTION The .Nm halt and .Nm utilities flush the file system cache to disk, send all running processes a .Dv SIGTERM (and subsequently a .Dv SIGKILL ) and, respectively, halt or restart the system. The action is logged, including entering a shutdown record into the user accounting database. .Pp The options are as follows: .Bl -tag -width indent .It Fl c The system will turn off the power and then turn it back on if it can. If the power down action fails, the system will halt or reboot normally, depending on whether .Nm halt or .Nm was called. At the present time, only the .Xr ipmi 4 driver implements the power cycle functionality and only on hardware with a BMC that supports power cycling. Unlike power off, the amount of hardware that supports power cycling is small. .It Fl d The system is requested to create a crash dump. This option is supported only when rebooting, and it has no effect unless a dump device has previously been specified with .Xr dumpon 8 . .It Fl k Ar kernel Boot the specified .Ar kernel on the next system boot. If the kernel boots successfully, the .Em default kernel will be booted on successive boots, this is a one-shot option. If the boot fails, the system will continue attempting to boot .Ar kernel until the boot process is interrupted and a valid kernel booted. This may change in the future. .It Fl l The halt or reboot is .Em not logged to the system log. This option is intended for applications such as .Xr shutdown 8 , that call .Nm or .Nm halt and log this themselves. .It Fl N The file system cache is not flushed during the initial process clean-up, however the kernel level .Xr reboot 2 is still processed with a sync. This option can be useful for performing a .Dq best-effort reboot when devices might be unavailable. This can happen when devices have been disconnected, such as with .Xr iscsi 4 . .It Fl n The file system cache is not flushed. This option should probably not be used. .It Fl p The system will turn off the power if it can. If the power down action fails, the system will halt or reboot normally, depending on whether .Nm halt or .Nm was called. .It Fl q The system is halted or restarted quickly and ungracefully, and only the flushing of the file system cache is performed (if the .Fl n option is not specified). This option should probably not be used. .It Fl r The system kills all processes, unmounts all filesystems, mounts the new root filesystem, and begins the usual startup sequence. After changing vfs.root.mountfrom with .Xr kenv 1 , .Nm Fl r can be used to change the root filesystem while preserving kernel state. This requires the .Xr tmpfs 5 kernel module to be loaded because .Xr init 8 needs a place to store itself after the old root is unmounted, but before the new root is in place. .El .Pp The .Nm fasthalt and .Nm fastboot utilities are nothing more than aliases for the .Nm halt and .Nm utilities. .Pp Normally, the .Xr shutdown 8 utility is used when the system needs to be halted or restarted, giving users advance warning of their impending doom and cleanly terminating specific programs. .Sh EXAMPLES Replace current root filesystem with UFS mounted from .Pa /dev/ada0s1a : .Bd -literal -offset indent kenv vfs.root.mountfrom=ufs:/dev/ada0s1a reboot -r .Ed .Pp This mechanism can also be used with NFS, with a caveat that it only works with NFSv4, and requires a numeric IPv4 address: .Bd -literal -offset indent kenv vfs.root.mountfrom=nfs:192.168.1.1:/share/name reboot -r .Ed .Sh SEE ALSO .Xr kenv 1 , .Xr getutxent 3 , .Xr ipmi 4 , .Xr boot 8 , .Xr dumpon 8 , .Xr nextboot 8 , .Xr savecore 8 , .Xr shutdown 8 , .Xr sync 8 .Sh HISTORY A .Nm utility appeared in .Bx 4.0 . diff --git a/sbin/reboot/reboot.c b/sbin/reboot/reboot.c index dce747d79b15..5cfbacef1849 100644 --- a/sbin/reboot/reboot.c +++ b/sbin/reboot/reboot.c @@ -1,288 +1,285 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1980, 1986, 1993 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #if 0 #ifndef lint static const char copyright[] = "@(#) Copyright (c) 1980, 1986, 1993\n\ The Regents of the University of California. All rights reserved.\n"; #endif /* not lint */ -#ifndef lint -static char sccsid[] = "@(#)reboot.c 8.1 (Berkeley) 6/5/93"; -#endif /* not lint */ #endif #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include static void usage(void) __dead2; static uint64_t get_pageins(void); static int dohalt; int main(int argc, char *argv[]) { struct utmpx utx; const struct passwd *pw; int ch, howto, i, fd, lflag, nflag, qflag, sverrno, Nflag; uint64_t pageins; const char *user, *kernel = NULL; if (strstr(getprogname(), "halt") != NULL) { dohalt = 1; howto = RB_HALT; } else howto = 0; lflag = nflag = qflag = Nflag = 0; while ((ch = getopt(argc, argv, "cdk:lNnpqr")) != -1) switch(ch) { case 'c': howto |= RB_POWERCYCLE; break; case 'd': howto |= RB_DUMP; break; case 'k': kernel = optarg; break; case 'l': lflag = 1; break; case 'n': nflag = 1; howto |= RB_NOSYNC; break; case 'N': nflag = 1; Nflag = 1; break; case 'p': howto |= RB_POWEROFF; break; case 'q': qflag = 1; break; case 'r': howto |= RB_REROOT; break; case '?': default: usage(); } argc -= optind; argv += optind; if (argc != 0) usage(); if ((howto & (RB_DUMP | RB_HALT)) == (RB_DUMP | RB_HALT)) errx(1, "cannot dump (-d) when halting; must reboot instead"); if (Nflag && (howto & RB_NOSYNC) != 0) errx(1, "-N cannot be used with -n"); if ((howto & RB_POWEROFF) && (howto & RB_POWERCYCLE)) errx(1, "-c and -p cannot be used together"); if ((howto & RB_REROOT) != 0 && howto != RB_REROOT) errx(1, "-r cannot be used with -c, -d, -n, or -p"); if (geteuid()) { errno = EPERM; err(1, NULL); } if (qflag) { reboot(howto); err(1, NULL); } if (kernel != NULL) { fd = open("/boot/nextboot.conf", O_WRONLY | O_CREAT | O_TRUNC, 0444); if (fd > -1) { (void)write(fd, "nextboot_enable=\"YES\"\n", 22); (void)write(fd, "kernel=\"", 8L); (void)write(fd, kernel, strlen(kernel)); (void)write(fd, "\"\n", 2); close(fd); } } /* Log the reboot. */ if (!lflag) { if ((user = getlogin()) == NULL) user = (pw = getpwuid(getuid())) ? pw->pw_name : "???"; if (dohalt) { openlog("halt", 0, LOG_AUTH | LOG_CONS); syslog(LOG_CRIT, "halted by %s", user); } else if (howto & RB_REROOT) { openlog("reroot", 0, LOG_AUTH | LOG_CONS); syslog(LOG_CRIT, "rerooted by %s", user); } else if (howto & RB_POWEROFF) { openlog("reboot", 0, LOG_AUTH | LOG_CONS); syslog(LOG_CRIT, "powered off by %s", user); } else if (howto & RB_POWERCYCLE) { openlog("reboot", 0, LOG_AUTH | LOG_CONS); syslog(LOG_CRIT, "power cycled by %s", user); } else { openlog("reboot", 0, LOG_AUTH | LOG_CONS); syslog(LOG_CRIT, "rebooted by %s", user); } } utx.ut_type = SHUTDOWN_TIME; gettimeofday(&utx.ut_tv, NULL); pututxline(&utx); /* * Do a sync early on, so disks start transfers while we're off * killing processes. Don't worry about writes done before the * processes die, the reboot system call syncs the disks. */ if (!nflag) sync(); /* * Ignore signals that we can get as a result of killing * parents, group leaders, etc. */ (void)signal(SIGHUP, SIG_IGN); (void)signal(SIGINT, SIG_IGN); (void)signal(SIGQUIT, SIG_IGN); (void)signal(SIGTERM, SIG_IGN); (void)signal(SIGTSTP, SIG_IGN); /* * If we're running in a pipeline, we don't want to die * after killing whatever we're writing to. */ (void)signal(SIGPIPE, SIG_IGN); /* * Only init(8) can perform rerooting. */ if (howto & RB_REROOT) { if (kill(1, SIGEMT) == -1) err(1, "SIGEMT init"); return (0); } /* Just stop init -- if we fail, we'll restart it. */ BOOTTRACE("SIGTSTP to init(8)..."); if (kill(1, SIGTSTP) == -1) err(1, "SIGTSTP init"); /* Send a SIGTERM first, a chance to save the buffers. */ BOOTTRACE("SIGTERM to all other processes..."); if (kill(-1, SIGTERM) == -1 && errno != ESRCH) err(1, "SIGTERM processes"); /* * After the processes receive the signal, start the rest of the * buffers on their way. Wait 5 seconds between the SIGTERM and * the SIGKILL to give everybody a chance. If there is a lot of * paging activity then wait longer, up to a maximum of approx * 60 seconds. */ sleep(2); for (i = 0; i < 20; i++) { pageins = get_pageins(); if (!nflag) sync(); sleep(3); if (get_pageins() == pageins) break; } for (i = 1;; ++i) { BOOTTRACE("SIGKILL to all other processes(%d)...", i); if (kill(-1, SIGKILL) == -1) { if (errno == ESRCH) break; goto restart; } if (i > 5) { (void)fprintf(stderr, "WARNING: some process(es) wouldn't die\n"); break; } (void)sleep(2 * i); } reboot(howto); /* FALLTHROUGH */ restart: BOOTTRACE("SIGHUP to init(8)..."); sverrno = errno; errx(1, "%s%s", kill(1, SIGHUP) == -1 ? "(can't restart init): " : "", strerror(sverrno)); /* NOTREACHED */ } static void usage(void) { (void)fprintf(stderr, dohalt ? "usage: halt [-clNnpq] [-k kernel]\n" : "usage: reboot [-cdlNnpqr] [-k kernel]\n"); exit(1); } static uint64_t get_pageins(void) { uint64_t pageins; size_t len; len = sizeof(pageins); if (sysctlbyname("vm.stats.vm.v_swappgsin", &pageins, &len, NULL, 0) != 0) { warn("v_swappgsin"); return (0); } return (pageins); } diff --git a/sbin/restore/Makefile b/sbin/restore/Makefile index f23258a00cd5..915ad0d1ad63 100644 --- a/sbin/restore/Makefile +++ b/sbin/restore/Makefile @@ -1,15 +1,14 @@ -# @(#)Makefile 8.1 (Berkeley) 6/5/93 .PATH: ${.CURDIR:H}/dump PACKAGE=ufs PROG= restore LINKS= ${BINDIR}/restore ${BINDIR}/rrestore MAN= restore.8 MLINKS= restore.8 rrestore.8 SRCS= main.c interactive.c restore.c dirs.c symtab.c tape.c utilities.c \ dumprmt.c WARNS?= 2 CFLAGS+= -DRRESTORE -D_ACL_PRIVATE .include diff --git a/sbin/restore/dirs.c b/sbin/restore/dirs.c index db9e05a0bc50..aa57809c5b4f 100644 --- a/sbin/restore/dirs.c +++ b/sbin/restore/dirs.c @@ -1,818 +1,815 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1983, 1993 * The Regents of the University of California. All rights reserved. * (c) UNIX System Laboratories, Inc. * All or some portions of this file are derived from material licensed * to the University of California by American Telephone and Telegraph * Co. or Unix System Laboratories, Inc. and are reproduced herein with * the permission of UNIX System Laboratories, Inc. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #ifndef lint -#if 0 -static char sccsid[] = "@(#)dirs.c 8.7 (Berkeley) 5/1/95"; -#endif #endif /* not lint */ #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include "restore.h" #include "extern.h" /* * Symbol table of directories read from tape. */ #define HASHSIZE 1000 #define INOHASH(val) (val % HASHSIZE) struct inotab { struct inotab *t_next; ino_t t_ino; int32_t t_seekpt; int32_t t_size; }; static struct inotab *inotab[HASHSIZE]; /* * Information retained about directories. */ struct modeinfo { ino_t ino; struct timespec ctimep[2]; struct timespec mtimep[2]; mode_t mode; uid_t uid; gid_t gid; u_int flags; int extsize; }; /* * Definitions for library routines operating on directories. */ #undef DIRBLKSIZ #define DIRBLKSIZ 1024 struct rstdirdesc { int dd_fd; int32_t dd_loc; int32_t dd_size; char dd_buf[DIRBLKSIZ]; }; /* * Global variables for this file. */ static long seekpt; static FILE *df, *mf; static RST_DIR *dirp; static char dirfile[MAXPATHLEN] = "#"; /* No file */ static char modefile[MAXPATHLEN] = "#"; /* No file */ static char dot[2] = "."; /* So it can be modified */ static struct inotab *allocinotab(struct context *, long); static void flushent(void); static struct inotab *inotablookup(ino_t); static RST_DIR *opendirfile(const char *); static void putdir(char *, size_t); static void putdirattrs(char *, size_t); static void putent(struct direct *); static void rst_seekdir(RST_DIR *, long, long); static long rst_telldir(RST_DIR *); static struct direct *searchdir(ino_t, char *); static void fail_dirtmp(char *); /* * Extract directory contents, building up a directory structure * on disk for extraction by name. * If genmode is requested, save mode, owner, and times for all * directories on the tape. */ void extractdirs(int genmode) { struct inotab *itp; struct direct nulldir; int i, fd; const char *tmpdir; vprintf(stdout, "Extract directories from tape\n"); if ((tmpdir = getenv("TMPDIR")) == NULL || tmpdir[0] == '\0') tmpdir = _PATH_TMP; (void) snprintf(dirfile, sizeof(dirfile), "%s/rstdir%jd", tmpdir, (intmax_t)dumpdate); if (command != 'r' && command != 'R') { (void) strcat(dirfile, "-XXXXXX"); fd = mkstemp(dirfile); } else fd = open(dirfile, O_RDWR|O_CREAT|O_EXCL, 0666); if (fd == -1 || (df = fdopen(fd, "w")) == NULL) { if (fd != -1) close(fd); warn("%s: cannot create directory database", dirfile); done(1); } if (genmode != 0) { (void) snprintf(modefile, sizeof(modefile), "%s/rstmode%jd", tmpdir, (intmax_t)dumpdate); if (command != 'r' && command != 'R') { (void) strcat(modefile, "-XXXXXX"); fd = mkstemp(modefile); } else fd = open(modefile, O_RDWR|O_CREAT|O_EXCL, 0666); if (fd == -1 || (mf = fdopen(fd, "w")) == NULL) { if (fd != -1) close(fd); warn("%s: cannot create modefile", modefile); done(1); } } nulldir.d_ino = 0; nulldir.d_type = DT_DIR; nulldir.d_namlen = 1; (void) strcpy(nulldir.d_name, "/"); nulldir.d_reclen = DIRSIZ(0, &nulldir); for (;;) { curfile.name = ""; curfile.action = USING; if (curfile.mode == 0 || (curfile.mode & IFMT) != IFDIR) break; itp = allocinotab(&curfile, seekpt); getfile(putdir, putdirattrs, xtrnull); putent(&nulldir); flushent(); itp->t_size = seekpt - itp->t_seekpt; } if (fclose(df) != 0) fail_dirtmp(dirfile); dirp = opendirfile(dirfile); if (dirp == NULL) fprintf(stderr, "opendirfile: %s\n", strerror(errno)); if (mf != NULL && fclose(mf) != 0) fail_dirtmp(modefile); i = dirlookup(dot); if (i == 0) panic("Root directory is not on tape\n"); } /* * skip over all the directories on the tape */ void skipdirs(void) { while (curfile.ino && (curfile.mode & IFMT) == IFDIR) { skipfile(); } } /* * Recursively find names and inumbers of all files in subtree * pname and pass them off to be processed. */ void treescan(char *pname, ino_t ino, long (*todo)(char *, ino_t, int)) { struct inotab *itp; struct direct *dp; int namelen; long bpt; char locname[MAXPATHLEN]; itp = inotablookup(ino); if (itp == NULL) { /* * Pname is name of a simple file or an unchanged directory. */ (void) (*todo)(pname, ino, LEAF); return; } /* * Pname is a dumped directory name. */ if ((*todo)(pname, ino, NODE) == FAIL) return; /* * begin search through the directory * skipping over "." and ".." */ (void) strlcpy(locname, pname, sizeof(locname)); (void) strlcat(locname, "/", sizeof(locname)); namelen = strlen(locname); rst_seekdir(dirp, itp->t_seekpt, itp->t_seekpt); dp = rst_readdir(dirp); /* "." */ if (dp != NULL && strcmp(dp->d_name, ".") == 0) dp = rst_readdir(dirp); /* ".." */ else fprintf(stderr, "Warning: `.' missing from directory %s\n", pname); if (dp != NULL && strcmp(dp->d_name, "..") == 0) dp = rst_readdir(dirp); /* first real entry */ else fprintf(stderr, "Warning: `..' missing from directory %s\n", pname); bpt = rst_telldir(dirp); /* * a zero inode signals end of directory */ while (dp != NULL) { locname[namelen] = '\0'; if (namelen + dp->d_namlen >= sizeof(locname)) { fprintf(stderr, "%s%s: name exceeds %zu char\n", locname, dp->d_name, sizeof(locname) - 1); } else { (void)strlcat(locname, dp->d_name, sizeof(locname)); treescan(locname, dp->d_ino, todo); rst_seekdir(dirp, bpt, itp->t_seekpt); } dp = rst_readdir(dirp); bpt = rst_telldir(dirp); } } /* * Lookup a pathname which is always assumed to start from the UFS_ROOTINO. */ struct direct * pathsearch(const char *pathname) { ino_t ino; struct direct *dp; char *path, *name, buffer[MAXPATHLEN]; strcpy(buffer, pathname); path = buffer; ino = UFS_ROOTINO; while (*path == '/') path++; dp = NULL; while ((name = strsep(&path, "/")) != NULL && *name != '\0') { if ((dp = searchdir(ino, name)) == NULL) return (NULL); ino = dp->d_ino; } return (dp); } /* * Lookup the requested name in directory inum. * Return its inode number if found, zero if it does not exist. */ static struct direct * searchdir(ino_t inum, char *name) { struct direct *dp; struct inotab *itp; int len; itp = inotablookup(inum); if (itp == NULL) return (NULL); rst_seekdir(dirp, itp->t_seekpt, itp->t_seekpt); len = strlen(name); do { dp = rst_readdir(dirp); if (dp == NULL) return (NULL); } while (dp->d_namlen != len || strncmp(dp->d_name, name, len) != 0); return (dp); } /* * Put the directory entries in the directory file */ static void putdir(char *buf, size_t size) { struct direct *dp; size_t loc, i; for (loc = 0; loc < size; ) { dp = (struct direct *)(buf + loc); if (Bcvt) swabst((u_char *)"ls", (u_char *) dp); if (oldinofmt && dp->d_ino != 0) { #if BYTE_ORDER == BIG_ENDIAN if (Bcvt) dp->d_namlen = dp->d_type; #else if (!Bcvt && dp->d_namlen == 0) dp->d_namlen = dp->d_type; #endif dp->d_type = DT_UNKNOWN; } i = DIRBLKSIZ - (loc & (DIRBLKSIZ - 1)); if ((dp->d_reclen & 0x3) != 0 || dp->d_reclen > i || dp->d_reclen < DIRSIZ(0, dp) #if NAME_MAX < 255 || dp->d_namlen > NAME_MAX #endif ) { vprintf(stdout, "Mangled directory: "); if ((dp->d_reclen & 0x3) != 0) vprintf(stdout, "reclen not multiple of 4 "); if (dp->d_reclen < DIRSIZ(0, dp)) vprintf(stdout, "reclen less than DIRSIZ (%u < %zu) ", dp->d_reclen, DIRSIZ(0, dp)); #if NAME_MAX < 255 if (dp->d_namlen > NAME_MAX) vprintf(stdout, "reclen name too big (%u > %u) ", dp->d_namlen, NAME_MAX); #endif vprintf(stdout, "\n"); loc += i; continue; } loc += dp->d_reclen; if (dp->d_ino != 0) { putent(dp); } } } /* * These variables are "local" to the following two functions. */ char dirbuf[DIRBLKSIZ]; long dirloc = 0; long prev = 0; /* * add a new directory entry to a file. */ static void putent(struct direct *dp) { dp->d_reclen = DIRSIZ(0, dp); if (dirloc + dp->d_reclen > DIRBLKSIZ) { ((struct direct *)(dirbuf + prev))->d_reclen = DIRBLKSIZ - prev; if (fwrite(dirbuf, DIRBLKSIZ, 1, df) != 1) fail_dirtmp(dirfile); dirloc = 0; } memmove(dirbuf + dirloc, dp, (long)dp->d_reclen); prev = dirloc; dirloc += dp->d_reclen; } /* * flush out a directory that is finished. */ static void flushent(void) { ((struct direct *)(dirbuf + prev))->d_reclen = DIRBLKSIZ - prev; if (fwrite(dirbuf, (int)dirloc, 1, df) != 1) fail_dirtmp(dirfile); seekpt = ftell(df); dirloc = 0; } /* * Save extended attributes for a directory entry to a file. */ static void putdirattrs(char *buf, size_t size) { if (mf != NULL && fwrite(buf, size, 1, mf) != 1) fail_dirtmp(modefile); } /* * Seek to an entry in a directory. * Only values returned by rst_telldir should be passed to rst_seekdir. * This routine handles many directories in a single file. * It takes the base of the directory in the file, plus * the desired seek offset into it. */ static void rst_seekdir(RST_DIR *dirp, long loc, long base) { if (loc == rst_telldir(dirp)) return; loc -= base; if (loc < 0) fprintf(stderr, "bad seek pointer to rst_seekdir %ld\n", loc); (void) lseek(dirp->dd_fd, base + rounddown2(loc, DIRBLKSIZ), SEEK_SET); dirp->dd_loc = loc & (DIRBLKSIZ - 1); if (dirp->dd_loc != 0) dirp->dd_size = read(dirp->dd_fd, dirp->dd_buf, DIRBLKSIZ); } /* * get next entry in a directory. */ struct direct * rst_readdir(RST_DIR *dirp) { struct direct *dp; for (;;) { if (dirp->dd_loc == 0) { dirp->dd_size = read(dirp->dd_fd, dirp->dd_buf, DIRBLKSIZ); if (dirp->dd_size <= 0) { dprintf(stderr, "error reading directory\n"); return (NULL); } } if (dirp->dd_loc >= dirp->dd_size) { dirp->dd_loc = 0; continue; } dp = (struct direct *)(dirp->dd_buf + dirp->dd_loc); if (dp->d_reclen == 0 || dp->d_reclen > DIRBLKSIZ + 1 - dirp->dd_loc) { dprintf(stderr, "corrupted directory: bad reclen %d\n", dp->d_reclen); return (NULL); } dirp->dd_loc += dp->d_reclen; if (dp->d_ino == 0 && strcmp(dp->d_name, "/") == 0) return (NULL); if (dp->d_ino >= maxino) { dprintf(stderr, "corrupted directory: bad inum %d\n", dp->d_ino); continue; } return (dp); } } /* * Simulate the opening of a directory */ void * rst_opendir(const char *name) { struct inotab *itp; RST_DIR *dirp; ino_t ino; if ((ino = dirlookup(name)) > 0 && (itp = inotablookup(ino)) != NULL) { dirp = opendirfile(dirfile); rst_seekdir(dirp, itp->t_seekpt, itp->t_seekpt); return (dirp); } return (NULL); } /* * In our case, there is nothing to do when closing a directory. */ void rst_closedir(void *arg) { RST_DIR *dirp; dirp = arg; (void)close(dirp->dd_fd); free(dirp); return; } /* * Simulate finding the current offset in the directory. */ static long rst_telldir(RST_DIR *dirp) { return ((long)lseek(dirp->dd_fd, (off_t)0, SEEK_CUR) - dirp->dd_size + dirp->dd_loc); } /* * Open a directory file. */ static RST_DIR * opendirfile(const char *name) { RST_DIR *dirp; int fd; if ((fd = open(name, O_RDONLY)) == -1) return (NULL); if ((dirp = malloc(sizeof(RST_DIR))) == NULL) { (void)close(fd); return (NULL); } dirp->dd_fd = fd; dirp->dd_loc = 0; return (dirp); } /* * Set the mode, owner, and times for all new or changed directories */ void setdirmodes(int flags) { FILE *mf; struct modeinfo node; struct entry *ep; char *cp, *buf; const char *tmpdir; int bufsize; uid_t myuid; vprintf(stdout, "Set directory mode, owner, and times.\n"); if ((tmpdir = getenv("TMPDIR")) == NULL || tmpdir[0] == '\0') tmpdir = _PATH_TMP; if (command == 'r' || command == 'R') (void) snprintf(modefile, sizeof(modefile), "%s/rstmode%jd", tmpdir, (intmax_t)dumpdate); if (modefile[0] == '#') { panic("modefile not defined\n"); fprintf(stderr, "directory mode, owner, and times not set\n"); return; } mf = fopen(modefile, "r"); if (mf == NULL) { fprintf(stderr, "fopen: %s\n", strerror(errno)); fprintf(stderr, "cannot open mode file %s\n", modefile); fprintf(stderr, "directory mode, owner, and times not set\n"); return; } clearerr(mf); bufsize = 0; myuid = getuid(); for (;;) { (void) fread((char *)&node, 1, sizeof(struct modeinfo), mf); if (ferror(mf)) { warn("%s: cannot read modefile.", modefile); fprintf(stderr, "Mode, owner, and times not set.\n"); break; } if (feof(mf)) break; if (node.extsize > 0) { if (bufsize < node.extsize) { if (bufsize > 0) free(buf); if ((buf = malloc(node.extsize)) != NULL) { bufsize = node.extsize; } else { bufsize = 0; } } if (bufsize >= node.extsize) { (void) fread(buf, 1, node.extsize, mf); if (ferror(mf)) { warn("%s: cannot read modefile.", modefile); fprintf(stderr, "Not all external "); fprintf(stderr, "attributes set.\n"); break; } } else { (void) fseek(mf, node.extsize, SEEK_CUR); if (ferror(mf)) { warn("%s: cannot seek in modefile.", modefile); fprintf(stderr, "Not all directory "); fprintf(stderr, "attributes set.\n"); break; } } } ep = lookupino(node.ino); if (command == 'i' || command == 'x') { if (ep == NULL) continue; if ((flags & FORCE) == 0 && ep->e_flags & EXISTED) { ep->e_flags &= ~NEW; continue; } if (node.ino == UFS_ROOTINO && reply("set owner/mode for '.'") == FAIL) continue; } if (ep == NULL) { panic("cannot find directory inode %ju\n", (uintmax_t)node.ino); continue; } cp = myname(ep); if (!Nflag) { if (myuid != 0) (void) chown(cp, myuid, node.gid); else (void) chown(cp, node.uid, node.gid); (void) chmod(cp, node.mode); if (node.extsize > 0) { if (bufsize >= node.extsize) { set_extattr(-1, cp, buf, node.extsize, SXA_FILE); } else { fprintf(stderr, "Cannot restore %s%s\n", "extended attributes for ", cp); } } utimensat(AT_FDCWD, cp, node.ctimep, 0); utimensat(AT_FDCWD, cp, node.mtimep, 0); (void) chflags(cp, node.flags); } ep->e_flags &= ~NEW; } if (bufsize > 0) free(buf); (void) fclose(mf); } /* * Generate a literal copy of a directory. */ int genliteraldir(char *name, ino_t ino) { struct inotab *itp; int ofile, dp, i, size; char buf[BUFSIZ]; itp = inotablookup(ino); if (itp == NULL) panic("Cannot find directory inode %ju named %s\n", (uintmax_t)ino, name); if ((ofile = open(name, O_WRONLY | O_CREAT | O_TRUNC, 0666)) < 0) { fprintf(stderr, "%s: ", name); (void) fflush(stderr); fprintf(stderr, "cannot create file: %s\n", strerror(errno)); return (FAIL); } rst_seekdir(dirp, itp->t_seekpt, itp->t_seekpt); dp = dup(dirp->dd_fd); for (i = itp->t_size; i > 0; i -= BUFSIZ) { size = MIN(i, BUFSIZ); if (read(dp, buf, (int) size) == -1) { fprintf(stderr, "write error extracting inode %ju, name %s\n", (uintmax_t)curfile.ino, curfile.name); fprintf(stderr, "read: %s\n", strerror(errno)); done(1); } if (!Nflag && write(ofile, buf, (int) size) == -1) { fprintf(stderr, "write error extracting inode %ju, name %s\n", (uintmax_t)curfile.ino, curfile.name); fprintf(stderr, "write: %s\n", strerror(errno)); done(1); } } (void) close(dp); (void) close(ofile); return (GOOD); } /* * Determine the type of an inode */ int inodetype(ino_t ino) { struct inotab *itp; itp = inotablookup(ino); if (itp == NULL) return (LEAF); return (NODE); } /* * Allocate and initialize a directory inode entry. * If requested, save its pertinent mode, owner, and time info. */ static struct inotab * allocinotab(struct context *ctxp, long seekpt) { struct inotab *itp; struct modeinfo node; itp = calloc(1, sizeof(struct inotab)); if (itp == NULL) panic("no memory for directory table\n"); itp->t_next = inotab[INOHASH(ctxp->ino)]; inotab[INOHASH(ctxp->ino)] = itp; itp->t_ino = ctxp->ino; itp->t_seekpt = seekpt; if (mf == NULL) return (itp); node.ino = ctxp->ino; node.mtimep[0].tv_sec = ctxp->atime_sec; node.mtimep[0].tv_nsec = ctxp->atime_nsec; node.mtimep[1].tv_sec = ctxp->mtime_sec; node.mtimep[1].tv_nsec = ctxp->mtime_nsec; node.ctimep[0].tv_sec = ctxp->atime_sec; node.ctimep[0].tv_nsec = ctxp->atime_nsec; node.ctimep[1].tv_sec = ctxp->birthtime_sec; node.ctimep[1].tv_nsec = ctxp->birthtime_nsec; node.extsize = ctxp->extsize; node.mode = ctxp->mode; node.flags = ctxp->file_flags; node.uid = ctxp->uid; node.gid = ctxp->gid; if (fwrite((char *)&node, sizeof(struct modeinfo), 1, mf) != 1) fail_dirtmp(modefile); return (itp); } /* * Look up an inode in the table of directories */ static struct inotab * inotablookup(ino_t ino) { struct inotab *itp; for (itp = inotab[INOHASH(ino)]; itp != NULL; itp = itp->t_next) if (itp->t_ino == ino) return (itp); return (NULL); } /* * Clean up and exit */ void done(int exitcode) { closemt(); if (modefile[0] != '#') { (void) truncate(modefile, 0); (void) unlink(modefile); } if (dirfile[0] != '#') { (void) truncate(dirfile, 0); (void) unlink(dirfile); } exit(exitcode); } /* * Print out information about the failure to save directory, * extended attribute, and mode information. */ static void fail_dirtmp(char *filename) { const char *tmpdir; warn("%s: cannot write directory database", filename); if (errno == ENOSPC) { if ((tmpdir = getenv("TMPDIR")) == NULL || tmpdir[0] == '\0') tmpdir = _PATH_TMP; fprintf(stderr, "Try making space in %s, %s\n%s\n", tmpdir, "or set environment variable TMPDIR", "to an alternate location with more disk space."); } done(1); } diff --git a/sbin/restore/extern.h b/sbin/restore/extern.h index fac58891a355..0b2f85d878c3 100644 --- a/sbin/restore/extern.h +++ b/sbin/restore/extern.h @@ -1,115 +1,113 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1992, 1993 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. - * - * @(#)extern.h 8.2 (Berkeley) 1/7/94 */ struct entry *addentry(char *, ino_t, int); long addfile(char *, ino_t, int); int addwhiteout(char *); void badentry(struct entry *, char *); void canon(char *, char *, size_t); void checkrestore(void); void closemt(void); void createfiles(void); void createleaves(char *); void createlinks(void); long deletefile(char *, ino_t, int); void deleteino(ino_t); void delwhiteout(struct entry *); ino_t dirlookup(const char *); void done(int) __dead2; void dumpsymtable(char *, long); void extractdirs(int); int extractfile(char *); void findunreflinks(void); char *flagvalues(struct entry *); void freeentry(struct entry *); void freename(char *); int genliteraldir(char *, ino_t); char *gentempname(struct entry *); void getfile(void (*)(char *, size_t), void (*)(char *, size_t), void (*)(char *, size_t)); void getvol(long); void initsymtable(char *); int inodetype(ino_t); int linkit(char *, char *, int); struct entry *lookupino(ino_t); struct entry *lookupname(char *); long listfile(char *, ino_t, int); ino_t lowerbnd(ino_t); void mktempname(struct entry *); void moveentry(struct entry *, char *); void msg(const char *, ...) __printflike(1, 2); char *myname(struct entry *); void newnode(struct entry *); void newtapebuf(long); long nodeupdates(char *, ino_t, int); void onintr(int); void panic(const char *, ...) __printflike(1, 2); void pathcheck(char *); struct direct *pathsearch(const char *); void printdumpinfo(void); void removeleaf(struct entry *); void removenode(struct entry *); void removeoldleaves(void); void removeoldnodes(void); void renameit(char *, char *); int reply(char *); void *rst_opendir(const char *); struct direct *rst_readdir(RST_DIR *); void rst_closedir(void *); void runcmdshell(void); char *savename(char *); enum set_extattr_mode { SXA_FILE, SXA_LINK, SXA_FD, }; void set_extattr(int, char *, void *, int, enum set_extattr_mode); void setdirmodes(int); void setinput(char *, int); void setup(void); void skipdirs(void); void skipfile(void); void skipmaps(void); void swabst(u_char *, u_char *); void treescan(char *, ino_t, long (*)(char *, ino_t, int)); ino_t upperbnd(ino_t); long verifyfile(char *, ino_t, int); void xtrnull(char *, size_t); /* From ../dump/dumprmt.c */ void rmtclose(void); int rmthost(char *); int rmtioctl(int, int); int rmtopen(char *, int); int rmtread(char *, int); int rmtseek(int, int); diff --git a/sbin/restore/interactive.c b/sbin/restore/interactive.c index 336ab61221dc..fd8a063bdac3 100644 --- a/sbin/restore/interactive.c +++ b/sbin/restore/interactive.c @@ -1,768 +1,765 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1985, 1993 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #ifndef lint -#if 0 -static char sccsid[] = "@(#)interactive.c 8.5 (Berkeley) 5/1/95"; -#endif #endif /* not lint */ #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include "restore.h" #include "extern.h" /* * Things to handle interruptions. */ static int runshell; static jmp_buf reset; static char *nextarg = NULL; /* * Structure and routines associated with listing directories. */ struct afile { ino_t fnum; /* inode number of file */ char *fname; /* file name */ short len; /* name length */ char prefix; /* prefix character */ char postfix; /* postfix character */ }; struct arglist { int freeglob; /* glob structure needs to be freed */ int argcnt; /* next globbed argument to return */ glob_t glob; /* globbing information */ char *cmd; /* the current command */ }; static char *copynext(char *, char *); static int fcmp(const void *, const void *); static void formatf(struct afile *, int); static void getcmd(char *, char *, char *, size_t, struct arglist *); struct dirent *glob_readdir(void *); static int glob_stat(const char *, struct stat *); static void mkentry(char *, struct direct *, struct afile *); static void printlist(char *, char *); /* * Read and execute commands from the terminal. */ void runcmdshell(void) { struct entry *np; ino_t ino; struct arglist arglist; char curdir[MAXPATHLEN]; char name[MAXPATHLEN]; char cmd[BUFSIZ]; arglist.freeglob = 0; arglist.argcnt = 0; arglist.glob.gl_flags = GLOB_ALTDIRFUNC; arglist.glob.gl_opendir = rst_opendir; arglist.glob.gl_readdir = glob_readdir; arglist.glob.gl_closedir = rst_closedir; arglist.glob.gl_lstat = glob_stat; arglist.glob.gl_stat = glob_stat; canon("/", curdir, sizeof(curdir)); loop: if (setjmp(reset) != 0) { if (arglist.freeglob != 0) { arglist.freeglob = 0; arglist.argcnt = 0; globfree(&arglist.glob); } nextarg = NULL; volno = 0; } runshell = 1; getcmd(curdir, cmd, name, sizeof(name), &arglist); switch (cmd[0]) { /* * Add elements to the extraction list. */ case 'a': if (strncmp(cmd, "add", strlen(cmd)) != 0) goto bad; ino = dirlookup(name); if (ino == 0) break; if (mflag) pathcheck(name); treescan(name, ino, addfile); break; /* * Change working directory. */ case 'c': if (strncmp(cmd, "cd", strlen(cmd)) != 0) goto bad; ino = dirlookup(name); if (ino == 0) break; if (inodetype(ino) == LEAF) { fprintf(stderr, "%s: not a directory\n", name); break; } (void) strcpy(curdir, name); break; /* * Delete elements from the extraction list. */ case 'd': if (strncmp(cmd, "delete", strlen(cmd)) != 0) goto bad; np = lookupname(name); if (np == NULL || (np->e_flags & NEW) == 0) { fprintf(stderr, "%s: not on extraction list\n", name); break; } treescan(name, np->e_ino, deletefile); break; /* * Extract the requested list. */ case 'e': if (strncmp(cmd, "extract", strlen(cmd)) != 0) goto bad; createfiles(); createlinks(); setdirmodes(0); if (dflag) checkrestore(); volno = 0; break; /* * List available commands. */ case 'h': if (strncmp(cmd, "help", strlen(cmd)) != 0) goto bad; case '?': fprintf(stderr, "%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s%s", "Available commands are:\n", "\tls [arg] - list directory\n", "\tcd arg - change directory\n", "\tpwd - print current directory\n", "\tadd [arg] - add `arg' to list of", " files to be extracted\n", "\tdelete [arg] - delete `arg' from", " list of files to be extracted\n", "\textract - extract requested files\n", "\tsetmodes - set modes of requested directories\n", "\tquit - immediately exit program\n", "\twhat - list dump header information\n", "\tverbose - toggle verbose flag", " (useful with ``ls'')\n", "\thelp or `?' - print this list\n", "If no `arg' is supplied, the current", " directory is used\n"); break; /* * List a directory. */ case 'l': if (strncmp(cmd, "ls", strlen(cmd)) != 0) goto bad; printlist(name, curdir); break; /* * Print current directory. */ case 'p': if (strncmp(cmd, "pwd", strlen(cmd)) != 0) goto bad; if (curdir[1] == '\0') fprintf(stderr, "/\n"); else fprintf(stderr, "%s\n", &curdir[1]); break; /* * Quit. */ case 'q': if (strncmp(cmd, "quit", strlen(cmd)) != 0) goto bad; return; case 'x': if (strncmp(cmd, "xit", strlen(cmd)) != 0) goto bad; return; /* * Toggle verbose mode. */ case 'v': if (strncmp(cmd, "verbose", strlen(cmd)) != 0) goto bad; if (vflag) { fprintf(stderr, "verbose mode off\n"); vflag = 0; break; } fprintf(stderr, "verbose mode on\n"); vflag++; break; /* * Just restore requested directory modes. */ case 's': if (strncmp(cmd, "setmodes", strlen(cmd)) != 0) goto bad; setdirmodes(FORCE); break; /* * Print out dump header information. */ case 'w': if (strncmp(cmd, "what", strlen(cmd)) != 0) goto bad; printdumpinfo(); break; /* * Turn on debugging. */ case 'D': if (strncmp(cmd, "Debug", strlen(cmd)) != 0) goto bad; if (dflag) { fprintf(stderr, "debugging mode off\n"); dflag = 0; break; } fprintf(stderr, "debugging mode on\n"); dflag++; break; /* * Unknown command. */ default: bad: fprintf(stderr, "%s: unknown command; type ? for help\n", cmd); break; } goto loop; } /* * Read and parse an interactive command. * The first word on the line is assigned to "cmd". If * there are no arguments on the command line, then "curdir" * is returned as the argument. If there are arguments * on the line they are returned one at a time on each * successive call to getcmd. Each argument is first assigned * to "name". If it does not start with "/" the pathname in * "curdir" is prepended to it. Finally "canon" is called to * eliminate any embedded ".." components. */ static void getcmd(char *curdir, char *cmd, char *name, size_t size, struct arglist *ap) { char *cp; static char input[BUFSIZ]; char output[BUFSIZ]; # define rawname input /* save space by reusing input buffer */ /* * Check to see if still processing arguments. */ if (ap->argcnt > 0) goto retnext; if (nextarg != NULL) goto getnext; /* * Read a command line and trim off trailing white space. */ do { fprintf(stderr, "restore > "); (void) fflush(stderr); if (fgets(input, BUFSIZ, terminal) == NULL) { strcpy(cmd, "quit"); return; } } while (input[0] == '\n'); for (cp = &input[strlen(input) - 2]; *cp == ' ' || *cp == '\t'; cp--) /* trim off trailing white space and newline */; *++cp = '\0'; /* * Copy the command into "cmd". */ cp = copynext(input, cmd); ap->cmd = cmd; /* * If no argument, use curdir as the default. */ if (*cp == '\0') { (void) strncpy(name, curdir, size); name[size - 1] = '\0'; return; } nextarg = cp; /* * Find the next argument. */ getnext: cp = copynext(nextarg, rawname); if (*cp == '\0') nextarg = NULL; else nextarg = cp; /* * If it is an absolute pathname, canonicalize it and return it. */ if (rawname[0] == '/') { canon(rawname, name, size); } else { /* * For relative pathnames, prepend the current directory to * it then canonicalize and return it. */ snprintf(output, sizeof(output), "%s/%s", curdir, rawname); canon(output, name, size); } switch (glob(name, GLOB_ALTDIRFUNC, NULL, &ap->glob)) { case GLOB_NOSPACE: fprintf(stderr, "%s: out of memory\n", ap->cmd); break; case GLOB_NOMATCH: fprintf(stderr, "%s %s: no such file or directory\n", ap->cmd, name); break; } if (ap->glob.gl_pathc == 0) return; ap->freeglob = 1; ap->argcnt = ap->glob.gl_pathc; retnext: strncpy(name, ap->glob.gl_pathv[ap->glob.gl_pathc - ap->argcnt], size); name[size - 1] = '\0'; if (--ap->argcnt == 0) { ap->freeglob = 0; globfree(&ap->glob); } # undef rawname } /* * Strip off the next token of the input. */ static char * copynext(char *input, char *output) { char *cp, *bp; char quote; for (cp = input; *cp == ' ' || *cp == '\t'; cp++) /* skip to argument */; bp = output; while (*cp != ' ' && *cp != '\t' && *cp != '\0') { /* * Handle back slashes. */ if (*cp == '\\') { if (*++cp == '\0') { fprintf(stderr, "command lines cannot be continued\n"); continue; } *bp++ = *cp++; continue; } /* * The usual unquoted case. */ if (*cp != '\'' && *cp != '"') { *bp++ = *cp++; continue; } /* * Handle single and double quotes. */ quote = *cp++; while (*cp != quote && *cp != '\0') *bp++ = *cp++; if (*cp++ == '\0') { fprintf(stderr, "missing %c\n", quote); cp--; continue; } } *bp = '\0'; return (cp); } /* * Canonicalize file names to always start with ``./'' and * remove any embedded "." and ".." components. */ void canon(char *rawname, char *canonname, size_t len) { char *cp, *np; if (strcmp(rawname, ".") == 0 || strncmp(rawname, "./", 2) == 0) (void) strcpy(canonname, ""); else if (rawname[0] == '/') (void) strcpy(canonname, "."); else (void) strcpy(canonname, "./"); if (strlen(canonname) + strlen(rawname) >= len) { fprintf(stderr, "canonname: not enough buffer space\n"); done(1); } (void) strcat(canonname, rawname); /* * Eliminate multiple and trailing '/'s */ for (cp = np = canonname; *np != '\0'; cp++) { *cp = *np++; while (*cp == '/' && *np == '/') np++; } *cp = '\0'; if (*--cp == '/') *cp = '\0'; /* * Eliminate extraneous "." and ".." from pathnames. */ for (np = canonname; *np != '\0'; ) { np++; cp = np; while (*np != '/' && *np != '\0') np++; if (np - cp == 1 && *cp == '.') { cp--; (void) strcpy(cp, np); np = cp; } if (np - cp == 2 && strncmp(cp, "..", 2) == 0) { cp--; while (cp > &canonname[1] && *--cp != '/') /* find beginning of name */; (void) strcpy(cp, np); np = cp; } } } /* * Do an "ls" style listing of a directory */ static void printlist(char *name, char *basename) { struct afile *fp, *list, *listp; struct direct *dp; struct afile single; RST_DIR *dirp; int entries, len, namelen; char locname[MAXPATHLEN]; dp = pathsearch(name); if (dp == NULL || (!dflag && TSTINO(dp->d_ino, dumpmap) == 0) || (!vflag && dp->d_ino == UFS_WINO)) return; if ((dirp = rst_opendir(name)) == NULL) { entries = 1; list = &single; mkentry(name, dp, list); len = strlen(basename) + 1; if (strlen(name) - len > single.len) { freename(single.fname); single.fname = savename(&name[len]); single.len = strlen(single.fname); } } else { entries = 0; while ((dp = rst_readdir(dirp))) entries++; rst_closedir(dirp); list = (struct afile *)malloc(entries * sizeof(struct afile)); if (list == NULL) { fprintf(stderr, "ls: out of memory\n"); return; } if ((dirp = rst_opendir(name)) == NULL) panic("directory reopen failed\n"); fprintf(stderr, "%s:\n", name); entries = 0; listp = list; (void)strlcpy(locname, name, MAXPATHLEN); (void)strlcat(locname, "/", MAXPATHLEN); namelen = strlen(locname); while ((dp = rst_readdir(dirp))) { if (dp == NULL) break; if (!dflag && TSTINO(dp->d_ino, dumpmap) == 0) continue; if (!vflag && (dp->d_ino == UFS_WINO || strcmp(dp->d_name, ".") == 0 || strcmp(dp->d_name, "..") == 0)) continue; locname[namelen] = '\0'; if (namelen + dp->d_namlen >= MAXPATHLEN) { fprintf(stderr, "%s%s: name exceeds %d char\n", locname, dp->d_name, MAXPATHLEN); } else { (void)strlcat(locname, dp->d_name, MAXPATHLEN); mkentry(locname, dp, listp++); entries++; } } rst_closedir(dirp); if (entries == 0) { fprintf(stderr, "\n"); free(list); return; } qsort((char *)list, entries, sizeof(struct afile), fcmp); } formatf(list, entries); if (dirp != NULL) { for (fp = listp - 1; fp >= list; fp--) freename(fp->fname); fprintf(stderr, "\n"); free(list); } } /* * Read the contents of a directory. */ static void mkentry(char *name, struct direct *dp, struct afile *fp) { char *cp; struct entry *np; fp->fnum = dp->d_ino; fp->fname = savename(dp->d_name); for (cp = fp->fname; *cp; cp++) if (!vflag && !isprint((unsigned char)*cp)) *cp = '?'; fp->len = cp - fp->fname; if (dflag && TSTINO(fp->fnum, dumpmap) == 0) fp->prefix = '^'; else if ((np = lookupname(name)) != NULL && (np->e_flags & NEW)) fp->prefix = '*'; else fp->prefix = ' '; switch(dp->d_type) { default: fprintf(stderr, "Warning: undefined file type %d\n", dp->d_type); /* FALLTHROUGH */ case DT_REG: fp->postfix = ' '; break; case DT_LNK: fp->postfix = '@'; break; case DT_FIFO: case DT_SOCK: fp->postfix = '='; break; case DT_CHR: case DT_BLK: fp->postfix = '#'; break; case DT_WHT: fp->postfix = '%'; break; case DT_UNKNOWN: case DT_DIR: if (inodetype(dp->d_ino) == NODE) fp->postfix = '/'; else fp->postfix = ' '; break; } return; } /* * Print out a pretty listing of a directory */ static void formatf(struct afile *list, int nentry) { struct afile *fp, *endlist; int width, bigino, haveprefix, havepostfix; int i, j, w, precision, columns, lines; width = 0; haveprefix = 0; havepostfix = 0; bigino = UFS_ROOTINO; endlist = &list[nentry]; for (fp = &list[0]; fp < endlist; fp++) { if (bigino < fp->fnum) bigino = fp->fnum; if (width < fp->len) width = fp->len; if (fp->prefix != ' ') haveprefix = 1; if (fp->postfix != ' ') havepostfix = 1; } if (haveprefix) width++; if (havepostfix) width++; if (vflag) { for (precision = 0, i = bigino; i > 0; i /= 10) precision++; width += precision + 1; } width++; columns = 81 / width; if (columns == 0) columns = 1; lines = howmany(nentry, columns); for (i = 0; i < lines; i++) { for (j = 0; j < columns; j++) { fp = &list[j * lines + i]; if (vflag) { fprintf(stderr, "%*ju ", precision, (uintmax_t)fp->fnum); fp->len += precision + 1; } if (haveprefix) { putc(fp->prefix, stderr); fp->len++; } fprintf(stderr, "%s", fp->fname); if (havepostfix) { putc(fp->postfix, stderr); fp->len++; } if (fp + lines >= endlist) { fprintf(stderr, "\n"); break; } for (w = fp->len; w < width; w++) putc(' ', stderr); } } } /* * Skip over directory entries that are not on the tape * * First have to get definition of a dirent. */ #undef DIRBLKSIZ #include #undef d_ino struct dirent * glob_readdir(void *dirp) { struct direct *dp; static struct dirent adirent; while ((dp = rst_readdir(dirp)) != NULL) { if (!vflag && dp->d_ino == UFS_WINO) continue; if (dflag || TSTINO(dp->d_ino, dumpmap)) break; } if (dp == NULL) return (NULL); adirent.d_fileno = dp->d_ino; adirent.d_namlen = dp->d_namlen; memmove(adirent.d_name, dp->d_name, dp->d_namlen + 1); return (&adirent); } /* * Return st_mode information in response to stat or lstat calls */ static int glob_stat(const char *name, struct stat *stp) { struct direct *dp; dp = pathsearch(name); if (dp == NULL || (!dflag && TSTINO(dp->d_ino, dumpmap) == 0) || (!vflag && dp->d_ino == UFS_WINO)) return (-1); if (inodetype(dp->d_ino) == NODE) stp->st_mode = IFDIR; else stp->st_mode = IFREG; return (0); } /* * Comparison routine for qsort. */ static int fcmp(const void *f1, const void *f2) { return (strcoll(((struct afile *)f1)->fname, ((struct afile *)f2)->fname)); } /* * respond to interrupts */ void onintr(int signo __unused) { if (command == 'i' && runshell) longjmp(reset, 1); if (reply("restore interrupted, continue") == FAIL) done(1); } diff --git a/sbin/restore/main.c b/sbin/restore/main.c index 6eba6954b6e4..64862ecf17c6 100644 --- a/sbin/restore/main.c +++ b/sbin/restore/main.c @@ -1,377 +1,374 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1983, 1993 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #ifndef lint static const char copyright[] = "@(#) Copyright (c) 1983, 1993\n\ The Regents of the University of California. All rights reserved.\n"; #endif /* not lint */ #ifndef lint -#if 0 -static char sccsid[] = "@(#)main.c 8.6 (Berkeley) 5/4/95"; -#endif #endif /* not lint */ #include #include #include #include #include #include #include #include #include #include #include #include #include #include "restore.h" #include "extern.h" int bflag = 0, cvtflag = 0, dflag = 0, Dflag = 0, vflag = 0, yflag = 0; int hflag = 1, mflag = 1, Nflag = 0; int uflag = 0; int pipecmd = 0; char command = '\0'; long dumpnum = 1; long volno = 0; long ntrec; char *dumpmap; char *usedinomap; ino_t maxino; time_t dumptime; time_t dumpdate; FILE *terminal; static void obsolete(int *, char **[]); static void usage(void) __dead2; int main(int argc, char *argv[]) { int ch; ino_t ino; char *inputdev; char *symtbl = "./restoresymtable"; char *p, name[MAXPATHLEN]; /* Temp files should *not* be readable. We set permissions later. */ (void) umask(077); if (argc < 2) usage(); (void)setlocale(LC_ALL, ""); inputdev = NULL; obsolete(&argc, &argv); while ((ch = getopt(argc, argv, "b:dDf:himNP:Rrs:tuvxy")) != -1) switch(ch) { case 'b': /* Change default tape blocksize. */ bflag = 1; ntrec = strtol(optarg, &p, 10); if (*p) errx(1, "illegal blocksize -- %s", optarg); if (ntrec <= 0) errx(1, "block size must be greater than 0"); break; case 'd': dflag = 1; break; case 'D': Dflag = 1; break; case 'f': if (pipecmd) errx(1, "-P and -f options are mutually exclusive"); inputdev = optarg; break; case 'P': if (!pipecmd && inputdev) errx(1, "-P and -f options are mutually exclusive"); inputdev = optarg; pipecmd = 1; break; case 'h': hflag = 0; break; case 'i': case 'R': case 'r': case 't': case 'x': if (command != '\0') errx(1, "%c and %c options are mutually exclusive", ch, command); command = ch; break; case 'm': mflag = 0; break; case 'N': Nflag = 1; break; case 's': /* Dumpnum (skip to) for multifile dump tapes. */ dumpnum = strtol(optarg, &p, 10); if (*p) errx(1, "illegal dump number -- %s", optarg); if (dumpnum <= 0) errx(1, "dump number must be greater than 0"); break; case 'u': uflag = 1; break; case 'v': vflag = 1; break; case 'y': yflag = 1; break; default: usage(); } argc -= optind; argv += optind; if (command == '\0') errx(1, "none of i, R, r, t or x options specified"); if (signal(SIGINT, onintr) == SIG_IGN) (void) signal(SIGINT, SIG_IGN); if (signal(SIGTERM, onintr) == SIG_IGN) (void) signal(SIGTERM, SIG_IGN); setlinebuf(stderr); if (inputdev == NULL && (inputdev = getenv("TAPE")) == NULL) inputdev = _PATH_DEFTAPE; setinput(inputdev, pipecmd); if (argc == 0) { argc = 1; *--argv = "."; } switch (command) { /* * Interactive mode. */ case 'i': setup(); extractdirs(1); initsymtable(NULL); runcmdshell(); break; /* * Incremental restoration of a file system. */ case 'r': setup(); if (dumptime > 0) { /* * This is an incremental dump tape. */ vprintf(stdout, "Begin incremental restore\n"); initsymtable(symtbl); extractdirs(1); removeoldleaves(); vprintf(stdout, "Calculate node updates.\n"); treescan(".", UFS_ROOTINO, nodeupdates); findunreflinks(); removeoldnodes(); } else { /* * This is a level zero dump tape. */ vprintf(stdout, "Begin level 0 restore\n"); initsymtable((char *)0); extractdirs(1); vprintf(stdout, "Calculate extraction list.\n"); treescan(".", UFS_ROOTINO, nodeupdates); } createleaves(symtbl); createlinks(); setdirmodes(FORCE); checkrestore(); if (dflag) { vprintf(stdout, "Verify the directory structure\n"); treescan(".", UFS_ROOTINO, verifyfile); } dumpsymtable(symtbl, (long)1); break; /* * Resume an incremental file system restoration. */ case 'R': initsymtable(symtbl); skipmaps(); skipdirs(); createleaves(symtbl); createlinks(); setdirmodes(FORCE); checkrestore(); dumpsymtable(symtbl, (long)1); break; /* * List contents of tape. */ case 't': setup(); extractdirs(0); initsymtable((char *)0); while (argc--) { canon(*argv++, name, sizeof(name)); ino = dirlookup(name); if (ino == 0) continue; treescan(name, ino, listfile); } break; /* * Batch extraction of tape contents. */ case 'x': setup(); extractdirs(1); initsymtable((char *)0); while (argc--) { canon(*argv++, name, sizeof(name)); ino = dirlookup(name); if (ino == 0) continue; if (mflag) pathcheck(name); treescan(name, ino, addfile); } createfiles(); createlinks(); setdirmodes(0); if (dflag) checkrestore(); break; } done(0); /* NOTREACHED */ } static void usage() { const char *const common = "[-b blocksize] [-f file | -P pipecommand] [-s fileno]"; const char *const fileell = "[file ...]"; (void)fprintf(stderr, "usage:\t%s %s\n\t%s %s\n\t%s %s\n" "\t%s %s %s\n\t%s %s %s\n", "restore -i [-dhmNuvy]", common, "restore -R [-dNuvy]", common, "restore -r [-dNuvy]", common, "restore -t [-dhNuvy]", common, fileell, "restore -x [-dhmNuvy]", common, fileell); done(1); } /* * obsolete -- * Change set of key letters and ordered arguments into something * getopt(3) will like. */ static void obsolete(int *argcp, char **argvp[]) { int argc, flags; char *ap, **argv, *flagsp, **nargv, *p; /* Setup. */ argv = *argvp; argc = *argcp; /* Return if no arguments or first argument has leading dash. */ ap = argv[1]; if (argc == 1 || *ap == '-') return; /* Allocate space for new arguments. */ if ((*argvp = nargv = malloc((argc + 1) * sizeof(char *))) == NULL || (p = flagsp = malloc(strlen(ap) + 2)) == NULL) err(1, NULL); *nargv++ = *argv; argv += 2, argc -= 2; for (flags = 0; *ap; ++ap) { switch (*ap) { case 'b': case 'f': case 's': if (*argv == NULL) { warnx("option requires an argument -- %c", *ap); usage(); } if ((nargv[0] = malloc(strlen(*argv) + 2 + 1)) == NULL) err(1, NULL); nargv[0][0] = '-'; nargv[0][1] = *ap; (void)strcpy(&nargv[0][2], *argv); ++argv; ++nargv; break; default: if (!flags) { *p++ = '-'; flags = 1; } *p++ = *ap; break; } } /* Terminate flags. */ if (flags) { *p = '\0'; *nargv++ = flagsp; } else free(flagsp); /* Copy remaining arguments. */ while ((*nargv++ = *argv++)); /* Update argument count. */ *argcp = nargv - *argvp - 1; } diff --git a/sbin/restore/restore.8 b/sbin/restore/restore.8 index 1499b8d737de..b7b96a1a0d2a 100644 --- a/sbin/restore/restore.8 +++ b/sbin/restore/restore.8 @@ -1,504 +1,502 @@ .\" Copyright (c) 1985, 1991, 1993 .\" The Regents of the University of California. All rights reserved. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: .\" 1. Redistributions of source code must retain the above copyright .\" notice, this list of conditions and the following disclaimer. .\" 2. Redistributions in binary form must reproduce the above copyright .\" notice, this list of conditions and the following disclaimer in the .\" documentation and/or other materials provided with the distribution. .\" 3. Neither the name of the University nor the names of its contributors .\" may be used to endorse or promote products derived from this software .\" without specific prior written permission. .\" .\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE .\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" @(#)restore.8 8.4 (Berkeley) 5/1/95 -.\" .Dd October 12, 2006 .Dt RESTORE 8 .Os .Sh NAME .Nm restore , .Nm rrestore .Nd "restore files or file systems from backups made with dump" .Sh SYNOPSIS .Nm .Fl i .Op Fl dDhmNuvy .Op Fl b Ar blocksize .Op Fl f Ar file | Fl P Ar pipecommand .Op Fl s Ar fileno .Nm .Fl R .Op Fl dDNuvy .Op Fl b Ar blocksize .Op Fl f Ar file | Fl P Ar pipecommand .Op Fl s Ar fileno .Nm .Fl r .Op Fl dDNuvy .Op Fl b Ar blocksize .Op Fl f Ar file | Fl P Ar pipecommand .Op Fl s Ar fileno .Nm .Fl t .Op Fl dDhNuvy .Op Fl b Ar blocksize .Op Fl f Ar file | Fl P Ar pipecommand .Op Fl s Ar fileno .Op Ar .Nm .Fl x .Op Fl dDhmNuvy .Op Fl b Ar blocksize .Op Fl f Ar file | Fl P Ar pipecommand .Op Fl s Ar fileno .Op Ar .Sh DESCRIPTION The .Nm utility performs the inverse function of .Xr dump 8 . A full backup of a file system may be restored and subsequent incremental backups layered on top of it. Single files and directory subtrees may be restored from full or partial backups. The .Nm utility works across a network; to do this see the .Fl f and .Fl P flags described below. Other arguments to the command are file or directory names specifying the files that are to be restored. Unless the .Fl h flag is specified (see below), the appearance of a directory name refers to the files and (recursively) subdirectories of that directory. .Pp .Nm may also be invoked as .Nm rrestore . The .Bx 4.3 option syntax is implemented for backward compatibility, but is not documented here. .Pp Exactly one of the following flags is required: .Bl -tag -width Ds .It Fl i This mode allows interactive restoration of files from a dump. After reading in the directory information from the dump, .Nm provides a shell like interface that allows the user to move around the directory tree selecting files to be extracted. The available commands are given below; for those commands that require an argument, the default is the current directory. .Bl -tag -width Fl .It Ic add Op Ar arg The current directory or specified argument is added to the list of files to be extracted. If a directory is specified, then it and all its descendents are added to the extraction list (unless the .Fl h flag is specified on the command line). Files that are on the extraction list are prepended with a ``*'' when they are listed by .Ic ls . .It Ic \&cd Ar arg Change the current working directory to the specified argument. .It Ic delete Op Ar arg The current directory or specified argument is deleted from the list of files to be extracted. If a directory is specified, then it and all its descendents are deleted from the extraction list (unless the .Fl h flag is specified on the command line). The most expedient way to extract most of the files from a directory is to add the directory to the extraction list and then delete those files that are not needed. .It Ic extract All the files that are on the extraction list are extracted from the dump. The .Nm utility will ask which volume the user wishes to mount. The fastest way to extract a few files is to start with the last volume, and work towards the first volume. .It Ic help List a summary of the available commands. .It Ic \&ls Op Ar arg List the current or specified directory. Entries that are directories are appended with a ``/''. Entries that have been marked for extraction are prepended with a ``*''. If the verbose flag is set the inode number of each entry is also listed. .It Ic pwd Print the full pathname of the current working directory. .It Ic quit Exit immediately, even if the extraction list is not empty. .It Ic setmodes All the directories that have been added to the extraction list have their owner, modes, and times set; nothing is extracted from the dump. This is useful for cleaning up after a restore has been prematurely aborted. .It Ic verbose The sense of the .Fl v flag is toggled. When set, the verbose flag causes the .Ic ls command to list the inode numbers of all entries. It also causes .Nm to print out information about each file as it is extracted. .It Ic what Display dump header information, which includes: date, level, label, and the file system and host dump was made from. .El .It Fl R Request a particular tape of a multi volume set on which to restart a full restore (see the .Fl r flag below). This is useful if the restore has been interrupted. .It Fl r Restore (rebuild a file system). The target file system should be made pristine with .Xr newfs 8 , mounted and the user .Xr cd 1 Ns 'd into the pristine file system before starting the restoration of the initial level 0 backup. If the level 0 restores successfully, the .Fl r flag may be used to restore any necessary incremental backups on top of the level 0. The .Fl r flag precludes an interactive file extraction and can be detrimental to one's health if not used carefully (not to mention the disk). An example: .Bd -literal -offset indent newfs /dev/da0s1a mount /dev/da0s1a /mnt cd /mnt restore rf /dev/sa0 .Ed .Pp Note that .Nm leaves a file .Pa restoresymtable in the root directory to pass information between incremental restore passes. This file should be removed when the last incremental has been restored. .Pp The .Nm utility , in conjunction with .Xr newfs 8 and .Xr dump 8 , may be used to modify file system parameters such as size or block size. .It Fl t The names of the specified files are listed if they occur on the backup. If no file argument is given, then the root directory is listed, which results in the entire content of the backup being listed, unless the .Fl h flag has been specified. Note that the .Fl t flag replaces the function of the old .Xr dumpdir 8 program. .It Fl x The named files are read from the given media. If a named file matches a directory whose contents are on the backup and the .Fl h flag is not specified, the directory is recursively extracted. The owner, modification time, and mode are restored (if possible). If no file argument is given, then the root directory is extracted, which results in the entire content of the backup being extracted, unless the .Fl h flag has been specified. .El .Pp The following additional options may be specified: .Bl -tag -width Ds .It Fl b Ar blocksize The number of kilobytes per dump record. If the .Fl b option is not specified, .Nm tries to determine the media block size dynamically. .It Fl d Sends verbose debugging output to the standard error. .It Fl D This puts .Nm into degraded mode, causing restore to operate less efficiently but to try harder to read corrupted backups. .It Fl f Ar file Read the backup from .Ar file ; .Ar file may be a special device file like .Pa /dev/sa0 (a tape drive), .Pa /dev/da1c (a disk drive), an ordinary file, or .Sq Fl (the standard input). If the name of the file is of the form .Dq host:file , or .Dq user@host:file , .Nm reads from the named file on the remote host using .Xr rmt 8 . .It Fl P Ar pipecommand Use .Xr popen 3 to execute the .Xr sh 1 script string defined by .Ar pipecommand as the input for every volume in the backup. This child pipeline's .Dv stdout .Pq Pa /dev/fd/1 is redirected to the .Nm input stream, and the environment variable .Ev RESTORE_VOLUME is set to the current volume number being read. The .Ar pipecommand script is started each time a volume is loaded, as if it were a tape drive. .It Fl h Extract the actual directory, rather than the files that it references. This prevents hierarchical restoration of complete subtrees from the dump. .It Fl m Extract by inode numbers rather than by file name. This is useful if only a few files are being extracted, and one wants to avoid regenerating the complete pathname to the file. .It Fl N Do the extraction normally, but do not actually write any changes to disk. This can be used to check the integrity of dump media or other test purposes. .It Fl s Ar fileno Read from the specified .Ar fileno on a multi-file tape. File numbering starts at 1. .It Fl u When creating certain types of files, restore may generate a warning diagnostic if they already exist in the target directory. To prevent this, the .Fl u (unlink) flag causes restore to remove old entries before attempting to create new ones. This flag is recommended when using extended attributes to avoid improperly accumulating attributes on pre-existing files. .It Fl v Normally .Nm does its work silently. The .Fl v (verbose) flag causes it to type the name of each file it treats preceded by its file type. .It Fl y Do not ask the user whether to abort the restore in the event of an error. Always try to skip over the bad block(s) and continue. .El .Sh ENVIRONMENT .Bl -tag -width ".Ev TMPDIR" .It Ev TAPE Device from which to read backup. .It Ev TMPDIR Name of directory where temporary files are to be created. .El .Sh FILES .Bl -tag -width "./restoresymtable" -compact .It Pa /dev/sa0 the default tape drive .It Pa /tmp/rstdir* file containing directories on the tape. .It Pa /tmp/rstmode* owner, mode, and time stamps for directories. .It Pa \&./restoresymtable information passed between incremental restores. .El .Sh DIAGNOSTICS The .Nm utility complains if it gets a read error. If .Fl y has been specified, or the user responds .Ql y , .Nm will attempt to continue the restore. .Pp If a backup was made using more than one tape volume, .Nm will notify the user when it is time to mount the next volume. If the .Fl x or .Fl i flag has been specified, .Nm will also ask which volume the user wishes to mount. The fastest way to extract a few files is to start with the last volume, and work towards the first volume. .Pp There are numerous consistency checks that can be listed by .Nm . Most checks are self-explanatory or can ``never happen''. Common errors are given below. .Pp .Bl -tag -width Ds -compact .It : not found on tape The specified file name was listed in the tape directory, but was not found on the tape. This is caused by tape read errors while looking for the file, and from using a dump tape created on an active file system. .Pp .It expected next file , got A file that was not listed in the directory showed up. This can occur when using a dump created on an active file system. .Pp .It Incremental dump too low When doing incremental restore, a dump that was written before the previous incremental dump, or that has too low an incremental level has been loaded. .Pp .It Incremental dump too high When doing incremental restore, a dump that does not begin its coverage where the previous incremental dump left off, or that has too high an incremental level has been loaded. .Pp .It Tape read error while restoring .It Tape read error while skipping over inode .It Tape read error while trying to resynchronize A tape (or other media) read error has occurred. If a file name is specified, then its contents are probably partially wrong. If an inode is being skipped or the tape is trying to resynchronize, then no extracted files have been corrupted, though files may not be found on the tape. .Pp .It resync restore, skipped blocks After a dump read error, .Nm may have to resynchronize itself. This message lists the number of blocks that were skipped over. .El .Sh SEE ALSO .Xr dump 8 , .Xr mount 8 , .Xr newfs 8 , .Xr rmt 8 .Sh HISTORY The .Nm utility appeared in .Bx 4.2 . .Sh BUGS The .Nm utility can get confused when doing incremental restores from dumps that were made on active file systems without the .Fl L option (see .Xr dump 8 ) . .Pp A level zero dump must be done after a full restore. Because restore runs in user code, it has no control over inode allocation; thus a full dump must be done to get a new set of directories reflecting the new inode numbering, even though the contents of the files is unchanged. .Pp To do a network restore, you have to run restore as root. This is due to the previous security history of dump and restore. (restore is written to be setuid root, but we are not certain all bugs are gone from the restore code - run setuid at your own risk.) .Pp The temporary files .Pa /tmp/rstdir* and .Pa /tmp/rstmode* are generated with a unique name based on the date of the dump and the process ID (see .Xr mktemp 3 ) , except for when .Fl r or .Fl R is used. Because .Fl R allows you to restart a .Fl r operation that may have been interrupted, the temporary files should be the same across different processes. In all other cases, the files are unique because it is possible to have two different dumps started at the same time, and separate operations should not conflict with each other. diff --git a/sbin/restore/restore.c b/sbin/restore/restore.c index 33e97c18c41c..bfe0f5f49fdc 100644 --- a/sbin/restore/restore.c +++ b/sbin/restore/restore.c @@ -1,860 +1,857 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1983, 1993 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #ifndef lint -#if 0 -static char sccsid[] = "@(#)restore.c 8.3 (Berkeley) 9/13/94"; -#endif #endif /* not lint */ #include #include #include #include #include #include #include #include "restore.h" #include "extern.h" static char *keyval(int); /* * This implements the 't' option. * List entries on the tape. */ long listfile(char *name, ino_t ino, int type) { long descend = hflag ? GOOD : FAIL; if (TSTINO(ino, dumpmap) == 0) return (descend); vprintf(stdout, "%s", type == LEAF ? "leaf" : "dir "); fprintf(stdout, "%10ju\t%s\n", (uintmax_t)ino, name); return (descend); } /* * This implements the 'x' option. * Request that new entries be extracted. */ long addfile(char *name, ino_t ino, int type) { struct entry *ep; long descend = hflag ? GOOD : FAIL; char buf[100]; if (TSTINO(ino, dumpmap) == 0) { dprintf(stdout, "%s: not on the tape\n", name); return (descend); } if (ino == UFS_WINO && command == 'i' && !vflag) return (descend); if (!mflag) { (void) sprintf(buf, "./%ju", (uintmax_t)ino); name = buf; if (type == NODE) { (void) genliteraldir(name, ino); return (descend); } } ep = lookupino(ino); if (ep != NULL) { if (strcmp(name, myname(ep)) == 0) { ep->e_flags |= NEW; return (descend); } type |= LINK; } ep = addentry(name, ino, type); if (type == NODE) newnode(ep); ep->e_flags |= NEW; return (descend); } /* * This is used by the 'i' option to undo previous requests made by addfile. * Delete entries from the request queue. */ /* ARGSUSED */ long deletefile(char *name, ino_t ino, int type) { long descend = hflag ? GOOD : FAIL; struct entry *ep; if (TSTINO(ino, dumpmap) == 0) return (descend); ep = lookupname(name); if (ep != NULL) { ep->e_flags &= ~NEW; ep->e_flags |= REMOVED; if (ep->e_type != NODE) freeentry(ep); } return (descend); } /* * The following four routines implement the incremental * restore algorithm. The first removes old entries, the second * does renames and calculates the extraction list, the third * cleans up link names missed by the first two, and the final * one deletes old directories. * * Directories cannot be immediately deleted, as they may have * other files in them which need to be moved out first. As * directories to be deleted are found, they are put on the * following deletion list. After all deletions and renames * are done, this list is actually deleted. */ static struct entry *removelist; /* * Remove invalid whiteouts from the old tree. * Remove unneeded leaves from the old tree. * Remove directories from the lookup chains. */ void removeoldleaves(void) { struct entry *ep, *nextep; ino_t i, mydirino; vprintf(stdout, "Mark entries to be removed.\n"); if ((ep = lookupino(UFS_WINO))) { vprintf(stdout, "Delete whiteouts\n"); for ( ; ep != NULL; ep = nextep) { nextep = ep->e_links; mydirino = ep->e_parent->e_ino; /* * We remove all whiteouts that are in directories * that have been removed or that have been dumped. */ if (TSTINO(mydirino, usedinomap) && !TSTINO(mydirino, dumpmap)) continue; delwhiteout(ep); freeentry(ep); } } for (i = UFS_ROOTINO + 1; i < maxino; i++) { ep = lookupino(i); if (ep == NULL) continue; if (TSTINO(i, usedinomap)) continue; for ( ; ep != NULL; ep = ep->e_links) { dprintf(stdout, "%s: REMOVE\n", myname(ep)); if (ep->e_type == LEAF) { removeleaf(ep); freeentry(ep); } else { mktempname(ep); deleteino(ep->e_ino); ep->e_next = removelist; removelist = ep; } } } } /* * For each directory entry on the incremental tape, determine which * category it falls into as follows: * KEEP - entries that are to be left alone. * NEW - new entries to be added. * EXTRACT - files that must be updated with new contents. * LINK - new links to be added. * Renames are done at the same time. */ long nodeupdates(char *name, ino_t ino, int type) { struct entry *ep, *np, *ip; long descend = GOOD; int lookuptype = 0; int key = 0; /* key values */ # define ONTAPE 0x1 /* inode is on the tape */ # define INOFND 0x2 /* inode already exists */ # define NAMEFND 0x4 /* name already exists */ # define MODECHG 0x8 /* mode of inode changed */ /* * This routine is called once for each element in the * directory hierarchy, with a full path name. * The "type" value is incorrectly specified as LEAF for * directories that are not on the dump tape. * * Check to see if the file is on the tape. */ if (TSTINO(ino, dumpmap)) key |= ONTAPE; /* * Check to see if the name exists, and if the name is a link. */ np = lookupname(name); if (np != NULL) { key |= NAMEFND; ip = lookupino(np->e_ino); if (ip == NULL) panic("corrupted symbol table\n"); if (ip != np) lookuptype = LINK; } /* * Check to see if the inode exists, and if one of its links * corresponds to the name (if one was found). */ ip = lookupino(ino); if (ip != NULL) { key |= INOFND; for (ep = ip->e_links; ep != NULL; ep = ep->e_links) { if (ep == np) { ip = ep; break; } } } /* * If both a name and an inode are found, but they do not * correspond to the same file, then both the inode that has * been found and the inode corresponding to the name that * has been found need to be renamed. The current pathname * is the new name for the inode that has been found. Since * all files to be deleted have already been removed, the * named file is either a now unneeded link, or it must live * under a new name in this dump level. If it is a link, it * can be removed. If it is not a link, it is given a * temporary name in anticipation that it will be renamed * when it is later found by inode number. */ if (((key & (INOFND|NAMEFND)) == (INOFND|NAMEFND)) && ip != np) { if (lookuptype == LINK) { removeleaf(np); freeentry(np); } else { dprintf(stdout, "name/inode conflict, mktempname %s\n", myname(np)); mktempname(np); } np = NULL; key &= ~NAMEFND; } if ((key & ONTAPE) && (((key & INOFND) && ip->e_type != type) || ((key & NAMEFND) && np->e_type != type))) key |= MODECHG; /* * Decide on the disposition of the file based on its flags. * Note that we have already handled the case in which * a name and inode are found that correspond to different files. * Thus if both NAMEFND and INOFND are set then ip == np. */ switch (key) { /* * A previously existing file has been found. * Mark it as KEEP so that other links to the inode can be * detected, and so that it will not be reclaimed by the search * for unreferenced names. */ case INOFND|NAMEFND: ip->e_flags |= KEEP; dprintf(stdout, "[%s] %s: %s\n", keyval(key), name, flagvalues(ip)); break; /* * A file on the tape has a name which is the same as a name * corresponding to a different file in the previous dump. * Since all files to be deleted have already been removed, * this file is either a now unneeded link, or it must live * under a new name in this dump level. If it is a link, it * can simply be removed. If it is not a link, it is given a * temporary name in anticipation that it will be renamed * when it is later found by inode number (see INOFND case * below). The entry is then treated as a new file. */ case ONTAPE|NAMEFND: case ONTAPE|NAMEFND|MODECHG: if (lookuptype == LINK) { removeleaf(np); freeentry(np); } else { mktempname(np); } /* FALLTHROUGH */ /* * A previously non-existent file. * Add it to the file system, and request its extraction. * If it is a directory, create it immediately. * (Since the name is unused there can be no conflict) */ case ONTAPE: ep = addentry(name, ino, type); if (type == NODE) newnode(ep); ep->e_flags |= NEW|KEEP; dprintf(stdout, "[%s] %s: %s\n", keyval(key), name, flagvalues(ep)); break; /* * A file with the same inode number, but a different * name has been found. If the other name has not already * been found (indicated by the KEEP flag, see above) then * this must be a new name for the file, and it is renamed. * If the other name has been found then this must be a * link to the file. Hard links to directories are not * permitted, and are either deleted or converted to * symbolic links. Finally, if the file is on the tape, * a request is made to extract it. */ case ONTAPE|INOFND: if (type == LEAF && (ip->e_flags & KEEP) == 0) ip->e_flags |= EXTRACT; /* FALLTHROUGH */ case INOFND: if ((ip->e_flags & KEEP) == 0) { renameit(myname(ip), name); moveentry(ip, name); ip->e_flags |= KEEP; dprintf(stdout, "[%s] %s: %s\n", keyval(key), name, flagvalues(ip)); break; } if (ip->e_type == NODE) { descend = FAIL; fprintf(stderr, "deleted hard link %s to directory %s\n", name, myname(ip)); break; } ep = addentry(name, ino, type|LINK); ep->e_flags |= NEW; dprintf(stdout, "[%s] %s: %s|LINK\n", keyval(key), name, flagvalues(ep)); break; /* * A previously known file which is to be updated. If it is a link, * then all names referring to the previous file must be removed * so that the subset of them that remain can be recreated. */ case ONTAPE|INOFND|NAMEFND: if (lookuptype == LINK) { removeleaf(np); freeentry(np); ep = addentry(name, ino, type|LINK); if (type == NODE) newnode(ep); ep->e_flags |= NEW|KEEP; dprintf(stdout, "[%s] %s: %s|LINK\n", keyval(key), name, flagvalues(ep)); break; } if (type == LEAF && lookuptype != LINK) np->e_flags |= EXTRACT; np->e_flags |= KEEP; dprintf(stdout, "[%s] %s: %s\n", keyval(key), name, flagvalues(np)); break; /* * An inode is being reused in a completely different way. * Normally an extract can simply do an "unlink" followed * by a "creat". Here we must do effectively the same * thing. The complications arise because we cannot really * delete a directory since it may still contain files * that we need to rename, so we delete it from the symbol * table, and put it on the list to be deleted eventually. * Conversely if a directory is to be created, it must be * done immediately, rather than waiting until the * extraction phase. */ case ONTAPE|INOFND|MODECHG: case ONTAPE|INOFND|NAMEFND|MODECHG: if (ip->e_flags & KEEP) { badentry(ip, "cannot KEEP and change modes"); break; } if (ip->e_type == LEAF) { /* changing from leaf to node */ for (ip = lookupino(ino); ip != NULL; ip = ip->e_links) { if (ip->e_type != LEAF) badentry(ip, "NODE and LEAF links to same inode"); removeleaf(ip); freeentry(ip); } ip = addentry(name, ino, type); newnode(ip); } else { /* changing from node to leaf */ if ((ip->e_flags & TMPNAME) == 0) mktempname(ip); deleteino(ip->e_ino); ip->e_next = removelist; removelist = ip; ip = addentry(name, ino, type); } ip->e_flags |= NEW|KEEP; dprintf(stdout, "[%s] %s: %s\n", keyval(key), name, flagvalues(ip)); break; /* * A hard link to a directory that has been removed. * Ignore it. */ case NAMEFND: dprintf(stdout, "[%s] %s: Extraneous name\n", keyval(key), name); descend = FAIL; break; /* * If we find a directory entry for a file that is not on * the tape, then we must have found a file that was created * while the dump was in progress. Since we have no contents * for it, we discard the name knowing that it will be on the * next incremental tape. */ case 0: fprintf(stderr, "%s: (inode %ju) not found on tape\n", name, (uintmax_t)ino); break; /* * If any of these arise, something is grievously wrong with * the current state of the symbol table. */ case INOFND|NAMEFND|MODECHG: case NAMEFND|MODECHG: case INOFND|MODECHG: fprintf(stderr, "[%s] %s: inconsistent state\n", keyval(key), name); break; /* * These states "cannot" arise for any state of the symbol table. */ case ONTAPE|MODECHG: case MODECHG: default: panic("[%s] %s: impossible state\n", keyval(key), name); break; } return (descend); } /* * Calculate the active flags in a key. */ static char * keyval(int key) { static char keybuf[32]; (void) strcpy(keybuf, "|NIL"); keybuf[0] = '\0'; if (key & ONTAPE) (void) strcat(keybuf, "|ONTAPE"); if (key & INOFND) (void) strcat(keybuf, "|INOFND"); if (key & NAMEFND) (void) strcat(keybuf, "|NAMEFND"); if (key & MODECHG) (void) strcat(keybuf, "|MODECHG"); return (&keybuf[1]); } /* * Find unreferenced link names. */ void findunreflinks(void) { struct entry *ep, *np; ino_t i; vprintf(stdout, "Find unreferenced names.\n"); for (i = UFS_ROOTINO; i < maxino; i++) { ep = lookupino(i); if (ep == NULL || ep->e_type == LEAF || TSTINO(i, dumpmap) == 0) continue; for (np = ep->e_entries; np != NULL; np = np->e_sibling) { if (np->e_flags == 0) { dprintf(stdout, "%s: remove unreferenced name\n", myname(np)); removeleaf(np); freeentry(np); } } } /* * Any leaves remaining in removed directories is unreferenced. */ for (ep = removelist; ep != NULL; ep = ep->e_next) { for (np = ep->e_entries; np != NULL; np = np->e_sibling) { if (np->e_type == LEAF) { if (np->e_flags != 0) badentry(np, "unreferenced with flags"); dprintf(stdout, "%s: remove unreferenced name\n", myname(np)); removeleaf(np); freeentry(np); } } } } /* * Remove old nodes (directories). * Note that this routine runs in O(N*D) where: * N is the number of directory entries to be removed. * D is the maximum depth of the tree. * If N == D this can be quite slow. If the list were * topologically sorted, the deletion could be done in * time O(N). */ void removeoldnodes(void) { struct entry *ep, **prev; long change; vprintf(stdout, "Remove old nodes (directories).\n"); do { change = 0; prev = &removelist; for (ep = removelist; ep != NULL; ep = *prev) { if (ep->e_entries != NULL) { prev = &ep->e_next; continue; } *prev = ep->e_next; removenode(ep); freeentry(ep); change++; } } while (change); for (ep = removelist; ep != NULL; ep = ep->e_next) badentry(ep, "cannot remove, non-empty"); } /* * This is the routine used to extract files for the 'r' command. * Extract new leaves. */ void createleaves(char *symtabfile) { struct entry *ep; ino_t first; long curvol; if (command == 'R') { vprintf(stdout, "Continue extraction of new leaves\n"); } else { vprintf(stdout, "Extract new leaves.\n"); dumpsymtable(symtabfile, volno); } first = lowerbnd(UFS_ROOTINO); curvol = volno; while (curfile.ino < maxino) { first = lowerbnd(first); /* * If the next available file is not the one which we * expect then we have missed one or more files. Since * we do not request files that were not on the tape, * the lost files must have been due to a tape read error, * or a file that was removed while the dump was in progress. */ while (first < curfile.ino) { ep = lookupino(first); if (ep == NULL) panic("%ju: bad first\n", (uintmax_t)first); fprintf(stderr, "%s: not found on tape\n", myname(ep)); ep->e_flags &= ~(NEW|EXTRACT); first = lowerbnd(first); } /* * If we find files on the tape that have no corresponding * directory entries, then we must have found a file that * was created while the dump was in progress. Since we have * no name for it, we discard it knowing that it will be * on the next incremental tape. */ if (first != curfile.ino) { fprintf(stderr, "expected next file %ju, got %ju\n", (uintmax_t)first, (uintmax_t)curfile.ino); skipfile(); goto next; } ep = lookupino(curfile.ino); if (ep == NULL) panic("unknown file on tape\n"); if ((ep->e_flags & (NEW|EXTRACT)) == 0) badentry(ep, "unexpected file on tape"); /* * If the file is to be extracted, then the old file must * be removed since its type may change from one leaf type * to another (e.g. "file" to "character special"). */ if ((ep->e_flags & EXTRACT) != 0) { removeleaf(ep); ep->e_flags &= ~REMOVED; } (void) extractfile(myname(ep)); ep->e_flags &= ~(NEW|EXTRACT); /* * We checkpoint the restore after every tape reel, so * as to simplify the amount of work required by the * 'R' command. */ next: if (curvol != volno) { dumpsymtable(symtabfile, volno); skipmaps(); curvol = volno; } } } /* * This is the routine used to extract files for the 'x' and 'i' commands. * Efficiently extract a subset of the files on a tape. */ void createfiles(void) { ino_t first, next, last; struct entry *ep; long curvol; vprintf(stdout, "Extract requested files\n"); curfile.action = SKIP; getvol((long)1); skipmaps(); skipdirs(); first = lowerbnd(UFS_ROOTINO); last = upperbnd(maxino - 1); for (;;) { curvol = volno; first = lowerbnd(first); last = upperbnd(last); /* * Check to see if any files remain to be extracted */ if (first > last) return; if (Dflag) { if (curfile.ino == maxino) return; if((ep = lookupino(curfile.ino)) != NULL && (ep->e_flags & (NEW|EXTRACT))) { goto justgetit; } else { skipfile(); continue; } } /* * Reject any volumes with inodes greater than the last * one needed, so that we can quickly skip backwards to * a volume containing useful inodes. We can't do this * if there are no further volumes available (curfile.ino * >= maxino) or if we are already at the first tape. */ if (curfile.ino > last && curfile.ino < maxino && volno > 1) { curfile.action = SKIP; getvol((long)0); skipmaps(); skipdirs(); continue; } /* * Decide on the next inode needed. * Skip across the inodes until it is found * or a volume change is encountered */ if (curfile.ino < maxino) { next = lowerbnd(curfile.ino); while (next > curfile.ino && volno == curvol) skipfile(); if (volno != curvol) { skipmaps(); skipdirs(); continue; } } else { /* * No further volumes or inodes available. Set * `next' to the first inode, so that a warning * is emitted below for each missing file. */ next = first; } /* * If the current inode is greater than the one we were * looking for then we missed the one we were looking for. * Since we only attempt to extract files listed in the * dump map, the lost files must have been due to a tape * read error, or a file that was removed while the dump * was in progress. Thus we report all requested files * between the one we were looking for, and the one we * found as missing, and delete their request flags. */ while (next < curfile.ino) { ep = lookupino(next); if (ep == NULL) panic("corrupted symbol table\n"); fprintf(stderr, "%s: not found on tape\n", myname(ep)); ep->e_flags &= ~NEW; next = lowerbnd(next); } /* * The current inode is the one that we are looking for, * so extract it per its requested name. */ if (next == curfile.ino && next <= last) { ep = lookupino(next); if (ep == NULL) panic("corrupted symbol table\n"); justgetit: (void) extractfile(myname(ep)); ep->e_flags &= ~NEW; if (volno != curvol) skipmaps(); } } } /* * Add links. */ void createlinks(void) { struct entry *np, *ep; ino_t i; char name[BUFSIZ]; if ((ep = lookupino(UFS_WINO))) { vprintf(stdout, "Add whiteouts\n"); for ( ; ep != NULL; ep = ep->e_links) { if ((ep->e_flags & NEW) == 0) continue; (void) addwhiteout(myname(ep)); ep->e_flags &= ~NEW; } } vprintf(stdout, "Add links\n"); for (i = UFS_ROOTINO; i < maxino; i++) { ep = lookupino(i); if (ep == NULL) continue; for (np = ep->e_links; np != NULL; np = np->e_links) { if ((np->e_flags & NEW) == 0) continue; (void) strcpy(name, myname(ep)); if (ep->e_type == NODE) { (void) linkit(name, myname(np), SYMLINK); } else { (void) linkit(name, myname(np), HARDLINK); } np->e_flags &= ~NEW; } } } /* * Check the symbol table. * We do this to insure that all the requested work was done, and * that no temporary names remain. */ void checkrestore(void) { struct entry *ep; ino_t i; vprintf(stdout, "Check the symbol table.\n"); for (i = UFS_WINO; i < maxino; i++) { for (ep = lookupino(i); ep != NULL; ep = ep->e_links) { ep->e_flags &= ~KEEP; if (ep->e_type == NODE) ep->e_flags &= ~(NEW|EXISTED); if (ep->e_flags != 0) badentry(ep, "incomplete operations"); } } } /* * Compare with the directory structure on the tape * A paranoid check that things are as they should be. */ long verifyfile(char *name, ino_t ino, int type) { struct entry *np, *ep; long descend = GOOD; ep = lookupname(name); if (ep == NULL) { fprintf(stderr, "Warning: missing name %s\n", name); return (FAIL); } np = lookupino(ino); if (np != ep) descend = FAIL; for ( ; np != NULL; np = np->e_links) if (np == ep) break; if (np == NULL) panic("missing inumber %ju\n", (uintmax_t)ino); if (ep->e_type == LEAF && type != LEAF) badentry(ep, "type should be LEAF"); return (descend); } diff --git a/sbin/restore/restore.h b/sbin/restore/restore.h index e4db29340b8e..e54555f39dd8 100644 --- a/sbin/restore/restore.h +++ b/sbin/restore/restore.h @@ -1,154 +1,152 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1983, 1993 * The Regents of the University of California. All rights reserved. * (c) UNIX System Laboratories, Inc. * All or some portions of this file are derived from material licensed * to the University of California by American Telephone and Telegraph * Co. or Unix System Laboratories, Inc. and are reproduced herein with * the permission of UNIX System Laboratories, Inc. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. - * - * @(#)restore.h 8.3 (Berkeley) 9/13/94 */ /* * Flags */ extern int bflag; /* set input block size */ extern int dflag; /* print out debugging info */ extern int Dflag; /* degraded mode - try hard to get stuff back */ extern int hflag; /* restore hierarchies */ extern int mflag; /* restore by name instead of inode number */ extern int Nflag; /* do not write the disk */ extern int uflag; /* unlink symlink targets */ extern int vflag; /* print out actions taken */ extern int yflag; /* always try to recover from tape errors */ /* * Global variables */ extern char *dumpmap; /* map of inodes on this dump tape */ extern char *usedinomap; /* map of inodes that are in use on this fs */ extern ino_t maxino; /* highest numbered inode in this file system */ extern long dumpnum; /* location of the dump on this tape */ extern long volno; /* current volume being read */ extern long ntrec; /* number of TP_BSIZE records per tape block */ extern time_t dumptime; /* time that this dump begins */ extern time_t dumpdate; /* time that this dump was made */ extern char command; /* opration being performed */ extern FILE *terminal; /* file descriptor for the terminal input */ extern int Bcvt; /* need byte swapping on inodes and dirs */ extern int oldinofmt; /* reading tape with FreeBSD 1 format inodes */ /* * Each file in the file system is described by one of these entries */ struct entry { char *e_name; /* the current name of this entry */ u_char e_namlen; /* length of this name */ char e_type; /* type of this entry, see below */ short e_flags; /* status flags, see below */ ino_t e_ino; /* inode number in previous file sys */ long e_index; /* unique index (for dumpped table) */ struct entry *e_parent; /* pointer to parent directory (..) */ struct entry *e_sibling; /* next element in this directory (.) */ struct entry *e_links; /* hard links to this inode */ struct entry *e_entries; /* for directories, their entries */ struct entry *e_next; /* hash chain list */ }; /* types */ #define LEAF 1 /* non-directory entry */ #define NODE 2 /* directory entry */ #define LINK 4 /* synthesized type, stripped by addentry */ /* flags */ #define EXTRACT 0x0001 /* entry is to be replaced from the tape */ #define NEW 0x0002 /* a new entry to be extracted */ #define KEEP 0x0004 /* entry is not to change */ #define REMOVED 0x0010 /* entry has been removed */ #define TMPNAME 0x0020 /* entry has been given a temporary name */ #define EXISTED 0x0040 /* directory already existed during extract */ /* * Constants associated with entry structs */ #define HARDLINK 1 #define SYMLINK 2 #define TMPHDR "RSTTMP" /* * The entry describes the next file available on the tape */ extern struct context { short action; /* action being taken on this file */ mode_t mode; /* mode of file */ ino_t ino; /* inumber of file */ uid_t uid; /* file owner */ gid_t gid; /* file group */ int file_flags; /* status flags (chflags) */ int rdev; /* device number of file */ time_t atime_sec; /* access time seconds */ time_t mtime_sec; /* modified time seconds */ time_t birthtime_sec; /* creation time seconds */ int atime_nsec; /* access time nanoseconds */ int mtime_nsec; /* modified time nanoseconds */ int birthtime_nsec; /* creation time nanoseconds */ int extsize; /* size of extended attribute data */ off_t size; /* size of file */ char *name; /* name of file */ } curfile; /* actions */ #define USING 1 /* extracting from the tape */ #define SKIP 2 /* skipping */ #define UNKNOWN 3 /* disposition or starting point is unknown */ /* * Definitions for library routines operating on directories. */ typedef struct rstdirdesc RST_DIR; /* * Flags to setdirmodes. */ #define FORCE 0x0001 /* * Useful macros */ #define TSTINO(ino, map) \ (map[(u_int)((ino) - 1) / CHAR_BIT] & \ (1 << ((u_int)((ino) - 1) % CHAR_BIT))) #define SETINO(ino, map) \ map[(u_int)((ino) - 1) / CHAR_BIT] |= \ 1 << ((u_int)((ino) - 1) % CHAR_BIT) #define dprintf if (dflag) fprintf #define vprintf if (vflag) fprintf #define GOOD 1 #define FAIL 0 #define NFS_DR_NEWINODEFMT 0x2 /* Tape uses 4.4 BSD inode format */ diff --git a/sbin/restore/symtab.c b/sbin/restore/symtab.c index 0172a2c593d0..6b3a136f88bf 100644 --- a/sbin/restore/symtab.c +++ b/sbin/restore/symtab.c @@ -1,615 +1,612 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1983, 1993 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #ifndef lint -#if 0 -static char sccsid[] = "@(#)symtab.c 8.3 (Berkeley) 4/28/95"; -#endif #endif /* not lint */ /* * These routines maintain the symbol table which tracks the state * of the file system being restored. They provide lookup by either * name or inode number. They also provide for creation, deletion, * and renaming of entries. Because of the dynamic nature of pathnames, * names should not be saved, but always constructed just before they * are needed, by calling "myname". */ #include #include #include #include #include #include #include #include #include #include #include #include "restore.h" #include "extern.h" /* * The following variables define the inode symbol table. * The primary hash table is dynamically allocated based on * the number of inodes in the file system (maxino), scaled by * HASHFACTOR. The variable "entry" points to the hash table; * the variable "entrytblsize" indicates its size (in entries). */ #define HASHFACTOR 5 static struct entry **entry; static long entrytblsize; static void addino(ino_t, struct entry *); static struct entry *lookupparent(char *); static void removeentry(struct entry *); /* * Look up an entry by inode number */ struct entry * lookupino(ino_t inum) { struct entry *ep; if (inum < UFS_WINO || inum >= maxino) return (NULL); for (ep = entry[inum % entrytblsize]; ep != NULL; ep = ep->e_next) if (ep->e_ino == inum) return (ep); return (NULL); } /* * Add an entry into the entry table */ static void addino(ino_t inum, struct entry *np) { struct entry **epp; if (inum < UFS_WINO || inum >= maxino) panic("addino: out of range %ju\n", (uintmax_t)inum); epp = &entry[inum % entrytblsize]; np->e_ino = inum; np->e_next = *epp; *epp = np; if (dflag) for (np = np->e_next; np != NULL; np = np->e_next) if (np->e_ino == inum) badentry(np, "duplicate inum"); } /* * Delete an entry from the entry table */ void deleteino(ino_t inum) { struct entry *next; struct entry **prev; if (inum < UFS_WINO || inum >= maxino) panic("deleteino: out of range %ju\n", (uintmax_t)inum); prev = &entry[inum % entrytblsize]; for (next = *prev; next != NULL; next = next->e_next) { if (next->e_ino == inum) { next->e_ino = 0; *prev = next->e_next; return; } prev = &next->e_next; } panic("deleteino: %ju not found\n", (uintmax_t)inum); } /* * Look up an entry by name */ struct entry * lookupname(char *name) { struct entry *ep; char *np, *cp; char buf[MAXPATHLEN]; cp = name; for (ep = lookupino(UFS_ROOTINO); ep != NULL; ep = ep->e_entries) { for (np = buf; *cp != '/' && *cp != '\0' && np < &buf[sizeof(buf)]; ) *np++ = *cp++; if (np == &buf[sizeof(buf)]) break; *np = '\0'; for ( ; ep != NULL; ep = ep->e_sibling) if (strcmp(ep->e_name, buf) == 0) break; if (ep == NULL) break; if (*cp++ == '\0') return (ep); } return (NULL); } /* * Look up the parent of a pathname */ static struct entry * lookupparent(char *name) { struct entry *ep; char *tailindex; tailindex = strrchr(name, '/'); if (tailindex == NULL) return (NULL); *tailindex = '\0'; ep = lookupname(name); *tailindex = '/'; if (ep == NULL) return (NULL); if (ep->e_type != NODE) panic("%s is not a directory\n", name); return (ep); } /* * Determine the current pathname of a node or leaf */ char * myname(struct entry *ep) { char *cp; static char namebuf[MAXPATHLEN]; for (cp = &namebuf[MAXPATHLEN - 2]; cp > &namebuf[ep->e_namlen]; ) { cp -= ep->e_namlen; memmove(cp, ep->e_name, (long)ep->e_namlen); if (ep == lookupino(UFS_ROOTINO)) return (cp); *(--cp) = '/'; ep = ep->e_parent; } panic("%s: pathname too long\n", cp); return(cp); } /* * Unused symbol table entries are linked together on a free list * headed by the following pointer. */ static struct entry *freelist = NULL; /* * add an entry to the symbol table */ struct entry * addentry(char *name, ino_t inum, int type) { struct entry *np, *ep; if (freelist != NULL) { np = freelist; freelist = np->e_next; memset(np, 0, (long)sizeof(struct entry)); } else { np = (struct entry *)calloc(1, sizeof(struct entry)); if (np == NULL) panic("no memory to extend symbol table\n"); } np->e_type = type & ~LINK; ep = lookupparent(name); if (ep == NULL) { if (inum != UFS_ROOTINO || lookupino(UFS_ROOTINO) != NULL) panic("bad name to addentry %s\n", name); np->e_name = savename(name); np->e_namlen = strlen(name); np->e_parent = np; addino(UFS_ROOTINO, np); return (np); } np->e_name = savename(strrchr(name, '/') + 1); np->e_namlen = strlen(np->e_name); np->e_parent = ep; np->e_sibling = ep->e_entries; ep->e_entries = np; if (type & LINK) { ep = lookupino(inum); if (ep == NULL) panic("link to non-existent name\n"); np->e_ino = inum; np->e_links = ep->e_links; ep->e_links = np; } else if (inum != 0) { if (lookupino(inum) != NULL) panic("duplicate entry\n"); addino(inum, np); } return (np); } /* * delete an entry from the symbol table */ void freeentry(struct entry *ep) { struct entry *np; ino_t inum; if (ep->e_flags != REMOVED) badentry(ep, "not marked REMOVED"); if (ep->e_type == NODE) { if (ep->e_links != NULL) badentry(ep, "freeing referenced directory"); if (ep->e_entries != NULL) badentry(ep, "freeing non-empty directory"); } if (ep->e_ino != 0) { np = lookupino(ep->e_ino); if (np == NULL) badentry(ep, "lookupino failed"); if (np == ep) { inum = ep->e_ino; deleteino(inum); if (ep->e_links != NULL) addino(inum, ep->e_links); } else { for (; np != NULL; np = np->e_links) { if (np->e_links == ep) { np->e_links = ep->e_links; break; } } if (np == NULL) badentry(ep, "link not found"); } } removeentry(ep); freename(ep->e_name); ep->e_next = freelist; freelist = ep; } /* * Relocate an entry in the tree structure */ void moveentry(struct entry *ep, char *newname) { struct entry *np; char *cp; np = lookupparent(newname); if (np == NULL) badentry(ep, "cannot move ROOT"); if (np != ep->e_parent) { removeentry(ep); ep->e_parent = np; ep->e_sibling = np->e_entries; np->e_entries = ep; } cp = strrchr(newname, '/') + 1; freename(ep->e_name); ep->e_name = savename(cp); ep->e_namlen = strlen(cp); if (strcmp(gentempname(ep), ep->e_name) == 0) ep->e_flags |= TMPNAME; else ep->e_flags &= ~TMPNAME; } /* * Remove an entry in the tree structure */ static void removeentry(struct entry *ep) { struct entry *np; np = ep->e_parent; if (np->e_entries == ep) { np->e_entries = ep->e_sibling; } else { for (np = np->e_entries; np != NULL; np = np->e_sibling) { if (np->e_sibling == ep) { np->e_sibling = ep->e_sibling; break; } } if (np == NULL) badentry(ep, "cannot find entry in parent list"); } } /* * Table of unused string entries, sorted by length. * * Entries are allocated in STRTBLINCR sized pieces so that names * of similar lengths can use the same entry. The value of STRTBLINCR * is chosen so that every entry has at least enough space to hold * a "struct strtbl" header. Thus every entry can be linked onto an * appropriate free list. * * NB. The macro "allocsize" below assumes that "struct strhdr" * has a size that is a power of two. */ struct strhdr { struct strhdr *next; }; #define STRTBLINCR (sizeof(struct strhdr)) #define allocsize(size) roundup2((size) + 1, STRTBLINCR) static struct strhdr strtblhdr[allocsize(NAME_MAX) / STRTBLINCR]; /* * Allocate space for a name. It first looks to see if it already * has an appropriate sized entry, and if not allocates a new one. */ char * savename(char *name) { struct strhdr *np; size_t len; char *cp; if (name == NULL) panic("bad name\n"); len = strlen(name); np = strtblhdr[len / STRTBLINCR].next; if (np != NULL) { strtblhdr[len / STRTBLINCR].next = np->next; cp = (char *)np; } else { cp = malloc(allocsize(len)); if (cp == NULL) panic("no space for string table\n"); } (void) strcpy(cp, name); return (cp); } /* * Free space for a name. The resulting entry is linked onto the * appropriate free list. */ void freename(char *name) { struct strhdr *tp, *np; tp = &strtblhdr[strlen(name) / STRTBLINCR]; np = (struct strhdr *)name; np->next = tp->next; tp->next = np; } /* * Useful quantities placed at the end of a dumped symbol table. */ struct symtableheader { int32_t volno; int32_t stringsize; int32_t entrytblsize; time_t dumptime; time_t dumpdate; ino_t maxino; int32_t ntrec; }; /* * dump a snapshot of the symbol table */ void dumpsymtable(char *filename, long checkpt) { struct entry *ep, *tep; ino_t i; struct entry temp, *tentry; long mynum = 1, stroff = 0; FILE *fd; struct symtableheader hdr; vprintf(stdout, "Checkpointing the restore\n"); if (Nflag) return; if ((fd = fopen(filename, "w")) == NULL) { fprintf(stderr, "fopen: %s\n", strerror(errno)); panic("cannot create save file %s for symbol table\n", filename); done(1); } clearerr(fd); /* * Assign indices to each entry * Write out the string entries */ for (i = UFS_WINO; i <= maxino; i++) { for (ep = lookupino(i); ep != NULL; ep = ep->e_links) { ep->e_index = mynum++; (void) fwrite(ep->e_name, sizeof(char), (int)allocsize(ep->e_namlen), fd); } } /* * Convert pointers to indexes, and output */ tep = &temp; stroff = 0; for (i = UFS_WINO; i <= maxino; i++) { for (ep = lookupino(i); ep != NULL; ep = ep->e_links) { memmove(tep, ep, (long)sizeof(struct entry)); tep->e_name = (char *)stroff; stroff += allocsize(ep->e_namlen); tep->e_parent = (struct entry *)ep->e_parent->e_index; if (ep->e_links != NULL) tep->e_links = (struct entry *)ep->e_links->e_index; if (ep->e_sibling != NULL) tep->e_sibling = (struct entry *)ep->e_sibling->e_index; if (ep->e_entries != NULL) tep->e_entries = (struct entry *)ep->e_entries->e_index; if (ep->e_next != NULL) tep->e_next = (struct entry *)ep->e_next->e_index; (void) fwrite((char *)tep, sizeof(struct entry), 1, fd); } } /* * Convert entry pointers to indexes, and output */ for (i = 0; i < entrytblsize; i++) { if (entry[i] == NULL) tentry = NULL; else tentry = (struct entry *)entry[i]->e_index; (void) fwrite((char *)&tentry, sizeof(struct entry *), 1, fd); } hdr.volno = checkpt; hdr.maxino = maxino; hdr.entrytblsize = entrytblsize; hdr.stringsize = stroff; hdr.dumptime = dumptime; hdr.dumpdate = dumpdate; hdr.ntrec = ntrec; (void) fwrite((char *)&hdr, sizeof(struct symtableheader), 1, fd); if (ferror(fd)) { fprintf(stderr, "fwrite: %s\n", strerror(errno)); panic("output error to file %s writing symbol table\n", filename); } (void) fclose(fd); } /* * Initialize a symbol table from a file */ void initsymtable(char *filename) { char *base; long tblsize; struct entry *ep; struct entry *baseep, *lep; struct symtableheader hdr; struct stat stbuf; long i; int fd; vprintf(stdout, "Initialize symbol table.\n"); if (filename == NULL) { entrytblsize = maxino / HASHFACTOR; entry = calloc((unsigned)entrytblsize, sizeof(struct entry *)); if (entry == NULL) panic("no memory for entry table\n"); ep = addentry(".", UFS_ROOTINO, NODE); ep->e_flags |= NEW; return; } if ((fd = open(filename, O_RDONLY, 0)) < 0) { fprintf(stderr, "open: %s\n", strerror(errno)); panic("cannot open symbol table file %s\n", filename); } if (fstat(fd, &stbuf) < 0) { fprintf(stderr, "stat: %s\n", strerror(errno)); panic("cannot stat symbol table file %s\n", filename); } tblsize = stbuf.st_size - sizeof(struct symtableheader); base = calloc(sizeof(char), (unsigned)tblsize); if (base == NULL) panic("cannot allocate space for symbol table\n"); if (read(fd, base, (int)tblsize) < 0 || read(fd, (char *)&hdr, sizeof(struct symtableheader)) < 0) { fprintf(stderr, "read: %s\n", strerror(errno)); panic("cannot read symbol table file %s\n", filename); } (void)close(fd); switch (command) { case 'r': /* * For normal continuation, insure that we are using * the next incremental tape */ if (hdr.dumpdate != dumptime) { if (hdr.dumpdate < dumptime) fprintf(stderr, "Incremental tape too low\n"); else fprintf(stderr, "Incremental tape too high\n"); done(1); } break; case 'R': /* * For restart, insure that we are using the same tape */ curfile.action = SKIP; dumptime = hdr.dumptime; dumpdate = hdr.dumpdate; if (!bflag) newtapebuf(hdr.ntrec); getvol(hdr.volno); break; default: panic("initsymtable called from command %c\n", command); break; } maxino = hdr.maxino; entrytblsize = hdr.entrytblsize; entry = (struct entry **) (base + tblsize - (entrytblsize * sizeof(struct entry *))); baseep = (struct entry *)(base + hdr.stringsize - sizeof(struct entry)); lep = (struct entry *)entry; for (i = 0; i < entrytblsize; i++) { if (entry[i] == NULL) continue; entry[i] = &baseep[(long)entry[i]]; } for (ep = &baseep[1]; ep < lep; ep++) { ep->e_name = base + (long)ep->e_name; ep->e_parent = &baseep[(long)ep->e_parent]; if (ep->e_sibling != NULL) ep->e_sibling = &baseep[(long)ep->e_sibling]; if (ep->e_links != NULL) ep->e_links = &baseep[(long)ep->e_links]; if (ep->e_entries != NULL) ep->e_entries = &baseep[(long)ep->e_entries]; if (ep->e_next != NULL) ep->e_next = &baseep[(long)ep->e_next]; } } diff --git a/sbin/restore/tape.c b/sbin/restore/tape.c index c3fe0d7d8b05..dde20333a437 100644 --- a/sbin/restore/tape.c +++ b/sbin/restore/tape.c @@ -1,1702 +1,1699 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1983, 1993 * The Regents of the University of California. All rights reserved. * (c) UNIX System Laboratories, Inc. * All or some portions of this file are derived from material licensed * to the University of California by American Telephone and Telegraph * Co. or Unix System Laboratories, Inc. and are reproduced herein with * the permission of UNIX System Laboratories, Inc. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #ifndef lint -#if 0 -static char sccsid[] = "@(#)tape.c 8.9 (Berkeley) 5/1/95"; -#endif #endif /* not lint */ #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include "restore.h" #include "extern.h" static long fssize = MAXBSIZE; static int mt = -1; static int pipein = 0; static int pipecmdin = 0; static FILE *popenfp = NULL; static char *magtape; static int blkcnt; static int numtrec; static char *tapebuf; static union u_spcl endoftapemark; static long byteslide = 0; static long blksread; /* blocks read since last header */ static int64_t tapeaddr = 0; /* current TP_BSIZE tape record */ static long tapesread; static jmp_buf restart; static int gettingfile = 0; /* restart has a valid frame */ static char *host = NULL; static int readmapflag; static int ofile; static char *map; static char lnkbuf[MAXPATHLEN + 1]; static int pathlen; struct context curfile; /* describes next file available on the tape */ union u_spcl u_spcl; /* mapping of variables in a control block */ int Bcvt; /* Swap Bytes */ int oldinofmt; /* FreeBSD 1 inode format needs cvt */ #define FLUSHTAPEBUF() blkcnt = ntrec + 1 char *namespace_names[] = EXTATTR_NAMESPACE_NAMES; static void accthdr(struct s_spcl *); static int checksum(int *); static void findinode(struct s_spcl *); static void findtapeblksize(void); static char *setupextattr(int); static void xtrattr(char *, size_t); static void skiphole(void (*)(char *, size_t), size_t *); static int gethead(struct s_spcl *); static void readtape(char *); static void setdumpnum(void); static u_long swabl(u_long); static u_char *swablong(u_char *, int); static u_char *swabshort(u_char *, int); static void terminateinput(void); static void xtrfile(char *, size_t); static void xtrlnkfile(char *, size_t); static void xtrlnkskip(char *, size_t); static void xtrmap(char *, size_t); static void xtrmapskip(char *, size_t); static void xtrskip(char *, size_t); /* * Set up an input source */ void setinput(char *source, int ispipecommand) { FLUSHTAPEBUF(); if (bflag) newtapebuf(ntrec); else newtapebuf(MAX(NTREC, HIGHDENSITYTREC)); terminal = stdin; if (ispipecommand) pipecmdin++; else #ifdef RRESTORE if (strchr(source, ':')) { host = source; source = strchr(host, ':'); *source++ = '\0'; if (rmthost(host) == 0) done(1); } else #endif if (strcmp(source, "-") == 0) { /* * Since input is coming from a pipe we must establish * our own connection to the terminal. */ terminal = fopen(_PATH_TTY, "r"); if (terminal == NULL) { (void)fprintf(stderr, "cannot open %s: %s\n", _PATH_TTY, strerror(errno)); terminal = fopen(_PATH_DEVNULL, "r"); if (terminal == NULL) { (void)fprintf(stderr, "cannot open %s: %s\n", _PATH_DEVNULL, strerror(errno)); done(1); } } pipein++; } /* no longer need or want root privileges */ if (setuid(getuid()) != 0) { fprintf(stderr, "setuid failed\n"); done(1); } magtape = strdup(source); if (magtape == NULL) { fprintf(stderr, "Cannot allocate space for magtape buffer\n"); done(1); } } void newtapebuf(long size) { static int tapebufsize = -1; ntrec = size; if (size <= tapebufsize) return; if (tapebuf != NULL) free(tapebuf - TP_BSIZE); tapebuf = malloc((size+1) * TP_BSIZE); if (tapebuf == NULL) { fprintf(stderr, "Cannot allocate space for tape buffer\n"); done(1); } tapebuf += TP_BSIZE; tapebufsize = size; } /* * Verify that the tape drive can be accessed and * that it actually is a dump tape. */ void setup(void) { int i, j, *ip; struct stat stbuf; vprintf(stdout, "Verify tape and initialize maps\n"); if (pipecmdin) { if (setenv("RESTORE_VOLUME", "1", 1) == -1) { fprintf(stderr, "Cannot set $RESTORE_VOLUME: %s\n", strerror(errno)); done(1); } popenfp = popen(magtape, "r"); mt = popenfp ? fileno(popenfp) : -1; } else #ifdef RRESTORE if (host) mt = rmtopen(magtape, 0); else #endif if (pipein) mt = 0; else mt = open(magtape, O_RDONLY, 0); if (mt < 0) { fprintf(stderr, "%s: %s\n", magtape, strerror(errno)); done(1); } volno = 1; setdumpnum(); FLUSHTAPEBUF(); if (!pipein && !pipecmdin && !bflag) findtapeblksize(); if (gethead(&spcl) == FAIL) { fprintf(stderr, "Tape is not a dump tape\n"); done(1); } if (pipein) { endoftapemark.s_spcl.c_magic = FS_UFS2_MAGIC; endoftapemark.s_spcl.c_type = TS_END; ip = (int *)&endoftapemark; j = sizeof(union u_spcl) / sizeof(int); i = 0; do i += *ip++; while (--j); endoftapemark.s_spcl.c_checksum = CHECKSUM - i; } if (vflag || command == 't') printdumpinfo(); dumptime = _time64_to_time(spcl.c_ddate); dumpdate = _time64_to_time(spcl.c_date); if (stat(".", &stbuf) < 0) { fprintf(stderr, "cannot stat .: %s\n", strerror(errno)); done(1); } if (stbuf.st_blksize > 0 && stbuf.st_blksize < TP_BSIZE ) fssize = TP_BSIZE; if (stbuf.st_blksize >= TP_BSIZE && stbuf.st_blksize <= MAXBSIZE) fssize = stbuf.st_blksize; if (((TP_BSIZE - 1) & stbuf.st_blksize) != 0) { fprintf(stderr, "Warning: filesystem with non-multiple-of-%d " "blocksize (%d);\n", TP_BSIZE, stbuf.st_blksize); fssize = roundup(fssize, TP_BSIZE); fprintf(stderr, "\twriting using blocksize %ld\n", fssize); } if (spcl.c_volume != 1) { fprintf(stderr, "Tape is not volume 1 of the dump\n"); done(1); } if (gethead(&spcl) == FAIL) { dprintf(stdout, "header read failed at %ld blocks\n", blksread); panic("no header after volume mark!\n"); } findinode(&spcl); if (spcl.c_type != TS_CLRI) { fprintf(stderr, "Cannot find file removal list\n"); done(1); } maxino = (spcl.c_count * TP_BSIZE * NBBY) + 1; dprintf(stdout, "maxino = %ju\n", (uintmax_t)maxino); map = calloc((unsigned)1, (unsigned)howmany(maxino, NBBY)); if (map == NULL) panic("no memory for active inode map\n"); usedinomap = map; curfile.action = USING; getfile(xtrmap, xtrmapskip, xtrmapskip); if (spcl.c_type != TS_BITS) { fprintf(stderr, "Cannot find file dump list\n"); done(1); } map = calloc((unsigned)1, (unsigned)howmany(maxino, NBBY)); if (map == (char *)NULL) panic("no memory for file dump list\n"); dumpmap = map; curfile.action = USING; getfile(xtrmap, xtrmapskip, xtrmapskip); /* * If there may be whiteout entries on the tape, pretend that the * whiteout inode exists, so that the whiteout entries can be * extracted. */ SETINO(UFS_WINO, dumpmap); /* 'r' restores don't call getvol() for tape 1, so mark it as read. */ if (command == 'r') tapesread = 1; } /* * Prompt user to load a new dump volume. * "Nextvol" is the next suggested volume to use. * This suggested volume is enforced when doing full * or incremental restores, but can be overridden by * the user when only extracting a subset of the files. */ void getvol(long nextvol) { int64_t prevtapea; long i, newvol, savecnt; union u_spcl tmpspcl; # define tmpbuf tmpspcl.s_spcl char buf[TP_BSIZE]; if (nextvol == 1) { tapesread = 0; gettingfile = 0; } prevtapea = tapeaddr; savecnt = blksread; if (pipein) { if (nextvol != 1) { panic("Changing volumes on pipe input?\n"); /* Avoid looping if we couldn't ask the user. */ if (yflag || ferror(terminal) || feof(terminal)) done(1); } if (volno == 1) return; newvol = 0; goto gethdr; } again: if (pipein) done(1); /* pipes do not get a second chance */ if (command == 'R' || command == 'r' || curfile.action != SKIP) newvol = nextvol; else newvol = 0; while (newvol <= 0) { if (tapesread == 0) { fprintf(stderr, "%s%s%s%s%s%s%s", "You have not read any tapes yet.\n", "If you are extracting just a few files,", " start with the last volume\n", "and work towards the first; restore", " can quickly skip tapes that\n", "have no further files to extract.", " Otherwise, begin with volume 1.\n"); } else { fprintf(stderr, "You have read volumes"); strcpy(buf, ": "); for (i = 0; i < 32; i++) if (tapesread & (1 << i)) { fprintf(stderr, "%s%ld", buf, i + 1); strcpy(buf, ", "); } fprintf(stderr, "\n"); } do { fprintf(stderr, "Specify next volume #: "); (void) fflush(stderr); if (fgets(buf, BUFSIZ, terminal) == NULL) done(1); } while (buf[0] == '\n'); newvol = atoi(buf); if (newvol <= 0) { fprintf(stderr, "Volume numbers are positive numerics\n"); } } if (newvol == volno) { tapesread |= 1 << (volno - 1); return; } closemt(); fprintf(stderr, "Mount tape volume %ld\n", newvol); fprintf(stderr, "Enter ``none'' if there are no more tapes\n"); fprintf(stderr, "otherwise enter tape name (default: %s) ", magtape); (void) fflush(stderr); if (fgets(buf, BUFSIZ, terminal) == NULL) done(1); if (!strcmp(buf, "none\n")) { terminateinput(); return; } if (buf[0] != '\n') { (void) strcpy(magtape, buf); magtape[strlen(magtape) - 1] = '\0'; } if (pipecmdin) { char volno[sizeof("2147483647")]; (void)sprintf(volno, "%ld", newvol); if (setenv("RESTORE_VOLUME", volno, 1) == -1) { fprintf(stderr, "Cannot set $RESTORE_VOLUME: %s\n", strerror(errno)); done(1); } popenfp = popen(magtape, "r"); mt = popenfp ? fileno(popenfp) : -1; } else #ifdef RRESTORE if (host) mt = rmtopen(magtape, 0); else #endif mt = open(magtape, O_RDONLY, 0); if (mt == -1) { fprintf(stderr, "Cannot open %s\n", magtape); volno = -1; goto again; } gethdr: volno = newvol; setdumpnum(); FLUSHTAPEBUF(); if (gethead(&tmpbuf) == FAIL) { dprintf(stdout, "header read failed at %ld blocks\n", blksread); fprintf(stderr, "tape is not dump tape\n"); volno = 0; goto again; } if (tmpbuf.c_volume != volno) { fprintf(stderr, "Wrong volume (%jd)\n", (intmax_t)tmpbuf.c_volume); volno = 0; goto again; } if (_time64_to_time(tmpbuf.c_date) != dumpdate || _time64_to_time(tmpbuf.c_ddate) != dumptime) { time_t t = _time64_to_time(tmpbuf.c_date); fprintf(stderr, "Wrong dump date\n\tgot: %s", ctime(&t)); fprintf(stderr, "\twanted: %s", ctime(&dumpdate)); volno = 0; goto again; } tapesread |= 1 << (volno - 1); blksread = savecnt; /* * If continuing from the previous volume, skip over any * blocks read already at the end of the previous volume. * * If coming to this volume at random, skip to the beginning * of the next record. */ dprintf(stdout, "last rec %jd, tape starts with %jd\n", (intmax_t)prevtapea, (intmax_t)tmpbuf.c_tapea); if (tmpbuf.c_type == TS_TAPE) { if (curfile.action != USING) { /* * XXX Dump incorrectly sets c_count to 1 in the * volume header of the first tape, so ignore * c_count when volno == 1. */ if (volno != 1) for (i = tmpbuf.c_count; i > 0; i--) readtape(buf); } else if (tmpbuf.c_tapea <= prevtapea) { /* * Normally the value of c_tapea in the volume * header is the record number of the header itself. * However in the volume header following an EOT- * terminated tape, it is the record number of the * first continuation data block (dump bug?). * * The next record we want is `prevtapea + 1'. */ i = prevtapea + 1 - tmpbuf.c_tapea; dprintf(stderr, "Skipping %ld duplicate record%s.\n", i, i > 1 ? "s" : ""); while (--i >= 0) readtape(buf); } } if (curfile.action == USING) { if (volno == 1) panic("active file into volume 1\n"); return; } (void) gethead(&spcl); findinode(&spcl); if (gettingfile) { gettingfile = 0; longjmp(restart, 1); } } /* * Handle unexpected EOF. */ static void terminateinput(void) { if (gettingfile && curfile.action == USING) { printf("Warning: %s %s\n", "End-of-input encountered while extracting", curfile.name); } curfile.name = ""; curfile.action = UNKNOWN; curfile.mode = 0; curfile.ino = maxino; if (gettingfile) { gettingfile = 0; longjmp(restart, 1); } } /* * handle multiple dumps per tape by skipping forward to the * appropriate one. */ static void setdumpnum(void) { struct mtop tcom; if (dumpnum == 1 || volno != 1) return; if (pipein) { fprintf(stderr, "Cannot have multiple dumps on pipe input\n"); done(1); } tcom.mt_op = MTFSF; tcom.mt_count = dumpnum - 1; #ifdef RRESTORE if (host) rmtioctl(MTFSF, dumpnum - 1); else #endif if (!pipecmdin && ioctl(mt, MTIOCTOP, (char *)&tcom) < 0) fprintf(stderr, "ioctl MTFSF: %s\n", strerror(errno)); } void printdumpinfo(void) { time_t t; t = _time64_to_time(spcl.c_date); fprintf(stdout, "Dump date: %s", ctime(&t)); t = _time64_to_time(spcl.c_ddate); fprintf(stdout, "Dumped from: %s", (spcl.c_ddate == 0) ? "the epoch\n" : ctime(&t)); if (spcl.c_host[0] == '\0') return; fprintf(stderr, "Level %jd dump of %s on %s:%s\n", (intmax_t)spcl.c_level, spcl.c_filesys, spcl.c_host, spcl.c_dev); fprintf(stderr, "Label: %s\n", spcl.c_label); } int extractfile(char *name) { u_int flags; uid_t uid; gid_t gid; mode_t mode; int extsize; struct timespec mtimep[2], ctimep[2]; struct entry *ep; char *buf; curfile.name = name; curfile.action = USING; mtimep[0].tv_sec = curfile.atime_sec; mtimep[0].tv_nsec = curfile.atime_nsec; mtimep[1].tv_sec = curfile.mtime_sec; mtimep[1].tv_nsec = curfile.mtime_nsec; ctimep[0].tv_sec = curfile.atime_sec; ctimep[0].tv_nsec = curfile.atime_nsec; ctimep[1].tv_sec = curfile.birthtime_sec; ctimep[1].tv_nsec = curfile.birthtime_nsec; extsize = curfile.extsize; uid = getuid(); if (uid == 0) uid = curfile.uid; gid = curfile.gid; mode = curfile.mode; flags = curfile.file_flags; switch (mode & IFMT) { default: fprintf(stderr, "%s: unknown file mode 0%o\n", name, mode); skipfile(); return (FAIL); case IFSOCK: vprintf(stdout, "skipped socket %s\n", name); skipfile(); return (GOOD); case IFDIR: if (mflag) { ep = lookupname(name); if (ep == NULL || ep->e_flags & EXTRACT) panic("unextracted directory %s\n", name); skipfile(); return (GOOD); } vprintf(stdout, "extract file %s\n", name); return (genliteraldir(name, curfile.ino)); case IFLNK: lnkbuf[0] = '\0'; pathlen = 0; buf = setupextattr(extsize); getfile(xtrlnkfile, xtrattr, xtrlnkskip); if (pathlen == 0) { vprintf(stdout, "%s: zero length symbolic link (ignored)\n", name); return (GOOD); } if (linkit(lnkbuf, name, SYMLINK) == GOOD) { (void) lchown(name, uid, gid); (void) lchmod(name, mode); if (extsize > 0) set_extattr(-1, name, buf, extsize, SXA_LINK); (void) utimensat(AT_FDCWD, name, ctimep, AT_SYMLINK_NOFOLLOW); (void) utimensat(AT_FDCWD, name, mtimep, AT_SYMLINK_NOFOLLOW); (void) lchflags(name, flags); return (GOOD); } return (FAIL); case IFIFO: vprintf(stdout, "extract fifo %s\n", name); if (Nflag) { skipfile(); return (GOOD); } if (uflag) (void) unlink(name); if (mkfifo(name, 0600) < 0) { fprintf(stderr, "%s: cannot create fifo: %s\n", name, strerror(errno)); skipfile(); return (FAIL); } (void) chown(name, uid, gid); (void) chmod(name, mode); if (extsize == 0) { skipfile(); } else { buf = setupextattr(extsize); getfile(xtrnull, xtrattr, xtrnull); set_extattr(-1, name, buf, extsize, SXA_FILE); } (void) utimensat(AT_FDCWD, name, ctimep, 0); (void) utimensat(AT_FDCWD, name, mtimep, 0); (void) chflags(name, flags); return (GOOD); case IFCHR: case IFBLK: vprintf(stdout, "extract special file %s\n", name); if (Nflag) { skipfile(); return (GOOD); } if (uflag) (void) unlink(name); if (mknod(name, (mode & (IFCHR | IFBLK)) | 0600, (int)curfile.rdev) < 0) { fprintf(stderr, "%s: cannot create special file: %s\n", name, strerror(errno)); skipfile(); return (FAIL); } (void) chown(name, uid, gid); (void) chmod(name, mode); if (extsize == 0) { skipfile(); } else { buf = setupextattr(extsize); getfile(xtrnull, xtrattr, xtrnull); set_extattr(-1, name, buf, extsize, SXA_FILE); } (void) utimensat(AT_FDCWD, name, ctimep, 0); (void) utimensat(AT_FDCWD, name, mtimep, 0); (void) chflags(name, flags); return (GOOD); case IFREG: vprintf(stdout, "extract file %s\n", name); if (Nflag) { skipfile(); return (GOOD); } if (uflag) (void) unlink(name); if ((ofile = open(name, O_WRONLY | O_CREAT | O_TRUNC, 0600)) < 0) { fprintf(stderr, "%s: cannot create file: %s\n", name, strerror(errno)); skipfile(); return (FAIL); } (void) fchown(ofile, uid, gid); (void) fchmod(ofile, mode); buf = setupextattr(extsize); getfile(xtrfile, xtrattr, xtrskip); if (extsize > 0) set_extattr(ofile, name, buf, extsize, SXA_FD); (void) futimens(ofile, ctimep); (void) futimens(ofile, mtimep); (void) fchflags(ofile, flags); (void) close(ofile); return (GOOD); } /* NOTREACHED */ } /* * Set attributes on a file descriptor, link, or file. */ void set_extattr(int fd, char *name, void *buf, int size, enum set_extattr_mode mode) { struct extattr *eap, *eaend; const char *method; ssize_t res; int error; char eaname[EXTATTR_MAXNAMELEN + 1]; vprintf(stdout, "Set attributes for %s:", name); eaend = buf + size; for (eap = buf; eap < eaend; eap = EXTATTR_NEXT(eap)) { /* * Make sure this entry is complete. */ if (EXTATTR_NEXT(eap) > eaend || eap->ea_length <= 0) { dprintf(stdout, "\n\t%scorrupted", eap == buf ? "" : "remainder "); break; } if (eap->ea_namespace == EXTATTR_NAMESPACE_EMPTY) continue; snprintf(eaname, sizeof(eaname), "%.*s", (int)eap->ea_namelength, eap->ea_name); vprintf(stdout, "\n\t%s, (%d bytes), %s", namespace_names[eap->ea_namespace], eap->ea_length, eaname); /* * First we try the general attribute setting interface. * However, some attributes can only be set by root or * by using special interfaces (for example, ACLs). */ if (mode == SXA_FD) { res = extattr_set_fd(fd, eap->ea_namespace, eaname, EXTATTR_CONTENT(eap), EXTATTR_CONTENT_SIZE(eap)); method = "extattr_set_fd"; } else if (mode == SXA_LINK) { res = extattr_set_link(name, eap->ea_namespace, eaname, EXTATTR_CONTENT(eap), EXTATTR_CONTENT_SIZE(eap)); method = "extattr_set_link"; } else if (mode == SXA_FILE) { res = extattr_set_file(name, eap->ea_namespace, eaname, EXTATTR_CONTENT(eap), EXTATTR_CONTENT_SIZE(eap)); method = "extattr_set_file"; } if (res != -1) { dprintf(stdout, " (set using %s)", method); continue; } /* * If the general interface refuses to set the attribute, * then we try all the specialized interfaces that we * know about. */ if (eap->ea_namespace == EXTATTR_NAMESPACE_SYSTEM && strcmp(eaname, POSIX1E_ACL_ACCESS_EXTATTR_NAME) == 0) { if (mode == SXA_FD) { error = acl_set_fd(fd, EXTATTR_CONTENT(eap)); method = "acl_set_fd"; } else if (mode == SXA_LINK) { error = acl_set_link_np(name, ACL_TYPE_ACCESS, EXTATTR_CONTENT(eap)); method = "acl_set_link_np"; } else if (mode == SXA_FILE) { error = acl_set_file(name, ACL_TYPE_ACCESS, EXTATTR_CONTENT(eap)); method = "acl_set_file"; } if (error != -1) { dprintf(stdout, " (set using %s)", method); continue; } } if (eap->ea_namespace == EXTATTR_NAMESPACE_SYSTEM && strcmp(eaname, POSIX1E_ACL_DEFAULT_EXTATTR_NAME) == 0) { if (mode == SXA_LINK) { error = acl_set_link_np(name, ACL_TYPE_DEFAULT, EXTATTR_CONTENT(eap)); method = "acl_set_link_np"; } else { error = acl_set_file(name, ACL_TYPE_DEFAULT, EXTATTR_CONTENT(eap)); method = "acl_set_file"; } if (error != -1) { dprintf(stdout, " (set using %s)", method); continue; } } vprintf(stdout, " (unable to set)"); } vprintf(stdout, "\n"); } /* * skip over bit maps on the tape */ void skipmaps(void) { while (spcl.c_type == TS_BITS || spcl.c_type == TS_CLRI) skipfile(); } /* * skip over a file on the tape */ void skipfile(void) { curfile.action = SKIP; getfile(xtrnull, xtrnull, xtrnull); } /* * Skip a hole in an output file */ static void skiphole(void (*skip)(char *, size_t), size_t *seekpos) { char buf[MAXBSIZE]; if (*seekpos > 0) { (*skip)(buf, *seekpos); *seekpos = 0; } } /* * Extract a file from the tape. * When an allocated block is found it is passed to the fill function; * when an unallocated block (hole) is found, a zeroed buffer is passed * to the skip function. */ void getfile(void (*datafill)(char *, size_t), void (*attrfill)(char *, size_t), void (*skip)(char *, size_t)) { int i; volatile off_t size; size_t seekpos; int curblk, attrsize; void (*fillit)(char *, size_t); char buf[MAXBSIZE / TP_BSIZE][TP_BSIZE]; char junk[TP_BSIZE]; curblk = 0; size = spcl.c_size; seekpos = 0; attrsize = spcl.c_extsize; if (spcl.c_type == TS_END) panic("ran off end of tape\n"); if (spcl.c_magic != FS_UFS2_MAGIC) panic("not at beginning of a file\n"); if (!gettingfile && setjmp(restart) != 0) return; gettingfile++; fillit = datafill; if (size == 0 && attrsize > 0) { fillit = attrfill; size = attrsize; attrsize = 0; } loop: for (i = 0; i < spcl.c_count; i++) { if (!readmapflag && i > TP_NINDIR) { if (Dflag) { fprintf(stderr, "spcl.c_count = %jd\n", (intmax_t)spcl.c_count); break; } else panic("spcl.c_count = %jd\n", (intmax_t)spcl.c_count); } if (readmapflag || spcl.c_addr[i]) { readtape(&buf[curblk++][0]); if (curblk == fssize / TP_BSIZE) { skiphole(skip, &seekpos); (*fillit)((char *)buf, (long)(size > TP_BSIZE ? fssize : (curblk - 1) * TP_BSIZE + size)); curblk = 0; } } else { if (curblk > 0) { skiphole(skip, &seekpos); (*fillit)((char *)buf, (long)(size > TP_BSIZE ? curblk * TP_BSIZE : (curblk - 1) * TP_BSIZE + size)); curblk = 0; } /* * We have a block of a hole. Don't skip it * now, because there may be next adjacent * block of the hole in the file. Postpone the * seek until next file write. */ seekpos += (long)MIN(TP_BSIZE, size); } if ((size -= TP_BSIZE) <= 0) { if (size > -TP_BSIZE && curblk > 0) { skiphole(skip, &seekpos); (*fillit)((char *)buf, (long)((curblk * TP_BSIZE) + size)); curblk = 0; } if (attrsize > 0) { fillit = attrfill; size = attrsize; attrsize = 0; continue; } if (spcl.c_count - i > 1) dprintf(stdout, "skipping %d junk block(s)\n", spcl.c_count - i - 1); for (i++; i < spcl.c_count; i++) { if (!readmapflag && i > TP_NINDIR) { if (Dflag) { fprintf(stderr, "spcl.c_count = %jd\n", (intmax_t)spcl.c_count); break; } else panic("spcl.c_count = %jd\n", (intmax_t)spcl.c_count); } if (readmapflag || spcl.c_addr[i]) readtape(junk); } break; } } if (gethead(&spcl) == GOOD && size > 0) { if (spcl.c_type == TS_ADDR) goto loop; dprintf(stdout, "Missing address (header) block for %s at %ld blocks\n", curfile.name, blksread); } if (curblk > 0) panic("getfile: lost data\n"); findinode(&spcl); gettingfile = 0; } /* * These variables are shared between the next two functions. */ static int extbufsize = 0; static char *extbuf; static int extloc; /* * Allocate a buffer into which to extract extended attributes. */ static char * setupextattr(int extsize) { extloc = 0; if (extsize <= extbufsize) return (extbuf); if (extbufsize > 0) free(extbuf); if ((extbuf = malloc(extsize)) != NULL) { extbufsize = extsize; return (extbuf); } extbufsize = 0; extbuf = NULL; fprintf(stderr, "Cannot extract %d bytes %s for inode %ju, name %s\n", extsize, "of extended attributes", (uintmax_t)curfile.ino, curfile.name); return (NULL); } /* * Extract the next block of extended attributes. */ static void xtrattr(char *buf, size_t size) { if (extloc + size > extbufsize) panic("overrun attribute buffer\n"); memmove(&extbuf[extloc], buf, size); extloc += size; } /* * Write out the next block of a file. */ static void xtrfile(char *buf, size_t size) { if (Nflag) return; if (write(ofile, buf, (int) size) == -1) { fprintf(stderr, "write error extracting inode %ju, name %s\nwrite: %s\n", (uintmax_t)curfile.ino, curfile.name, strerror(errno)); } } /* * Skip over a hole in a file. */ /* ARGSUSED */ static void xtrskip(char *buf, size_t size) { if (lseek(ofile, size, SEEK_CUR) == -1) { fprintf(stderr, "seek error extracting inode %ju, name %s\nlseek: %s\n", (uintmax_t)curfile.ino, curfile.name, strerror(errno)); done(1); } } /* * Collect the next block of a symbolic link. */ static void xtrlnkfile(char *buf, size_t size) { pathlen += size; if (pathlen > MAXPATHLEN) { fprintf(stderr, "symbolic link name: %s->%s%s; too long %d\n", curfile.name, lnkbuf, buf, pathlen); done(1); } (void) strcat(lnkbuf, buf); } /* * Skip over a hole in a symbolic link (should never happen). */ /* ARGSUSED */ static void xtrlnkskip(char *buf, size_t size) { fprintf(stderr, "unallocated block in symbolic link %s\n", curfile.name); done(1); } /* * Collect the next block of a bit map. */ static void xtrmap(char *buf, size_t size) { memmove(map, buf, size); map += size; } /* * Skip over a hole in a bit map (should never happen). */ /* ARGSUSED */ static void xtrmapskip(char *buf, size_t size) { panic("hole in map\n"); map += size; } /* * Noop, when an extraction function is not needed. */ /* ARGSUSED */ void xtrnull(char *buf, size_t size) { return; } /* * Read TP_BSIZE blocks from the input. * Handle read errors, and end of media. */ static void readtape(char *buf) { long rd, newvol, i, oldnumtrec; int cnt, seek_failed; if (blkcnt + (byteslide > 0) < numtrec) { memmove(buf, &tapebuf[(blkcnt++ * TP_BSIZE) + byteslide], (long)TP_BSIZE); blksread++; tapeaddr++; return; } if (numtrec > 0) memmove(&tapebuf[-TP_BSIZE], &tapebuf[(numtrec-1) * TP_BSIZE], (long)TP_BSIZE); oldnumtrec = numtrec; for (i = 0; i < ntrec; i++) ((struct s_spcl *)&tapebuf[i * TP_BSIZE])->c_magic = 0; if (numtrec == 0) numtrec = ntrec; cnt = ntrec * TP_BSIZE; rd = 0; getmore: #ifdef RRESTORE if (host) i = rmtread(&tapebuf[rd], cnt); else #endif i = read(mt, &tapebuf[rd], cnt); /* * Check for mid-tape short read error. * If found, skip rest of buffer and start with the next. */ if (!pipein && !pipecmdin && numtrec < ntrec && i > 0) { dprintf(stdout, "mid-media short read error.\n"); numtrec = ntrec; } /* * Handle partial block read. */ if ((pipein || pipecmdin) && i == 0 && rd > 0) i = rd; else if (i > 0 && i != ntrec * TP_BSIZE) { if (pipein || pipecmdin) { rd += i; cnt -= i; if (cnt > 0) goto getmore; i = rd; } else { /* * Short read. Process the blocks read. */ if (i % TP_BSIZE != 0) vprintf(stdout, "partial block read: %ld should be %ld\n", i, ntrec * TP_BSIZE); numtrec = i / TP_BSIZE; } } /* * Handle read error. */ if (i < 0) { fprintf(stderr, "Tape read error while "); switch (curfile.action) { default: fprintf(stderr, "trying to set up tape\n"); break; case UNKNOWN: fprintf(stderr, "trying to resynchronize\n"); break; case USING: fprintf(stderr, "restoring %s\n", curfile.name); break; case SKIP: fprintf(stderr, "skipping over inode %ju\n", (uintmax_t)curfile.ino); break; } if (!yflag && !reply("continue")) done(1); i = ntrec * TP_BSIZE; memset(tapebuf, 0, i); #ifdef RRESTORE if (host) seek_failed = (rmtseek(i, 1) < 0); else #endif seek_failed = (lseek(mt, i, SEEK_CUR) == (off_t)-1); if (seek_failed) { fprintf(stderr, "continuation failed: %s\n", strerror(errno)); done(1); } } /* * Handle end of tape. */ if (i == 0) { vprintf(stdout, "End-of-tape encountered\n"); if (!pipein) { newvol = volno + 1; volno = 0; numtrec = 0; getvol(newvol); readtape(buf); return; } if (rd % TP_BSIZE != 0) panic("partial block read: %ld should be %ld\n", rd, ntrec * TP_BSIZE); terminateinput(); memmove(&tapebuf[rd], &endoftapemark, (long)TP_BSIZE); } if (oldnumtrec == 0) blkcnt = 0; else blkcnt -= oldnumtrec; memmove(buf, &tapebuf[(blkcnt++ * TP_BSIZE) + byteslide], (long)TP_BSIZE); blksread++; tapeaddr++; } static void findtapeblksize(void) { long i; for (i = 0; i < ntrec; i++) ((struct s_spcl *)&tapebuf[i * TP_BSIZE])->c_magic = 0; blkcnt = 0; #ifdef RRESTORE if (host) i = rmtread(tapebuf, ntrec * TP_BSIZE); else #endif i = read(mt, tapebuf, ntrec * TP_BSIZE); if (i <= 0) { fprintf(stderr, "tape read error: %s\n", strerror(errno)); done(1); } if (i % TP_BSIZE != 0) { fprintf(stderr, "Tape block size (%ld) %s (%d)\n", i, "is not a multiple of dump block size", TP_BSIZE); done(1); } ntrec = i / TP_BSIZE; numtrec = ntrec; vprintf(stdout, "Tape block size is %ld\n", ntrec); } void closemt(void) { if (mt < 0) return; if (pipecmdin) { pclose(popenfp); popenfp = NULL; } else #ifdef RRESTORE if (host) rmtclose(); else #endif (void) close(mt); } /* * Read the next block from the tape. * If it is not any valid header, return an error. */ static int gethead(struct s_spcl *buf) { long i; readtape((char *)buf); if (buf->c_magic != FS_UFS2_MAGIC && buf->c_magic != NFS_MAGIC) { if (buf->c_magic == OFS_MAGIC) { fprintf(stderr, "Format of dump tape is too old. Must use\n"); fprintf(stderr, "a version of restore from before 2002.\n"); return (FAIL); } if (swabl(buf->c_magic) != FS_UFS2_MAGIC && swabl(buf->c_magic) != NFS_MAGIC) { if (swabl(buf->c_magic) == OFS_MAGIC) { fprintf(stderr, "Format of dump tape is too old. Must use\n"); fprintf(stderr, "a version of restore from before 2002.\n"); } return (FAIL); } if (!Bcvt) { vprintf(stdout, "Note: Doing Byte swapping\n"); Bcvt = 1; } } if (checksum((int *)buf) == FAIL) return (FAIL); if (Bcvt) { swabst((u_char *)"8l4s1q8l2q17l", (u_char *)buf); swabst((u_char *)"l",(u_char *) &buf->c_level); swabst((u_char *)"2l4q",(u_char *) &buf->c_flags); } readmapflag = 0; switch (buf->c_type) { case TS_CLRI: case TS_BITS: /* * Have to patch up missing information in bit map headers */ buf->c_size = buf->c_count * TP_BSIZE; if (buf->c_count > TP_NINDIR) readmapflag = 1; else for (i = 0; i < buf->c_count; i++) buf->c_addr[i]++; /* FALL THROUGH */ case TS_TAPE: if (buf->c_magic == NFS_MAGIC && (buf->c_flags & NFS_DR_NEWINODEFMT) == 0) oldinofmt = 1; /* FALL THROUGH */ case TS_END: buf->c_inumber = 0; /* FALL THROUGH */ case TS_ADDR: case TS_INODE: /* * For old dump tapes, have to copy up old fields to * new locations. */ if (buf->c_magic == NFS_MAGIC) { buf->c_tapea = buf->c_old_tapea; buf->c_firstrec = buf->c_old_firstrec; buf->c_date = _time32_to_time(buf->c_old_date); buf->c_ddate = _time32_to_time(buf->c_old_ddate); buf->c_atime = _time32_to_time(buf->c_old_atime); buf->c_mtime = _time32_to_time(buf->c_old_mtime); buf->c_birthtime = 0; buf->c_birthtimensec = 0; buf->c_extsize = 0; } break; default: panic("gethead: unknown inode type %d\n", buf->c_type); break; } if (dumpdate != 0 && _time64_to_time(buf->c_date) != dumpdate) fprintf(stderr, "Header with wrong dumpdate.\n"); /* * If we're restoring a filesystem with the old (FreeBSD 1) * format inodes, copy the uid/gid to the new location */ if (oldinofmt) { buf->c_uid = buf->c_spare1[1]; buf->c_gid = buf->c_spare1[2]; } buf->c_magic = FS_UFS2_MAGIC; tapeaddr = buf->c_tapea; if (dflag) accthdr(buf); return(GOOD); } /* * Check that a header is where it belongs and predict the next header */ static void accthdr(struct s_spcl *header) { static ino_t previno = 0x7fffffff; static int prevtype; static long predict; long blks, i; if (header->c_type == TS_TAPE) { fprintf(stderr, "Volume header "); if (header->c_firstrec) fprintf(stderr, "begins with record %jd", (intmax_t)header->c_firstrec); fprintf(stderr, "\n"); previno = 0x7fffffff; return; } if (previno == 0x7fffffff) goto newcalc; switch (prevtype) { case TS_BITS: fprintf(stderr, "Dumped inodes map header"); break; case TS_CLRI: fprintf(stderr, "Used inodes map header"); break; case TS_INODE: fprintf(stderr, "File header, ino %ju", (uintmax_t)previno); break; case TS_ADDR: fprintf(stderr, "File continuation header, ino %ju", (uintmax_t)previno); break; case TS_END: fprintf(stderr, "End of tape header"); break; } if (predict != blksread - 1) fprintf(stderr, "; predicted %ld blocks, got %ld blocks", predict, blksread - 1); fprintf(stderr, "\n"); newcalc: blks = 0; if (header->c_type != TS_END) for (i = 0; i < header->c_count; i++) if (readmapflag || header->c_addr[i] != 0) blks++; predict = blks; blksread = 0; prevtype = header->c_type; previno = header->c_inumber; } /* * Find an inode header. * Complain if had to skip. */ static void findinode(struct s_spcl *header) { static long skipcnt = 0; long i; char buf[TP_BSIZE]; int htype; curfile.name = ""; curfile.action = UNKNOWN; curfile.mode = 0; curfile.ino = 0; do { htype = header->c_type; switch (htype) { case TS_ADDR: /* * Skip up to the beginning of the next record */ for (i = 0; i < header->c_count; i++) if (header->c_addr[i]) readtape(buf); while (gethead(header) == FAIL || _time64_to_time(header->c_date) != dumpdate) { skipcnt++; if (Dflag) { byteslide++; if (byteslide < TP_BSIZE) { blkcnt--; blksread--; } else byteslide = 0; } } break; case TS_INODE: curfile.mode = header->c_mode; curfile.uid = header->c_uid; curfile.gid = header->c_gid; curfile.file_flags = header->c_file_flags; curfile.rdev = header->c_rdev; curfile.atime_sec = header->c_atime; curfile.atime_nsec = header->c_atimensec; curfile.mtime_sec = header->c_mtime; curfile.mtime_nsec = header->c_mtimensec; curfile.birthtime_sec = header->c_birthtime; curfile.birthtime_nsec = header->c_birthtimensec; curfile.extsize = header->c_extsize; curfile.size = header->c_size; curfile.ino = header->c_inumber; break; case TS_END: /* If we missed some tapes, get another volume. */ if (tapesread & (tapesread + 1)) { getvol(0); continue; } curfile.ino = maxino; break; case TS_CLRI: curfile.name = ""; break; case TS_BITS: curfile.name = ""; break; case TS_TAPE: if (Dflag) fprintf(stderr, "unexpected tape header\n"); else panic("unexpected tape header\n"); default: if (Dflag) fprintf(stderr, "unknown tape header type %d\n", spcl.c_type); else panic("unknown tape header type %d\n", spcl.c_type); while (gethead(header) == FAIL || _time64_to_time(header->c_date) != dumpdate) { skipcnt++; if (Dflag) { byteslide++; if (byteslide < TP_BSIZE) { blkcnt--; blksread--; } else byteslide = 0; } } } } while (htype == TS_ADDR); if (skipcnt > 0) fprintf(stderr, "resync restore, skipped %ld %s\n", skipcnt, Dflag ? "bytes" : "blocks"); skipcnt = 0; } static int checksum(int *buf) { int i, j; j = sizeof(union u_spcl) / sizeof(int); i = 0; if (!Bcvt) { do i += *buf++; while (--j); } else { /* What happens if we want to read restore tapes for a 16bit int machine??? */ do i += swabl(*buf++); while (--j); } if (i != CHECKSUM) { fprintf(stderr, "Checksum error %o, inode %ju file %s\n", i, (uintmax_t)curfile.ino, curfile.name); return(FAIL); } return(GOOD); } #ifdef RRESTORE #include void msg(const char *fmt, ...) { va_list ap; va_start(ap, fmt); (void)vfprintf(stderr, fmt, ap); va_end(ap); } #endif /* RRESTORE */ static u_char * swabshort(u_char *sp, int n) { char c; while (--n >= 0) { c = sp[0]; sp[0] = sp[1]; sp[1] = c; sp += 2; } return (sp); } static u_char * swablong(u_char *sp, int n) { char c; while (--n >= 0) { c = sp[0]; sp[0] = sp[3]; sp[3] = c; c = sp[2]; sp[2] = sp[1]; sp[1] = c; sp += 4; } return (sp); } static u_char * swabquad(u_char *sp, int n) { char c; while (--n >= 0) { c = sp[0]; sp[0] = sp[7]; sp[7] = c; c = sp[1]; sp[1] = sp[6]; sp[6] = c; c = sp[2]; sp[2] = sp[5]; sp[5] = c; c = sp[3]; sp[3] = sp[4]; sp[4] = c; sp += 8; } return (sp); } void swabst(u_char *cp, u_char *sp) { int n = 0; while (*cp) { switch (*cp) { case '0': case '1': case '2': case '3': case '4': case '5': case '6': case '7': case '8': case '9': n = (n * 10) + (*cp++ - '0'); continue; case 's': case 'w': case 'h': if (n == 0) n = 1; sp = swabshort(sp, n); break; case 'l': if (n == 0) n = 1; sp = swablong(sp, n); break; case 'q': if (n == 0) n = 1; sp = swabquad(sp, n); break; case 'b': if (n == 0) n = 1; sp += n; break; default: fprintf(stderr, "Unknown conversion character: %c\n", *cp); done(0); break; } cp++; n = 0; } } static u_long swabl(u_long x) { swabst((u_char *)"l", (u_char *)&x); return (x); } diff --git a/sbin/restore/utilities.c b/sbin/restore/utilities.c index d95330f6de4a..50d080d24dae 100644 --- a/sbin/restore/utilities.c +++ b/sbin/restore/utilities.c @@ -1,422 +1,419 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1983, 1993 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #ifndef lint -#if 0 -static char sccsid[] = "@(#)utilities.c 8.5 (Berkeley) 4/28/95"; -#endif #endif /* not lint */ #include #include #include #include #include #include #include #include #include #include #include "restore.h" #include "extern.h" /* * Insure that all the components of a pathname exist. */ void pathcheck(char *name) { char *cp; struct entry *ep; char *start; start = strchr(name, '/'); if (start == NULL) return; for (cp = start; *cp != '\0'; cp++) { if (*cp != '/') continue; *cp = '\0'; ep = lookupname(name); if (ep == NULL) { /* Safe; we know the pathname exists in the dump. */ ep = addentry(name, pathsearch(name)->d_ino, NODE); newnode(ep); } ep->e_flags |= NEW|KEEP; *cp = '/'; } } /* * Change a name to a unique temporary name. */ void mktempname(struct entry *ep) { char oldname[MAXPATHLEN]; if (ep->e_flags & TMPNAME) badentry(ep, "mktempname: called with TMPNAME"); ep->e_flags |= TMPNAME; (void) strcpy(oldname, myname(ep)); freename(ep->e_name); ep->e_name = savename(gentempname(ep)); ep->e_namlen = strlen(ep->e_name); renameit(oldname, myname(ep)); } /* * Generate a temporary name for an entry. */ char * gentempname(struct entry *ep) { static char name[MAXPATHLEN]; struct entry *np; long i = 0; for (np = lookupino(ep->e_ino); np != NULL && np != ep; np = np->e_links) i++; if (np == NULL) badentry(ep, "not on ino list"); (void) sprintf(name, "%s%ld%lu", TMPHDR, i, (u_long)ep->e_ino); return (name); } /* * Rename a file or directory. */ void renameit(char *from, char *to) { if (!Nflag && rename(from, to) < 0) { fprintf(stderr, "warning: cannot rename %s to %s: %s\n", from, to, strerror(errno)); return; } vprintf(stdout, "rename %s to %s\n", from, to); } /* * Create a new node (directory). */ void newnode(struct entry *np) { char *cp; if (np->e_type != NODE) badentry(np, "newnode: not a node"); cp = myname(np); if (!Nflag && mkdir(cp, 0777) < 0 && !uflag) { np->e_flags |= EXISTED; fprintf(stderr, "warning: %s: %s\n", cp, strerror(errno)); return; } vprintf(stdout, "Make node %s\n", cp); } /* * Remove an old node (directory). */ void removenode(struct entry *ep) { char *cp; if (ep->e_type != NODE) badentry(ep, "removenode: not a node"); if (ep->e_entries != NULL) badentry(ep, "removenode: non-empty directory"); ep->e_flags |= REMOVED; ep->e_flags &= ~TMPNAME; cp = myname(ep); if (!Nflag && rmdir(cp) < 0) { fprintf(stderr, "warning: %s: %s\n", cp, strerror(errno)); return; } vprintf(stdout, "Remove node %s\n", cp); } /* * Remove a leaf. */ void removeleaf(struct entry *ep) { char *cp; if (ep->e_type != LEAF) badentry(ep, "removeleaf: not a leaf"); ep->e_flags |= REMOVED; ep->e_flags &= ~TMPNAME; cp = myname(ep); if (!Nflag && unlink(cp) < 0) { fprintf(stderr, "warning: %s: %s\n", cp, strerror(errno)); return; } vprintf(stdout, "Remove leaf %s\n", cp); } /* * Create a link. */ int linkit(char *existing, char *new, int type) { /* if we want to unlink first, do it now so *link() won't fail */ if (uflag && !Nflag) (void)unlink(new); if (type == SYMLINK) { if (!Nflag && symlink(existing, new) < 0) { fprintf(stderr, "warning: cannot create symbolic link %s->%s: %s\n", new, existing, strerror(errno)); return (FAIL); } } else if (type == HARDLINK) { int ret; if (!Nflag && (ret = link(existing, new)) < 0) { struct stat s; /* * Most likely, the schg flag is set. Clear the * flags and try again. */ if (stat(existing, &s) == 0 && s.st_flags != 0 && chflags(existing, 0) == 0) { ret = link(existing, new); chflags(existing, s.st_flags); } if (ret < 0) { fprintf(stderr, "warning: cannot create " "hard link %s->%s: %s\n", new, existing, strerror(errno)); return (FAIL); } } } else { panic("linkit: unknown type %d\n", type); return (FAIL); } vprintf(stdout, "Create %s link %s->%s\n", type == SYMLINK ? "symbolic" : "hard", new, existing); return (GOOD); } /* * Create a whiteout. */ int addwhiteout(char *name) { if (!Nflag && mknod(name, S_IFWHT, 0) < 0) { fprintf(stderr, "warning: cannot create whiteout %s: %s\n", name, strerror(errno)); return (FAIL); } vprintf(stdout, "Create whiteout %s\n", name); return (GOOD); } /* * Delete a whiteout. */ void delwhiteout(struct entry *ep) { char *name; if (ep->e_type != LEAF) badentry(ep, "delwhiteout: not a leaf"); ep->e_flags |= REMOVED; ep->e_flags &= ~TMPNAME; name = myname(ep); if (!Nflag && undelete(name) < 0) { fprintf(stderr, "warning: cannot delete whiteout %s: %s\n", name, strerror(errno)); return; } vprintf(stdout, "Delete whiteout %s\n", name); } /* * find lowest number file (above "start") that needs to be extracted */ ino_t lowerbnd(ino_t start) { struct entry *ep; for ( ; start < maxino; start++) { ep = lookupino(start); if (ep == NULL || ep->e_type == NODE) continue; if (ep->e_flags & (NEW|EXTRACT)) return (start); } return (start); } /* * find highest number file (below "start") that needs to be extracted */ ino_t upperbnd(ino_t start) { struct entry *ep; for ( ; start > UFS_ROOTINO; start--) { ep = lookupino(start); if (ep == NULL || ep->e_type == NODE) continue; if (ep->e_flags & (NEW|EXTRACT)) return (start); } return (start); } /* * report on a badly formed entry */ void badentry(struct entry *ep, char *msg) { fprintf(stderr, "bad entry: %s\n", msg); fprintf(stderr, "name: %s\n", myname(ep)); fprintf(stderr, "parent name %s\n", myname(ep->e_parent)); if (ep->e_sibling != NULL) fprintf(stderr, "sibling name: %s\n", myname(ep->e_sibling)); if (ep->e_entries != NULL) fprintf(stderr, "next entry name: %s\n", myname(ep->e_entries)); if (ep->e_links != NULL) fprintf(stderr, "next link name: %s\n", myname(ep->e_links)); if (ep->e_next != NULL) fprintf(stderr, "next hashchain name: %s\n", myname(ep->e_next)); fprintf(stderr, "entry type: %s\n", ep->e_type == NODE ? "NODE" : "LEAF"); fprintf(stderr, "inode number: %lu\n", (u_long)ep->e_ino); panic("flags: %s\n", flagvalues(ep)); } /* * Construct a string indicating the active flag bits of an entry. */ char * flagvalues(struct entry *ep) { static char flagbuf[BUFSIZ]; (void) strcpy(flagbuf, "|NIL"); flagbuf[0] = '\0'; if (ep->e_flags & REMOVED) (void) strcat(flagbuf, "|REMOVED"); if (ep->e_flags & TMPNAME) (void) strcat(flagbuf, "|TMPNAME"); if (ep->e_flags & EXTRACT) (void) strcat(flagbuf, "|EXTRACT"); if (ep->e_flags & NEW) (void) strcat(flagbuf, "|NEW"); if (ep->e_flags & KEEP) (void) strcat(flagbuf, "|KEEP"); if (ep->e_flags & EXISTED) (void) strcat(flagbuf, "|EXISTED"); return (&flagbuf[1]); } /* * Check to see if a name is on a dump tape. */ ino_t dirlookup(const char *name) { struct direct *dp; ino_t ino; ino = ((dp = pathsearch(name)) == NULL) ? 0 : dp->d_ino; if (ino == 0 || TSTINO(ino, dumpmap) == 0) fprintf(stderr, "%s is not on the tape\n", name); return (ino); } /* * Elicit a reply. */ int reply(char *question) { int c; do { fprintf(stderr, "%s? [yn] ", question); (void) fflush(stderr); c = getc(terminal); while (c != '\n' && getc(terminal) != '\n') if (c == EOF) return (FAIL); } while (c != 'y' && c != 'n'); if (c == 'y') return (GOOD); return (FAIL); } /* * handle unexpected inconsistencies */ #include void panic(const char *fmt, ...) { va_list ap; va_start(ap, fmt); vfprintf(stderr, fmt, ap); va_end(ap); if (yflag) return; if (reply("abort") == GOOD) { if (reply("dump core") == GOOD) abort(); done(1); } } diff --git a/sbin/route/Makefile b/sbin/route/Makefile index 7685a2fecd64..b0a0670e4629 100644 --- a/sbin/route/Makefile +++ b/sbin/route/Makefile @@ -1,41 +1,40 @@ -# @(#)Makefile 8.1 (Berkeley) 6/5/93 .include PACKAGE=runtime PROG= route MAN= route.8 SRCS= route.c keywords.h WARNS?= 3 CLEANFILES+=keywords.h CFLAGS+= -DNS .if ${MK_INET_SUPPORT} != "no" CFLAGS+= -DINET .endif .if ${MK_INET6_SUPPORT} != "no" CFLAGS+= -DINET6 .endif CFLAGS+= -I. .if ${MK_NETLINK_SUPPORT} != "no" SRCS+= route_netlink.c .else CFLAGS+=-DWITHOUT_NETLINK .endif .if ${MK_JAIL} != "no" && !defined(RESCUE) CFLAGS+= -DJAIL LIBADD+= jail .endif HAS_TESTS= SUBDIR.${MK_TESTS}+= tests keywords.h: keywords LC_ALL=C awk '!/^#|^$$/ { \ printf "#define\tK_%s\t%d\n\t{\"%s\", K_%s},\n", \ toupper($$1), ++L, $$1, toupper($$1); \ }' < ${.CURDIR}/keywords > ${.TARGET} || (rm -f ${.TARGET}; false) .include diff --git a/sbin/route/keywords b/sbin/route/keywords index 496fb8b95e2e..cbd8799ffb6b 100644 --- a/sbin/route/keywords +++ b/sbin/route/keywords @@ -1,56 +1,55 @@ -# @(#)keywords 8.2 (Berkeley) 3/19/94 4 6 add blackhole change cloning del delete dst expire fib flush gateway genmask get host hopcount iface interface ifa ifp inet inet6 iso link llinfo lock lockrest mask monitor mtu net netmask nostatic nostick osi prefixlen proto1 proto2 proxy recvpipe reject rtt rttvar sa sendpipe show ssthresh static sticky weight x25 xns xresolve diff --git a/sbin/route/route.8 b/sbin/route/route.8 index 4eccd511f0cc..08d5aae36b28 100644 --- a/sbin/route/route.8 +++ b/sbin/route/route.8 @@ -1,570 +1,568 @@ .\" Copyright (c) 1983, 1991, 1993 .\" The Regents of the University of California. All rights reserved. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: .\" 1. Redistributions of source code must retain the above copyright .\" notice, this list of conditions and the following disclaimer. .\" 2. Redistributions in binary form must reproduce the above copyright .\" notice, this list of conditions and the following disclaimer in the .\" documentation and/or other materials provided with the distribution. .\" 3. Neither the name of the University nor the names of its contributors .\" may be used to endorse or promote products derived from this software .\" without specific prior written permission. .\" .\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE .\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" @(#)route.8 8.3 (Berkeley) 3/19/94 -.\" .Dd June 16, 2023 .Dt ROUTE 8 .Os .Sh NAME .Nm route .Nd manually manipulate the routing tables .Sh SYNOPSIS .Nm .Op Fl j Ar jail .Op Fl dnqtv .Ar command .Oo .Op Ar modifiers .Ar args .Oc .Sh DESCRIPTION The .Nm utility is used to manually manipulate the network routing tables. It normally is not needed, as a system routing table management daemon, such as .Xr routed 8 , should tend to this task. .Pp The .Nm utility supports a limited number of general options, but a rich command language, enabling the user to specify any arbitrary request that could be delivered via the programmatic interface discussed in .Xr route 4 . .Pp The following options are available: .Bl -tag -width indent .It Fl 4 Specify .Cm inet address family as family hint for subcommands. .It Fl 6 Specify .Cm inet6 address family as family hint for subcommands. .It Fl d Run in debug-only mode, i.e., do not actually modify the routing table. .It Fl n Bypass attempts to print host and network names symbolically when reporting actions. (The process of translating between symbolic names and numerical equivalents can be quite time consuming, and may require correct operation of the network; thus it may be expedient to forget this, especially when attempting to repair networking operations). .It Fl t Run in test-only mode. .Pa /dev/null is used instead of a socket. .It Fl v (verbose) Print additional details. .It Fl q Suppress all output from the .Cm add , change , delete , and .Cm flush commands. .It Fl j Ar jail Run inside a jail. .El .Pp The .Nm utility provides the following commands: .Pp .Bl -tag -width Fl -compact .It Cm add Add a route. .It Cm flush Remove all routes. .It Cm delete Delete a specific route. .It Cm del Another name for the .Cm delete command. .It Cm change Change aspects of a route (such as its gateway). .It Cm get Lookup and display the route for a destination. .It Cm monitor Continuously report any changes to the routing information base, routing lookup misses, or suspected network partitionings. .It Cm show Another name for the .Cm get command. .El .Pp The monitor command has the syntax: .Pp .Bd -ragged -offset indent -compact .Nm .Op Fl n .Cm monitor Op Fl fib Ar number .Ed .Pp The flush command has the syntax: .Pp .Bd -ragged -offset indent -compact .Nm .Op Fl n .Cm flush Oo Ar family Oc Op Fl fib Ar number .Ed .Pp If the .Cm flush command is specified, .Nm will ``flush'' the routing tables of all gateway entries. When the address family may is specified by any of the .Fl inet6 , or .Fl inet modifiers, only routes having destinations with addresses in the delineated family will be deleted. Additionally, .Fl 4 or .Fl 6 can be used as aliases for .Fl inet and .Fl inet6 modifiers. When a .Fl fib option is specified, the operation will be applied to the specified FIB .Pq routing table . .Pp The add command has the following syntax: .Pp .Bd -ragged -offset indent -compact .Nm .Op Fl n .Cm add .Op Fl net No \&| Fl host .Ar destination gateway .Op Ar netmask .Op Fl fib Ar number .Ed .Pp and the other commands have the following syntax: .Pp .Bd -ragged -offset indent -compact .Nm .Op Fl n .Ar command .Op Fl net No \&| Fl host .Ar destination .Op Ar gateway Op Ar netmask .Op Fl fib Ar number .Ed .Pp where .Ar destination is the destination host or network, .Ar gateway is the next-hop intermediary via which packets should be routed. Routes to a particular host may be distinguished from those to a network by interpreting the Internet address specified as the .Ar destination argument. The optional modifiers .Fl net and .Fl host force the destination to be interpreted as a network or a host, respectively. Otherwise, if the .Ar destination has a .Dq local address part of INADDR_ANY .Pq Li 0.0.0.0 , or if the .Ar destination is the symbolic name of a network, then the route is assumed to be to a network; otherwise, it is presumed to be a route to a host. Optionally, the .Ar destination could also be specified in the .Ar net Ns / Ns Ar bits format. .Pp For example, .Li 128.32 is interpreted as .Fl host Li 128.0.0.32 ; .Li 128.32.130 is interpreted as .Fl host Li 128.32.0.130 ; .Fl net Li 128.32 is interpreted as .Li 128.32.0.0 ; .Fl net Li 128.32.130 is interpreted as .Li 128.32.130.0 ; and .Li 192.168.64/20 is interpreted as .Fl net Li 192.168.64 Fl netmask Li 255.255.240.0 . .Pp A .Ar destination of .Ar default is a synonym for the default route. For .Li IPv4 it is .Fl net Fl inet Li 0.0.0.0 , and for .Li IPv6 it is .Fl net Fl inet6 Li :: . .Pp If the destination is directly reachable via an interface requiring no intermediary system to act as a gateway, the .Fl interface modifier should be specified; the gateway given is the address of this host on the common network, indicating the interface to be used for transmission. Alternately, if the interface is point to point the name of the interface itself may be given, in which case the route remains valid even if the local or remote addresses change. .Pp The optional .Fl netmask modifier is intended to achieve the effect of an OSI ESIS redirect with the netmask option, or to manually add subnet routes with netmasks different from that of the implied network interface (as would otherwise be communicated using the OSPF or ISIS routing protocols). One specifies an additional ensuing address parameter (to be interpreted as a network mask). The implicit network mask generated in the AF_INET case can be overridden by making sure this option follows the destination parameter. .Pp For .Dv AF_INET6 , the .Fl prefixlen qualifier is available instead of the .Fl mask qualifier because non-continuous masks are not allowed in IPv6. For example, .Fl prefixlen Li 32 specifies that a network mask of .Li ffff:ffff:0000:0000:0000:0000:0000:0000 will be used. The default prefixlen is 64. However, it is assumed to be 0 if .Cm default is specified for .Ar destination . Note that the qualifier works only for .Dv AF_INET6 address family. .Pp Routes have associated flags which influence operation of the protocols when sending to destinations matched by the routes. These flags may be set (or sometimes cleared) by indicating the following corresponding modifiers: .Bd -literal -xresolve RTF_XRESOLVE - emit mesg on use (for external lookup) -iface ~RTF_GATEWAY - destination is directly reachable -static RTF_STATIC - manually added route -nostatic ~RTF_STATIC - pretend route added by kernel or daemon -reject RTF_REJECT - emit an ICMP unreachable when matched -blackhole RTF_BLACKHOLE - silently discard pkts (during updates) -proto1 RTF_PROTO1 - set protocol specific routing flag #1 -proto2 RTF_PROTO2 - set protocol specific routing flag #2 .Ed .Pp The optional modifiers .Fl rtt , .Fl rttvar , .Fl sendpipe , .Fl recvpipe , .Fl mtu , .Fl hopcount , .Fl expire , and .Fl ssthresh provide initial values to quantities maintained in the routing entry by transport level protocols, such as TCP or TP4. These may be individually locked by preceding each such modifier to be locked by the .Fl lock meta-modifier, or one can specify that all ensuing metrics may be locked by the .Fl lockrest meta-modifier. .Pp Note that .Fl expire accepts expiration time of the route as the number of seconds since the Epoch .Pq see Xr time 3 . When the first character of the number is .Dq + or .Dq - , it is interpreted as a value relative to the current time. .Pp The optional modifier .Fl fib Ar number specifies that the command will be applied to a non-default FIB. The .Ar number must be smaller than the .Va net.fibs .Xr sysctl 8 MIB. When this modifier is not specified, or a negative number is specified, the default FIB shown in the .Va net.my_fibnum .Xr sysctl 8 MIB will be used. .Pp The .Ar number allows multiple FIBs by a comma-separeted list and/or range specification. The .Qq Fl fib Li 2,4,6 means the FIB number 2, 4, and 6. The .Qq Fl fib Li 1,3-5,6 means the 1, 3, 4, 5, and 6. .Pp In a .Cm change or .Cm add command where the destination and gateway are not sufficient to specify the route (as in the ISO case where several interfaces may have the same address), the .Fl ifp or .Fl ifa modifiers may be used to determine the interface or interface address. .Pp All symbolic names specified for a .Ar destination or .Ar gateway are looked up first as a host name using .Xr gethostbyname 3 . If this lookup fails, .Xr getnetbyname 3 is then used to interpret the name as that of a network. .Pp The .Nm utility uses a routing socket and the new message types .Dv RTM_ADD , RTM_DELETE , RTM_GET , and .Dv RTM_CHANGE . As such, only the super-user may modify the routing tables. .Pp .Fx provides support for scalable multipath routing. It is activated by default, but can be turned off by setting the .Va net.route.multipath .Xr sysctl 8 MIB to 0. .Pp There are multiple route lookup algorithms available. They can be configured by setting .Va net.route.algo.inet.algo for IPv4 and .Va net.route.algo.inet6.algo for IPv6 .Xr sysctl 8 MIBs. .Pp A list of available algorithms can be obtained by accessing the following .Xr sysctl 8 MIBs .Va net.route.algo.inet.algo_list for IPv4 and .Va net.route.algo.inet6.algo_list for IPv6. .Pp The following algorithms are available: .Bl -tag -width radix_lockless .It radix Base system radix backend. .It bsearch Lockless binary search in a special IP array, tailored for a small FIB with <16 routes. This algorithm is only available for IPv4. .It radix_lockless Lockless immutable radix, re-created on every rtable change, tailored for a small FIB with <1000 routes. .It dpdk_lpm DPDK DIR24-8-based lookups, lockless datastructure, optimized for large FIBs. DIR24-8 relies on a large flat lookup table (64 MB with IPv4) which is directly indexed by the more significant portion of the lookup key. In order to use the dpdk_lpm algorithm one or both of the following kernel modules must be loaded via .Xr loader.conf 5 : .Bl -tag -width dpdk_lpm6.ko -compact .It dpdk_lpm4.ko DPDK implementation for IPv4. .It dpdk_lpm6.ko DPDK implementation for IPv6. .El .It dxr IPv4 only, lockless, compressed lookup structure (below 2.5 Bytes per IPv4 prefix for large BGP FIBs) which easily fits into modern CPU cache hierarchies, lookup throughput scales linearly with CPU cores. Loadable as a kernel module at runtime or via .Xr loader.conf 5 : .Bl -tag -width fib_dxr.ko -compact .It fib_dxr.ko .El .El .Pp The algorithms are selected automatically based on the size of the routing table of the system. They can be changed, but not every algorithm performs best for every FIB size. .Sh EXIT STATUS .Ex -std .Sh EXAMPLES Add a default route to the network routing table. This will send all packets for destinations not available in the routing table to the default gateway at 192.168.1.1: .Pp .Dl route add -net 0.0.0.0/0 192.168.1.1 .Pp A shorter version of adding a default route can also be written as: .Pp .Dl route add default 192.168.1.1 .Pp Add a static route to the 172.16.10.0/24 network via the 172.16.1.1 gateway: .Pp .Dl route add -net 172.16.10.0/24 172.16.1.1 .Pp Change the gateway of an already established static route in the routing table: .Pp .Dl route change -net 172.16.10.0/24 172.16.1.2 .Pp Display the route for a destination network: .Pp .Dl route show 172.16.10.0 .Pp Delete a static route from the routing table: .Pp .Dl route delete -net 172.16.10.0/24 172.16.1.2 .Pp Remove all routes from the routing table: .Pp .Dl route flush .Pp The routing table can be listed with .Xr netstat 1 . .Sh DIAGNOSTICS .Bl -diag .It "add [host \&| network ] %s: gateway %s flags %x" The specified route is being added to the tables. The values printed are from the routing table entry supplied in the .Xr ioctl 2 call. If the gateway address used was not the primary address of the gateway (the first one returned by .Xr gethostbyname 3 ) , the gateway address is printed numerically as well as symbolically. .It "delete [ host \&| network ] %s: gateway %s flags %x" As above, but when deleting an entry. .It "%s %s done" When the .Cm flush command is specified, each routing table entry deleted is indicated with a message of this form. .It "Network is unreachable" An attempt to add a route failed because the gateway listed was not on a directly-connected network. The next-hop gateway must be given. .It "not in table" A delete operation was attempted for an entry which was not present in the tables. .It "routing table overflow" An add operation was attempted, but the system was low on resources and was unable to allocate memory to create the new entry. .It "gateway uses the same route" A .Cm change operation resulted in a route whose gateway uses the same route as the one being changed. The next-hop gateway should be reachable through a different route. .El .Sh SEE ALSO .Xr netstat 1 , .Xr netintro 4 , .Xr route 4 , .Xr loader.conf 5 , .Xr arp 8 , .Xr routed 8 .Sh HISTORY The .Nm utility appeared in .Bx 4.2 . .Sh BUGS The first paragraph may have slightly exaggerated .Xr routed 8 Ns 's abilities. .Pp Currently, routes with the .Dv RTF_BLACKHOLE flag set need to have the gateway set to an instance of the .Xr lo 4 driver, using the .Fl iface option, for the flag to have any effect; unless IP fast forwarding is enabled, in which case the meaning of the flag will always be honored. diff --git a/sbin/route/route.c b/sbin/route/route.c index 3913bdc9e6af..60379e11d090 100644 --- a/sbin/route/route.c +++ b/sbin/route/route.c @@ -1,2019 +1,2016 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1983, 1989, 1991, 1993 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #ifndef lint static const char copyright[] = "@(#) Copyright (c) 1983, 1989, 1991, 1993\n\ The Regents of the University of California. All rights reserved.\n"; #endif /* not lint */ #ifndef lint -#if 0 -static char sccsid[] = "@(#)route.c 8.6 (Berkeley) 4/28/95"; -#endif #endif /* not lint */ #include #include #include #include #include #ifdef JAIL #include #endif #include #include #include #include #include #include #include #include #include #include #include #include #include #ifdef JAIL #include #endif #include #include #include #include #include #include #include #include #include #include struct fibl { TAILQ_ENTRY(fibl) fl_next; int fl_num; int fl_error; int fl_errno; }; static struct keytab { const char *kt_cp; int kt_i; } const keywords[] = { #include "keywords.h" {0, 0} }; int verbose, debugonly; #ifdef JAIL char * jail_name; #endif static struct sockaddr_storage so[RTAX_MAX]; static int pid, rtm_addrs; static int nflag, af, aflen, qflag, tflag; static int locking, lockrest; static struct rt_metrics rt_metrics; static u_long rtm_inits; static uid_t uid; static int defaultfib; static int numfibs; static char domain[MAXHOSTNAMELEN + 1]; static bool domain_initialized; static char rt_line[NI_MAXHOST]; static char net_line[MAXHOSTNAMELEN + 1]; #ifdef WITHOUT_NETLINK static int s; static int rtm_seq; static struct { struct rt_msghdr m_rtm; char m_space[512]; } m_rtmsg; static int rtmsg_rtsock(int, int, int); static int flushroutes_fib_rtsock(int); static void monitor_rtsock(void); #else int rtmsg_nl(int, int, int, int, struct sockaddr_storage *, struct rt_metrics *); int flushroutes_fib_nl(int, int); void monitor_nl(int); #endif static TAILQ_HEAD(fibl_head_t, fibl) fibl_head; void printb(int, const char *); static void flushroutes(int argc, char *argv[]); static int flushroutes_fib(int); static int getaddr(int, char *, int); static int keyword(const char *); #ifdef INET static void inet_makemask(struct sockaddr_in *, u_long); #endif #ifdef INET6 static int inet6_makenetandmask(struct sockaddr_in6 *, const char *); #endif static void interfaces(void); static void monitor(int, char*[]); const char *netname(struct sockaddr *); static void newroute(int, char **); static int newroute_fib(int, char *, int); static void pmsg_addrs(char *, int, size_t); static void pmsg_common(struct rt_msghdr *, size_t); static int prefixlen(const char *); static void print_getmsg(struct rt_msghdr *, int, int); static void print_rtmsg(struct rt_msghdr *, size_t); const char *routename(struct sockaddr *); static int rtmsg(int, int, int); static void set_metric(char *, int); static int set_sofib(int); static void sockaddr(char *, struct sockaddr *, size_t); static void sodump(struct sockaddr *, const char *); static int fiboptlist_csv(const char *, struct fibl_head_t *); static int fiboptlist_range(const char *, struct fibl_head_t *); static void usage(const char *) __dead2; #define READ_TIMEOUT 10 static volatile sig_atomic_t stop_read; static void stopit(int sig __unused) { stop_read = 1; } static void usage(const char *cp) { if (cp != NULL) warnx("bad keyword: %s", cp); errx(EX_USAGE, "usage: route [-j jail] [-46dnqtv] command [[modifiers] args]"); /* NOTREACHED */ } int main(int argc, char **argv) { int ch; #ifdef JAIL int jid; #endif size_t len; if (argc < 2) usage(NULL); while ((ch = getopt(argc, argv, "46nqdtvj:")) != -1) switch(ch) { case '4': #ifdef INET af = AF_INET; aflen = sizeof(struct sockaddr_in); #else errx(1, "IPv4 support is not compiled in"); #endif break; case '6': #ifdef INET6 af = AF_INET6; aflen = sizeof(struct sockaddr_in6); #else errx(1, "IPv6 support is not compiled in"); #endif break; case 'n': nflag = 1; break; case 'q': qflag = 1; break; case 'v': verbose = 1; break; case 't': tflag = 1; break; case 'd': debugonly = 1; break; case 'j': #ifdef JAIL if (optarg == NULL) usage(NULL); jail_name = optarg; #else errx(1, "Jail support is not compiled in"); #endif break; case '?': default: usage(NULL); } argc -= optind; argv += optind; pid = getpid(); uid = geteuid(); #ifdef JAIL if (jail_name != NULL) { jid = jail_getid(jail_name); if (jid == -1) errx(1, "Jail not found"); if (jail_attach(jid) != 0) errx(1, "Cannot attach to jail"); } #endif #ifdef WITHOUT_NETLINK if (tflag) s = open(_PATH_DEVNULL, O_WRONLY, 0); else s = socket(PF_ROUTE, SOCK_RAW, 0); if (s < 0) err(EX_OSERR, "socket"); #endif len = sizeof(numfibs); if (sysctlbyname("net.fibs", (void *)&numfibs, &len, NULL, 0) == -1) numfibs = -1; len = sizeof(defaultfib); if (numfibs != -1 && sysctlbyname("net.my_fibnum", (void *)&defaultfib, &len, NULL, 0) == -1) defaultfib = -1; if (*argv != NULL) switch (keyword(*argv)) { case K_GET: case K_SHOW: uid = 0; /* FALLTHROUGH */ case K_CHANGE: case K_ADD: case K_DEL: case K_DELETE: newroute(argc, argv); /* NOTREACHED */ case K_MONITOR: monitor(argc, argv); /* NOTREACHED */ case K_FLUSH: flushroutes(argc, argv); exit(0); /* NOTREACHED */ } usage(*argv); /* NOTREACHED */ } static int set_sofib(int fib) { #ifdef WITHOUT_NETLINK if (fib < 0) return (0); return (setsockopt(s, SOL_SOCKET, SO_SETFIB, (void *)&fib, sizeof(fib))); #else return (0); #endif } static int fiboptlist_range(const char *arg, struct fibl_head_t *flh) { struct fibl *fl; char *str0, *str, *token, *endptr; int fib[2], i, error; str0 = str = strdup(arg); error = 0; i = 0; while ((token = strsep(&str, "-")) != NULL) { switch (i) { case 0: case 1: errno = 0; fib[i] = strtol(token, &endptr, 0); if (errno == 0) { if (*endptr != '\0' || fib[i] < 0 || (numfibs != -1 && fib[i] > numfibs - 1)) errno = EINVAL; } if (errno) error = 1; break; default: error = 1; } if (error) goto fiboptlist_range_ret; i++; } if (fib[0] >= fib[1]) { error = 1; goto fiboptlist_range_ret; } for (i = fib[0]; i <= fib[1]; i++) { fl = calloc(1, sizeof(*fl)); if (fl == NULL) { error = 1; goto fiboptlist_range_ret; } fl->fl_num = i; TAILQ_INSERT_TAIL(flh, fl, fl_next); } fiboptlist_range_ret: free(str0); return (error); } #define ALLSTRLEN 64 static int fiboptlist_csv(const char *arg, struct fibl_head_t *flh) { struct fibl *fl; char *str0, *str, *token, *endptr; int fib, error; str0 = str = NULL; if (strcmp("all", arg) == 0) { str = calloc(1, ALLSTRLEN); if (str == NULL) { error = 1; goto fiboptlist_csv_ret; } if (numfibs > 1) snprintf(str, ALLSTRLEN - 1, "%d-%d", 0, numfibs - 1); else snprintf(str, ALLSTRLEN - 1, "%d", 0); } else if (strcmp("default", arg) == 0) { str0 = str = calloc(1, ALLSTRLEN); if (str == NULL) { error = 1; goto fiboptlist_csv_ret; } snprintf(str, ALLSTRLEN - 1, "%d", defaultfib); } else str0 = str = strdup(arg); error = 0; while ((token = strsep(&str, ",")) != NULL) { if (*token != '-' && strchr(token, '-') != NULL) { error = fiboptlist_range(token, flh); if (error) goto fiboptlist_csv_ret; } else { errno = 0; fib = strtol(token, &endptr, 0); if (errno == 0) { if (*endptr != '\0' || fib < 0 || (numfibs != -1 && fib > numfibs - 1)) errno = EINVAL; } if (errno) { error = 1; goto fiboptlist_csv_ret; } fl = calloc(1, sizeof(*fl)); if (fl == NULL) { error = 1; goto fiboptlist_csv_ret; } fl->fl_num = fib; TAILQ_INSERT_TAIL(flh, fl, fl_next); } } fiboptlist_csv_ret: if (str0 != NULL) free(str0); return (error); } /* * Purge all entries in the routing tables not * associated with network interfaces. */ static void flushroutes(int argc, char *argv[]) { struct fibl *fl; int error; if (uid != 0 && !debugonly && !tflag) errx(EX_NOPERM, "must be root to alter routing table"); #ifdef WITHOUT_NETLINK shutdown(s, SHUT_RD); /* Don't want to read back our messages */ #endif TAILQ_INIT(&fibl_head); while (argc > 1) { argc--; argv++; if (**argv != '-') usage(*argv); switch (keyword(*argv + 1)) { #ifdef INET case K_4: case K_INET: af = AF_INET; break; #endif #ifdef INET6 case K_6: case K_INET6: af = AF_INET6; break; #endif case K_LINK: af = AF_LINK; break; case K_FIB: if (!--argc) usage(*argv); error = fiboptlist_csv(*++argv, &fibl_head); if (error) errx(EX_USAGE, "invalid fib number: %s", *argv); break; default: usage(*argv); } } if (TAILQ_EMPTY(&fibl_head)) { error = fiboptlist_csv("default", &fibl_head); if (error) errx(EX_OSERR, "fiboptlist_csv failed."); } TAILQ_FOREACH(fl, &fibl_head, fl_next) flushroutes_fib(fl->fl_num); } static int flushroutes_fib(int fib) { #ifdef WITHOUT_NETLINK return (flushroutes_fib_rtsock(fib)); #else return (flushroutes_fib_nl(fib, af)); #endif } #ifdef WITHOUT_NETLINK static int flushroutes_fib_rtsock(int fib) { struct rt_msghdr *rtm; size_t needed; char *buf, *next, *lim; int mib[7], rlen, seqno, count = 0; int error; error = set_sofib(fib); if (error) { warn("fib number %d is ignored", fib); return (error); } retry: mib[0] = CTL_NET; mib[1] = PF_ROUTE; mib[2] = 0; /* protocol */ mib[3] = AF_UNSPEC; mib[4] = NET_RT_DUMP; mib[5] = 0; /* no flags */ mib[6] = fib; if (sysctl(mib, nitems(mib), NULL, &needed, NULL, 0) < 0) err(EX_OSERR, "route-sysctl-estimate"); if ((buf = malloc(needed)) == NULL) errx(EX_OSERR, "malloc failed"); if (sysctl(mib, nitems(mib), buf, &needed, NULL, 0) < 0) { if (errno == ENOMEM && count++ < 10) { warnx("Routing table grew, retrying"); sleep(1); free(buf); goto retry; } err(EX_OSERR, "route-sysctl-get"); } lim = buf + needed; if (verbose) (void)printf("Examining routing table from sysctl\n"); seqno = 0; /* ??? */ for (next = buf; next < lim; next += rtm->rtm_msglen) { rtm = (struct rt_msghdr *)(void *)next; if (verbose) print_rtmsg(rtm, rtm->rtm_msglen); if ((rtm->rtm_flags & RTF_GATEWAY) == 0) continue; if (af != 0) { struct sockaddr *sa = (struct sockaddr *)(rtm + 1); if (sa->sa_family != af) continue; } if (debugonly) continue; rtm->rtm_type = RTM_DELETE; rtm->rtm_seq = seqno; rlen = write(s, next, rtm->rtm_msglen); if (rlen < 0 && errno == EPERM) err(1, "write to routing socket"); if (rlen < (int)rtm->rtm_msglen) { warn("write to routing socket"); (void)printf("got only %d for rlen\n", rlen); free(buf); goto retry; break; } seqno++; if (qflag) continue; if (verbose) print_rtmsg(rtm, rlen); else { struct sockaddr *sa = (struct sockaddr *)(rtm + 1); printf("%-20.20s ", rtm->rtm_flags & RTF_HOST ? routename(sa) : netname(sa)); sa = (struct sockaddr *)(SA_SIZE(sa) + (char *)sa); printf("%-20.20s ", routename(sa)); if (fib >= 0) printf("-fib %-3d ", fib); printf("done\n"); } } free(buf); return (error); } #endif const char * routename(struct sockaddr *sa) { struct sockaddr_dl *sdl; const char *cp; int n; if (!domain_initialized) { domain_initialized = true; if (gethostname(domain, MAXHOSTNAMELEN) == 0 && (cp = strchr(domain, '.'))) { domain[MAXHOSTNAMELEN] = '\0'; (void)strcpy(domain, cp + 1); } else domain[0] = '\0'; } /* If the address is zero-filled, use "default". */ if (sa->sa_len == 0 && nflag == 0) return ("default"); #if defined(INET) || defined(INET6) switch (sa->sa_family) { #ifdef INET case AF_INET: /* If the address is zero-filled, use "default". */ if (nflag == 0 && ((struct sockaddr_in *)(void *)sa)->sin_addr.s_addr == INADDR_ANY) return("default"); break; #endif #ifdef INET6 case AF_INET6: /* If the address is zero-filled, use "default". */ if (nflag == 0 && IN6_IS_ADDR_UNSPECIFIED(&((struct sockaddr_in6 *)(void *)sa)->sin6_addr)) return("default"); break; #endif } #endif switch (sa->sa_family) { #if defined(INET) || defined(INET6) #ifdef INET case AF_INET: #endif #ifdef INET6 case AF_INET6: #endif { struct sockaddr_storage ss; int error; char *p; memset(&ss, 0, sizeof(ss)); if (sa->sa_len == 0) ss.ss_family = sa->sa_family; else memcpy(&ss, sa, sa->sa_len); /* Expand sa->sa_len because it could be shortened. */ if (sa->sa_family == AF_INET) ss.ss_len = sizeof(struct sockaddr_in); else if (sa->sa_family == AF_INET6) ss.ss_len = sizeof(struct sockaddr_in6); error = getnameinfo((struct sockaddr *)&ss, ss.ss_len, rt_line, sizeof(rt_line), NULL, 0, (nflag == 0) ? 0 : NI_NUMERICHOST); if (error) { warnx("getnameinfo(): %s", gai_strerror(error)); strncpy(rt_line, "invalid", sizeof(rt_line)); } /* Remove the domain part if any. */ p = strchr(rt_line, '.'); if (p != NULL && strcmp(p + 1, domain) == 0) *p = '\0'; return (rt_line); break; } #endif case AF_LINK: sdl = (struct sockaddr_dl *)(void *)sa; if (sdl->sdl_nlen == 0 && sdl->sdl_alen == 0 && sdl->sdl_slen == 0) { n = snprintf(rt_line, sizeof(rt_line), "link#%d", sdl->sdl_index); if (n > (int)sizeof(rt_line)) rt_line[0] = '\0'; return (rt_line); } else return (link_ntoa(sdl)); break; default: { u_short *sp = (u_short *)(void *)sa; u_short *splim = sp + ((sa->sa_len + 1) >> 1); char *cps = rt_line + sprintf(rt_line, "(%d)", sa->sa_family); char *cpe = rt_line + sizeof(rt_line); while (++sp < splim && cps < cpe) /* start with sa->sa_data */ if ((n = snprintf(cps, cpe - cps, " %x", *sp)) > 0) cps += n; else *cps = '\0'; break; } } return (rt_line); } /* * Return the name of the network whose address is given. * The address is assumed to be that of a net, not a host. */ const char * netname(struct sockaddr *sa) { struct sockaddr_dl *sdl; int n; #ifdef INET struct netent *np = NULL; const char *cp = NULL; u_long i; #endif switch (sa->sa_family) { #ifdef INET case AF_INET: { struct in_addr in; in = ((struct sockaddr_in *)(void *)sa)->sin_addr; i = in.s_addr = ntohl(in.s_addr); if (in.s_addr == 0) cp = "default"; else if (!nflag) { np = getnetbyaddr(i, AF_INET); if (np != NULL) cp = np->n_name; } #define C(x) (unsigned)((x) & 0xff) if (cp != NULL) strncpy(net_line, cp, sizeof(net_line)); else if ((in.s_addr & 0xffffff) == 0) (void)sprintf(net_line, "%u", C(in.s_addr >> 24)); else if ((in.s_addr & 0xffff) == 0) (void)sprintf(net_line, "%u.%u", C(in.s_addr >> 24), C(in.s_addr >> 16)); else if ((in.s_addr & 0xff) == 0) (void)sprintf(net_line, "%u.%u.%u", C(in.s_addr >> 24), C(in.s_addr >> 16), C(in.s_addr >> 8)); else (void)sprintf(net_line, "%u.%u.%u.%u", C(in.s_addr >> 24), C(in.s_addr >> 16), C(in.s_addr >> 8), C(in.s_addr)); #undef C break; } #endif #ifdef INET6 case AF_INET6: { struct sockaddr_in6 sin6; int niflags = 0; memset(&sin6, 0, sizeof(sin6)); memcpy(&sin6, sa, sa->sa_len); sin6.sin6_len = sizeof(sin6); sin6.sin6_family = AF_INET6; if (nflag) niflags |= NI_NUMERICHOST; if (getnameinfo((struct sockaddr *)&sin6, sin6.sin6_len, net_line, sizeof(net_line), NULL, 0, niflags) != 0) strncpy(net_line, "invalid", sizeof(net_line)); return(net_line); } #endif case AF_LINK: sdl = (struct sockaddr_dl *)(void *)sa; if (sdl->sdl_nlen == 0 && sdl->sdl_alen == 0 && sdl->sdl_slen == 0) { n = snprintf(net_line, sizeof(net_line), "link#%d", sdl->sdl_index); if (n > (int)sizeof(net_line)) net_line[0] = '\0'; return (net_line); } else return (link_ntoa(sdl)); break; default: { u_short *sp = (u_short *)(void *)sa->sa_data; u_short *splim = sp + ((sa->sa_len + 1)>>1); char *cps = net_line + sprintf(net_line, "af %d:", sa->sa_family); char *cpe = net_line + sizeof(net_line); while (sp < splim && cps < cpe) if ((n = snprintf(cps, cpe - cps, " %x", *sp++)) > 0) cps += n; else *cps = '\0'; break; } } return (net_line); } static void set_metric(char *value, int key) { int flag = 0; char *endptr; u_long noval, *valp = &noval; switch (key) { #define caseof(x, y, z) case x: valp = &rt_metrics.z; flag = y; break caseof(K_MTU, RTV_MTU, rmx_mtu); caseof(K_HOPCOUNT, RTV_HOPCOUNT, rmx_hopcount); caseof(K_EXPIRE, RTV_EXPIRE, rmx_expire); caseof(K_RECVPIPE, RTV_RPIPE, rmx_recvpipe); caseof(K_SENDPIPE, RTV_SPIPE, rmx_sendpipe); caseof(K_SSTHRESH, RTV_SSTHRESH, rmx_ssthresh); caseof(K_RTT, RTV_RTT, rmx_rtt); caseof(K_RTTVAR, RTV_RTTVAR, rmx_rttvar); caseof(K_WEIGHT, RTV_WEIGHT, rmx_weight); } rtm_inits |= flag; if (lockrest || locking) rt_metrics.rmx_locks |= flag; if (locking) locking = 0; errno = 0; *valp = strtol(value, &endptr, 0); if (errno == 0 && *endptr != '\0') errno = EINVAL; if (errno) err(EX_USAGE, "%s", value); if (flag & RTV_EXPIRE && (value[0] == '+' || value[0] == '-')) { struct timespec ts; clock_gettime(CLOCK_REALTIME_FAST, &ts); *valp += ts.tv_sec; } } #define F_ISHOST 0x01 #define F_FORCENET 0x02 #define F_FORCEHOST 0x04 #define F_PROXY 0x08 #define F_INTERFACE 0x10 static void newroute(int argc, char **argv) { struct sigaction sa; struct fibl *fl; char *cmd; const char *dest, *gateway, *errmsg; int key, error, flags, nrflags, fibnum; if (uid != 0 && !debugonly && !tflag) errx(EX_NOPERM, "must be root to alter routing table"); dest = NULL; gateway = NULL; flags = RTF_STATIC; nrflags = 0; TAILQ_INIT(&fibl_head); sigemptyset(&sa.sa_mask); sa.sa_flags = 0; sa.sa_handler = stopit; if (sigaction(SIGALRM, &sa, 0) == -1) warn("sigaction SIGALRM"); cmd = argv[0]; #ifdef WITHOUT_NETLINK if (*cmd != 'g' && *cmd != 's') shutdown(s, SHUT_RD); /* Don't want to read back our messages */ #endif while (--argc > 0) { if (**(++argv)== '-') { switch (key = keyword(1 + *argv)) { case K_LINK: af = AF_LINK; aflen = sizeof(struct sockaddr_dl); break; #ifdef INET case K_4: case K_INET: af = AF_INET; aflen = sizeof(struct sockaddr_in); break; #endif #ifdef INET6 case K_6: case K_INET6: af = AF_INET6; aflen = sizeof(struct sockaddr_in6); break; #endif case K_SA: af = PF_ROUTE; aflen = sizeof(struct sockaddr_storage); break; case K_IFACE: case K_INTERFACE: nrflags |= F_INTERFACE; break; case K_NOSTATIC: flags &= ~RTF_STATIC; break; case K_LOCK: locking = 1; break; case K_LOCKREST: lockrest = 1; break; case K_HOST: nrflags |= F_FORCEHOST; break; case K_REJECT: flags |= RTF_REJECT; break; case K_BLACKHOLE: flags |= RTF_BLACKHOLE; break; case K_PROTO1: flags |= RTF_PROTO1; break; case K_PROTO2: flags |= RTF_PROTO2; break; case K_PROXY: nrflags |= F_PROXY; break; case K_XRESOLVE: flags |= RTF_XRESOLVE; break; case K_STATIC: flags |= RTF_STATIC; break; case K_STICKY: flags |= RTF_STICKY; break; case K_NOSTICK: flags &= ~RTF_STICKY; break; case K_FIB: if (!--argc) usage(NULL); error = fiboptlist_csv(*++argv, &fibl_head); if (error) errx(EX_USAGE, "invalid fib number: %s", *argv); break; case K_IFA: if (!--argc) usage(NULL); getaddr(RTAX_IFA, *++argv, nrflags); break; case K_IFP: if (!--argc) usage(NULL); getaddr(RTAX_IFP, *++argv, nrflags); break; case K_GENMASK: if (!--argc) usage(NULL); getaddr(RTAX_GENMASK, *++argv, nrflags); break; case K_GATEWAY: if (!--argc) usage(NULL); getaddr(RTAX_GATEWAY, *++argv, nrflags); gateway = *argv; break; case K_DST: if (!--argc) usage(NULL); if (getaddr(RTAX_DST, *++argv, nrflags)) nrflags |= F_ISHOST; dest = *argv; break; case K_NETMASK: if (!--argc) usage(NULL); getaddr(RTAX_NETMASK, *++argv, nrflags); /* FALLTHROUGH */ case K_NET: nrflags |= F_FORCENET; break; case K_PREFIXLEN: if (!--argc) usage(NULL); if (prefixlen(*++argv) == -1) { nrflags &= ~F_FORCENET; nrflags |= F_ISHOST; } else { nrflags |= F_FORCENET; nrflags &= ~F_ISHOST; } break; case K_MTU: case K_HOPCOUNT: case K_EXPIRE: case K_RECVPIPE: case K_SENDPIPE: case K_SSTHRESH: case K_RTT: case K_RTTVAR: case K_WEIGHT: if (!--argc) usage(NULL); set_metric(*++argv, key); break; default: usage(1+*argv); } } else { if ((rtm_addrs & RTA_DST) == 0) { dest = *argv; if (getaddr(RTAX_DST, *argv, nrflags)) nrflags |= F_ISHOST; } else if ((rtm_addrs & RTA_GATEWAY) == 0) { gateway = *argv; getaddr(RTAX_GATEWAY, *argv, nrflags); } else { getaddr(RTAX_NETMASK, *argv, nrflags); nrflags |= F_FORCENET; } } } /* Do some sanity checks on resulting request */ if (so[RTAX_DST].ss_len == 0) { warnx("destination parameter required"); usage(NULL); } if (so[RTAX_NETMASK].ss_len != 0 && so[RTAX_DST].ss_family != so[RTAX_NETMASK].ss_family) { warnx("destination and netmask family need to be the same"); usage(NULL); } if (nrflags & F_FORCEHOST) { nrflags |= F_ISHOST; #ifdef INET6 if (af == AF_INET6) { rtm_addrs &= ~RTA_NETMASK; memset(&so[RTAX_NETMASK], 0, sizeof(so[RTAX_NETMASK])); } #endif } if (nrflags & F_FORCENET) nrflags &= ~F_ISHOST; flags |= RTF_UP; if (nrflags & F_ISHOST) flags |= RTF_HOST; if ((nrflags & F_INTERFACE) == 0) flags |= RTF_GATEWAY; if (nrflags & F_PROXY) flags |= RTF_ANNOUNCE; if (dest == NULL) dest = ""; if (gateway == NULL) gateway = ""; if (TAILQ_EMPTY(&fibl_head)) { error = fiboptlist_csv("default", &fibl_head); if (error) errx(EX_OSERR, "fiboptlist_csv failed."); } error = 0; TAILQ_FOREACH(fl, &fibl_head, fl_next) { fl->fl_error = newroute_fib(fl->fl_num, cmd, flags); if (fl->fl_error) fl->fl_errno = errno; error += fl->fl_error; } if (*cmd == 'g' || *cmd == 's') exit(error); error = 0; if (!qflag) { fibnum = 0; TAILQ_FOREACH(fl, &fibl_head, fl_next) { if (fl->fl_error == 0) fibnum++; } if (fibnum > 0) { int firstfib = 1; printf("%s %s %s", cmd, (nrflags & F_ISHOST) ? "host" : "net", dest); if (*gateway) printf(": gateway %s", gateway); if (numfibs > 1) { TAILQ_FOREACH(fl, &fibl_head, fl_next) { if (fl->fl_error == 0 && fl->fl_num >= 0) { if (firstfib) { printf(" fib "); firstfib = 0; } printf("%d", fl->fl_num); if (fibnum-- > 1) printf(","); } } } printf("\n"); } } fibnum = 0; TAILQ_FOREACH(fl, &fibl_head, fl_next) { if (fl->fl_error != 0) { error = 1; if (!qflag) { printf("%s %s %s", cmd, (nrflags & F_ISHOST) ? "host" : "net", dest); if (*gateway) printf(": gateway %s", gateway); if (fl->fl_num >= 0) printf(" fib %d", fl->fl_num); switch (fl->fl_errno) { case ESRCH: errmsg = "not in table"; break; case EBUSY: errmsg = "entry in use"; break; case ENOBUFS: errmsg = "not enough memory"; break; case EADDRINUSE: /* * handle recursion avoidance * in rt_setgate() */ errmsg = "gateway uses the same route"; break; case EEXIST: errmsg = "route already in table"; break; default: errmsg = strerror(fl->fl_errno); break; } printf(": %s\n", errmsg); } } } exit(error); } static int newroute_fib(int fib, char *cmd, int flags) { int error; error = set_sofib(fib); if (error) { warn("fib number %d is ignored", fib); return (error); } error = rtmsg(*cmd, flags, fib); return (error); } #ifdef INET static void inet_makemask(struct sockaddr_in *sin_mask, u_long bits) { u_long mask = 0; rtm_addrs |= RTA_NETMASK; if (bits != 0) mask = 0xffffffff << (32 - bits); sin_mask->sin_addr.s_addr = htonl(mask); sin_mask->sin_len = sizeof(struct sockaddr_in); sin_mask->sin_family = AF_INET; } #endif #ifdef INET6 /* * XXX the function may need more improvement... */ static int inet6_makenetandmask(struct sockaddr_in6 *sin6, const char *plen) { if (plen == NULL) { if (IN6_IS_ADDR_UNSPECIFIED(&sin6->sin6_addr) && sin6->sin6_scope_id == 0) plen = "0"; } if (plen == NULL || strcmp(plen, "128") == 0) return (1); rtm_addrs |= RTA_NETMASK; prefixlen(plen); return (0); } #endif /* * Interpret an argument as a network address of some kind, * returning 1 if a host address, 0 if a network address. */ static int getaddr(int idx, char *str, int nrflags) { struct sockaddr *sa; #if defined(INET) struct sockaddr_in *sin; struct hostent *hp; char *q; #elif defined(INET6) char *q; #endif if (idx < 0 || idx >= RTAX_MAX) usage("internal error"); if (af == 0) { #if defined(INET) af = AF_INET; aflen = sizeof(struct sockaddr_in); #elif defined(INET6) af = AF_INET6; aflen = sizeof(struct sockaddr_in6); #else af = AF_LINK; aflen = sizeof(struct sockaddr_dl); #endif } rtm_addrs |= (1 << idx); sa = (struct sockaddr *)&so[idx]; sa->sa_family = af; sa->sa_len = aflen; switch (idx) { case RTAX_GATEWAY: if (nrflags & F_INTERFACE) { struct ifaddrs *ifap, *ifa; struct sockaddr_dl *sdl0 = (struct sockaddr_dl *)(void *)sa; struct sockaddr_dl *sdl = NULL; if (getifaddrs(&ifap)) err(EX_OSERR, "getifaddrs"); for (ifa = ifap; ifa != NULL; ifa = ifa->ifa_next) { if (ifa->ifa_addr->sa_family != AF_LINK) continue; if (strcmp(str, ifa->ifa_name) != 0) continue; sdl = (struct sockaddr_dl *)(void *)ifa->ifa_addr; } /* If we found it, then use it */ if (sdl != NULL) { /* * Note that we need to copy before calling * freeifaddrs(). */ memcpy(sdl0, sdl, sdl->sdl_len); } freeifaddrs(ifap); if (sdl != NULL) return(1); else errx(EX_DATAERR, "interface '%s' does not exist", str); } break; case RTAX_IFP: sa->sa_family = AF_LINK; break; } if (strcmp(str, "default") == 0) { /* * Default is net 0.0.0.0/0 */ switch (idx) { case RTAX_DST: nrflags |= F_FORCENET; getaddr(RTAX_NETMASK, str, nrflags); break; } return (0); } switch (sa->sa_family) { #ifdef INET6 case AF_INET6: { struct addrinfo hints, *res; int ecode; q = NULL; if (idx == RTAX_DST && (q = strchr(str, '/')) != NULL) *q = '\0'; memset(&hints, 0, sizeof(hints)); hints.ai_family = sa->sa_family; hints.ai_socktype = SOCK_DGRAM; ecode = getaddrinfo(str, NULL, &hints, &res); if (ecode != 0 || res->ai_family != AF_INET6 || res->ai_addrlen != sizeof(struct sockaddr_in6)) errx(EX_OSERR, "%s: %s", str, gai_strerror(ecode)); memcpy(sa, res->ai_addr, res->ai_addrlen); freeaddrinfo(res); if (q != NULL) *q++ = '/'; if (idx == RTAX_DST) return (inet6_makenetandmask((struct sockaddr_in6 *)(void *)sa, q)); return (0); } #endif /* INET6 */ case AF_LINK: link_addr(str, (struct sockaddr_dl *)(void *)sa); return (1); case PF_ROUTE: sockaddr(str, sa, sizeof(struct sockaddr_storage)); return (1); #ifdef INET case AF_INET: #endif default: break; } #ifdef INET sin = (struct sockaddr_in *)(void *)sa; q = strchr(str,'/'); if (q != NULL && idx == RTAX_DST) { /* A.B.C.D/NUM */ *q = '\0'; if (inet_aton(str, &sin->sin_addr) == 0) errx(EX_NOHOST, "bad address: %s", str); int masklen = strtol(q + 1, NULL, 10); if (masklen < 0 || masklen > 32) errx(EX_NOHOST, "bad mask length: %s", q + 1); inet_makemask((struct sockaddr_in *)&so[RTAX_NETMASK],masklen); return (0); } if (inet_aton(str, &sin->sin_addr) != 0) return (1); hp = gethostbyname(str); if (hp != NULL) { sin->sin_family = hp->h_addrtype; memmove((char *)&sin->sin_addr, hp->h_addr, MIN((size_t)hp->h_length, sizeof(sin->sin_addr))); return (1); } #endif errx(EX_NOHOST, "bad address: %s", str); } static int prefixlen(const char *str) { int len = atoi(str), q, r; int max; char *p; rtm_addrs |= RTA_NETMASK; switch (af) { #ifdef INET6 case AF_INET6: { struct sockaddr_in6 *sin6 = (struct sockaddr_in6 *)&so[RTAX_NETMASK]; max = 128; p = (char *)&sin6->sin6_addr; sin6->sin6_family = AF_INET6; sin6->sin6_len = sizeof(*sin6); break; } #endif #ifdef INET case AF_INET: { struct sockaddr_in *sin = (struct sockaddr_in *)&so[RTAX_NETMASK]; max = 32; p = (char *)&sin->sin_addr; sin->sin_family = AF_INET; sin->sin_len = sizeof(*sin); break; } #endif default: errx(EX_OSERR, "prefixlen not supported in this af"); } if (len < 0 || max < len) errx(EX_USAGE, "%s: invalid prefixlen", str); q = len >> 3; r = len & 7; memset((void *)p, 0, max / 8); if (q > 0) memset((void *)p, 0xff, q); if (r > 0) *((u_char *)p + q) = (0xff00 >> r) & 0xff; if (len == max) return (-1); else return (len); } static void interfaces(void) { size_t needed; int mib[6]; char *buf, *lim, *next, count = 0; struct rt_msghdr *rtm; retry2: mib[0] = CTL_NET; mib[1] = PF_ROUTE; mib[2] = 0; /* protocol */ mib[3] = AF_UNSPEC; mib[4] = NET_RT_IFLIST; mib[5] = 0; /* no flags */ if (sysctl(mib, nitems(mib), NULL, &needed, NULL, 0) < 0) err(EX_OSERR, "route-sysctl-estimate"); if ((buf = malloc(needed)) == NULL) errx(EX_OSERR, "malloc failed"); if (sysctl(mib, nitems(mib), buf, &needed, NULL, 0) < 0) { if (errno == ENOMEM && count++ < 10) { warnx("Routing table grew, retrying"); sleep(1); free(buf); goto retry2; } err(EX_OSERR, "actual retrieval of interface table"); } lim = buf + needed; for (next = buf; next < lim; next += rtm->rtm_msglen) { rtm = (struct rt_msghdr *)(void *)next; print_rtmsg(rtm, rtm->rtm_msglen); } free(buf); } static void monitor(int argc, char *argv[]) { int fib, error; char *endptr; fib = defaultfib; while (argc > 1) { argc--; argv++; if (**argv != '-') usage(*argv); switch (keyword(*argv + 1)) { case K_FIB: if (!--argc) usage(*argv); errno = 0; fib = strtol(*++argv, &endptr, 0); if (errno == 0) { if (*endptr != '\0' || fib < 0 || (numfibs != -1 && fib > numfibs - 1)) errno = EINVAL; } if (errno) errx(EX_USAGE, "invalid fib number: %s", *argv); break; default: usage(*argv); } } error = set_sofib(fib); if (error) errx(EX_USAGE, "invalid fib number: %d", fib); verbose = 1; if (debugonly) { interfaces(); exit(0); } #ifdef WITHOUT_NETLINK monitor_rtsock(); #else monitor_nl(fib); #endif } #ifdef WITHOUT_NETLINK static void monitor_rtsock(void) { char msg[2048]; int n; #ifdef SO_RERROR n = 1; if (setsockopt(s, SOL_SOCKET, SO_RERROR, &n, sizeof(n)) == -1) warn("SO_RERROR"); #endif for (;;) { time_t now; n = read(s, msg, sizeof(msg)); if (n == -1) { warn("read"); continue; } now = time(NULL); (void)printf("\ngot message of size %d on %s", n, ctime(&now)); print_rtmsg((struct rt_msghdr *)(void *)msg, n); } } #endif static int rtmsg(int cmd, int flags, int fib) { errno = 0; if (cmd == 'a') cmd = RTM_ADD; else if (cmd == 'c') cmd = RTM_CHANGE; else if (cmd == 'g' || cmd == 's') { cmd = RTM_GET; if (so[RTAX_IFP].ss_family == 0) { so[RTAX_IFP].ss_family = AF_LINK; so[RTAX_IFP].ss_len = sizeof(struct sockaddr_dl); rtm_addrs |= RTA_IFP; } } else { cmd = RTM_DELETE; flags |= RTF_PINNED; } #ifdef WITHOUT_NETLINK return (rtmsg_rtsock(cmd, flags, fib)); #else errno = rtmsg_nl(cmd, flags, fib, rtm_addrs, so, &rt_metrics); return (errno == 0 ? 0 : -1); #endif } #ifdef WITHOUT_NETLINK static int rtmsg_rtsock(int cmd, int flags, int fib) { int rlen; char *cp = m_rtmsg.m_space; int l; memset(&m_rtmsg, 0, sizeof(m_rtmsg)); #define NEXTADDR(w, u) \ if (rtm_addrs & (w)) { \ l = SA_SIZE(&(u)); \ memmove(cp, (char *)&(u), l); \ cp += l; \ if (verbose) \ sodump((struct sockaddr *)&(u), #w); \ } #define rtm m_rtmsg.m_rtm rtm.rtm_type = cmd; rtm.rtm_flags = flags; rtm.rtm_version = RTM_VERSION; rtm.rtm_seq = ++rtm_seq; rtm.rtm_addrs = rtm_addrs; rtm.rtm_rmx = rt_metrics; rtm.rtm_inits = rtm_inits; NEXTADDR(RTA_DST, so[RTAX_DST]); NEXTADDR(RTA_GATEWAY, so[RTAX_GATEWAY]); NEXTADDR(RTA_NETMASK, so[RTAX_NETMASK]); NEXTADDR(RTA_GENMASK, so[RTAX_GENMASK]); NEXTADDR(RTA_IFP, so[RTAX_IFP]); NEXTADDR(RTA_IFA, so[RTAX_IFA]); rtm.rtm_msglen = l = cp - (char *)&m_rtmsg; if (verbose) print_rtmsg(&rtm, l); if (debugonly) return (0); if ((rlen = write(s, (char *)&m_rtmsg, l)) < 0) { switch (errno) { case EPERM: err(1, "writing to routing socket"); break; case ESRCH: warnx("route has not been found"); break; case EEXIST: /* Handled by newroute() */ break; default: warn("writing to routing socket"); } return (-1); } if (cmd == RTM_GET) { stop_read = 0; alarm(READ_TIMEOUT); do { l = read(s, (char *)&m_rtmsg, sizeof(m_rtmsg)); } while (l > 0 && stop_read == 0 && (rtm.rtm_type != RTM_GET || rtm.rtm_seq != rtm_seq || rtm.rtm_pid != pid)); if (stop_read != 0) { warnx("read from routing socket timed out"); return (-1); } else alarm(0); if (l < 0) warn("read from routing socket"); else print_getmsg(&rtm, l, fib); } #undef rtm return (0); } #endif static const char *const msgtypes[] = { "", "RTM_ADD: Add Route", "RTM_DELETE: Delete Route", "RTM_CHANGE: Change Metrics or flags", "RTM_GET: Report Metrics", "RTM_LOSING: Kernel Suspects Partitioning", "RTM_REDIRECT: Told to use different route", "RTM_MISS: Lookup failed on this address", "RTM_LOCK: fix specified metrics", "RTM_OLDADD: caused by SIOCADDRT", "RTM_OLDDEL: caused by SIOCDELRT", "RTM_RESOLVE: Route created by cloning", "RTM_NEWADDR: address being added to iface", "RTM_DELADDR: address being removed from iface", "RTM_IFINFO: iface status change", "RTM_NEWMADDR: new multicast group membership on iface", "RTM_DELMADDR: multicast group membership removed from iface", "RTM_IFANNOUNCE: interface arrival/departure", "RTM_IEEE80211: IEEE 802.11 wireless event", }; static const char metricnames[] = "\011weight\010rttvar\7rtt\6ssthresh\5sendpipe\4recvpipe\3expire" "\1mtu"; const char routeflags[] = "\1UP\2GATEWAY\3HOST\4REJECT\5DYNAMIC\6MODIFIED\7DONE" "\012XRESOLVE\013LLINFO\014STATIC\015BLACKHOLE" "\017PROTO2\020PROTO1\021PRCLONING\022WASCLONED\023PROTO3" "\024FIXEDMTU\025PINNED\026LOCAL\027BROADCAST\030MULTICAST\035STICKY"; static const char ifnetflags[] = "\1UP\2BROADCAST\3DEBUG\4LOOPBACK\5PTP\6b6\7RUNNING\010NOARP" "\011PPROMISC\012ALLMULTI\013OACTIVE\014SIMPLEX\015LINK0\016LINK1" "\017LINK2\020MULTICAST"; static const char addrnames[] = "\1DST\2GATEWAY\3NETMASK\4GENMASK\5IFP\6IFA\7AUTHOR\010BRD"; static const char errfmt[] = "\n%s: truncated route message, only %zu bytes left\n"; static void print_rtmsg(struct rt_msghdr *rtm, size_t msglen) { struct if_msghdr *ifm; struct ifa_msghdr *ifam; #ifdef RTM_NEWMADDR struct ifma_msghdr *ifmam; #endif struct if_announcemsghdr *ifan; const char *state; if (verbose == 0) return; if (rtm->rtm_version != RTM_VERSION) { (void)printf("routing message version %d not understood\n", rtm->rtm_version); return; } if (rtm->rtm_type < nitems(msgtypes)) (void)printf("%s: ", msgtypes[rtm->rtm_type]); else (void)printf("unknown type %d: ", rtm->rtm_type); (void)printf("len %d, ", rtm->rtm_msglen); #define REQUIRE(x) do { \ if (msglen < sizeof(x)) \ goto badlen; \ else \ msglen -= sizeof(x); \ } while (0) switch (rtm->rtm_type) { case RTM_IFINFO: REQUIRE(struct if_msghdr); ifm = (struct if_msghdr *)rtm; (void)printf("if# %d, ", ifm->ifm_index); switch (ifm->ifm_data.ifi_link_state) { case LINK_STATE_DOWN: state = "down"; break; case LINK_STATE_UP: state = "up"; break; default: state = "unknown"; break; } (void)printf("link: %s, flags:", state); printb(ifm->ifm_flags, ifnetflags); pmsg_addrs((char *)(ifm + 1), ifm->ifm_addrs, msglen); break; case RTM_NEWADDR: case RTM_DELADDR: REQUIRE(struct ifa_msghdr); ifam = (struct ifa_msghdr *)rtm; (void)printf("metric %d, flags:", ifam->ifam_metric); printb(ifam->ifam_flags, routeflags); pmsg_addrs((char *)(ifam + 1), ifam->ifam_addrs, msglen); break; #ifdef RTM_NEWMADDR case RTM_NEWMADDR: case RTM_DELMADDR: REQUIRE(struct ifma_msghdr); ifmam = (struct ifma_msghdr *)rtm; pmsg_addrs((char *)(ifmam + 1), ifmam->ifmam_addrs, msglen); break; #endif case RTM_IFANNOUNCE: REQUIRE(struct if_announcemsghdr); ifan = (struct if_announcemsghdr *)rtm; (void)printf("if# %d, what: ", ifan->ifan_index); switch (ifan->ifan_what) { case IFAN_ARRIVAL: (void)printf("arrival"); break; case IFAN_DEPARTURE: printf("departure"); break; default: printf("#%d", ifan->ifan_what); break; } printf("\n"); fflush(stdout); break; default: if (rtm->rtm_type <= RTM_RESOLVE) { printf("pid: %ld, seq %d, errno %d, flags:", (long)rtm->rtm_pid, rtm->rtm_seq, rtm->rtm_errno); printb(rtm->rtm_flags, routeflags); pmsg_common(rtm, msglen); } else printf("type: %u, len: %zu\n", rtm->rtm_type, msglen); } return; badlen: (void)printf(errfmt, __func__, msglen); #undef REQUIRE } static void print_getmsg(struct rt_msghdr *rtm, int msglen, int fib) { struct sockaddr *sp[RTAX_MAX]; struct timespec ts; char *cp; int i; memset(sp, 0, sizeof(sp)); (void)printf(" route to: %s\n", routename((struct sockaddr *)&so[RTAX_DST])); if (rtm->rtm_version != RTM_VERSION) { warnx("routing message version %d not understood", rtm->rtm_version); return; } if (rtm->rtm_msglen > msglen) { warnx("message length mismatch, in packet %d, returned %d", rtm->rtm_msglen, msglen); return; } if (rtm->rtm_errno) { errno = rtm->rtm_errno; warn("message indicates error %d", errno); return; } cp = ((char *)(rtm + 1)); for (i = 0; i < RTAX_MAX; i++) if (rtm->rtm_addrs & (1 << i)) { sp[i] = (struct sockaddr *)cp; cp += SA_SIZE((struct sockaddr *)cp); } if ((rtm->rtm_addrs & RTA_IFP) && (sp[RTAX_IFP]->sa_family != AF_LINK || ((struct sockaddr_dl *)(void *)sp[RTAX_IFP])->sdl_nlen == 0)) sp[RTAX_IFP] = NULL; if (sp[RTAX_DST]) (void)printf("destination: %s\n", routename(sp[RTAX_DST])); if (sp[RTAX_NETMASK]) (void)printf(" mask: %s\n", routename(sp[RTAX_NETMASK])); if (sp[RTAX_GATEWAY] && (rtm->rtm_flags & RTF_GATEWAY)) (void)printf(" gateway: %s\n", routename(sp[RTAX_GATEWAY])); if (fib >= 0) (void)printf(" fib: %u\n", (unsigned int)fib); if (sp[RTAX_IFP]) (void)printf(" interface: %.*s\n", ((struct sockaddr_dl *)(void *)sp[RTAX_IFP])->sdl_nlen, ((struct sockaddr_dl *)(void *)sp[RTAX_IFP])->sdl_data); (void)printf(" flags: "); printb(rtm->rtm_flags, routeflags); #define lock(f) ((rtm->rtm_rmx.rmx_locks & __CONCAT(RTV_,f)) ? 'L' : ' ') #define msec(u) (((u) + 500) / 1000) /* usec to msec */ printf("\n%9s %9s %9s %9s %9s %10s %9s\n", "recvpipe", "sendpipe", "ssthresh", "rtt,msec", "mtu ", "weight", "expire"); printf("%8lu%c ", rtm->rtm_rmx.rmx_recvpipe, lock(RPIPE)); printf("%8lu%c ", rtm->rtm_rmx.rmx_sendpipe, lock(SPIPE)); printf("%8lu%c ", rtm->rtm_rmx.rmx_ssthresh, lock(SSTHRESH)); printf("%8lu%c ", msec(rtm->rtm_rmx.rmx_rtt), lock(RTT)); printf("%8lu%c ", rtm->rtm_rmx.rmx_mtu, lock(MTU)); printf("%8lu%c ", rtm->rtm_rmx.rmx_weight, lock(WEIGHT)); if (rtm->rtm_rmx.rmx_expire > 0) clock_gettime(CLOCK_REALTIME_FAST, &ts); else ts.tv_sec = 0; printf("%8ld%c\n", (long)(rtm->rtm_rmx.rmx_expire - ts.tv_sec), lock(EXPIRE)); #undef lock #undef msec #define RTA_IGN (RTA_DST|RTA_GATEWAY|RTA_NETMASK|RTA_IFP|RTA_IFA|RTA_BRD) if (verbose) pmsg_common(rtm, msglen); else if (rtm->rtm_addrs &~ RTA_IGN) { (void)printf("sockaddrs: "); printb(rtm->rtm_addrs, addrnames); putchar('\n'); } #undef RTA_IGN } static void pmsg_common(struct rt_msghdr *rtm, size_t msglen) { (void)printf("\nlocks: "); printb(rtm->rtm_rmx.rmx_locks, metricnames); (void)printf(" inits: "); printb(rtm->rtm_inits, metricnames); if (msglen > sizeof(struct rt_msghdr)) pmsg_addrs(((char *)(rtm + 1)), rtm->rtm_addrs, msglen - sizeof(struct rt_msghdr)); else (void)fflush(stdout); } static void pmsg_addrs(char *cp, int addrs, size_t len) { struct sockaddr *sa; int i; if (addrs == 0) { (void)putchar('\n'); return; } (void)printf("\nsockaddrs: "); printb(addrs, addrnames); putchar('\n'); for (i = 0; i < RTAX_MAX; i++) if (addrs & (1 << i)) { sa = (struct sockaddr *)cp; if (len == 0 || len < SA_SIZE(sa)) { (void)printf(errfmt, __func__, len); break; } (void)printf(" %s", routename(sa)); len -= SA_SIZE(sa); cp += SA_SIZE(sa); } (void)putchar('\n'); (void)fflush(stdout); } void printb(int b, const char *str) { int i; int gotsome = 0; if (b == 0) return; while ((i = *str++) != 0) { if (b & (1 << (i-1))) { if (gotsome == 0) i = '<'; else i = ','; putchar(i); gotsome = 1; for (; (i = *str) > 32; str++) putchar(i); } else while (*str > 32) str++; } if (gotsome) putchar('>'); } int keyword(const char *cp) { const struct keytab *kt = keywords; while (kt->kt_cp != NULL && strcmp(kt->kt_cp, cp) != 0) kt++; return (kt->kt_i); } static void sodump(struct sockaddr *sa, const char *which) { #ifdef INET6 char nbuf[INET6_ADDRSTRLEN]; #endif switch (sa->sa_family) { case AF_LINK: (void)printf("%s: link %s; ", which, link_ntoa((struct sockaddr_dl *)(void *)sa)); break; #ifdef INET case AF_INET: (void)printf("%s: inet %s; ", which, inet_ntoa(((struct sockaddr_in *)(void *)sa)->sin_addr)); break; #endif #ifdef INET6 case AF_INET6: (void)printf("%s: inet6 %s; ", which, inet_ntop(sa->sa_family, &((struct sockaddr_in6 *)(void *)sa)->sin6_addr, nbuf, sizeof(nbuf))); break; #endif } (void)fflush(stdout); } /* States*/ #define VIRGIN 0 #define GOTONE 1 #define GOTTWO 2 /* Inputs */ #define DIGIT (4*0) #define END (4*1) #define DELIM (4*2) static void sockaddr(char *addr, struct sockaddr *sa, size_t size) { char *cp = (char *)sa; char *cplim = cp + size; int byte = 0, state = VIRGIN, new = 0 /* foil gcc */; memset(cp, 0, size); cp++; do { if ((*addr >= '0') && (*addr <= '9')) { new = *addr - '0'; } else if ((*addr >= 'a') && (*addr <= 'f')) { new = *addr - 'a' + 10; } else if ((*addr >= 'A') && (*addr <= 'F')) { new = *addr - 'A' + 10; } else if (*addr == '\0') state |= END; else state |= DELIM; addr++; switch (state /* | INPUT */) { case GOTTWO | DIGIT: *cp++ = byte; /*FALLTHROUGH*/ case VIRGIN | DIGIT: state = GOTONE; byte = new; continue; case GOTONE | DIGIT: state = GOTTWO; byte = new + (byte << 4); continue; default: /* | DELIM */ state = VIRGIN; *cp++ = byte; byte = 0; continue; case GOTONE | END: case GOTTWO | END: *cp++ = byte; /* FALLTHROUGH */ case VIRGIN | END: break; } break; } while (cp < cplim); sa->sa_len = cp - (char *)sa; } diff --git a/sbin/routed/defs.h b/sbin/routed/defs.h index 903d716e3ab0..81f3131f2676 100644 --- a/sbin/routed/defs.h +++ b/sbin/routed/defs.h @@ -1,607 +1,602 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1983, 1988, 1993 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. - * - * @(#)defs.h 8.1 (Berkeley) 6/5/93 */ /* Definitions for RIPv2 routing process. * * This code is based on the 4.4BSD `routed` daemon, with extensions to * support: * RIPv2, including variable length subnet masks. * Router Discovery * aggregate routes in the kernel tables. * aggregate advertised routes. * maintain spare routes for faster selection of another gateway * when the current gateway dies. * timers on routes with second granularity so that selection * of a new route does not wait 30-60 seconds. * tolerance of static routes. * tell the kernel hop counts * do not advertise if ipforwarding=0 * * The vestigial support for other protocols has been removed. There * is no likelihood that IETF RIPv1 or RIPv2 will ever be used with * other protocols. The result is far smaller, faster, cleaner, and * perhaps understandable. * * The accumulation of special flags and kludges added over the many * years have been simplified and integrated. */ #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include "radix.h" #define UNUSED __attribute__((unused)) #define PATTRIB(f,l) __attribute__((format (printf,f,l))) #include #include #include #include #include #define RIPVERSION RIPv2 #include -#ifndef __RCSID -#define __RCSID(_s) static const char rcsid[] UNUSED = _s -#endif #ifndef __COPYRIGHT #define __COPYRIGHT(_s) static const char copyright[] UNUSED = _s #endif /* Type of an IP address. * Some systems do not like to pass structures, so do not use in_addr. * Some systems think a long has 64 bits, which would be a gross waste. * So define it here so it can be changed for the target system. * It should be defined somewhere netinet/in.h, but it is not. */ #define naddr u_long #define _HAVE_SA_LEN #define _HAVE_SIN_LEN #define DAY (24*60*60) #define NEVER DAY /* a long time */ #define EPOCH NEVER /* bias time by this to avoid <0 */ /* Scan the kernel regularly to see if any interfaces have appeared or been * turned off. These must be less than STALE_TIME. */ #define CHECK_BAD_INTERVAL 5 /* when an interface is known bad */ #define CHECK_ACT_INTERVAL 30 /* when advertising */ #define CHECK_QUIET_INTERVAL 300 /* when not */ #define LIM_SEC(s,l) ((s).tv_sec = MIN((s).tv_sec, (l))) /* Metric used for fake default routes. It ought to be 15, but when * processing advertised routes, previous versions of `routed` added * to the received metric and discarded the route if the total was 16 * or larger. */ #define FAKE_METRIC (HOPCNT_INFINITY-2) /* Router Discovery parameters */ #define INADDR_ALLROUTERS_GROUP 0xe0000002 /* 224.0.0.2 */ #define MaxMaxAdvertiseInterval 1800 #define MinMaxAdvertiseInterval 4 #define DefMaxAdvertiseInterval 600 #define MIN_PreferenceLevel 0x80000000 #define MAX_INITIAL_ADVERT_INTERVAL 16 #define MAX_INITIAL_ADVERTS 3 #define MAX_SOLICITATION_DELAY 1 #define SOLICITATION_INTERVAL 3 #define MAX_SOLICITATIONS 3 /* Bloated packet size for systems that simply add authentication to * full-sized packets */ #define OVER_MAXPACKETSIZE (MAXPACKETSIZE+sizeof(struct netinfo)*2) /* typical packet buffers */ union pkt_buf { char packet[OVER_MAXPACKETSIZE*2]; struct rip rip; }; #define GNAME_LEN 64 /* assumed=64 in parms.c */ /* bigger than IFNAMSIZ, with room for "external()" or "remote()" */ #define IF_NAME_LEN (GNAME_LEN+15) /* No more routes than this, to protect ourself in case something goes * whacko and starts broadcasting zillions of bogus routes. */ #define MAX_ROUTES (128*1024) extern int total_routes; /* Main, daemon routing table structure */ struct rt_entry { struct radix_node rt_nodes[2]; /* radix tree glue */ u_int rt_state; # define RS_IF 0x001 /* for network interface */ # define RS_NET_INT 0x002 /* authority route */ # define RS_NET_SYN 0x004 /* fake net route for subnet */ # define RS_NO_NET_SYN (RS_LOCAL | RS_LOCAL | RS_IF) # define RS_SUBNET 0x008 /* subnet route from any source */ # define RS_LOCAL 0x010 /* loopback for pt-to-pt */ # define RS_MHOME 0x020 /* from -m */ # define RS_STATIC 0x040 /* from the kernel */ # define RS_RDISC 0x080 /* from router discovery */ struct sockaddr_in rt_dst_sock; naddr rt_mask; struct rt_spare { struct interface *rts_ifp; naddr rts_gate; /* forward packets here */ naddr rts_router; /* on the authority of this router */ char rts_metric; u_short rts_tag; time_t rts_time; /* timer to junk stale routes */ u_int rts_de_ag; /* de-aggregation level */ #define NUM_SPARES 4 } rt_spares[NUM_SPARES]; u_int rt_seqno; /* when last changed */ char rt_poison_metric; /* to notice maximum recently */ time_t rt_poison_time; /* advertised metric */ }; #define rt_dst rt_dst_sock.sin_addr.s_addr #define rt_ifp rt_spares[0].rts_ifp #define rt_gate rt_spares[0].rts_gate #define rt_router rt_spares[0].rts_router #define rt_metric rt_spares[0].rts_metric #define rt_tag rt_spares[0].rts_tag #define rt_time rt_spares[0].rts_time #define rt_de_ag rt_spares[0].rts_de_ag #define HOST_MASK 0xffffffff #define RT_ISHOST(rt) ((rt)->rt_mask == HOST_MASK) /* age all routes that * are not from -g, -m, or static routes from the kernel * not unbroken interface routes * but not broken interfaces * nor non-passive, remote interfaces that are not aliases * (i.e. remote & metric=0) */ #define AGE_RT(rt_state,ifp) (0 == ((rt_state) & (RS_MHOME | RS_STATIC \ | RS_NET_SYN | RS_RDISC)) \ && (!((rt_state) & RS_IF) \ || (ifp) == 0 \ || (((ifp)->int_state & IS_REMOTE) \ && !((ifp)->int_state & IS_PASSIVE)))) /* true if A is better than B * Better if * - A is not a poisoned route * - and A is not stale * - and A has a shorter path * - or is the router speaking for itself * - or the current route is equal but stale * - or it is a host route advertised by a system for itself */ #define BETTER_LINK(rt,A,B) ((A)->rts_metric < HOPCNT_INFINITY \ && now_stale <= (A)->rts_time \ && ((A)->rts_metric < (B)->rts_metric \ || ((A)->rts_gate == (A)->rts_router \ && (B)->rts_gate != (B)->rts_router) \ || ((A)->rts_metric == (B)->rts_metric \ && now_stale > (B)->rts_time) \ || (RT_ISHOST(rt) \ && (rt)->rt_dst == (A)->rts_router \ && (A)->rts_metric == (B)->rts_metric))) /* An "interface" is similar to a kernel ifnet structure, except it also * handles "logical" or "IS_REMOTE" interfaces (remote gateways). */ struct interface { LIST_ENTRY(interface) int_list; LIST_ENTRY(interface) remote_list; struct interface *int_ahash, **int_ahash_prev; struct interface *int_bhash, **int_bhash_prev; struct interface *int_nhash, **int_nhash_prev; char int_name[IF_NAME_LEN+1]; u_short int_index; naddr int_addr; /* address on this host (net order) */ naddr int_brdaddr; /* broadcast address (n) */ naddr int_dstaddr; /* other end of pt-to-pt link (n) */ naddr int_net; /* working network # (host order)*/ naddr int_mask; /* working net mask (host order) */ naddr int_ripv1_mask; /* for inferring a mask (n) */ naddr int_std_addr; /* class A/B/C address (n) */ naddr int_std_net; /* class A/B/C network (h) */ naddr int_std_mask; /* class A/B/C netmask (h) */ int int_rip_sock; /* for queries */ int int_if_flags; /* some bits copied from kernel */ u_int int_state; time_t int_act_time; /* last thought healthy */ time_t int_query_time; u_short int_transitions; /* times gone up-down */ char int_metric; u_char int_d_metric; /* for faked default route */ u_char int_adj_inmetric; /* adjust advertised metrics */ u_char int_adj_outmetric; /* instead of interface metric */ struct int_data { u_int ipackets; /* previous network stats */ u_int ierrors; u_int opackets; u_int oerrors; time_t ts; /* timestamp on network stats */ } int_data; # define MAX_AUTH_KEYS 5 struct auth { /* authentication info */ u_int16_t type; u_char key[RIP_AUTH_PW_LEN]; u_char keyid; time_t start, end; } int_auth[MAX_AUTH_KEYS]; /* router discovery parameters */ int int_rdisc_pref; /* signed preference to advertise */ int int_rdisc_int; /* MaxAdvertiseInterval */ int int_rdisc_cnt; struct timeval int_rdisc_timer; }; /* bits in int_state */ #define IS_ALIAS 0x0000001 /* interface alias */ #define IS_SUBNET 0x0000002 /* interface on subnetted network */ #define IS_REMOTE 0x0000004 /* interface is not on this machine */ #define IS_PASSIVE 0x0000008 /* remote and does not do RIP */ #define IS_EXTERNAL 0x0000010 /* handled by EGP or something */ #define IS_CHECKED 0x0000020 /* still exists */ #define IS_ALL_HOSTS 0x0000040 /* in INADDR_ALLHOSTS_GROUP */ #define IS_ALL_ROUTERS 0x0000080 /* in INADDR_ALLROUTERS_GROUP */ #define IS_DISTRUST 0x0000100 /* ignore untrusted routers */ #define IS_REDIRECT_OK 0x0000200 /* accept ICMP redirects */ #define IS_BROKE 0x0000400 /* seems to be broken */ #define IS_SICK 0x0000800 /* seems to be broken */ #define IS_DUP 0x0001000 /* has a duplicate address */ #define IS_NEED_NET_SYN 0x0002000 /* need RS_NET_SYN route */ #define IS_NO_AG 0x0004000 /* do not aggregate subnets */ #define IS_NO_SUPER_AG 0x0008000 /* do not aggregate networks */ #define IS_NO_RIPV1_IN 0x0010000 /* no RIPv1 input at all */ #define IS_NO_RIPV2_IN 0x0020000 /* no RIPv2 input at all */ #define IS_NO_RIP_IN (IS_NO_RIPV1_IN | IS_NO_RIPV2_IN) #define IS_RIP_IN_OFF(s) (((s) & IS_NO_RIP_IN) == IS_NO_RIP_IN) #define IS_NO_RIPV1_OUT 0x0040000 /* no RIPv1 output at all */ #define IS_NO_RIPV2_OUT 0x0080000 /* no RIPv2 output at all */ #define IS_NO_RIP_OUT (IS_NO_RIPV1_OUT | IS_NO_RIPV2_OUT) #define IS_NO_RIP (IS_NO_RIP_OUT | IS_NO_RIP_IN) #define IS_RIP_OUT_OFF(s) (((s) & IS_NO_RIP_OUT) == IS_NO_RIP_OUT) #define IS_RIP_OFF(s) (((s) & IS_NO_RIP) == IS_NO_RIP) #define IS_NO_RIP_MCAST 0x0100000 /* broadcast RIPv2 */ #define IS_NO_ADV_IN 0x0200000 /* do not listen to advertisements */ #define IS_NO_SOL_OUT 0x0400000 /* send no solicitations */ #define IS_SOL_OUT 0x0800000 /* send solicitations */ #define GROUP_IS_SOL_OUT (IS_SOL_OUT | IS_NO_SOL_OUT) #define IS_NO_ADV_OUT 0x1000000 /* do not advertise rdisc */ #define IS_ADV_OUT 0x2000000 /* advertise rdisc */ #define GROUP_IS_ADV_OUT (IS_NO_ADV_OUT | IS_ADV_OUT) #define IS_BCAST_RDISC 0x4000000 /* broadcast instead of multicast */ #define IS_NO_RDISC (IS_NO_ADV_IN | IS_NO_SOL_OUT | IS_NO_ADV_OUT) #define IS_PM_RDISC 0x8000000 /* poor-man's router discovery */ #define iff_up(f) ((f) & IFF_UP) LIST_HEAD(ifhead, interface); /* Information for aggregating routes */ #define NUM_AG_SLOTS 32 struct ag_info { struct ag_info *ag_fine; /* slot with finer netmask */ struct ag_info *ag_cors; /* more coarse netmask */ naddr ag_dst_h; /* destination in host byte order */ naddr ag_mask; naddr ag_gate; naddr ag_nhop; char ag_metric; /* metric to be advertised */ char ag_pref; /* aggregate based on this */ u_int ag_seqno; u_short ag_tag; u_short ag_state; #define AGS_SUPPRESS 0x001 /* combine with coarser mask */ #define AGS_AGGREGATE 0x002 /* synthesize combined routes */ #define AGS_REDUN0 0x004 /* redundant, finer routes output */ #define AGS_REDUN1 0x008 #define AG_IS_REDUN(state) (((state) & (AGS_REDUN0 | AGS_REDUN1)) \ == (AGS_REDUN0 | AGS_REDUN1)) #define AGS_GATEWAY 0x010 /* tell kernel RTF_GATEWAY */ #define AGS_IF 0x020 /* for an interface */ #define AGS_RIPV2 0x040 /* send only as RIPv2 */ #define AGS_FINE_GATE 0x080 /* ignore differing ag_gate when this * has the finer netmask */ #define AGS_CORS_GATE 0x100 /* ignore differing gate when this * has the coarser netmasks */ #define AGS_SPLIT_HZ 0x200 /* suppress for split horizon */ /* some bits are set if they are set on either route */ #define AGS_AGGREGATE_EITHER (AGS_RIPV2 | AGS_GATEWAY | \ AGS_SUPPRESS | AGS_CORS_GATE) }; /* parameters for interfaces */ struct parm { struct parm *parm_next; char parm_name[IF_NAME_LEN+1]; naddr parm_net; naddr parm_mask; u_char parm_d_metric; u_char parm_adj_inmetric; char parm_adj_outmetric; u_int parm_int_state; int parm_rdisc_pref; /* signed IRDP preference */ int parm_rdisc_int; /* IRDP advertising interval */ struct auth parm_auth[MAX_AUTH_KEYS]; }; /* authority for internal networks */ extern struct intnet { struct intnet *intnet_next; naddr intnet_addr; /* network byte order */ naddr intnet_mask; char intnet_metric; } *intnets; /* defined RIPv1 netmasks */ extern struct r1net { struct r1net *r1net_next; naddr r1net_net; /* host order */ naddr r1net_match; naddr r1net_mask; } *r1nets; /* trusted routers */ extern struct tgate { struct tgate *tgate_next; naddr tgate_addr; #define MAX_TGATE_NETS 32 struct tgate_net { naddr net; /* host order */ naddr mask; } tgate_nets[MAX_TGATE_NETS]; } *tgates; enum output_type {OUT_QUERY, OUT_UNICAST, OUT_BROADCAST, OUT_MULTICAST, NO_OUT_MULTICAST, NO_OUT_RIPV2}; /* common output buffers */ extern struct ws_buf { struct rip *buf; struct netinfo *n; struct netinfo *base; struct netinfo *lim; enum output_type type; } v12buf; extern pid_t mypid; extern naddr myaddr; /* main address of this system */ extern int stopint; /* !=0 to stop */ extern int rip_sock; /* RIP socket */ extern const struct interface *rip_sock_mcast; /* current multicast interface */ extern int rt_sock; /* routing socket */ extern int rt_sock_seqno; extern int rdisc_sock; /* router-discovery raw socket */ extern int supplier; /* process should supply updates */ extern int supplier_set; /* -s or -q requested */ extern int ridhosts; /* 1=reduce host routes */ extern int mhome; /* 1=want multi-homed host route */ extern int advertise_mhome; /* 1=must continue advertising it */ extern int auth_ok; /* 1=ignore auth if we do not care */ extern int insecure; /* Reply to special queries or not */ extern struct timeval clk; /* system clock's idea of time */ extern struct timeval epoch; /* system clock when started */ extern struct timeval now; /* current idea of time */ extern time_t now_stale; extern time_t now_expire; extern time_t now_garbage; extern struct timeval age_timer; /* next check of old routes */ extern struct timeval no_flash; /* inhibit flash update until then */ extern struct timeval rdisc_timer; /* next advert. or solicitation */ extern int rdisc_ok; /* using solicited route */ extern struct timeval ifinit_timer; /* time to check interfaces */ extern naddr loopaddr; /* our address on loopback */ extern int tot_interfaces; /* # of remote and local interfaces */ extern int rip_interfaces; /* # of interfaces doing RIP */ extern struct ifhead ifnet; /* all interfaces */ extern struct ifhead remote_if; /* remote interfaces */ extern int have_ripv1_out; /* have a RIPv1 interface */ extern int need_flash; /* flash update needed */ extern struct timeval need_kern; /* need to update kernel table */ extern u_int update_seqno; /* a route has changed */ extern int tracelevel, new_tracelevel; #define MAX_TRACELEVEL 4 #define TRACEKERNEL (tracelevel >= 4) /* log kernel changes */ #define TRACECONTENTS (tracelevel >= 3) /* display packet contents */ #define TRACEPACKETS (tracelevel >= 2) /* note packets */ #define TRACEACTIONS (tracelevel != 0) extern FILE *ftrace; /* output trace file */ extern char inittracename[PATH_MAX]; extern struct radix_node_head *rhead; void fix_sock(int, const char *); void fix_select(void); void rip_off(void); void rip_on(struct interface *); void bufinit(void); int output(enum output_type, struct sockaddr_in *, struct interface *, struct rip *, int); void clr_ws_buf(struct ws_buf *, struct auth *); void rip_query(void); void rip_bcast(int); void supply(struct sockaddr_in *, struct interface *, enum output_type, int, int, int); void msglog(const char *, ...) PATTRIB(1,2); struct msg_limit { time_t reuse; struct msg_sub { naddr addr; time_t until; # define MSG_SUBJECT_N 8 } subs[MSG_SUBJECT_N]; }; void msglim(struct msg_limit *, naddr, const char *, ...) PATTRIB(3,4); #define LOGERR(msg) msglog(msg ": %s", strerror(errno)) void logbad(int, const char *, ...) PATTRIB(2,3); #define BADERR(dump,msg) logbad(dump,msg ": %s", strerror(errno)) #ifdef DEBUG #define DBGERR(dump,msg) BADERR(dump,msg) #else #define DBGERR(dump,msg) LOGERR(msg) #endif char *naddr_ntoa(naddr); const char *saddr_ntoa(struct sockaddr *); void *rtmalloc(size_t, const char *); void timevaladd(struct timeval *, struct timeval *); void intvl_random(struct timeval *, u_long, u_long); int getnet(char *, naddr *, naddr *); int gethost(char *, naddr *); void gwkludge(void); const char *parse_parms(char *, int); const char *check_parms(struct parm *); void get_parms(struct interface *); void lastlog(void); void trace_close(int); void set_tracefile(const char *, const char *, int); void tracelevel_msg(const char *, int); void trace_off(const char*, ...) PATTRIB(1,2); void set_tracelevel(void); void trace_flush(void); void trace_misc(const char *, ...) PATTRIB(1,2); void trace_act(const char *, ...) PATTRIB(1,2); void trace_pkt(const char *, ...) PATTRIB(1,2); void trace_add_del(const char *, struct rt_entry *); void trace_change(struct rt_entry *, u_int, struct rt_spare *, const char *); void trace_if(const char *, struct interface *); void trace_upslot(struct rt_entry *, struct rt_spare *, struct rt_spare *); void trace_rip(const char*, const char*, struct sockaddr_in *, struct interface *, struct rip *, int); char *addrname(naddr, naddr, int); char *rtname(naddr, naddr, naddr); void rdisc_age(naddr); void set_rdisc_mg(struct interface *, int); void set_supplier(void); void if_bad_rdisc(struct interface *); void if_ok_rdisc(struct interface *); void read_rip(int, struct interface *); void read_rt(void); void read_d(void); void rdisc_adv(void); void rdisc_sol(void); void sigtrace_on(int); void sigtrace_off(int); void flush_kern(void); void age(naddr); void ag_flush(naddr, naddr, void (*)(struct ag_info *)); void ag_check(naddr, naddr, naddr, naddr, char, char, u_int, u_short, u_short, void (*)(struct ag_info *)); void del_static(naddr, naddr, naddr, int); void del_redirects(naddr, time_t); struct rt_entry *rtget(naddr, naddr); struct rt_entry *rtfind(naddr); void rtinit(void); void rtadd(naddr, naddr, u_int, struct rt_spare *); void rtchange(struct rt_entry *, u_int, struct rt_spare *, char *); void rtdelete(struct rt_entry *); void rts_delete(struct rt_entry *, struct rt_spare *); void rtbad_sub(struct rt_entry *); void rtswitch(struct rt_entry *, struct rt_spare *); #define S_ADDR(x) (((struct sockaddr_in *)(x))->sin_addr.s_addr) #define INFO_DST(I) ((I)->rti_info[RTAX_DST]) #define INFO_GATE(I) ((I)->rti_info[RTAX_GATEWAY]) #define INFO_MASK(I) ((I)->rti_info[RTAX_NETMASK]) #define INFO_IFA(I) ((I)->rti_info[RTAX_IFA]) #define INFO_AUTHOR(I) ((I)->rti_info[RTAX_AUTHOR]) #define INFO_BRD(I) ((I)->rti_info[RTAX_BRD]) void rt_xaddrs(struct rt_addrinfo *, struct sockaddr *, struct sockaddr *, int); naddr std_mask(naddr); naddr ripv1_mask_net(naddr, struct interface *); naddr ripv1_mask_host(naddr,struct interface *); #define on_net(a,net,mask) (((ntohl(a) ^ (net)) & (mask)) == 0) int check_dst(naddr); struct interface *check_dup(naddr, naddr, naddr, int); int check_remote(struct interface *); void ifinit(void); int walk_bad(struct radix_node *, struct walkarg *); int if_ok(struct interface *, const char *); void if_sick(struct interface *); void if_link(struct interface *); struct interface *ifwithaddr(naddr addr, int bcast, int remote); struct interface *ifwithindex(u_short, int); struct interface *iflookup(naddr); struct auth *find_auth(struct interface *); void end_md5_auth(struct ws_buf *, struct auth *); #include diff --git a/sbin/routed/pathnames.h b/sbin/routed/pathnames.h index 75dc17364302..f5b8bd31b4d5 100644 --- a/sbin/routed/pathnames.h +++ b/sbin/routed/pathnames.h @@ -1,48 +1,46 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1989, 1993 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. - * - * @(#)pathnames.h 8.1 (Berkeley) 6/5/93 */ #include #define _PATH_GATEWAYS "/etc/gateways" /* All remotely requested trace files must either start with this prefix * or be the same as the tracefile specified when the daemon was started. * If this is a directory, routed will create log files in it. That * might be a security problem. However, if bad guys can write in the * default value, /etc, you have far worse security problems than anything * this might do. In other words, it makes no sense to turn this off. * * Leave this undefined, and only the trace file originally specified * when routed was started, if any, will be appended to. */ #define _PATH_TRACE "/etc/routed.trace" diff --git a/sbin/routed/radix.c b/sbin/routed/radix.c index c4a0e5de2c2c..ad5b1df1f572 100644 --- a/sbin/routed/radix.c +++ b/sbin/routed/radix.c @@ -1,888 +1,886 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1988, 1989, 1993 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. - * - * @(#)radix.c 8.4 (Berkeley) 11/2/94 */ /* * Routines to build and maintain radix trees for routing lookups. */ #include "defs.h" #define log(x, msg) syslog(x, msg) #define panic(s) {log(LOG_ERR,s); exit(1);} #define min(a,b) (((a)<(b))?(a):(b)) int max_keylen; static struct radix_mask *rn_mkfreelist; static struct radix_node_head *mask_rnhead; static char *addmask_key; static const uint8_t normal_chars[] = { 0, 0x80, 0xc0, 0xe0, 0xf0, 0xf8, 0xfc, 0xfe, 0xff}; static char *rn_zeros, *rn_ones; #define rn_masktop (mask_rnhead->rnh_treetop) #define Bcmp(a, b, l) (l == 0 ? 0 \ : memcmp((caddr_t)(a), (caddr_t)(b), (size_t)l)) static int rn_satisfies_leaf(char *, struct radix_node *, int); static struct radix_node *rn_addmask(void *n_arg, int search, int skip); static struct radix_node *rn_addroute(void *v_arg, void *n_arg, struct radix_node_head *head, struct radix_node treenodes[2]); static struct radix_node *rn_match(void *v_arg, struct radix_node_head *head); /* * The data structure for the keys is a radix tree with one way * branching removed. The index rn_b at an internal node n represents a bit * position to be tested. The tree is arranged so that all descendants * of a node n have keys whose bits all agree up to position rn_b - 1. * (We say the index of n is rn_b.) * * There is at least one descendant which has a one bit at position rn_b, * and at least one with a zero there. * * A route is determined by a pair of key and mask. We require that the * bit-wise logical and of the key and mask to be the key. * We define the index of a route to associated with the mask to be * the first bit number in the mask where 0 occurs (with bit number 0 * representing the highest order bit). * * We say a mask is normal if every bit is 0, past the index of the mask. * If a node n has a descendant (k, m) with index(m) == index(n) == rn_b, * and m is a normal mask, then the route applies to every descendant of n. * If the index(m) < rn_b, this implies the trailing last few bits of k * before bit b are all 0, (and hence consequently true of every descendant * of n), so the route applies to all descendants of the node as well. * * Similar logic shows that a non-normal mask m such that * index(m) <= index(n) could potentially apply to many children of n. * Thus, for each non-host route, we attach its mask to a list at an internal * node as high in the tree as we can go. * * The present version of the code makes use of normal routes in short- * circuiting an explicit mask and compare operation when testing whether * a key satisfies a normal route, and also in remembering the unique leaf * that governs a subtree. */ static struct radix_node * rn_search(void *v_arg, struct radix_node *head) { struct radix_node *x; caddr_t v; for (x = head, v = v_arg; x->rn_b >= 0;) { if (x->rn_bmask & v[x->rn_off]) x = x->rn_r; else x = x->rn_l; } return (x); } static struct radix_node * rn_search_m(void *v_arg, struct radix_node *head, void *m_arg) { struct radix_node *x; caddr_t v = v_arg, m = m_arg; for (x = head; x->rn_b >= 0;) { if ((x->rn_bmask & m[x->rn_off]) && (x->rn_bmask & v[x->rn_off])) x = x->rn_r; else x = x->rn_l; } return x; } static int rn_refines(void* m_arg, void *n_arg) { caddr_t m = m_arg, n = n_arg; caddr_t lim, lim2 = lim = n + *(u_char *)n; int longer = (*(u_char *)n++) - (int)(*(u_char *)m++); int masks_are_equal = 1; if (longer > 0) lim -= longer; while (n < lim) { if (*n & ~(*m)) return 0; if (*n++ != *m++) masks_are_equal = 0; } while (n < lim2) if (*n++) return 0; if (masks_are_equal && (longer < 0)) for (lim2 = m - longer; m < lim2; ) if (*m++) return 1; return (!masks_are_equal); } static struct radix_node * rn_lookup(void *v_arg, void *m_arg, struct radix_node_head *head) { struct radix_node *x; caddr_t netmask = 0; if (m_arg) { if ((x = rn_addmask(m_arg, 1, head->rnh_treetop->rn_off)) == NULL) return (0); netmask = x->rn_key; } x = rn_match(v_arg, head); if (x && netmask) { while (x && x->rn_mask != netmask) x = x->rn_dupedkey; } return x; } static int rn_satisfies_leaf(char *trial, struct radix_node *leaf, int skip) { char *cp = trial, *cp2 = leaf->rn_key, *cp3 = leaf->rn_mask; char *cplim; int length = min(*(u_char *)cp, *(u_char *)cp2); if (cp3 == NULL) cp3 = rn_ones; else length = min(length, *(u_char *)cp3); cplim = cp + length; cp3 += skip; cp2 += skip; for (cp += skip; cp < cplim; cp++, cp2++, cp3++) if ((*cp ^ *cp2) & *cp3) return 0; return 1; } static struct radix_node * rn_match(void *v_arg, struct radix_node_head *head) { caddr_t v = v_arg; struct radix_node *t = head->rnh_treetop, *x; caddr_t cp = v, cp2; caddr_t cplim; struct radix_node *saved_t, *top = t; int off = t->rn_off, vlen = *(u_char *)cp, matched_off; int test, b, rn_b; /* * Open code rn_search(v, top) to avoid overhead of extra * subroutine call. */ for (; t->rn_b >= 0; ) { if (t->rn_bmask & cp[t->rn_off]) t = t->rn_r; else t = t->rn_l; } /* * See if we match exactly as a host destination * or at least learn how many bits match, for normal mask finesse. * * It doesn't hurt us to limit how many bytes to check * to the length of the mask, since if it matches we had a genuine * match and the leaf we have is the most specific one anyway; * if it didn't match with a shorter length it would fail * with a long one. This wins big for class B&C netmasks which * are probably the most common case... */ if (t->rn_mask) vlen = *(u_char *)t->rn_mask; cp += off; cp2 = t->rn_key + off; cplim = v + vlen; for (; cp < cplim; cp++, cp2++) if (*cp != *cp2) goto on1; /* * This extra grot is in case we are explicitly asked * to look up the default. Ugh! * Or 255.255.255.255 * * In this case, we have a complete match of the key. Unless * the node is one of the roots, we are finished. * If it is the zeros root, then take what we have, preferring * any real data. * If it is the ones root, then pretend the target key was followed * by a byte of zeros. */ if (!(t->rn_flags & RNF_ROOT)) return t; /* not a root */ if (t->rn_dupedkey) { t = t->rn_dupedkey; return t; /* have some real data */ } if (*(cp-1) == 0) return t; /* not the ones root */ b = 0; /* fake a zero after 255.255.255.255 */ goto on2; on1: test = (*cp ^ *cp2) & 0xff; /* find first bit that differs */ for (b = 7; (test >>= 1) > 0;) b--; on2: matched_off = cp - v; b += matched_off << 3; rn_b = -1 - b; /* * If there is a host route in a duped-key chain, it will be first. */ if ((saved_t = t)->rn_mask == 0) t = t->rn_dupedkey; for (; t; t = t->rn_dupedkey) { /* * Even if we don't match exactly as a host, * we may match if the leaf we wound up at is * a route to a net. */ if (t->rn_flags & RNF_NORMAL) { if (rn_b <= t->rn_b) return t; } else if (rn_satisfies_leaf(v, t, matched_off)) { return t; } } t = saved_t; /* start searching up the tree */ do { struct radix_mask *m; t = t->rn_p; if ((m = t->rn_mklist)) { /* * If non-contiguous masks ever become important * we can restore the masking and open coding of * the search and satisfaction test and put the * calculation of "off" back before the "do". */ do { if (m->rm_flags & RNF_NORMAL) { if (rn_b <= m->rm_b) return (m->rm_leaf); } else { off = min(t->rn_off, matched_off); x = rn_search_m(v, t, m->rm_mask); while (x && x->rn_mask != m->rm_mask) x = x->rn_dupedkey; if (x && rn_satisfies_leaf(v, x, off)) return x; } } while ((m = m->rm_mklist)); } } while (t != top); return 0; } #ifdef RN_DEBUG int rn_nodenum; struct radix_node *rn_clist; int rn_saveinfo; int rn_debug = 1; #endif static struct radix_node * rn_newpair(void *v, int b, struct radix_node nodes[2]) { struct radix_node *tt = nodes, *t = tt + 1; t->rn_b = b; t->rn_bmask = 0x80 >> (b & 7); t->rn_l = tt; t->rn_off = b >> 3; tt->rn_b = -1; tt->rn_key = (caddr_t)v; tt->rn_p = t; tt->rn_flags = t->rn_flags = RNF_ACTIVE; #ifdef RN_DEBUG tt->rn_info = rn_nodenum++; t->rn_info = rn_nodenum++; tt->rn_twin = t; tt->rn_ybro = rn_clist; rn_clist = tt; #endif return t; } static struct radix_node * rn_insert(void* v_arg, struct radix_node_head *head, int *dupentry, struct radix_node nodes[2]) { caddr_t v = v_arg; struct radix_node *top = head->rnh_treetop; int head_off = top->rn_off, vlen = (int)*((u_char *)v); struct radix_node *t = rn_search(v_arg, top); caddr_t cp = v + head_off; int b; struct radix_node *tt; /* * Find first bit at which v and t->rn_key differ */ { caddr_t cp2 = t->rn_key + head_off; int cmp_res; caddr_t cplim = v + vlen; while (cp < cplim) if (*cp2++ != *cp++) goto on1; /* handle adding 255.255.255.255 */ if (!(t->rn_flags & RNF_ROOT) || *(cp2-1) == 0) { *dupentry = 1; return t; } on1: *dupentry = 0; cmp_res = (cp[-1] ^ cp2[-1]) & 0xff; for (b = (cp - v) << 3; cmp_res; b--) cmp_res >>= 1; } { struct radix_node *p, *x = top; cp = v; do { p = x; if (cp[x->rn_off] & x->rn_bmask) x = x->rn_r; else x = x->rn_l; } while ((unsigned)b > (unsigned)x->rn_b); #ifdef RN_DEBUG if (rn_debug) log(LOG_DEBUG, "rn_insert: Going In:\n"), traverse(p); #endif t = rn_newpair(v_arg, b, nodes); tt = t->rn_l; if ((cp[p->rn_off] & p->rn_bmask) == 0) p->rn_l = t; else p->rn_r = t; x->rn_p = t; t->rn_p = p; /* frees x, p as temp vars below */ if ((cp[t->rn_off] & t->rn_bmask) == 0) { t->rn_r = x; } else { t->rn_r = tt; t->rn_l = x; } #ifdef RN_DEBUG if (rn_debug) log(LOG_DEBUG, "rn_insert: Coming Out:\n"), traverse(p); #endif } return (tt); } static struct radix_node * rn_addmask(void *n_arg, int search, int skip) { caddr_t netmask = (caddr_t)n_arg; struct radix_node *x; caddr_t cp, cplim; int b = 0, mlen, j; int maskduplicated, m0, isnormal; struct radix_node *saved_x; static int last_zeroed = 0; if ((mlen = *(u_char *)netmask) > max_keylen) mlen = max_keylen; if (skip == 0) skip = 1; if (mlen <= skip) return (mask_rnhead->rnh_nodes); if (skip > 1) Bcopy(rn_ones + 1, addmask_key + 1, skip - 1); if ((m0 = mlen) > skip) Bcopy(netmask + skip, addmask_key + skip, mlen - skip); /* * Trim trailing zeroes. */ for (cp = addmask_key + mlen; (cp > addmask_key) && cp[-1] == 0;) cp--; mlen = cp - addmask_key; if (mlen <= skip) { if (m0 >= last_zeroed) last_zeroed = mlen; return (mask_rnhead->rnh_nodes); } if (m0 < last_zeroed) Bzero(addmask_key + m0, last_zeroed - m0); *addmask_key = last_zeroed = mlen; x = rn_search(addmask_key, rn_masktop); if (Bcmp(addmask_key, x->rn_key, mlen) != 0) x = NULL; if (x || search) return (x); x = (struct radix_node *)rtmalloc(max_keylen + 2*sizeof(*x), "rn_addmask"); saved_x = x; Bzero(x, max_keylen + 2 * sizeof (*x)); netmask = cp = (caddr_t)(x + 2); Bcopy(addmask_key, cp, mlen); x = rn_insert(cp, mask_rnhead, &maskduplicated, x); if (maskduplicated) { log(LOG_ERR, "rn_addmask: mask impossibly already in tree"); Free(saved_x); return (x); } /* * Calculate index of mask, and check for normalcy. */ cplim = netmask + mlen; isnormal = 1; for (cp = netmask + skip; (cp < cplim) && *(u_char *)cp == 0xff;) cp++; if (cp != cplim) { for (j = 0x80; (j & *cp) != 0; j >>= 1) b++; if (*cp != normal_chars[b] || cp != (cplim - 1)) isnormal = 0; } b += (cp - netmask) << 3; x->rn_b = -1 - b; if (isnormal) x->rn_flags |= RNF_NORMAL; return (x); } static int /* XXX: arbitrary ordering for non-contiguous masks */ rn_lexobetter(void *m_arg, void *n_arg) { u_char *mp = m_arg, *np = n_arg, *lim; if (*mp > *np) return 1; /* not really, but need to check longer one first */ if (*mp == *np) for (lim = mp + *mp; mp < lim;) if (*mp++ > *np++) return 1; return 0; } static struct radix_mask * rn_new_radix_mask(struct radix_node *tt, struct radix_mask *next) { struct radix_mask *m; MKGet(m); if (m == NULL) { log(LOG_ERR, "Mask for route not entered\n"); return (0); } Bzero(m, sizeof *m); m->rm_b = tt->rn_b; m->rm_flags = tt->rn_flags; if (tt->rn_flags & RNF_NORMAL) m->rm_leaf = tt; else m->rm_mask = tt->rn_mask; m->rm_mklist = next; tt->rn_mklist = m; return m; } static struct radix_node * rn_addroute(void *v_arg, void *n_arg, struct radix_node_head *head, struct radix_node treenodes[2]) { caddr_t v = (caddr_t)v_arg, netmask = (caddr_t)n_arg; struct radix_node *t, *x = NULL, *tt; struct radix_node *saved_tt, *top = head->rnh_treetop; short b = 0, b_leaf = 0; int keyduplicated; caddr_t mmask; struct radix_mask *m, **mp; /* * In dealing with non-contiguous masks, there may be * many different routes which have the same mask. * We will find it useful to have a unique pointer to * the mask to speed avoiding duplicate references at * nodes and possibly save time in calculating indices. */ if (netmask) { if ((x = rn_addmask(netmask, 0, top->rn_off)) == NULL) return (0); b_leaf = x->rn_b; b = -1 - x->rn_b; netmask = x->rn_key; } /* * Deal with duplicated keys: attach node to previous instance */ saved_tt = tt = rn_insert(v, head, &keyduplicated, treenodes); if (keyduplicated) { for (t = tt; tt; t = tt, tt = tt->rn_dupedkey) { if (tt->rn_mask == netmask) return (0); if (netmask == 0 || (tt->rn_mask && ((b_leaf < tt->rn_b) || /* index(netmask) > node */ rn_refines(netmask, tt->rn_mask) || rn_lexobetter(netmask, tt->rn_mask)))) break; } /* * If the mask is not duplicated, we wouldn't * find it among possible duplicate key entries * anyway, so the above test doesn't hurt. * * We sort the masks for a duplicated key the same way as * in a masklist -- most specific to least specific. * This may require the unfortunate nuisance of relocating * the head of the list. */ if (tt == saved_tt) { struct radix_node *xx = x; /* link in at head of list */ (tt = treenodes)->rn_dupedkey = t; tt->rn_flags = t->rn_flags; tt->rn_p = x = t->rn_p; if (x->rn_l == t) x->rn_l = tt; else x->rn_r = tt; saved_tt = tt; x = xx; } else { (tt = treenodes)->rn_dupedkey = t->rn_dupedkey; t->rn_dupedkey = tt; } #ifdef RN_DEBUG t=tt+1; tt->rn_info = rn_nodenum++; t->rn_info = rn_nodenum++; tt->rn_twin = t; tt->rn_ybro = rn_clist; rn_clist = tt; #endif tt->rn_key = (caddr_t) v; tt->rn_b = -1; tt->rn_flags = RNF_ACTIVE; } /* * Put mask in tree. */ if (netmask) { tt->rn_mask = netmask; tt->rn_b = x->rn_b; tt->rn_flags |= x->rn_flags & RNF_NORMAL; } t = saved_tt->rn_p; if (keyduplicated) goto on2; b_leaf = -1 - t->rn_b; if (t->rn_r == saved_tt) x = t->rn_l; else x = t->rn_r; /* Promote general routes from below */ if (x->rn_b < 0) { for (mp = &t->rn_mklist; x; x = x->rn_dupedkey) if (x->rn_mask && (x->rn_b >= b_leaf) && x->rn_mklist == 0) { if ((*mp = m = rn_new_radix_mask(x, 0))) mp = &m->rm_mklist; } } else if (x->rn_mklist) { /* * Skip over masks whose index is > that of new node */ for (mp = &x->rn_mklist; (m = *mp); mp = &m->rm_mklist) if (m->rm_b >= b_leaf) break; t->rn_mklist = m; *mp = NULL; } on2: /* Add new route to highest possible ancestor's list */ if ((netmask == 0) || (b > t->rn_b )) return tt; /* can't lift at all */ b_leaf = tt->rn_b; do { x = t; t = t->rn_p; } while (b <= t->rn_b && x != top); /* * Search through routes associated with node to * insert new route according to index. * Need same criteria as when sorting dupedkeys to avoid * double loop on deletion. */ for (mp = &x->rn_mklist; (m = *mp); mp = &m->rm_mklist) { if (m->rm_b < b_leaf) continue; if (m->rm_b > b_leaf) break; if (m->rm_flags & RNF_NORMAL) { mmask = m->rm_leaf->rn_mask; if (tt->rn_flags & RNF_NORMAL) { log(LOG_ERR, "Non-unique normal route, mask not entered"); return tt; } } else mmask = m->rm_mask; if (mmask == netmask) { m->rm_refs++; tt->rn_mklist = m; return tt; } if (rn_refines(netmask, mmask) || rn_lexobetter(netmask, mmask)) break; } *mp = rn_new_radix_mask(tt, *mp); return tt; } static struct radix_node * rn_delete(void *v_arg, void *netmask_arg, struct radix_node_head *head) { struct radix_node *t, *p, *x, *tt; struct radix_mask *m, *saved_m, **mp; struct radix_node *dupedkey, *saved_tt, *top; caddr_t v, netmask; int b, head_off, vlen; v = v_arg; netmask = netmask_arg; x = head->rnh_treetop; tt = rn_search(v, x); head_off = x->rn_off; vlen = *(u_char *)v; saved_tt = tt; top = x; if (tt == NULL || Bcmp(v + head_off, tt->rn_key + head_off, vlen - head_off)) return (0); /* * Delete our route from mask lists. */ if (netmask) { if ((x = rn_addmask(netmask, 1, head_off)) == NULL) return (0); netmask = x->rn_key; while (tt->rn_mask != netmask) if ((tt = tt->rn_dupedkey) == NULL) return (0); } if (tt->rn_mask == 0 || (saved_m = m = tt->rn_mklist) == NULL) goto on1; if (tt->rn_flags & RNF_NORMAL) { if (m->rm_leaf != tt || m->rm_refs > 0) { log(LOG_ERR, "rn_delete: inconsistent annotation\n"); return 0; /* dangling ref could cause disaster */ } } else { if (m->rm_mask != tt->rn_mask) { log(LOG_ERR, "rn_delete: inconsistent annotation\n"); goto on1; } if (--m->rm_refs >= 0) goto on1; } b = -1 - tt->rn_b; t = saved_tt->rn_p; if (b > t->rn_b) goto on1; /* Wasn't lifted at all */ do { x = t; t = t->rn_p; } while (b <= t->rn_b && x != top); for (mp = &x->rn_mklist; (m = *mp); mp = &m->rm_mklist) if (m == saved_m) { *mp = m->rm_mklist; MKFree(m); break; } if (m == NULL) { log(LOG_ERR, "rn_delete: couldn't find our annotation\n"); if (tt->rn_flags & RNF_NORMAL) return (0); /* Dangling ref to us */ } on1: /* * Eliminate us from tree */ if (tt->rn_flags & RNF_ROOT) return (0); #ifdef RN_DEBUG /* Get us out of the creation list */ for (t = rn_clist; t && t->rn_ybro != tt; t = t->rn_ybro) {} if (t) t->rn_ybro = tt->rn_ybro; #endif t = tt->rn_p; if ((dupedkey = saved_tt->rn_dupedkey)) { if (tt == saved_tt) { x = dupedkey; x->rn_p = t; if (t->rn_l == tt) t->rn_l = x; else t->rn_r = x; } else { for (x = p = saved_tt; p && p->rn_dupedkey != tt;) p = p->rn_dupedkey; if (p) p->rn_dupedkey = tt->rn_dupedkey; else log(LOG_ERR, "rn_delete: couldn't find us\n"); } t = tt + 1; if (t->rn_flags & RNF_ACTIVE) { #ifndef RN_DEBUG *++x = *t; p = t->rn_p; #else b = t->rn_info; *++x = *t; t->rn_info = b; p = t->rn_p; #endif if (p->rn_l == t) p->rn_l = x; else p->rn_r = x; x->rn_l->rn_p = x; x->rn_r->rn_p = x; } goto out; } if (t->rn_l == tt) x = t->rn_r; else x = t->rn_l; p = t->rn_p; if (p->rn_r == t) p->rn_r = x; else p->rn_l = x; x->rn_p = p; /* * Demote routes attached to us. */ if (t->rn_mklist) { if (x->rn_b >= 0) { for (mp = &x->rn_mklist; (m = *mp);) mp = &m->rm_mklist; *mp = t->rn_mklist; } else { /* If there are any key,mask pairs in a sibling duped-key chain, some subset will appear sorted in the same order attached to our mklist */ for (m = t->rn_mklist; m && x; x = x->rn_dupedkey) if (m == x->rn_mklist) { struct radix_mask *mm = m->rm_mklist; x->rn_mklist = 0; if (--(m->rm_refs) < 0) MKFree(m); m = mm; } if (m) syslog(LOG_ERR, "%s 0x%lx at 0x%lx\n", "rn_delete: Orphaned Mask", (unsigned long)m, (unsigned long)x); } } /* * We may be holding an active internal node in the tree. */ x = tt + 1; if (t != x) { #ifndef RN_DEBUG *t = *x; #else b = t->rn_info; *t = *x; t->rn_info = b; #endif t->rn_l->rn_p = t; t->rn_r->rn_p = t; p = x->rn_p; if (p->rn_l == x) p->rn_l = t; else p->rn_r = t; } out: tt->rn_flags &= ~RNF_ACTIVE; tt[1].rn_flags &= ~RNF_ACTIVE; return (tt); } int rn_walktree(struct radix_node_head *h, int (*f)(struct radix_node *, struct walkarg *), struct walkarg *w) { int error; struct radix_node *base, *next; struct radix_node *rn = h->rnh_treetop; /* * This gets complicated because we may delete the node * while applying the function f to it, so we need to calculate * the successor node in advance. */ /* First time through node, go left */ while (rn->rn_b >= 0) rn = rn->rn_l; for (;;) { base = rn; /* If at right child go back up, otherwise, go right */ while (rn->rn_p->rn_r == rn && (rn->rn_flags & RNF_ROOT) == 0) rn = rn->rn_p; /* Find the next *leaf* since next node might vanish, too */ for (rn = rn->rn_p->rn_r; rn->rn_b >= 0;) rn = rn->rn_l; next = rn; /* Process leaves */ while ((rn = base)) { base = rn->rn_dupedkey; if (!(rn->rn_flags & RNF_ROOT) && (error = (*f)(rn, w))) return (error); } rn = next; if (rn->rn_flags & RNF_ROOT) return (0); } /* NOTREACHED */ } int rn_inithead(struct radix_node_head **head, int off) { struct radix_node_head *rnh; struct radix_node *t, *tt, *ttt; if (*head) return (1); rnh = (struct radix_node_head *)rtmalloc(sizeof(*rnh), "rn_inithead"); Bzero(rnh, sizeof (*rnh)); *head = rnh; t = rn_newpair(rn_zeros, off, rnh->rnh_nodes); ttt = rnh->rnh_nodes + 2; t->rn_r = ttt; t->rn_p = t; tt = t->rn_l; tt->rn_flags = t->rn_flags = RNF_ROOT | RNF_ACTIVE; tt->rn_b = -1 - off; *ttt = *tt; ttt->rn_key = rn_ones; rnh->rnh_addaddr = rn_addroute; rnh->rnh_deladdr = rn_delete; rnh->rnh_matchaddr = rn_match; rnh->rnh_lookup = rn_lookup; rnh->rnh_walktree = rn_walktree; rnh->rnh_treetop = t; return (1); } void rn_init(void) { char *cp, *cplim; if (max_keylen == 0) { printf("rn_init: radix functions require max_keylen be set\n"); return; } rn_zeros = (char *)rtmalloc(3 * max_keylen, "rn_init"); Bzero(rn_zeros, 3 * max_keylen); rn_ones = cp = rn_zeros + max_keylen; addmask_key = cplim = rn_ones + max_keylen; while (cp < cplim) *cp++ = -1; if (rn_inithead(&mask_rnhead, 0) == 0) panic("rn_init 2"); } diff --git a/sbin/routed/radix.h b/sbin/routed/radix.h index dfe502f280bb..35f7dcf7e08c 100644 --- a/sbin/routed/radix.h +++ b/sbin/routed/radix.h @@ -1,145 +1,143 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1988, 1989, 1993 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. - * - * @(#)radix.h 8.2 (Berkeley) 10/31/94 */ #ifndef __RADIX_H_ #define __RADIX_H_ #include struct walkarg; /* * Radix search tree node layout. */ struct radix_node { struct radix_mask *rn_mklist; /* list of masks contained in subtree */ struct radix_node *rn_p; /* parent */ short rn_b; /* bit offset; -1-index(netmask) */ char rn_bmask; /* node: mask for bit test*/ u_char rn_flags; /* enumerated next */ #define RNF_NORMAL 1 /* leaf contains normal route */ #define RNF_ROOT 2 /* leaf is root leaf for tree */ #define RNF_ACTIVE 4 /* This node is alive (for rtfree) */ union { struct { /* leaf only data: */ caddr_t rn_Key; /* object of search */ caddr_t rn_Mask; /* netmask, if present */ struct radix_node *rn_Dupedkey; } rn_leaf; struct { /* node only data: */ int rn_Off; /* where to start compare */ struct radix_node *rn_L;/* progeny */ struct radix_node *rn_R;/* progeny */ }rn_node; } rn_u; #ifdef RN_DEBUG int rn_info; struct radix_node *rn_twin; struct radix_node *rn_ybro; #endif }; #define rn_dupedkey rn_u.rn_leaf.rn_Dupedkey #define rn_key rn_u.rn_leaf.rn_Key #define rn_mask rn_u.rn_leaf.rn_Mask #define rn_off rn_u.rn_node.rn_Off #define rn_l rn_u.rn_node.rn_L #define rn_r rn_u.rn_node.rn_R /* * Annotations to tree concerning potential routes applying to subtrees. */ struct radix_mask { short rm_b; /* bit offset; -1-index(netmask) */ char rm_unused; /* cf. rn_bmask */ u_char rm_flags; /* cf. rn_flags */ struct radix_mask *rm_mklist; /* more masks to try */ union { caddr_t rmu_mask; /* the mask */ struct radix_node *rmu_leaf; /* for normal routes */ } rm_rmu; int rm_refs; /* # of references to this struct */ }; #define rm_mask rm_rmu.rmu_mask #define rm_leaf rm_rmu.rmu_leaf /* extra field would make 32 bytes */ #define MKGet(m) {\ if (rn_mkfreelist) {\ m = rn_mkfreelist; \ rn_mkfreelist = (m)->rm_mklist; \ } else \ m = (struct radix_mask *)rtmalloc(sizeof(*(m)), "MKGet"); }\ #define MKFree(m) { (m)->rm_mklist = rn_mkfreelist; rn_mkfreelist = (m);} struct radix_node_head { struct radix_node *rnh_treetop; int rnh_addrsize; /* permit, but not require fixed keys */ int rnh_pktsize; /* permit, but not require fixed keys */ struct radix_node *(*rnh_addaddr) /* add based on sockaddr */ (void *v, void *mask, struct radix_node_head *head, struct radix_node nodes[]); struct radix_node *(*rnh_addpkt) /* add based on packet hdr */ (void *v, void *mask, struct radix_node_head *head, struct radix_node nodes[]); struct radix_node *(*rnh_deladdr) /* remove based on sockaddr */ (void *v, void *mask, struct radix_node_head *head); struct radix_node *(*rnh_delpkt) /* remove based on packet hdr */ (void *v, void *mask, struct radix_node_head *head); struct radix_node *(*rnh_matchaddr) /* locate based on sockaddr */ (void *v, struct radix_node_head *head); struct radix_node *(*rnh_lookup) /* locate based on sockaddr */ (void *v, void *mask, struct radix_node_head *head); struct radix_node *(*rnh_matchpkt) /* locate based on packet hdr */ (void *v, struct radix_node_head *head); int (*rnh_walktree) /* traverse tree */ (struct radix_node_head *head, int (*f)(struct radix_node *, struct walkarg *), struct walkarg *w); struct radix_node rnh_nodes[3]; /* empty tree for common case */ }; #define Bcopy(a, b, n) memmove(((void *)(b)), ((void *)(a)), (size_t)(n)) #define Bzero(p, n) memset((void *)(p), 0, (size_t)(n)); #define Free(p) free((void *)p); void rn_init(void); int rn_inithead(struct radix_node_head **head, int off); int rn_walktree(struct radix_node_head *, int (*)(struct radix_node *, struct walkarg *), struct walkarg *); #endif /* __RADIX_H_ */ diff --git a/sbin/routed/routed.8 b/sbin/routed/routed.8 index 08d39041cdf9..8cf12d7b60e1 100644 --- a/sbin/routed/routed.8 +++ b/sbin/routed/routed.8 @@ -1,743 +1,741 @@ .\" $Revision: 2.26 $ .\" .\" Copyright (c) 1983, 1991, 1993 .\" The Regents of the University of California. All rights reserved. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: .\" 1. Redistributions of source code must retain the above copyright .\" notice, this list of conditions and the following disclaimer. .\" 2. Redistributions in binary form must reproduce the above copyright .\" notice, this list of conditions and the following disclaimer in the .\" documentation and/or other materials provided with the distribution. .\" 3. Neither the name of the University nor the names of its contributors .\" may be used to endorse or promote products derived from this software .\" without specific prior written permission. .\" .\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE .\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" @(#)routed.8 8.2 (Berkeley) 12/11/93 -.\" .Dd June 27, 2022 .Dt ROUTED 8 .Os .Sh NAME .Nm routed , .Nm rdisc .Nd network RIP and router discovery routing daemon .Sh SYNOPSIS .Nm .Op Fl isqdghmpAtv .Op Fl T Ar tracefile .Oo .Fl F .Ar net Ns Op /mask Ns Op ,metric .Oc .Op Fl P Ar parms .Sh DESCRIPTION The .Nm utility is a daemon invoked at boot time to manage the network routing tables. It uses Routing Information Protocol, RIPv1 (RFC\ 1058), RIPv2 (RFC\ 1723), and Internet Router Discovery Protocol (RFC 1256) to maintain the kernel routing table. The RIPv1 protocol is based on the reference .Bx 4.3 daemon. .Pp It listens on the .Xr udp 4 socket for the .Xr route 8 service (see .Xr services 5 ) for Routing Information Protocol packets. It also sends and receives multicast Router Discovery ICMP messages. If the host is a router, .Nm periodically supplies copies of its routing tables to any directly connected hosts and networks. It also advertises or solicits default routes using Router Discovery ICMP messages. .Pp When started (or when a network interface is later turned on), .Nm uses an AF_ROUTE address family facility to find those directly connected interfaces configured into the system and marked "up". It adds necessary routes for the interfaces to the kernel routing table. Soon after being first started, and provided there is at least one interface on which RIP has not been disabled, .Nm deletes all pre-existing non-static routes in kernel table. Static routes in the kernel table are preserved and included in RIP responses if they have a valid RIP -hopcount (see .Xr route 8 ) . .Pp If more than one interface is present (not counting the loopback interface), it is assumed that the host should forward packets among the connected networks. After transmitting a RIP .Em request and Router Discovery Advertisements or Solicitations on a new interface, the daemon enters a loop, listening for RIP request and response and Router Discovery packets from other hosts. .Pp When a .Em request packet is received, .Nm formulates a reply based on the information maintained in its internal tables. The .Em response packet generated contains a list of known routes, each marked with a "hop count" metric (a count of 16 or greater is considered "infinite"). The advertised metric for a route reflects the metrics associated with interfaces (see .Xr ifconfig 8 ) though which it is received and sent, so setting the metric on an interface is an effective way to steer traffic. See also .Cm adj_inmetric and .Cm adj_outmetric parameters below. .Pp Responses do not include routes with a first hop on the requesting network to implement in part .Em split-horizon . Requests from query programs such as .Xr rtquery 8 are answered with the complete table. .Pp The routing table maintained by the daemon includes space for several gateways for each destination to speed recovery from a failing router. RIP .Em response packets received are used to update the routing tables provided they are from one of the several currently recognized gateways or advertise a better metric than at least one of the existing gateways. .Pp When an update is applied, .Nm records the change in its own tables and updates the kernel routing table if the best route to the destination changes. The change in the kernel routing table is reflected in the next batch of .Em response packets sent. If the next response is not scheduled for a while, a .Em flash update response containing only recently changed routes is sent. .Pp In addition to processing incoming packets, .Nm also periodically checks the routing table entries. If an entry has not been updated for 3 minutes, the entry's metric is set to infinity and marked for deletion. Deletions are delayed until the route has been advertised with an infinite metric to ensure the invalidation is propagated throughout the local internet. This is a form of .Em poison reverse . .Pp Routes in the kernel table that are added or changed as a result of ICMP Redirect messages are deleted after a while to minimize .Em black-holes . When a TCP connection suffers a timeout, the kernel tells .Nm , which deletes all redirected routes through the gateway involved, advances the age of all RIP routes through the gateway to allow an alternate to be chosen, and advances of the age of any relevant Router Discovery Protocol default routes. .Pp Hosts acting as internetwork routers gratuitously supply their routing tables every 30 seconds to all directly connected hosts and networks. These RIP responses are sent to the broadcast address on nets that support broadcasting, to the destination address on point-to-point links, and to the router's own address on other networks. If RIPv2 is enabled, multicast packets are sent on interfaces that support multicasting. .Pp If no response is received on a remote interface, if there are errors while sending responses, or if there are more errors than input or output (see .Xr netstat 1 ) , then the cable or some other part of the interface is assumed to be disconnected or broken, and routes are adjusted appropriately. .Pp The .Em Internet Router Discovery Protocol is handled similarly. When the daemon is supplying RIP routes, it also listens for Router Discovery Solicitations and sends Advertisements. When it is quiet and listening to other RIP routers, it sends Solicitations and listens for Advertisements. If it receives a good Advertisement and it is not multi-homed, it stops listening for broadcast or multicast RIP responses. It tracks several advertising routers to speed recovery when the currently chosen router dies. If all discovered routers disappear, the daemon resumes listening to RIP responses. It continues listening to RIP while using Router Discovery if multi-homed to ensure all interfaces are used. .Pp The Router Discovery standard requires that advertisements have a default "lifetime" of 30 minutes. That means should something happen, a client can be without a good route for 30 minutes. It is a good idea to reduce the default to 45 seconds using .Fl P Cm rdisc_interval=45 on the command line or .Cm rdisc_interval=45 in the .Pa /etc/gateways file. .Pp While using Router Discovery (which happens by default when the system has a single network interface and a Router Discover Advertisement is received), there is a single default route and a variable number of redirected host routes in the kernel table. On a host with more than one network interface, this default route will be via only one of the interfaces. Thus, multi-homed hosts running with .Fl q might need .Cm no_rdisc described below. .Pp See the .Cm pm_rdisc facility described below to support "legacy" systems that can handle neither RIPv2 nor Router Discovery. .Pp By default, neither Router Discovery advertisements nor solicitations are sent over point to point links (e.g.\& PPP). The netmask associated with point-to-point links (such as SLIP or PPP, with the IFF_POINTOPOINT flag) is used by .Nm to infer the netmask used by the remote system when RIPv1 is used. .Pp The following options are available: .Bl -tag -width indent .It Fl i allow .Nm to accept a RIP request from non-router node. When specified once, .Nm replies to a route information query from neighbor nodes. When specified twice, it replies to a query from remote nodes in addition. .Xr rtquery 8 utility can be used to send a request. .Pp This feature is disabled by default because of a risk of reflection attack though it is useful for debugging purpose. .It Fl s force .Nm to supply routing information. This is the default if multiple network interfaces are present on which RIP or Router Discovery have not been disabled, and if the kernel switch ipforwarding=1. .It Fl q is the opposite of the .Fl s option. This is the default when only one interface is present. With this explicit option, the daemon is always in "quiet-mode" for RIP and does not supply routing information to other computers. .It Fl d do not run in the background. This option is meant for interactive use. .It Fl g used on internetwork routers to offer a route to the "default" destination. It is equivalent to .Fl F .Cm 0/0,1 and is present mostly for historical reasons. A better choice is .Fl P Cm pm_rdisc on the command line or .Cm pm_rdisc in the .Pa /etc/gateways file, since a larger metric will be used, reducing the spread of the potentially dangerous default route. This is typically used on a gateway to the Internet, or on a gateway that uses another routing protocol whose routes are not reported to other local routers. Notice that because a metric of 1 is used, this feature is dangerous. It is more commonly accidentally used to create chaos with a routing loop than to solve problems. .It Fl h cause host or point-to-point routes to not be advertised, provided there is a network route going the same direction. That is a limited kind of aggregation. This option is useful on gateways to Ethernets that have other gateway machines connected with point-to-point links such as SLIP. .It Fl m cause the machine to advertise a host or point-to-point route to its primary interface. It is useful on multi-homed machines such as NFS servers. This option should not be used except when the cost of the host routes it generates is justified by the popularity of the server. It is effective only when the machine is supplying routing information, because there is more than one interface. The .Fl m option overrides the .Fl q option to the limited extent of advertising the host route. .It Fl A do not ignore RIPv2 authentication if we do not care about RIPv2 authentication. This option is required for conformance with RFC 1723. However, it makes no sense and breaks using RIP as a discovery protocol to ignore all RIPv2 packets that carry authentication when this machine does not care about authentication. .It Fl t increase the debugging level, which causes more information to be logged on the tracefile specified with .Fl T or standard out. The debugging level can be increased or decreased with the .Em SIGUSR1 or .Em SIGUSR2 signals or with the .Xr rtquery 8 command. .It Fl T Ar tracefile increases the debugging level to at least 1 and causes debugging information to be appended to the trace file. Note that because of security concerns, it is wisest to not run .Nm routinely with tracing directed to a file. .It Fl v display and logs the version of daemon. .It Fl F Ar net[/mask][,metric] minimize routes in transmissions via interfaces with addresses that match .Em net/mask , and synthesizes a default route to this machine with the .Em metric . The intent is to reduce RIP traffic on slow, point-to-point links such as PPP links by replacing many large UDP packets of RIP information with a single, small packet containing a "fake" default route. If .Em metric is absent, a value of 14 is assumed to limit the spread of the "fake" default route. This is a dangerous feature that when used carelessly can cause routing loops. Notice also that more than one interface can match the specified network number and mask. See also .Fl g . .It Fl P Ar parms is equivalent to adding the parameter line .Em parms to the .Pa /etc/gateways file. .El .Pp Any other argument supplied is interpreted as the name of a file in which the actions of .Nm should be logged. It is better to use .Fl T instead of appending the name of the trace file to the command. .Pp The .Nm utility also supports the notion of "distant" .Em passive or .Em active gateways. When .Nm is started, it reads the file .Pa /etc/gateways to find such distant gateways which may not be located using only information from a routing socket, to discover if some of the local gateways are .Em passive , and to obtain other parameters. Gateways specified in this manner should be marked passive if they are not expected to exchange routing information, while gateways marked active should be willing to exchange RIP packets. Routes through .Em passive gateways are installed in the kernel's routing tables once upon startup and are not included in transmitted RIP responses. .Pp Distant active gateways are treated like network interfaces. RIP responses are sent to the distant .Em active gateway. If no responses are received, the associated route is deleted from the kernel table and RIP responses advertised via other interfaces. If the distant gateway resumes sending RIP responses, the associated route is restored. .Pp Such gateways can be useful on media that do not support broadcasts or multicasts but otherwise act like classic shared media like Ethernets such as some ATM networks. One can list all RIP routers reachable on the HIPPI or ATM network in .Pa /etc/gateways with a series of "host" lines. Note that it is usually desirable to use RIPv2 in such situations to avoid generating lists of inferred host routes. .Pp Gateways marked .Em external are also passive, but are not placed in the kernel routing table nor are they included in routing updates. The function of external entries is to indicate that another routing process will install such a route if necessary, and that other routes to that destination should not be installed by .Nm . Such entries are only required when both routers may learn of routes to the same destination. .Pp The .Pa /etc/gateways file is comprised of a series of lines, each in one of the following two formats or consist of parameters described later. Blank lines and lines starting with '#' are comments. .Bd -ragged .Cm net .Ar Nname[/mask] .Cm gateway .Ar Gname .Cm metric .Ar value .Pf < Cm passive No \&| .Cm active No \&| .Cm extern Ns > .Ed .Bd -ragged .Cm host .Ar Hname .Cm gateway .Ar Gname .Cm metric .Ar value .Pf < Cm passive No \&| .Cm active No \&| .Cm extern Ns > .Ed .Pp .Ar Nname or .Ar Hname is the name of the destination network or host. It may be a symbolic network name or an Internet address specified in "dot" notation (see .Xr inet 3 ) . (If it is a name, then it must either be defined in .Pa /etc/networks or .Pa /etc/hosts , or a method in .Xr nsswitch.conf 5 must be able to resolve it.) .Pp .Ar Mask is an optional number between 1 and 32 indicating the netmask associated with .Ar Nname . .Pp .Ar Gname is the name or address of the gateway to which RIP responses should be forwarded. .Pp .Ar Value is the hop count to the destination host or network. .Pp .Cm Host Ar hname is equivalent to .Cm net Ar nname/32 . .Pp One of the keywords .Cm passive , .Cm active or .Cm external must be present to indicate whether the gateway should be treated as .Cm passive or .Cm active (as described above), or whether the gateway is .Cm external to the scope of the RIP protocol. .Pp As can be seen when debugging is turned on with .Fl t , such lines create pseudo-interfaces. To set parameters for remote or external interfaces, a line starting with .Cm if=alias(Hname) , .Cm if=remote(Hname) , etc.\& should be used. .Ss Parameters Lines that start with neither "net" nor "host" must consist of one or more of the following parameter settings, separated by commas or blanks: .Bl -tag -width indent .It Cm if Ns = Ns Ar ifname indicates that the other parameters on the line apply to the interface name .Ar ifname . .It Cm subnet Ns = Ns Ar nname Ns Oo / Ns Ar mask Oc Ns Op , Ns Ar metric advertises a route to network .Ar nname with mask .Ar mask and the supplied metric (default 1). This is useful for filling "holes" in CIDR allocations. This parameter must appear by itself on a line. The network number must specify a full, 32-bit value, as in 192.0.2.0 instead of 192.0.2. .Pp Do not use this feature unless necessary. It is dangerous. .It Cm ripv1_mask Ns = Ns Ar nname Ns / Ns Ar mask1 , Ns Ar mask2 specifies that netmask of the network of which .Ar nname Ns / Ns Ar mask1 is a subnet should be .Ar mask2 . For example, .Dq Li ripv1_mask=192.0.2.16/28,27 marks 192.0.2.16/28 as a subnet of 192.0.2.0/27 instead of 192.0.2.0/24. It is better to turn on RIPv2 instead of using this facility, for example with .Cm ripv2_out . .It Cm passwd Ns = Ns Ar XXX[|KeyID[start|stop]] specifies a RIPv2 cleartext password that will be included on all RIPv2 responses sent, and checked on all RIPv2 responses received. Any blanks, tab characters, commas, or '#', '|', or NULL characters in the password must be escaped with a backslash (\\). The common escape sequences \\n, \\r, \\t, \\b, and \\xxx have their usual meanings. The .Cm KeyID must be unique but is ignored for cleartext passwords. If present, .Cm start and .Cm stop are timestamps in the form year/month/day@hour:minute. They specify when the password is valid. The valid password with the most future is used on output packets, unless all passwords have expired, in which case the password that expired most recently is used, or unless no passwords are valid yet, in which case no password is output. Incoming packets can carry any password that is valid, will be valid within the next 24 hours, or that was valid within the preceding 24 hours. To protect the secrets, the passwd settings are valid only in the .Pa /etc/gateways file and only when that file is readable only by UID 0. .It Cm md5_passwd Ns \&= Ns Ar XXX|KeyID[start|stop] specifies a RIPv2 MD5 password. Except that a .Cm KeyID is required, this keyword is similar to .Cm passwd . .It Cm no_ag turns off aggregation of subnets in RIPv1 and RIPv2 responses. .It Cm no_super_ag turns off aggregation of networks into supernets in RIPv2 responses. .It Cm passive marks the interface to not be advertised in updates sent via other interfaces, and turns off all RIP and router discovery through the interface. .It Cm no_rip disables all RIP processing on the specified interface. If no interfaces are allowed to process RIP packets, .Nm acts purely as a router discovery daemon. .Pp Note that turning off RIP without explicitly turning on router discovery advertisements with .Cm rdisc_adv or .Fl s causes .Nm to act as a client router discovery daemon, not advertising. .It Cm no_rip_mcast causes RIPv2 packets to be broadcast instead of multicast. .It Cm no_rip_out causes no RIP updates to be sent. .It Cm no_ripv1_in causes RIPv1 received responses to be ignored. .It Cm no_ripv2_in causes RIPv2 received responses to be ignored. .It Cm ripv2_out turns on RIPv2 output and causes RIPv2 advertisements to be multicast when possible. .It Cm ripv2 is equivalent to .Cm no_ripv1_in and .Cm no_ripv1_out . This enables RIPv2. .It Cm no_rdisc disables the Internet Router Discovery Protocol. .It Cm no_solicit disables the transmission of Router Discovery Solicitations. .It Cm send_solicit specifies that Router Discovery solicitations should be sent, even on point-to-point links, which by default only listen to Router Discovery messages. .It Cm no_rdisc_adv disables the transmission of Router Discovery Advertisements. .It Cm rdisc_adv specifies that Router Discovery Advertisements should be sent, even on point-to-point links, which by default only listen to Router Discovery messages. .It Cm bcast_rdisc specifies that Router Discovery packets should be broadcast instead of multicast. .It Cm rdisc_pref Ns \&= Ns Ar N sets the preference in Router Discovery Advertisements to the optionally signed integer .Ar N . The default preference is 0. Default routes with smaller or more negative preferences are preferred by clients. .It Cm rdisc_interval Ns \&= Ns Ar N sets the nominal interval with which Router Discovery Advertisements are transmitted to N seconds and their lifetime to 3*N. .It Cm fake_default Ns \&= Ns Ar metric has an identical effect to .Fl F Ar net[/mask][=metric] with the network and mask coming from the specified interface. .It Cm pm_rdisc is similar to .Cm fake_default . When RIPv2 routes are multicast, so that RIPv1 listeners cannot receive them, this feature causes a RIPv1 default route to be broadcast to RIPv1 listeners. Unless modified with .Cm fake_default , the default route is broadcast with a metric of 14. That serves as a "poor man's router discovery" protocol. .It Cm adj_inmetric Ns \&= Ns Ar delta adjusts the hop count or metric of received RIP routes by .Ar delta . The metric of every received RIP route is increased by the sum of two values associated with the interface. One is the adj_inmetric value and the other is the interface metric set with .Xr ifconfig 8 . .It Cm adj_outmetric Ns \&= Ns Ar delta adjusts the hop count or metric of advertised RIP routes by .Ar delta . The metric of every received RIP route is increased by the metric associated with the interface by which it was received, or by 1 if the interface does not have a non-zero metric. The metric of the received route is then increased by the adj_outmetric associated with the interface. Every advertised route is increased by a total of four values, the metric set for the interface by which it was received with .Xr ifconfig 8 , the .Cm adj_inmetric Ar delta of the receiving interface, the metric set for the interface by which it is transmitted with .Xr ifconfig 8 , and the .Cm adj_outmetric Ar delta of the transmitting interface. .It Cm trust_gateway Ns \&= Ns Ar rname[|net1/mask1|net2/mask2|...] causes RIP packets from router .Ar rname and other routers named in other .Cm trust_gateway keywords to be accepted, and packets from other routers to be ignored. If networks are specified, then routes to other networks will be ignored from that router. .It Cm redirect_ok allows the kernel to listen ICMP Redirect messages when the system is acting as a router and forwarding packets. Otherwise, ICMP Redirect messages are overridden and deleted when the system is acting as a router. .El .Sh FILES .Bl -tag -width /etc/gateways -compact .It Pa /etc/gateways for distant gateways .El .Sh SEE ALSO .Xr icmp 4 , .Xr udp 4 , .Xr rtquery 8 .Rs .%T Internet Transport Protocols .%R XSIS 028112 .%Q Xerox System Integration Standard .Re .Sh HISTORY The .Nm utility appeared in .Bx 4.2 . .\" LocalWords: loopback ICMP rtquery ifconfig multicasting Solicitations RIPv .\" LocalWords: netstat rdisc .Sh BUGS It does not always detect unidirectional failures in network interfaces, for example, when the output side fails. diff --git a/sbin/routed/rtquery/rtquery.c b/sbin/routed/rtquery/rtquery.c index 24c01a8ac308..a6896b8e7362 100644 --- a/sbin/routed/rtquery/rtquery.c +++ b/sbin/routed/rtquery/rtquery.c @@ -1,918 +1,915 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1982, 1986, 1993 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #include #include #include #include #include #include #define RIPVERSION RIPv2 #include #include #include #include #include #include #include #include #ifdef sgi #include #include #endif #define UNUSED __attribute__((unused)) -#ifndef __RCSID -#define __RCSID(_s) static const char rcsid[] UNUSED = _s -#endif #ifndef __COPYRIGHT #define __COPYRIGHT(_s) static const char copyright[] UNUSED = _s #endif __COPYRIGHT("@(#) Copyright (c) 1983, 1988, 1993\n" "The Regents of the University of California." " All rights reserved.\n"); #ifdef __NetBSD__ __RCSID("$NetBSD$"); #elif defined(__FreeBSD__) #else __RCSID("$Revision: 2.26 $"); #ident "$Revision: 2.26 $" #endif #ifndef sgi #define _HAVE_SIN_LEN #endif #ifdef __NetBSD__ #include #else #define MD5_DIGEST_LEN 16 typedef struct { u_int32_t state[4]; /* state (ABCD) */ u_int32_t count[2]; /* # of bits, modulo 2^64 (LSB 1st) */ unsigned char buffer[64]; /* input buffer */ } MD5_CTX; extern void MD5Init(MD5_CTX*); extern void MD5Update(MD5_CTX*, u_char*, u_int); extern void MD5Final(u_char[MD5_DIGEST_LEN], MD5_CTX*); #endif #define WTIME 15 /* Time to wait for all responses */ #define STIME (250*1000) /* usec to wait for another response */ int soc; const char *pgmname; union { struct rip rip; char packet[MAXPACKETSIZE+MAXPATHLEN]; } omsg_buf; #define OMSG omsg_buf.rip int omsg_len = sizeof(struct rip); union { struct rip rip; char packet[MAXPACKETSIZE+1024]; } imsg_buf; #define IMSG imsg_buf.rip int nflag; /* numbers, no names */ int pflag; /* play the `gated` game */ int ripv2 = 1; /* use RIP version 2 */ int wtime = WTIME; int rflag; /* 1=ask about a particular route */ int trace, not_trace; /* send trace command or not */ int auth_type = RIP_AUTH_NONE; char passwd[RIP_AUTH_PW_LEN]; u_long keyid; struct timeval sent; /* when query sent */ static char localhost_str[] = "localhost"; static char *default_argv[] = {localhost_str, 0}; static void rip_input(struct sockaddr_in*, int); static int out(const char *); static void trace_loop(char *argv[]) __attribute((__noreturn__)); static void query_loop(char *argv[], int) __attribute((__noreturn__)); static int getnet(char *, struct netinfo *); static u_int std_mask(u_int); static int parse_quote(char **, const char *, char *, char *, int); static void usage(void) __dead2; int main(int argc, char *argv[]) { int ch, bsize; char *p, *options, *value, delim; const char *result; OMSG.rip_nets[0].n_dst = RIP_DEFAULT; OMSG.rip_nets[0].n_family = RIP_AF_UNSPEC; OMSG.rip_nets[0].n_metric = htonl(HOPCNT_INFINITY); pgmname = argv[0]; while ((ch = getopt(argc, argv, "np1w:r:t:a:")) != -1) switch (ch) { case 'n': not_trace = 1; nflag = 1; break; case 'p': not_trace = 1; pflag = 1; break; case '1': ripv2 = 0; break; case 'w': not_trace = 1; wtime = (int)strtoul(optarg, &p, 0); if (*p != '\0' || wtime <= 0) usage(); break; case 'r': not_trace = 1; if (rflag) usage(); rflag = getnet(optarg, &OMSG.rip_nets[0]); if (!rflag) { struct hostent *hp = gethostbyname(optarg); if (hp == NULL) { fprintf(stderr, "%s: %s:", pgmname, optarg); herror(0); exit(1); } memcpy(&OMSG.rip_nets[0].n_dst, hp->h_addr, sizeof(OMSG.rip_nets[0].n_dst)); OMSG.rip_nets[0].n_family = RIP_AF_INET; OMSG.rip_nets[0].n_mask = -1; rflag = 1; } break; case 't': trace = 1; options = optarg; while (*options != '\0') { /* messy complications to make -W -Wall happy */ static char on_str[] = "on"; static char more_str[] = "more"; static char off_str[] = "off"; static char dump_str[] = "dump"; static char *traceopts[] = { # define TRACE_ON 0 on_str, # define TRACE_MORE 1 more_str, # define TRACE_OFF 2 off_str, # define TRACE_DUMP 3 dump_str, 0 }; result = ""; switch (getsubopt(&options,traceopts,&value)) { case TRACE_ON: OMSG.rip_cmd = RIPCMD_TRACEON; if (!value || strlen(value) > MAXPATHLEN) usage(); result = value; break; case TRACE_MORE: if (value) usage(); OMSG.rip_cmd = RIPCMD_TRACEON; break; case TRACE_OFF: if (value) usage(); OMSG.rip_cmd = RIPCMD_TRACEOFF; break; case TRACE_DUMP: if (value) usage(); OMSG.rip_cmd = RIPCMD_TRACEON; result = "dump/../table"; break; default: usage(); } strcpy((char*)OMSG.rip_tracefile, result); omsg_len += strlen(result) - sizeof(OMSG.ripun); } break; case 'a': not_trace = 1; p = strchr(optarg,'='); if (!p) usage(); *p++ = '\0'; if (!strcasecmp("passwd",optarg)) auth_type = RIP_AUTH_PW; else if (!strcasecmp("md5_passwd",optarg)) auth_type = RIP_AUTH_MD5; else usage(); if (0 > parse_quote(&p,"|",&delim, passwd, sizeof(passwd))) usage(); if (auth_type == RIP_AUTH_MD5 && delim == '|') { keyid = strtoul(p+1,&p,0); if (keyid > 255 || *p != '\0') usage(); } else if (delim != '\0') { usage(); } break; default: usage(); } argv += optind; argc -= optind; if (not_trace && trace) usage(); if (argc == 0) { argc = 1; argv = default_argv; } soc = socket(AF_INET, SOCK_DGRAM, 0); if (soc < 0) { perror("socket"); exit(2); } /* be prepared to receive a lot of routes */ for (bsize = 127*1024; ; bsize -= 1024) { if (setsockopt(soc, SOL_SOCKET, SO_RCVBUF, &bsize, sizeof(bsize)) == 0) break; if (bsize <= 4*1024) { perror("setsockopt SO_RCVBUF"); break; } } if (trace) trace_loop(argv); else query_loop(argv, argc); /* NOTREACHED */ return 0; } static void usage(void) { fprintf(stderr, "usage: rtquery [-np1] [-r tgt_rt] [-w wtime]" " [-a type=passwd] host1 [host2 ...]\n" "\trtquery -t {on=filename|more|off|dump}" " host1 [host2 ...]\n"); exit(1); } /* tell the target hosts about tracing */ static void trace_loop(char *argv[]) { struct sockaddr_in myaddr; int res; if (geteuid() != 0) { (void)fprintf(stderr, "-t requires UID 0\n"); exit(1); } if (ripv2) { OMSG.rip_vers = RIPv2; } else { OMSG.rip_vers = RIPv1; } memset(&myaddr, 0, sizeof(myaddr)); myaddr.sin_family = AF_INET; #ifdef _HAVE_SIN_LEN myaddr.sin_len = sizeof(myaddr); #endif myaddr.sin_port = htons(IPPORT_RESERVED-1); while (bind(soc, (struct sockaddr *)&myaddr, sizeof(myaddr)) < 0) { if (errno != EADDRINUSE || myaddr.sin_port == 0) { perror("bind"); exit(2); } myaddr.sin_port = htons(ntohs(myaddr.sin_port)-1); } res = 1; while (*argv != NULL) { if (out(*argv++) <= 0) res = 0; } exit(res); } /* query all of the listed hosts */ static void query_loop(char *argv[], int argc) { # define NA0 (OMSG.rip_auths[0]) # define NA2 (OMSG.rip_auths[2]) struct seen { struct seen *next; struct in_addr addr; } *seen, *sp; int answered = 0; int cc; fd_set bits; struct timeval now, delay; struct sockaddr_in from; int fromlen; MD5_CTX md5_ctx; OMSG.rip_cmd = (pflag) ? RIPCMD_POLL : RIPCMD_REQUEST; if (ripv2) { OMSG.rip_vers = RIPv2; if (auth_type == RIP_AUTH_PW) { OMSG.rip_nets[1] = OMSG.rip_nets[0]; NA0.a_family = RIP_AF_AUTH; NA0.a_type = RIP_AUTH_PW; memcpy(NA0.au.au_pw, passwd, RIP_AUTH_PW_LEN); omsg_len += sizeof(OMSG.rip_nets[0]); } else if (auth_type == RIP_AUTH_MD5) { OMSG.rip_nets[1] = OMSG.rip_nets[0]; NA0.a_family = RIP_AF_AUTH; NA0.a_type = RIP_AUTH_MD5; NA0.au.a_md5.md5_keyid = (int8_t)keyid; NA0.au.a_md5.md5_auth_len = RIP_AUTH_MD5_KEY_LEN; NA0.au.a_md5.md5_seqno = 0; cc = (char *)&NA2-(char *)&OMSG; NA0.au.a_md5.md5_pkt_len = htons(cc); NA2.a_family = RIP_AF_AUTH; NA2.a_type = htons(1); MD5Init(&md5_ctx); MD5Update(&md5_ctx, (u_char *)&OMSG, cc); MD5Update(&md5_ctx, (u_char *)passwd, RIP_AUTH_MD5_HASH_LEN); MD5Final(NA2.au.au_pw, &md5_ctx); omsg_len += 2*sizeof(OMSG.rip_nets[0]); } } else { OMSG.rip_vers = RIPv1; OMSG.rip_nets[0].n_mask = 0; } /* ask the first (valid) host */ seen = NULL; while (0 > out(*argv++)) { if (*argv == NULL) exit(1); answered++; } FD_ZERO(&bits); for (;;) { FD_SET(soc, &bits); delay.tv_sec = 0; delay.tv_usec = STIME; cc = select(soc+1, &bits, 0,0, &delay); if (cc > 0) { fromlen = sizeof(from); cc = recvfrom(soc, imsg_buf.packet, sizeof(imsg_buf.packet), 0, (struct sockaddr *)&from, &fromlen); if (cc < 0) { perror("recvfrom"); exit(1); } /* count the distinct responding hosts. * You cannot match responding hosts with * addresses to which queries were transmitted, * because a router might respond with a * different source address. */ for (sp = seen; sp != NULL; sp = sp->next) { if (sp->addr.s_addr == from.sin_addr.s_addr) break; } if (sp == NULL) { sp = malloc(sizeof(*sp)); if (sp == NULL) { fprintf(stderr, "rtquery: malloc failed\n"); exit(1); } sp->addr = from.sin_addr; sp->next = seen; seen = sp; answered++; } rip_input(&from, cc); continue; } if (cc < 0) { if (errno == EINTR) continue; perror("select"); exit(1); } /* After a pause in responses, probe another host. * This reduces the intermingling of answers. */ while (*argv != NULL && out(*argv++) < 0) answered++; /* continue until no more packets arrive * or we have heard from all hosts */ if (answered >= argc) break; /* or until we have waited a long time */ if (gettimeofday(&now, 0) < 0) { perror("gettimeofday(now)"); exit(1); } if (sent.tv_sec + wtime <= now.tv_sec) break; } /* fail if there was no answer */ exit (answered >= argc ? 0 : 1); } /* send to one host */ static int out(const char *host) { struct sockaddr_in router; struct hostent *hp; if (gettimeofday(&sent, 0) < 0) { perror("gettimeofday(sent)"); return -1; } memset(&router, 0, sizeof(router)); router.sin_family = AF_INET; #ifdef _HAVE_SIN_LEN router.sin_len = sizeof(router); #endif if (!inet_aton(host, &router.sin_addr)) { hp = gethostbyname(host); if (hp == NULL) { herror(host); return -1; } memcpy(&router.sin_addr, hp->h_addr, sizeof(router.sin_addr)); } router.sin_port = htons(RIP_PORT); if (sendto(soc, &omsg_buf, omsg_len, 0, (struct sockaddr *)&router, sizeof(router)) < 0) { perror(host); return -1; } return 0; } /* * Convert string to printable characters */ static char * qstring(u_char *s, int len) { static char buf[8*20+1]; char *p; u_char *s2, c; for (p = buf; len != 0 && p < &buf[sizeof(buf)-1]; len--) { c = *s++; if (c == '\0') { for (s2 = s+1; s2 < &s[len]; s2++) { if (*s2 != '\0') break; } if (s2 >= &s[len]) goto exit; } if (c >= ' ' && c < 0x7f && c != '\\') { *p++ = c; continue; } *p++ = '\\'; switch (c) { case '\\': *p++ = '\\'; break; case '\n': *p++= 'n'; break; case '\r': *p++= 'r'; break; case '\t': *p++ = 't'; break; case '\b': *p++ = 'b'; break; default: p += sprintf(p,"%o",c); break; } } exit: *p = '\0'; return buf; } /* * Handle an incoming RIP packet. */ static void rip_input(struct sockaddr_in *from, int size) { struct netinfo *n, *lim; struct in_addr in; const char *name; char net_buf[80]; u_char hash[RIP_AUTH_MD5_KEY_LEN]; MD5_CTX md5_ctx; u_char md5_authed = 0; u_int mask, dmask; char *sp; int i; struct hostent *hp; struct netent *np; struct netauth *na; if (nflag) { printf("%s:", inet_ntoa(from->sin_addr)); } else { hp = gethostbyaddr((char*)&from->sin_addr, sizeof(struct in_addr), AF_INET); if (hp == NULL) { printf("%s:", inet_ntoa(from->sin_addr)); } else { printf("%s (%s):", hp->h_name, inet_ntoa(from->sin_addr)); } } if (IMSG.rip_cmd != RIPCMD_RESPONSE) { printf("\n unexpected response type %d\n", IMSG.rip_cmd); return; } printf(" RIPv%d%s %d bytes\n", IMSG.rip_vers, (IMSG.rip_vers != RIPv1 && IMSG.rip_vers != RIPv2) ? " ?" : "", size); if (size > MAXPACKETSIZE) { if (size > (int)sizeof(imsg_buf) - (int)sizeof(*n)) { printf(" at least %d bytes too long\n", size-MAXPACKETSIZE); size = (int)sizeof(imsg_buf) - (int)sizeof(*n); } else { printf(" %d bytes too long\n", size-MAXPACKETSIZE); } } else if (size%sizeof(*n) != sizeof(struct rip)%sizeof(*n)) { printf(" response of bad length=%d\n", size); } n = IMSG.rip_nets; lim = (struct netinfo *)((char*)n + size) - 1; for (; n <= lim; n++) { name = ""; if (n->n_family == RIP_AF_INET) { in.s_addr = n->n_dst; (void)strcpy(net_buf, inet_ntoa(in)); mask = ntohl(n->n_mask); dmask = mask & -mask; if (mask != 0) { sp = &net_buf[strlen(net_buf)]; if (IMSG.rip_vers == RIPv1) { (void)sprintf(sp," mask=%#x ? ",mask); mask = 0; } else if (mask + dmask == 0) { for (i = 0; (i != 32 && ((1<n_name; else if (in.s_addr == 0) name = "default"; } if (name[0] == '\0' && ((in.s_addr & ~mask) != 0 || mask == 0xffffffff)) { hp = gethostbyaddr((char*)&in, sizeof(in), AF_INET); if (hp != NULL) name = hp->h_name; } } } else if (n->n_family == RIP_AF_AUTH) { na = (struct netauth*)n; if (na->a_type == RIP_AUTH_PW && n == IMSG.rip_nets) { (void)printf(" Password Authentication:" " \"%s\"\n", qstring(na->au.au_pw, RIP_AUTH_PW_LEN)); continue; } if (na->a_type == RIP_AUTH_MD5 && n == IMSG.rip_nets) { (void)printf(" MD5 Auth" " len=%d KeyID=%d" " auth_len=%d" " seqno=%#x" " rsvd=%#x,%#x\n", ntohs(na->au.a_md5.md5_pkt_len), na->au.a_md5.md5_keyid, na->au.a_md5.md5_auth_len, (int)ntohl(na->au.a_md5.md5_seqno), na->au.a_md5.rsvd[0], na->au.a_md5.rsvd[1]); md5_authed = 1; continue; } (void)printf(" Authentication type %d: ", ntohs(na->a_type)); for (i = 0; i < (int)sizeof(na->au.au_pw); i++) (void)printf("%02x ", na->au.au_pw[i]); putc('\n', stdout); if (md5_authed && n+1 > lim && na->a_type == ntohs(1)) { MD5Init(&md5_ctx); MD5Update(&md5_ctx, (u_char *)&IMSG, (char *)na-(char *)&IMSG +RIP_AUTH_MD5_HASH_XTRA); MD5Update(&md5_ctx, (u_char *)passwd, RIP_AUTH_MD5_KEY_LEN); MD5Final(hash, &md5_ctx); (void)printf(" %s hash\n", memcmp(hash, na->au.au_pw, sizeof(hash)) ? "WRONG" : "correct"); } continue; } else { (void)sprintf(net_buf, "(af %#x) %d.%d.%d.%d", ntohs(n->n_family), (u_char)(n->n_dst >> 24), (u_char)(n->n_dst >> 16), (u_char)(n->n_dst >> 8), (u_char)n->n_dst); } (void)printf(" %-18s metric %2d %-10s", net_buf, (int)ntohl(n->n_metric), name); if (n->n_nhop != 0) { in.s_addr = n->n_nhop; if (nflag) hp = NULL; else hp = gethostbyaddr((char*)&in, sizeof(in), AF_INET); (void)printf(" nhop=%-15s%s", (hp != NULL) ? hp->h_name : inet_ntoa(in), (IMSG.rip_vers == RIPv1) ? " ?" : ""); } if (n->n_tag != 0) (void)printf(" tag=%#x%s", n->n_tag, (IMSG.rip_vers == RIPv1) ? " ?" : ""); putc('\n', stdout); } } /* Return the classical netmask for an IP address. */ static u_int std_mask(u_int addr) /* in network order */ { addr = ntohl(addr); /* was a host, not a network */ if (addr == 0) /* default route has mask 0 */ return 0; if (IN_CLASSA(addr)) return IN_CLASSA_NET; if (IN_CLASSB(addr)) return IN_CLASSB_NET; return IN_CLASSC_NET; } /* get a network number as a name or a number, with an optional "/xx" * netmask. */ static int /* 0=bad */ getnet(char *name, struct netinfo *rt) { int i; struct netent *nentp; u_int mask; struct in_addr in; char hname[MAXHOSTNAMELEN+1]; char *mname, *p; /* Detect and separate "1.2.3.4/24" */ if (NULL != (mname = strrchr(name,'/'))) { i = (int)(mname - name); if (i > (int)sizeof(hname)-1) /* name too long */ return 0; memmove(hname, name, i); hname[i] = '\0'; mname++; name = hname; } nentp = getnetbyname(name); if (nentp != NULL) { in.s_addr = nentp->n_net; } else if (inet_aton(name, &in) == 1) { in.s_addr = ntohl(in.s_addr); } else { return 0; } if (mname == NULL) { mask = std_mask(in.s_addr); if ((~mask & in.s_addr) != 0) mask = 0xffffffff; } else { mask = (u_int)strtoul(mname, &p, 0); if (*p != '\0' || mask > 32) return 0; mask = 0xffffffff << (32-mask); } rt->n_dst = htonl(in.s_addr); rt->n_family = RIP_AF_INET; rt->n_mask = htonl(mask); return 1; } /* strtok(), but honoring backslash */ static int /* -1=bad */ parse_quote(char **linep, const char *delims, char *delimp, char *buf, int lim) { char c, *pc; const char *p; pc = *linep; if (*pc == '\0') return -1; for (;;) { if (lim == 0) return -1; c = *pc++; if (c == '\0') break; if (c == '\\' && *pc != '\0') { if ((c = *pc++) == 'n') { c = '\n'; } else if (c == 'r') { c = '\r'; } else if (c == 't') { c = '\t'; } else if (c == 'b') { c = '\b'; } else if (c >= '0' && c <= '7') { c -= '0'; if (*pc >= '0' && *pc <= '7') { c = (c<<3)+(*pc++ - '0'); if (*pc >= '0' && *pc <= '7') c = (c<<3)+(*pc++ - '0'); } } } else { for (p = delims; *p != '\0'; ++p) { if (*p == c) goto exit; } } *buf++ = c; --lim; } exit: if (delimp != NULL) *delimp = c; *linep = pc-1; if (lim != 0) *buf = '\0'; return 0; } diff --git a/sbin/savecore/savecore.8 b/sbin/savecore/savecore.8 index 8a3b80d73469..53d2360719dd 100644 --- a/sbin/savecore/savecore.8 +++ b/sbin/savecore/savecore.8 @@ -1,215 +1,213 @@ .\" Copyright (c) 1980, 1991, 1993 .\" The Regents of the University of California. All rights reserved. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: .\" 1. Redistributions of source code must retain the above copyright .\" notice, this list of conditions and the following disclaimer. .\" 2. Redistributions in binary form must reproduce the above copyright .\" notice, this list of conditions and the following disclaimer in the .\" documentation and/or other materials provided with the distribution. .\" 3. Neither the name of the University nor the names of its contributors .\" may be used to endorse or promote products derived from this software .\" without specific prior written permission. .\" .\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE .\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" From: @(#)savecore.8 8.1 (Berkeley) 6/5/93 -.\" .Dd April 4, 2022 .Dt SAVECORE 8 .Os .Sh NAME .Nm savecore .Nd "save a core dump of the operating system" .Sh SYNOPSIS .Nm .Fl c .Op Fl v .Op Ar device ... .Nm .Fl C .Op Fl v .Op Ar device ... .Nm .Fl L .Op Fl fvZz .Op Fl m Ar maxdumps .Op Ar directory .Nm .Op Fl -libxo .Op Fl fkuvz .Op Fl m Ar maxdumps .Op Ar directory Op Ar device ... .Sh DESCRIPTION The .Nm utility copies a core dump into .Ar directory , or the current working directory if no .Ar directory argument is given, and enters a reboot message and information about the core dump into the system log. .Pp The options are as follows: .Bl -tag -width ".Fl m Ar maxdumps" .It Fl -libxo Generate output via .Xr libxo 3 in a selection of different human and machine readable formats. See .Xr xo_parse_args 3 for details on command line arguments. .It Fl C Check to see if a dump exists, and display a brief message to indicate the status. An exit status of 0 indicates that a dump is there, 1 indicates that none exists. This option is compatible only with the .Op Fl v option. .It Fl c Clear the dump, so that future invocations of .Nm will ignore it. .It Fl f Force a dump to be taken even if either the dump was cleared or if the dump header information is inconsistent. .It Fl k Do not clear the dump after saving it. .It Fl L Instruct .Nm to generate and save a kernel dump of the running system, rather than copying one from a dump device. .It Fl m Ar maxdumps Maximum number of dumps to store. Once the number of stored dumps is equal to .Ar maxdumps the counter will restart from .Dv 0 . .It Fl u Uncompress the dump in case it was compressed by the kernel. .It Fl v Print out some additional debugging information. Specify twice for more information. .It Fl Z Compress the dump (see .Xr zstd 1 ) . This option is only supported in conjunction with the .Fl L option. Regular dumps can be configured for compression with zstd using .Xr dumpon 8 . .It Fl z Compress the dump (see .Xr gzip 1 ) . The dump may already be compressed if the kernel was configured to do so by .Xr dumpon 8 . In this case, the option has no effect. .Pp If used in conjunction with the .Fl L option, the requested live dump will be compressed with gzip. .El .Pp The .Nm utility looks for dumps on each device specified by the .Ar device argument(s), or on each device in .Pa /etc/fstab marked as .Dq dump or .Dq swap . The .Nm utility checks the core dump in various ways to make sure that it is complete. If it passes these checks, it saves the core image in .Ar directory Ns Pa /vmcore.# and information about the core in .Ar directory Ns Pa /info.# . If the core is encrypted, it saves the dump key in .Ar directory Ns Pa /key.# . The core can be later decrypted using .Xr decryptcore 8 . For kernel textdumps generated with the .Xr textdump 4 facility, output will be stored in the .Xr tar 5 format and named .Ar directory Ns Pa /textdump.tar.# . The .Dq # is the number from the first line of the file .Ar directory Ns Pa /bounds , and it is incremented and stored back into the file each time .Nm successfully runs. .Pp The .Nm utility also checks the available disk space before attempting to make the copies. If there is insufficient disk space in the file system containing .Ar directory , or if the file .Ar directory Ns Pa /minfree exists and the number of free kilobytes (for non-superusers) in the file system after the copies were made would be less than the number in the first line of this file, the copies are not attempted. .Pp If .Nm successfully copies the kernel and the core dump, the core dump is cleared so that future invocations of .Nm will ignore it. .Pp The .Nm utility is meant to be called near the end of the initialization file .Pa /etc/rc (see .Xr rc 8 ) . .Sh SEE ALSO .Xr gzip 1 , .Xr zstd 1 , .Xr getbootfile 3 , .Xr libxo 3 , .Xr xo_parse_args 3 , .Xr mem 4 , .Xr textdump 4 , .Xr tar 5 , .Xr crashinfo 8 , .Xr decryptcore 8 , .Xr dumpon 8 , .Xr syslogd 8 .Sh HISTORY The .Nm utility appeared in .Bx 4.1 . .Pp Support for kernel textdumps appeared in .Fx 7.1 . .Sh BUGS The minfree code does not consider the effect of compression or sparse files. diff --git a/sbin/shutdown/Makefile b/sbin/shutdown/Makefile index 32c9d6979934..3271570b3521 100644 --- a/sbin/shutdown/Makefile +++ b/sbin/shutdown/Makefile @@ -1,13 +1,12 @@ -# @(#)Makefile 8.1 (Berkeley) 6/5/93 PACKAGE=runtime PROG= shutdown MAN= shutdown.8 LINKS= ${BINDIR}/shutdown ${BINDIR}/poweroff MLINKS= shutdown.8 poweroff.8 BINOWN= root BINGRP= operator BINMODE=4554 .include diff --git a/sbin/shutdown/shutdown.8 b/sbin/shutdown/shutdown.8 index 7f60f22cc0e3..70df537b8bf5 100644 --- a/sbin/shutdown/shutdown.8 +++ b/sbin/shutdown/shutdown.8 @@ -1,245 +1,243 @@ .\" Copyright (c) 1988, 1991, 1993 .\" The Regents of the University of California. All rights reserved. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: .\" 1. Redistributions of source code must retain the above copyright .\" notice, this list of conditions and the following disclaimer. .\" 2. Redistributions in binary form must reproduce the above copyright .\" notice, this list of conditions and the following disclaimer in the .\" documentation and/or other materials provided with the distribution. .\" 3. Neither the name of the University nor the names of its contributors .\" may be used to endorse or promote products derived from this software .\" without specific prior written permission. .\" .\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE .\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" @(#)shutdown.8 8.2 (Berkeley) 4/27/95 -.\" .Dd November 7, 2022 .Dt SHUTDOWN 8 .Os .Sh NAME .Nm shutdown , .Nm poweroff .Nd "close down the system at a given time" .Sh SYNOPSIS .Nm .Op Fl .Oo .Fl c | Fl h | Fl p | .Fl r | Fl k .Oc .Oo .Fl o .Op Fl n .Oc .Ar time .Op Ar warning-message ... .Nm poweroff .Sh DESCRIPTION The .Nm utility provides an automated shutdown procedure for super-users to nicely notify users when the system is shutting down, saving them from system administrators, hackers, and gurus, who would otherwise not bother with such niceties. In order to use the .Nm command, the user must have root privileges or be a member of the operator group. .Pp The following options are available: .Bl -tag -width indent .It Fl c The system is power cycled (power turned off and then back on) at the specified time. If the hardware doesn't support power cycle, the system will be rebooted. At the present time, only systems with BMC supported by the .Xr ipmi 4 driver that implement this functionality support this flag. The amount of time the system is off is dependent on the device that implements this feature. .It Fl h The system is halted at the specified .Ar time . .It Fl p The system is halted and the power is turned off (hardware support required, otherwise the system is halted) at the specified .Ar time . .It Fl r The system is rebooted at the specified .Ar time . .It Fl k Kick everybody off. The .Fl k option does not actually halt the system, but leaves the system multi-user with logins disabled (for all but super-user). .It Fl o If one of the .Fl c , .Fl h , .Fl p or .Fl r options are specified, .Nm will execute .Xr halt 8 or .Xr reboot 8 instead of sending a signal to .Xr init 8 . .It Fl n If the .Fl o option is specified, prevent the file system cache from being flushed by passing .Fl n to .Xr halt 8 or .Xr reboot 8 . This option should probably not be used. .It Ar time .Ar Time is the time at which .Nm will bring the system down and may be the case-insensitive word .Ar now (indicating an immediate shutdown) or a future time in one of two formats: .Ar +number , or .Ar yymmddhhmm , where the year, month, and day may be defaulted to the current system values. The first form brings the system down in .Ar number minutes and the second at the absolute time specified. .Ar +number may be specified in units other than minutes by appending the corresponding suffix: .Dq Li s , .Dq Li sec , .Dq Li m , .Dq Li min , .Dq Li h , .Dq Li hour . .Pp If an absolute time is specified, but not a date, and that time today has already passed, .Nm will assume that the same time tomorrow was meant. (If a complete date is specified which has already passed, .Nm will print an error and exit without shutting the system down.) .It Ar warning-message Any other arguments comprise the warning message that is broadcast to users currently logged into the system. .It Fl If .Sq Fl is supplied as an option, the warning message is read from the standard input. .El .Pp At intervals, becoming more frequent as apocalypse approaches and starting at ten hours before shutdown, warning messages are displayed on the terminals of all users logged in. Five minutes before shutdown, or immediately if shutdown is in less than 5 minutes, logins are disabled by creating .Pa /var/run/nologin and copying the warning message there. If this file exists when a user attempts to log in, .Xr login 1 prints its contents and exits. The file is removed just before .Nm exits. .Pp At shutdown time a message is written to the system log, containing the time of shutdown, the person who initiated the shutdown and the reason. The corresponding signal is then sent to .Xr init 8 to respectively halt, reboot or bring the system down to single-user state (depending on the above options). The time of the shutdown and the warning message are placed in .Pa /var/run/nologin and should be used to inform the users about when the system will be back up and why it is going down (or anything else). .Pp A scheduled shutdown can be canceled by killing the .Nm process (a .Dv SIGTERM should suffice). The .Pa /var/run/nologin file that .Nm created will be removed automatically. .Pp When run without options, the .Nm utility will place the system into single user mode at the .Ar time specified. .Pp Calling .Dq Nm poweroff is equivalent to running: .Bd -literal -offset indent shutdown -p now .Ed .Sh FILES .Bl -tag -width /var/run/nologin -compact .It Pa /var/run/nologin tells .Xr login 1 not to let anyone log in .El .Sh EXAMPLES Reboot the system in 30 minutes and display a warning message on the terminals of all users currently logged in: .Pp .Dl # shutdown -r +30 \&"System will reboot\&" .Sh COMPATIBILITY The hours and minutes in the second time format may be separated by a colon (``:'') for backward compatibility. .Sh SEE ALSO .Xr kill 1 , .Xr login 1 , .Xr wall 1 , .Xr nologin 5 , .Xr halt 8 , .Xr init 8 , .Xr reboot 8 .Sh HISTORY A .Nm command was originally written by Ian Johnstone for UNSW's modified .At "6th Edn" . It was modified and then incorporated in .Bx 4.1 . diff --git a/sbin/shutdown/shutdown.c b/sbin/shutdown/shutdown.c index 3864e44025eb..9e01d54ae21d 100644 --- a/sbin/shutdown/shutdown.c +++ b/sbin/shutdown/shutdown.c @@ -1,602 +1,599 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1988, 1990, 1993 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #if 0 #ifndef lint static const char copyright[] = "@(#) Copyright (c) 1988, 1990, 1993\n\ The Regents of the University of California. All rights reserved.\n"; #endif /* not lint */ -#ifndef lint -static char sccsid[] = "@(#)shutdown.c 8.4 (Berkeley) 4/28/95"; -#endif /* not lint */ #endif #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #ifdef DEBUG #undef _PATH_NOLOGIN #define _PATH_NOLOGIN "./nologin" #endif #define H *60*60 #define M *60 #define S *1 #define NOLOG_TIME 5*60 static struct interval { int timeleft, timetowait; } tlist[] = { { 10 H, 5 H }, { 5 H, 3 H }, { 2 H, 1 H }, { 1 H, 30 M }, { 30 M, 10 M }, { 20 M, 10 M }, { 10 M, 5 M }, { 5 M, 3 M }, { 2 M, 1 M }, { 1 M, 30 S }, { 30 S, 30 S }, { 0 , 0 } }; #undef H #undef M #undef S static time_t offset, shuttime; static int docycle, dohalt, dopower, doreboot, killflg, mbuflen, oflag; static char mbuf[BUFSIZ]; static const char *nosync, *whom; static void badtime(void); static void die_you_gravy_sucking_pig_dog(void); static void finish(int); static void getoffset(char *); static void loop(void); static void nolog(void); static void timeout(int); static void timewarn(int); static void usage(const char *); extern const char **environ; int main(int argc, char **argv) { char *p, *endp; struct passwd *pw; int arglen, ch, len, readstdin; #ifndef DEBUG if (geteuid()) errx(1, "NOT super-user"); #endif nosync = NULL; readstdin = 0; /* * Test for the special case where the utility is called as * "poweroff", for which it runs 'shutdown -p now'. */ if ((p = strrchr(argv[0], '/')) == NULL) p = argv[0]; else ++p; if (strcmp(p, "poweroff") == 0) { if (getopt(argc, argv, "") != -1) usage((char *)NULL); argc -= optind; argv += optind; if (argc != 0) usage((char *)NULL); dopower = 1; offset = 0; (void)time(&shuttime); goto poweroff; } while ((ch = getopt(argc, argv, "-chknopr")) != -1) switch (ch) { case '-': readstdin = 1; break; case 'c': docycle = 1; break; case 'h': dohalt = 1; break; case 'k': killflg = 1; break; case 'n': nosync = "-n"; break; case 'o': oflag = 1; break; case 'p': dopower = 1; break; case 'r': doreboot = 1; break; case '?': default: usage((char *)NULL); } argc -= optind; argv += optind; if (argc < 1) usage((char *)NULL); if (killflg + doreboot + dohalt + dopower + docycle > 1) usage("incompatible switches -c, -h, -k, -p and -r"); if (oflag && !(dohalt || dopower || doreboot || docycle)) usage("-o requires -c, -h, -p or -r"); if (nosync != NULL && !oflag) usage("-n requires -o"); getoffset(*argv++); poweroff: if (*argv) { for (p = mbuf, len = sizeof(mbuf); *argv; ++argv) { arglen = strlen(*argv); if ((len -= arglen) <= 2) break; if (p != mbuf) *p++ = ' '; memmove(p, *argv, arglen); p += arglen; } *p = '\n'; *++p = '\0'; } if (readstdin) { p = mbuf; endp = mbuf + sizeof(mbuf) - 2; for (;;) { if (!fgets(p, endp - p + 1, stdin)) break; for (; *p && p < endp; ++p); if (p == endp) { *p = '\n'; *++p = '\0'; break; } } } mbuflen = strlen(mbuf); if (offset) { BOOTTRACE("Shutdown at %s", ctime(&shuttime)); (void)printf("Shutdown at %.24s.\n", ctime(&shuttime)); } else { BOOTTRACE("Shutdown NOW!"); (void)printf("Shutdown NOW!\n"); } if (!(whom = getlogin())) whom = (pw = getpwuid(getuid())) ? pw->pw_name : "???"; #ifdef DEBUG (void)putc('\n', stdout); #else (void)setpriority(PRIO_PROCESS, 0, PRIO_MIN); { int forkpid; forkpid = fork(); if (forkpid == -1) err(1, "fork"); if (forkpid) errx(0, "[pid %d]", forkpid); } setsid(); #endif openlog("shutdown", LOG_CONS, LOG_AUTH); loop(); return(0); } static void loop(void) { struct interval *tp; u_int sltime; int logged; if (offset <= NOLOG_TIME) { logged = 1; nolog(); } else logged = 0; tp = tlist; if (tp->timeleft < offset) (void)sleep((u_int)(offset - tp->timeleft)); else { while (tp->timeleft && offset < tp->timeleft) ++tp; /* * Warn now, if going to sleep more than a fifth of * the next wait time. */ if ((sltime = offset - tp->timeleft)) { if (sltime > (u_int)(tp->timetowait / 5)) timewarn(offset); (void)sleep(sltime); } } for (;; ++tp) { timewarn(tp->timeleft); if (!logged && tp->timeleft <= NOLOG_TIME) { logged = 1; nolog(); } (void)sleep((u_int)tp->timetowait); if (!tp->timeleft) break; } die_you_gravy_sucking_pig_dog(); } static jmp_buf alarmbuf; static const char *restricted_environ[] = { "PATH=" _PATH_STDPATH, NULL }; static void timewarn(int timeleft) { static int first; static char hostname[MAXHOSTNAMELEN + 1]; FILE *pf; char wcmd[MAXPATHLEN + 4]; if (!first++) (void)gethostname(hostname, sizeof(hostname)); /* undoc -n option to wall suppresses normal wall banner */ (void)snprintf(wcmd, sizeof(wcmd), "%s -n", _PATH_WALL); environ = restricted_environ; if (!(pf = popen(wcmd, "w"))) { syslog(LOG_ERR, "shutdown: can't find %s: %m", _PATH_WALL); return; } (void)fprintf(pf, "\007*** %sSystem shutdown message from %s@%s ***\007\n", timeleft ? "": "FINAL ", whom, hostname); if (timeleft > 10*60) (void)fprintf(pf, "System going down at %5.5s\n\n", ctime(&shuttime) + 11); else if (timeleft > 59) (void)fprintf(pf, "System going down in %d minute%s\n\n", timeleft / 60, (timeleft > 60) ? "s" : ""); else if (timeleft) (void)fprintf(pf, "System going down in %s30 seconds\n\n", (offset > 0 && offset < 30 ? "less than " : "")); else (void)fprintf(pf, "System going down IMMEDIATELY\n\n"); if (mbuflen) (void)fwrite(mbuf, sizeof(*mbuf), mbuflen, pf); /* * play some games, just in case wall doesn't come back * probably unnecessary, given that wall is careful. */ if (!setjmp(alarmbuf)) { (void)signal(SIGALRM, timeout); (void)alarm((u_int)30); (void)pclose(pf); (void)alarm((u_int)0); (void)signal(SIGALRM, SIG_DFL); } } static void timeout(int signo __unused) { longjmp(alarmbuf, 1); } static void die_you_gravy_sucking_pig_dog(void) { char *empty_environ[] = { NULL }; BOOTTRACE("%s by %s", doreboot ? "reboot" : dohalt ? "halt" : dopower ? "power-down" : docycle ? "power-cycle" : "shutdown", whom); syslog(LOG_NOTICE, "%s by %s: %s", doreboot ? "reboot" : dohalt ? "halt" : dopower ? "power-down" : docycle ? "power-cycle" : "shutdown", whom, mbuf); (void)printf("\r\nSystem shutdown time has arrived\007\007\r\n"); if (killflg) { BOOTTRACE("fake shutdown..."); (void)printf("\rbut you'll have to do it yourself\r\n"); exit(0); } #ifdef DEBUG if (doreboot) (void)printf("reboot"); else if (docycle) (void)printf("power-cycle"); else if (dohalt) (void)printf("halt"); else if (dopower) (void)printf("power-down"); if (nosync != NULL) (void)printf(" no sync"); (void)printf("\nkill -HUP 1\n"); #else if (!oflag) { BOOTTRACE("signal to init(8)..."); (void)kill(1, doreboot ? SIGINT : /* reboot */ dohalt ? SIGUSR1 : /* halt */ dopower ? SIGUSR2 : /* power-down */ docycle ? SIGWINCH : /* power-cycle */ SIGTERM); /* single-user */ } else { if (doreboot) { BOOTTRACE("exec reboot(8) -l..."); execle(_PATH_REBOOT, "reboot", "-l", nosync, (char *)NULL, empty_environ); syslog(LOG_ERR, "shutdown: can't exec %s: %m.", _PATH_REBOOT); warn(_PATH_REBOOT); } else if (dohalt) { BOOTTRACE("exec halt(8) -l..."); execle(_PATH_HALT, "halt", "-l", nosync, (char *)NULL, empty_environ); syslog(LOG_ERR, "shutdown: can't exec %s: %m.", _PATH_HALT); warn(_PATH_HALT); } else if (dopower) { BOOTTRACE("exec halt(8) -l -p..."); execle(_PATH_HALT, "halt", "-l", "-p", nosync, (char *)NULL, empty_environ); syslog(LOG_ERR, "shutdown: can't exec %s: %m.", _PATH_HALT); warn(_PATH_HALT); } else if (docycle) { execle(_PATH_HALT, "halt", "-l", "-c", nosync, (char *)NULL, empty_environ); syslog(LOG_ERR, "shutdown: can't exec %s: %m.", _PATH_HALT); warn(_PATH_HALT); } BOOTTRACE("SIGTERM to init(8)..."); (void)kill(1, SIGTERM); /* to single-user */ } #endif finish(0); } #define ATOI2(p) (p[0] - '0') * 10 + (p[1] - '0'); p += 2; static void getoffset(char *timearg) { struct tm *lt; char *p; time_t now; int maybe_today, this_year; char *timeunit; (void)time(&now); if (!strcasecmp(timearg, "now")) { /* now */ offset = 0; shuttime = now; return; } if (*timearg == '+') { /* +minutes */ if (!isdigit(*++timearg)) badtime(); errno = 0; offset = strtol(timearg, &timeunit, 10); if (offset < 0 || offset == LONG_MAX || errno != 0) badtime(); if (timeunit[0] == '\0' || strcasecmp(timeunit, "m") == 0 || strcasecmp(timeunit, "min") == 0 || strcasecmp(timeunit, "mins") == 0) { offset *= 60; } else if (strcasecmp(timeunit, "h") == 0 || strcasecmp(timeunit, "hour") == 0 || strcasecmp(timeunit, "hours") == 0) { offset *= 60 * 60; } else if (strcasecmp(timeunit, "s") == 0 || strcasecmp(timeunit, "sec") == 0 || strcasecmp(timeunit, "secs") == 0) { offset *= 1; } else { badtime(); } shuttime = now + offset; return; } /* handle hh:mm by getting rid of the colon */ for (p = timearg; *p; ++p) if (!isascii(*p) || !isdigit(*p)) { if (*p == ':' && strlen(p) == 3) { p[0] = p[1]; p[1] = p[2]; p[2] = '\0'; } else badtime(); } unsetenv("TZ"); /* OUR timezone */ lt = localtime(&now); /* current time val */ maybe_today = 1; switch(strlen(timearg)) { case 10: this_year = lt->tm_year; lt->tm_year = ATOI2(timearg); /* * check if the specified year is in the next century. * allow for one year of user error as many people will * enter n - 1 at the start of year n. */ if (lt->tm_year < (this_year % 100) - 1) lt->tm_year += 100; /* adjust for the year 2000 and beyond */ lt->tm_year += (this_year - (this_year % 100)); /* FALLTHROUGH */ case 8: lt->tm_mon = ATOI2(timearg); if (--lt->tm_mon < 0 || lt->tm_mon > 11) badtime(); /* FALLTHROUGH */ case 6: maybe_today = 0; lt->tm_mday = ATOI2(timearg); if (lt->tm_mday < 1 || lt->tm_mday > 31) badtime(); /* FALLTHROUGH */ case 4: lt->tm_hour = ATOI2(timearg); if (lt->tm_hour < 0 || lt->tm_hour > 23) badtime(); lt->tm_min = ATOI2(timearg); if (lt->tm_min < 0 || lt->tm_min > 59) badtime(); lt->tm_sec = 0; if ((shuttime = mktime(lt)) == -1) badtime(); if ((offset = shuttime - now) < 0) { if (!maybe_today) errx(1, "that time is already past."); /* * If the user only gave a time, assume that * any time earlier than the current time * was intended to be that time tomorrow. */ lt->tm_mday++; if ((shuttime = mktime(lt)) == -1) badtime(); if ((offset = shuttime - now) < 0) { errx(1, "tomorrow is before today?"); } } break; default: badtime(); } } #define NOMSG "\n\nNO LOGINS: System going down at " static void nolog(void) { int logfd; char *ct; (void)unlink(_PATH_NOLOGIN); /* in case linked to another file */ (void)signal(SIGINT, finish); (void)signal(SIGHUP, finish); (void)signal(SIGQUIT, finish); (void)signal(SIGTERM, finish); if ((logfd = open(_PATH_NOLOGIN, O_WRONLY|O_CREAT|O_TRUNC, 0664)) >= 0) { (void)write(logfd, NOMSG, sizeof(NOMSG) - 1); ct = ctime(&shuttime); (void)write(logfd, ct + 11, 5); (void)write(logfd, "\n\n", 2); (void)write(logfd, mbuf, strlen(mbuf)); (void)close(logfd); } } static void finish(int signo __unused) { if (!killflg) (void)unlink(_PATH_NOLOGIN); exit(0); } static void badtime(void) { errx(1, "bad time format"); } static void usage(const char *cp) { if (cp != NULL) warnx("%s", cp); (void)fprintf(stderr, "usage: shutdown [-] [-c | -h | -p | -r | -k] [-o [-n]] time [warning-message ...]\n" " poweroff\n"); exit(1); } diff --git a/sbin/swapon/Makefile b/sbin/swapon/Makefile index 4cca18367c1e..27808aed5857 100644 --- a/sbin/swapon/Makefile +++ b/sbin/swapon/Makefile @@ -1,13 +1,12 @@ -# @(#)Makefile 8.1 (Berkeley) 6/5/93 PACKAGE=runtime PROG= swapon MAN= swapon.8 LINKS= ${BINDIR}/swapon ${BINDIR}/swapoff LINKS+= ${BINDIR}/swapon ${BINDIR}/swapctl MLINKS= swapon.8 swapoff.8 MLINKS+=swapon.8 swapctl.8 LIBADD= util .include diff --git a/sbin/swapon/swapon.8 b/sbin/swapon/swapon.8 index 64ad9edca776..f5534c06eb9f 100644 --- a/sbin/swapon/swapon.8 +++ b/sbin/swapon/swapon.8 @@ -1,242 +1,240 @@ .\" Copyright (c) 1980, 1991, 1993 .\" The Regents of the University of California. All rights reserved. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: .\" 1. Redistributions of source code must retain the above copyright .\" notice, this list of conditions and the following disclaimer. .\" 2. Redistributions in binary form must reproduce the above copyright .\" notice, this list of conditions and the following disclaimer in the .\" documentation and/or other materials provided with the distribution. .\" 3. Neither the name of the University nor the names of its contributors .\" may be used to endorse or promote products derived from this software .\" without specific prior written permission. .\" .\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE .\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" @(#)swapon.8 8.1 (Berkeley) 6/5/93 -.\" .Dd November 29, 2021 .Dt SWAPON 8 .Os .Sh NAME .Nm swapon , swapoff , swapctl .Nd "specify devices for paging and swapping" .Sh SYNOPSIS .Nm swapon .Oo Fl F Ar fstab .Oc .Fl aLq | E Ar .Nm swapoff .Oo Fl F Ar fstab .Oc .Fl afLq | Ar .Nm swapctl .Op Fl AfghklmsU .Oo .Fl a Ar | .Fl d Ar .Oc .Sh DESCRIPTION The .Nm swapon , swapoff and .Nm swapctl utilities are used to control swap devices in the system. At boot time all swap entries in .Pa /etc/fstab are added automatically when the system goes multi-user. Swap devices use a fixed interleave; the maximum number of devices is unlimited. There is no priority mechanism. .Pp The .Nm swapon utility adds the specified swap devices to the system. If the .Fl a option is used, all swap devices in .Pa /etc/fstab will be added, unless their .Dq noauto or .Dq late option is also set. If the .Fl L option is specified, swap devices with the .Dq late option will be added as well as ones with no option. If the .Fl q option is used, informational messages will not be written to standard output when a swap device is added. The .Fl E option causes each of following devices to receive a .Dv BIO_DELETE command. This command marks the device's blocks as unused, except those that might store a disk label. This marking can erase a crash dump. To delay .Nm swapon for a device until after .Nm savecore has copied the crash dump to another location, use the .Dq late option. .Pp The .Nm swapoff utility removes the specified swap devices from the system. If the .Fl a option is used, all swap devices in .Pa /etc/fstab will be removed, unless their .Dq noauto option is also set. If the .Fl L option is specified, only swap devices with the .Dq late option will be removed. If the .Fl q option is used, informational messages will not be written to standard output when a swap device is removed. Note that .Nm swapoff will fail and refuse to remove a swap device if a very conservative check does not conclude that there is sufficient VM (memory + remaining swap devices) to run the system. The .Fl f option turns off this check, which could deadlock the system if there is insufficient swap space remaining. .Pp The .Nm swapoff utility must move swapped pages out of the device being removed which could lead to high system loads for a period of time, depending on how much data has been swapped out to that device. .Pp Other options supported by both .Nm swapon and .Nm swapoff are as follows: .Bl -tag -width indent .It Fl F Ar fstab Specify the .Pa fstab file to use (in conjunction with .Fl a Ns ). .El .Pp The .Nm swapctl utility exists primarily for those familiar with other .Bx Ns s and may be used to add, remove, or list swap devices. Note that the .Fl a option is used differently in .Nm swapctl and indicates that a specific list of devices should be added. The .Fl d option indicates that a specific list should be removed. The .Fl A and .Fl U options to .Nm swapctl operate on all swap entries in .Pa /etc/fstab which do not have their .Dq noauto option set. .Pp Swap information can be generated using the .Xr swapinfo 8 utility, .Nm pstat .Fl s , or .Nm swapctl .Fl l . The .Nm swapctl utility has the following options for listing swap: .Bl -tag -width indent .It Fl h Output values in human-readable form. .It Fl g Output values in gigabytes. .It Fl k Output values in kilobytes. .It Fl m Output values in megabytes. .It Fl l List the devices making up system swap. .It Fl s Print a summary line for system swap. .Pp The .Ev BLOCKSIZE environment variable is used if not specifically overridden. 512 byte blocks are used by default. .El .Sh FILES .Bl -tag -width ".Pa /dev/{ada,da}?s?b" -compact .It Pa /dev/{ada,da}?s?b standard paging devices .It Pa /dev/md? memory disk devices .It Pa /etc/fstab .Tn ASCII file system description table .El .Sh DIAGNOSTICS These utilities may fail for the reasons described in .Xr swapon 2 . .Sh SEE ALSO .Xr swapon 2 , .Xr fstab 5 , .Xr init 8 , .Xr mdconfig 8 , .Xr pstat 8 , .Xr rc 8 .Sh HISTORY The .Nm swapon utility appeared in .Bx 4.0 . The .Nm swapoff and .Nm swapctl utilities appeared in .Fx 5.1 . diff --git a/sbin/swapon/swapon.c b/sbin/swapon/swapon.c index b9b865c0fc09..039356541b78 100644 --- a/sbin/swapon/swapon.c +++ b/sbin/swapon/swapon.c @@ -1,935 +1,932 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1980, 1993 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #if 0 #ifndef lint static const char copyright[] = "@(#) Copyright (c) 1980, 1993\n\ The Regents of the University of California. All rights reserved.\n"; #endif /* not lint */ -#ifndef lint -static char sccsid[] = "@(#)swapon.c 8.1 (Berkeley) 6/5/93"; -#endif /* not lint */ #endif #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include static void usage(void) __dead2; static const char *swap_on_off(const char *, int, char *); static const char *swap_on_off_gbde(const char *, int); static const char *swap_on_off_geli(const char *, char *, int); static const char *swap_on_off_md(const char *, char *, int); static const char *swap_on_off_sfile(const char *, int); static void swaplist(int, int, int); static int run_cmd(int *, const char *, ...) __printflike(2, 3); static enum { SWAPON, SWAPOFF, SWAPCTL } orig_prog, which_prog = SWAPCTL; static int Eflag, fflag, qflag; int main(int argc, char **argv) { struct fstab *fsp; const char *swfile; char *ptr; int ret, ch, doall; int sflag, lflag, late, hflag; const char *etc_fstab; sflag = lflag = late = hflag = 0; if ((ptr = strrchr(argv[0], '/')) == NULL) ptr = argv[0]; if (strstr(ptr, "swapon") != NULL) which_prog = SWAPON; else if (strstr(ptr, "swapoff") != NULL) which_prog = SWAPOFF; orig_prog = which_prog; doall = 0; etc_fstab = NULL; while ((ch = getopt(argc, argv, "AadEfghklLmqsUF:")) != -1) { switch(ch) { case 'A': if (which_prog == SWAPCTL) { doall = 1; which_prog = SWAPON; } else usage(); break; case 'a': if (which_prog == SWAPON || which_prog == SWAPOFF) doall = 1; else which_prog = SWAPON; break; case 'd': if (which_prog == SWAPCTL) which_prog = SWAPOFF; else usage(); break; case 'E': if (which_prog == SWAPON) Eflag = 2; else usage(); break; case 'f': if (which_prog == SWAPOFF) fflag = 1; else usage(); break; case 'g': hflag = 'G'; break; case 'h': hflag = 'H'; break; case 'k': hflag = 'K'; break; case 'l': lflag = 1; break; case 'L': late = 1; break; case 'm': hflag = 'M'; break; case 'q': if (which_prog == SWAPON || which_prog == SWAPOFF) qflag = 1; break; case 's': sflag = 1; break; case 'U': if (which_prog == SWAPCTL) { doall = 1; which_prog = SWAPOFF; } else usage(); break; case 'F': etc_fstab = optarg; break; case '?': default: usage(); } } argv += optind; ret = 0; swfile = NULL; if (etc_fstab != NULL) setfstab(etc_fstab); if (which_prog == SWAPON || which_prog == SWAPOFF) { if (doall) { while ((fsp = getfsent()) != NULL) { if (strcmp(fsp->fs_type, FSTAB_SW) != 0) continue; if (strstr(fsp->fs_mntops, "noauto") != NULL) continue; if (which_prog != SWAPOFF && strstr(fsp->fs_mntops, "late") && late == 0) continue; if (which_prog == SWAPOFF && strstr(fsp->fs_mntops, "late") == NULL && late != 0) continue; Eflag |= (strstr(fsp->fs_mntops, "trimonce") != NULL); swfile = swap_on_off(fsp->fs_spec, 1, fsp->fs_mntops); Eflag &= ~1; if (swfile == NULL) { ret = 1; continue; } if (qflag == 0) { printf("%s: %sing %s as swap device\n", getprogname(), (which_prog == SWAPOFF) ? "remov" : "add", swfile); } } } else if (*argv == NULL) usage(); for (; *argv; ++argv) { swfile = swap_on_off(*argv, 0, NULL); if (swfile == NULL) { ret = 1; continue; } if (orig_prog == SWAPCTL) { printf("%s: %sing %s as swap device\n", getprogname(), (which_prog == SWAPOFF) ? "remov" : "add", swfile); } } } else { if (lflag || sflag) swaplist(lflag, sflag, hflag); else usage(); } exit(ret); } static const char * swap_on_off(const char *name, int doingall, char *mntops) { char *base, *basebuf; /* Swap on vnode-backed md(4) device. */ if (mntops != NULL && (fnmatch(_PATH_DEV MD_NAME "[0-9]*", name, 0) == 0 || fnmatch(MD_NAME "[0-9]*", name, 0) == 0 || strncmp(_PATH_DEV MD_NAME, name, sizeof(_PATH_DEV) + sizeof(MD_NAME)) == 0 || strncmp(MD_NAME, name, sizeof(MD_NAME)) == 0)) return (swap_on_off_md(name, mntops, doingall)); basebuf = strdup(name); base = basename(basebuf); /* Swap on encrypted device by GEOM_BDE. */ if (fnmatch("*.bde", base, 0) == 0) { free(basebuf); return (swap_on_off_gbde(name, doingall)); } /* Swap on encrypted device by GEOM_ELI. */ if (fnmatch("*.eli", base, 0) == 0) { free(basebuf); return (swap_on_off_geli(name, mntops, doingall)); } /* Swap on special file. */ free(basebuf); return (swap_on_off_sfile(name, doingall)); } /* Strip off .bde or .eli suffix from swap device name */ static char * swap_basename(const char *name) { char *dname, *p; dname = strdup(name); p = strrchr(dname, '.'); /* assert(p != NULL); */ *p = '\0'; return (dname); } static const char * swap_on_off_gbde(const char *name, int doingall) { const char *ret; char pass[64 * 2 + 1]; unsigned char bpass[64]; char *dname; int i, error; dname = swap_basename(name); if (dname == NULL) return (NULL); if (which_prog == SWAPON) { arc4random_buf(bpass, sizeof(bpass)); for (i = 0; i < (int)sizeof(bpass); i++) sprintf(&pass[2 * i], "%02x", bpass[i]); pass[sizeof(pass) - 1] = '\0'; error = run_cmd(NULL, "%s init %s -P %s", _PATH_GBDE, dname, pass); if (error) { /* bde device found. Ignore it. */ free(dname); if (qflag == 0) warnx("%s: Device already in use", name); return (NULL); } error = run_cmd(NULL, "%s attach %s -p %s", _PATH_GBDE, dname, pass); free(dname); if (error) { warnx("gbde (attach) error: %s", name); return (NULL); } } ret = swap_on_off_sfile(name, doingall); if (which_prog == SWAPOFF) { error = run_cmd(NULL, "%s detach %s", _PATH_GBDE, dname); free(dname); if (error) { /* bde device not found. Ignore it. */ if (qflag == 0) warnx("%s: Device not found", name); return (NULL); } } return (ret); } /* Build geli(8) arguments from mntops */ static char * swap_on_geli_args(const char *mntops) { const char *aalgo, *ealgo, *keylen_str, *sectorsize_str; const char *aflag, *eflag, *lflag, *Tflag, *sflag; char *p, *args, *token, *string, *ops; int pagesize; size_t pagesize_len; u_long ul; /* Use built-in defaults for geli(8). */ aalgo = ealgo = keylen_str = ""; aflag = eflag = lflag = Tflag = ""; /* We will always specify sectorsize. */ sflag = " -s "; sectorsize_str = NULL; if (mntops != NULL) { string = ops = strdup(mntops); while ((token = strsep(&string, ",")) != NULL) { if ((p = strstr(token, "aalgo=")) == token) { aalgo = p + sizeof("aalgo=") - 1; aflag = " -a "; } else if ((p = strstr(token, "ealgo=")) == token) { ealgo = p + sizeof("ealgo=") - 1; eflag = " -e "; } else if ((p = strstr(token, "keylen=")) == token) { keylen_str = p + sizeof("keylen=") - 1; errno = 0; ul = strtoul(keylen_str, &p, 10); if (errno == 0) { if (*p != '\0' || ul > INT_MAX) errno = EINVAL; } if (errno) { warn("Invalid keylen: %s", keylen_str); free(ops); return (NULL); } lflag = " -l "; } else if ((p = strstr(token, "sectorsize=")) == token) { sectorsize_str = p + sizeof("sectorsize=") - 1; errno = 0; ul = strtoul(sectorsize_str, &p, 10); if (errno == 0) { if (*p != '\0' || ul > INT_MAX) errno = EINVAL; } if (errno) { warn("Invalid sectorsize: %s", sectorsize_str); free(ops); return (NULL); } } else if (strcmp(token, "notrim") == 0) { if (Eflag) { warn("Options \"notrim\" and " "\"trimonce\" conflict"); free(ops); return (NULL); } Tflag = " -T "; } else if (strcmp(token, "late") == 0) { /* ignore known option */ } else if (strcmp(token, "noauto") == 0) { /* ignore known option */ } else if (strcmp(token, "sw") == 0) { /* ignore known option */ } else if (strcmp(token, "trimonce") == 0) { /* ignore known option */ } else { warnx("Invalid option: %s", token); free(ops); return (NULL); } } } else ops = NULL; /* * If we do not have a sector size at this point, fill in * pagesize as sector size. */ if (sectorsize_str == NULL) { /* Use pagesize as default sectorsize. */ pagesize = getpagesize(); pagesize_len = snprintf(NULL, 0, "%d", pagesize) + 1; p = alloca(pagesize_len); snprintf(p, pagesize_len, "%d", pagesize); sectorsize_str = p; } (void)asprintf(&args, "%s%s%s%s%s%s%s%s%s -d", aflag, aalgo, eflag, ealgo, lflag, keylen_str, Tflag, sflag, sectorsize_str); free(ops); return (args); } static const char * swap_on_off_geli(const char *name, char *mntops, int doingall) { struct stat sb; char *dname, *args; int error; error = stat(name, &sb); if (which_prog == SWAPON) do { /* Skip if the .eli device already exists. */ if (error == 0) break; args = swap_on_geli_args(mntops); if (args == NULL) return (NULL); dname = swap_basename(name); if (dname == NULL) { free(args); return (NULL); } error = run_cmd(NULL, "%s onetime%s %s", _PATH_GELI, args, dname); free(dname); free(args); if (error) { /* error occurred during creation. */ if (qflag == 0) warnx("%s: Invalid parameters", name); return (NULL); } } while (0); return (swap_on_off_sfile(name, doingall)); } static const char * swap_on_off_md(const char *name, char *mntops, int doingall) { FILE *sfd; int fd, mdunit, error; const char *ret; static char mdpath[PATH_MAX], linebuf[PATH_MAX]; char *p, *vnodefile; size_t linelen; u_long ul; fd = -1; sfd = NULL; if (strlen(name) == (sizeof(MD_NAME) - 1)) mdunit = -1; else { errno = 0; ul = strtoul(name + 2, &p, 10); if (errno == 0) { if (*p != '\0' || ul > INT_MAX) errno = EINVAL; } if (errno) { warn("Bad device unit: %s", name); return (NULL); } mdunit = (int)ul; } vnodefile = NULL; if ((p = strstr(mntops, "file=")) != NULL) { vnodefile = strdup(p + sizeof("file=") - 1); p = strchr(vnodefile, ','); if (p != NULL) *p = '\0'; } if (vnodefile == NULL) { warnx("file option not found for %s", name); return (NULL); } if (which_prog == SWAPON) { if (mdunit == -1) { error = run_cmd(&fd, "%s -l -n -f %s", _PATH_MDCONFIG, vnodefile); if (error == 0) { /* md device found. Ignore it. */ close(fd); if (!qflag) warnx("%s: Device already in use", vnodefile); free(vnodefile); return (NULL); } error = run_cmd(&fd, "%s -a -t vnode -n -f %s", _PATH_MDCONFIG, vnodefile); if (error) { warnx("mdconfig (attach) error: file=%s", vnodefile); free(vnodefile); return (NULL); } sfd = fdopen(fd, "r"); if (sfd == NULL) { warn("mdconfig (attach) fdopen error"); ret = NULL; goto err; } p = fgetln(sfd, &linelen); if (p == NULL || (linelen < 2 || linelen > sizeof(linebuf))) { warn("mdconfig (attach) unexpected output"); ret = NULL; goto err; } strlcpy(linebuf, p, linelen); errno = 0; ul = strtoul(linebuf, &p, 10); if (errno == 0) { if (*p != '\0' || ul > INT_MAX) errno = EINVAL; } if (errno) { warn("mdconfig (attach) unexpected output: %s", linebuf); ret = NULL; goto err; } mdunit = (int)ul; } else { error = run_cmd(&fd, "%s -l -n -f %s -u %d", _PATH_MDCONFIG, vnodefile, mdunit); if (error == 0) { /* md device found. Ignore it. */ close(fd); if (qflag == 0) warnx("md%d on %s: Device already " "in use", mdunit, vnodefile); free(vnodefile); return (NULL); } error = run_cmd(NULL, "%s -a -t vnode -u %d -f %s", _PATH_MDCONFIG, mdunit, vnodefile); if (error) { warnx("mdconfig (attach) error: " "md%d on file=%s", mdunit, vnodefile); free(vnodefile); return (NULL); } } } else /* SWAPOFF */ { if (mdunit == -1) { error = run_cmd(&fd, "%s -l -n -f %s", _PATH_MDCONFIG, vnodefile); if (error) { /* md device not found. Ignore it. */ close(fd); if (!qflag) warnx("md on %s: Device not found", vnodefile); free(vnodefile); return (NULL); } sfd = fdopen(fd, "r"); if (sfd == NULL) { warn("mdconfig (list) fdopen error"); ret = NULL; goto err; } p = fgetln(sfd, &linelen); if (p == NULL || (linelen < 2 || linelen > sizeof(linebuf))) { warn("mdconfig (list) unexpected output"); ret = NULL; goto err; } strlcpy(linebuf, p, linelen); p = strchr(linebuf, ' '); if (p != NULL) *p = '\0'; errno = 0; ul = strtoul(linebuf, &p, 10); if (errno == 0) { if (*p != '\0' || ul > INT_MAX) errno = EINVAL; } if (errno) { warn("mdconfig (list) unexpected output: %s", linebuf); ret = NULL; goto err; } mdunit = (int)ul; } else { error = run_cmd(&fd, "%s -l -n -f %s -u %d", _PATH_MDCONFIG, vnodefile, mdunit); if (error) { /* md device not found. Ignore it. */ close(fd); if (!qflag) warnx("md%d on %s: Device not found", mdunit, vnodefile); free(vnodefile); return (NULL); } } } snprintf(mdpath, sizeof(mdpath), "%s%s%d", _PATH_DEV, MD_NAME, mdunit); mdpath[sizeof(mdpath) - 1] = '\0'; ret = swap_on_off_sfile(mdpath, doingall); if (which_prog == SWAPOFF) { if (ret != NULL) { error = run_cmd(NULL, "%s -d -u %d", _PATH_MDCONFIG, mdunit); if (error) warn("mdconfig (detach) detach failed: %s%s%d", _PATH_DEV, MD_NAME, mdunit); } } err: if (sfd != NULL) fclose(sfd); if (fd != -1) close(fd); free(vnodefile); return (ret); } static int run_cmd(int *ofd, const char *cmdline, ...) { va_list ap; char **argv, **argvp, *cmd, *p; int argc, pid, status, rv; int pfd[2], nfd, dup2dn; va_start(ap, cmdline); rv = vasprintf(&cmd, cmdline, ap); if (rv == -1) { warn("%s", __func__); va_end(ap); return (rv); } va_end(ap); for (argc = 1, p = cmd; (p = strchr(p, ' ')) != NULL; p++) argc++; argv = (char **)malloc(sizeof(*argv) * (argc + 1)); for (p = cmd, argvp = argv; (*argvp = strsep(&p, " ")) != NULL;) if (**argvp != '\0' && (++argvp > &argv[argc])) { *argvp = NULL; break; } /* The argv array ends up NULL-terminated here. */ #if 0 { int i; fprintf(stderr, "DEBUG: running:"); /* Should be equivalent to 'cmd' (before strsep, of course). */ for (i = 0; argv[i] != NULL; i++) fprintf(stderr, " %s", argv[i]); fprintf(stderr, "\n"); } #endif dup2dn = 1; if (ofd != NULL) { if (pipe(&pfd[0]) == -1) { warn("%s: pipe", __func__); return (-1); } *ofd = pfd[0]; dup2dn = 0; } pid = fork(); switch (pid) { case 0: /* Child process. */ if (ofd != NULL) if (dup2(pfd[1], STDOUT_FILENO) < 0) err(1, "dup2 in %s", __func__); nfd = open(_PATH_DEVNULL, O_RDWR); if (nfd == -1) err(1, "%s: open %s", __func__, _PATH_DEVNULL); if (dup2(nfd, STDIN_FILENO) < 0) err(1, "%s: dup2", __func__); if (dup2dn && dup2(nfd, STDOUT_FILENO) < 0) err(1, "%s: dup2", __func__); if (dup2(nfd, STDERR_FILENO) < 0) err(1, "%s: dup2", __func__); execv(argv[0], argv); warn("exec: %s", argv[0]); _exit(-1); case -1: err(1, "%s: fork", __func__); } free(cmd); free(argv); while (waitpid(pid, &status, 0) != pid) ; return (WEXITSTATUS(status)); } static int swapon_trim(const char *name) { struct stat sb; off_t ioarg[2], sz; int error, fd; /* Open a descriptor to create a consumer of the device. */ fd = open(name, O_WRONLY); if (fd < 0) errx(1, "Cannot open %s", name); /* Find the device size. */ if (fstat(fd, &sb) < 0) errx(1, "Cannot stat %s", name); if (S_ISREG(sb.st_mode)) sz = sb.st_size; else if (S_ISCHR(sb.st_mode)) { if (ioctl(fd, DIOCGMEDIASIZE, &sz) != 0) err(1, "ioctl(DIOCGMEDIASIZE)"); } else errx(1, "%s has an invalid file type", name); /* Trim the device. */ ioarg[0] = BBSIZE; ioarg[1] = sz - BBSIZE; if (ioctl(fd, DIOCGDELETE, ioarg) != 0) warn("ioctl(DIOCGDELETE)"); /* Start using the device for swapping, creating a second consumer. */ error = swapon(name); /* * Do not close the device until the swap pager has attempted to create * another consumer. For GELI devices created with the 'detach -l' * option, removing the last consumer causes the device to be detached * - that is, to disappear. This ordering ensures that the device will * not be detached until swapoff is called. */ close(fd); return (error); } static const char * swap_on_off_sfile(const char *name, int doingall) { int error; if (which_prog == SWAPON) error = Eflag ? swapon_trim(name) : swapon(name); else /* SWAPOFF */ error = swapoff(name, fflag ? SWAPOFF_FORCE : 0); if (error == -1) { switch (errno) { case EBUSY: if (doingall == 0) warnx("%s: Device already in use", name); break; case EINVAL: if (which_prog == SWAPON) warnx("%s: NSWAPDEV limit reached", name); else if (doingall == 0) warn("%s", name); break; default: warn("%s", name); break; } return (NULL); } return (name); } static void usage(void) { fprintf(stderr, "usage: %s ", getprogname()); switch(orig_prog) { case SWAPON: fprintf(stderr, "[-F fstab] -aLq | [-E] file ...\n"); break; case SWAPOFF: fprintf(stderr, "[-F fstab] -afLq | file ...\n"); break; case SWAPCTL: fprintf(stderr, "[-AghklmsU] [-a file ... | -d file ...]\n"); break; } exit(1); } static void sizetobuf(char *buf, size_t bufsize, int hflag, long long val, int hlen, long blocksize) { char tmp[16]; if (hflag == 'H') { humanize_number(tmp, 5, (int64_t)val, "", HN_AUTOSCALE, HN_B | HN_NOSPACE | HN_DECIMAL); snprintf(buf, bufsize, "%*s", hlen, tmp); } else snprintf(buf, bufsize, "%*lld", hlen, val / blocksize); } static void swaplist(int lflag, int sflag, int hflag) { size_t mibsize, size; struct xswdev xsw; int hlen, mib[16], n, pagesize; long blocksize; long long total = 0; long long used = 0; long long tmp_total; long long tmp_used; char buf[32]; pagesize = getpagesize(); switch(hflag) { case 'G': blocksize = 1024 * 1024 * 1024; strlcpy(buf, "1GB-blocks", sizeof(buf)); hlen = 10; break; case 'H': blocksize = -1; strlcpy(buf, "Bytes", sizeof(buf)); hlen = 10; break; case 'K': blocksize = 1024; strlcpy(buf, "1kB-blocks", sizeof(buf)); hlen = 10; break; case 'M': blocksize = 1024 * 1024; strlcpy(buf, "1MB-blocks", sizeof(buf)); hlen = 10; break; default: getbsize(&hlen, &blocksize); snprintf(buf, sizeof(buf), "%ld-blocks", blocksize); break; } mibsize = nitems(mib); if (sysctlnametomib("vm.swap_info", mib, &mibsize) == -1) err(1, "sysctlnametomib()"); if (lflag) { printf("%-13s %*s %*s\n", "Device:", hlen, buf, hlen, "Used:"); } for (n = 0; ; ++n) { mib[mibsize] = n; size = sizeof xsw; if (sysctl(mib, mibsize + 1, &xsw, &size, NULL, 0) == -1) break; if (xsw.xsw_version != XSWDEV_VERSION) errx(1, "xswdev version mismatch"); tmp_total = (long long)xsw.xsw_nblks * pagesize; tmp_used = (long long)xsw.xsw_used * pagesize; total += tmp_total; used += tmp_used; if (lflag) { sizetobuf(buf, sizeof(buf), hflag, tmp_total, hlen, blocksize); printf("/dev/%-8s %s ", devname(xsw.xsw_dev, S_IFCHR), buf); sizetobuf(buf, sizeof(buf), hflag, tmp_used, hlen, blocksize); printf("%s\n", buf); } } if (errno != ENOENT) err(1, "sysctl()"); if (sflag) { sizetobuf(buf, sizeof(buf), hflag, total, hlen, blocksize); printf("Total: %s ", buf); sizetobuf(buf, sizeof(buf), hflag, used, hlen, blocksize); printf("%s\n", buf); } } diff --git a/sbin/sysctl/Makefile b/sbin/sysctl/Makefile index e5455568223c..e1e590307c6d 100644 --- a/sbin/sysctl/Makefile +++ b/sbin/sysctl/Makefile @@ -1,14 +1,13 @@ -# @(#)Makefile 8.1 (Berkeley) 6/6/93 .include PACKAGE=runtime CONFS= sysctl.conf PROG= sysctl WARNS?= 3 MAN= sysctl.8 HAS_TESTS= SUBDIR.${MK_TESTS}+= tests .include diff --git a/sbin/sysctl/sysctl.8 b/sbin/sysctl/sysctl.8 index ed768510eb6c..837282e80a9b 100644 --- a/sbin/sysctl/sysctl.8 +++ b/sbin/sysctl/sysctl.8 @@ -1,346 +1,344 @@ .\" Copyright (c) 1993 .\" The Regents of the University of California. All rights reserved. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: .\" 1. Redistributions of source code must retain the above copyright .\" notice, this list of conditions and the following disclaimer. .\" 2. Redistributions in binary form must reproduce the above copyright .\" notice, this list of conditions and the following disclaimer in the .\" documentation and/or other materials provided with the distribution. .\" 3. Neither the name of the University nor the names of its contributors .\" may be used to endorse or promote products derived from this software .\" without specific prior written permission. .\" .\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE .\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" From: @(#)sysctl.8 8.1 (Berkeley) 6/6/93 -.\" .Dd August 18, 2023 .Dt SYSCTL 8 .Os .Sh NAME .Nm sysctl .Nd get or set kernel state .Sh SYNOPSIS .Nm .Op Fl bdeFhilNnoTtqWx .Op Fl B Ar bufsize .Op Fl f Ar filename .Ar name Ns Op = Ns Ar value Ns Op , Ns Ar value .Ar ... .Nm .Op Fl bdeFhlNnoTtqWx .Op Fl B Ar bufsize .Fl a .Sh DESCRIPTION The .Nm utility retrieves kernel state and allows processes with appropriate privilege to set kernel state. The state to be retrieved or set is described using a .Dq Management Information Base .Pq Dq MIB style name, described as a dotted set of components. .Pp The following options are available: .Bl -tag -width indent .It Fl A Equivalent to .Fl o a (for compatibility). .It Fl a List all the currently available values except for those which are opaque or excluded from listing via the .Dv CTLFLAG_SKIP flag. This option is ignored if one or more variable names are specified on the command line. .It Fl b Force the value of the variable(s) to be output in raw, binary format. No names are printed and no terminating newlines are output. This is mostly useful with a single variable. .It Fl B Ar bufsize Set the buffer size to read from the .Nm to .Ar bufsize . This is necessary for a .Nm that has variable length, and the probe value of 0 is a valid length, such as .Va kern.arandom . .It Fl d Print the description of the variable instead of its value. .It Fl e Separate the name and the value of the variable(s) with .Ql = . This is useful for producing output which can be fed back to the .Nm utility. This option is ignored if either .Fl N or .Fl n is specified, or a variable is being set. .It Fl f Ar filename Specify a file which contains a pair of name and value in each line. .Nm reads and processes the specified file first and then processes the name and value pairs in the command line argument. .It Fl F Print the format of the variable. This is additional information to describe the type of the variable and most useful with struct types such as clockinfo, timeval, and loadavg. .It Fl h Format output for human, rather than machine, readability. .It Fl i Ignore unknown OIDs. The purpose is to make use of .Nm for collecting data from a variety of machines (not all of which are necessarily running exactly the same software) easier. .It Fl l Show the length of variables along with their values. This option cannot be combined with the .Fl N option. .It Fl N Show only variable names, not their values. This is particularly useful with shells that offer programmable completion. To enable completion of variable names in .Xr zsh 1 Pq Pa ports/shells/zsh , use the following code: .Bd -literal -offset indent listsysctls () { set -A reply $(sysctl -AN ${1%.*}) } compctl -K listsysctls sysctl .Ed .Pp To enable completion of variable names in .Xr tcsh 1 , use: .Pp .Dl "complete sysctl 'n/*/`sysctl -Na`/'" .It Fl n Do not show variable names. This option is useful for setting shell variables. For instance, to save the pagesize in variable .Va psize , use: .Pp .Dl "set psize=`sysctl -n hw.pagesize`" .It Fl o Show opaque variables (which are normally suppressed). The format and length are printed, as well as a hex dump of the first sixteen bytes of the value. .It Fl q Suppress some warnings generated by .Nm to standard error. .It Fl T Display only variables that are settable via loader (CTLFLAG_TUN). .It Fl t Print the type of the variable. .It Fl W Display only writable variables that are not statistical. Useful for determining the set of runtime tunable sysctls. .It Fl X Equivalent to .Fl x a (for compatibility). .It Fl x As .Fl o , but prints a hex dump of the entire value instead of just the first few bytes. .El .Pp The information available from .Nm consists of integers, strings, and opaque types. The .Nm utility only knows about a couple of opaque types, and will resort to hexdumps for the rest. The opaque information is much more useful if retrieved by special purpose programs such as .Xr ps 1 , .Xr systat 1 , and .Xr netstat 1 . .Pp Some of the variables which cannot be modified during normal system operation can be initialized via .Xr loader 8 tunables. This can for example be done by setting them in .Xr loader.conf 5 . Please refer to .Xr loader.conf 5 for more information on which tunables are available and how to set them. .Pp The string and integer information is summarized below. For a detailed description of these variables see .Xr sysctl 3 and .Xr security 7 . .Pp The changeable column indicates whether a process with appropriate privilege can change the value. String and integer values can be set using .Nm . .Bl -column security.bsd.unprivileged_read_msgbuf integerxxx .It Sy "Name Type Changeable" .It "kern.ostype string no" .It "kern.osrelease string no" .It "kern.osrevision integer no" .It "kern.version string no" .It "kern.maxvnodes integer yes" .It "kern.maxproc integer no" .It "kern.maxprocperuid integer yes" .It "kern.maxfiles integer yes" .It "kern.maxfilesperproc integer yes" .It "kern.argmax integer no" .It "kern.securelevel integer raise only" .It "kern.hostname string yes" .It "kern.hostid integer yes" .It "kern.clockrate struct no" .It "kern.posix1version integer no" .It "kern.ngroups integer no" .It "kern.job_control integer no" .It "kern.saved_ids integer no" .It "kern.boottime struct no" .It "kern.domainname string yes" .It "kern.filedelay integer yes" .It "kern.dirdelay integer yes" .It "kern.metadelay integer yes" .It "kern.osreldate integer no" .It "kern.bootfile string yes" .It "kern.corefile string yes" .It "kern.logsigexit integer yes" .It "security.bsd.suser_enabled integer yes" .It "security.bsd.see_other_uids integer yes" .It "security.bsd.see_other_gids integer yes" .It "security.bsd.see_jail_proc integer yes" .It "security.bsd.unprivileged_proc_debug integer yes" .It "security.bsd.unprivileged_read_msgbuf integer yes" .It "vm.loadavg struct no" .It "hw.machine string no" .It "hw.model string no" .It "hw.ncpu integer no" .It "hw.byteorder integer no" .It "hw.physmem integer no" .It "hw.usermem integer no" .It "hw.pagesize integer no" .It "hw.floatingpoint integer no" .It "hw.machine_arch string no" .It "hw.realmem integer no" .It "machdep.adjkerntz integer yes" .It "machdep.disable_rtc_set integer yes" .It "machdep.guessed_bootdev string no" .It "user.cs_path string no" .It "user.bc_base_max integer no" .It "user.bc_dim_max integer no" .It "user.bc_scale_max integer no" .It "user.bc_string_max integer no" .It "user.coll_weights_max integer no" .It "user.expr_nest_max integer no" .It "user.line_max integer no" .It "user.re_dup_max integer no" .It "user.posix2_version integer no" .It "user.posix2_c_bind integer no" .It "user.posix2_c_dev integer no" .It "user.posix2_char_term integer no" .It "user.posix2_fort_dev integer no" .It "user.posix2_fort_run integer no" .It "user.posix2_localedef integer no" .It "user.posix2_sw_dev integer no" .It "user.posix2_upe integer no" .It "user.stream_max integer no" .It "user.tzname_max integer no" .It "user.localbase string no" .El .Sh FILES .Bl -tag -width ".In netinet/icmp_var.h" -compact .It In sys/sysctl.h definitions for top level identifiers, second level kernel and hardware identifiers, and user level identifiers .It In sys/socket.h definitions for second level network identifiers .It In sys/gmon.h definitions for third level profiling identifiers .It In vm/vm_param.h definitions for second level virtual memory identifiers .It In netinet/in.h definitions for third level Internet identifiers and fourth level IP identifiers .It In netinet/icmp_var.h definitions for fourth level ICMP identifiers .It In netinet/udp_var.h definitions for fourth level UDP identifiers .El .Sh EXIT STATUS .Ex -std .Sh EXAMPLES For example, to retrieve the maximum number of processes allowed in the system, one would use the following request: .Pp .Dl "sysctl kern.maxproc" .Pp To set the maximum number of processes allowed per uid to 1000, one would use the following request: .Pp .Dl "sysctl kern.maxprocperuid=1000" .Pp Information about the system clock rate may be obtained with: .Pp .Dl "sysctl kern.clockrate" .Pp Information about the load average history may be obtained with: .Pp .Dl "sysctl vm.loadavg" .Pp More variables than these exist, and the best and likely only place to search for their deeper meaning is undoubtedly the source where they are defined. .Sh COMPATIBILITY The .Fl w option has been deprecated and is silently ignored. .Sh SEE ALSO .Xr sysctl 3 , .Xr loader.conf 5 , .Xr sysctl.conf 5 , .Xr security 7, .Xr loader 8 .Sh HISTORY A .Nm utility first appeared in .Bx 4.4 . .Pp In .Fx 2.2 , .Nm was significantly remodeled. .Sh BUGS The .Nm utility presently exploits an undocumented interface to the kernel .Xr sysctl 9 facility to traverse the sysctl tree and to retrieve format and name information. This correct interface is being thought about for the time being. diff --git a/sbin/tunefs/Makefile b/sbin/tunefs/Makefile index e78c3fe671c2..2a1f78885311 100644 --- a/sbin/tunefs/Makefile +++ b/sbin/tunefs/Makefile @@ -1,15 +1,14 @@ -# @(#)Makefile 8.1 (Berkeley) 6/5/93 PACKAGE=ufs PROG= tunefs SRCS= tunefs.c getmntopts.c LIBADD= ufs MAN= tunefs.8 MOUNT= ${SRCTOP}/sbin/mount CFLAGS+= -I${MOUNT} .PATH: ${MOUNT} WARNS?= 3 .include diff --git a/sbin/tunefs/tunefs.8 b/sbin/tunefs/tunefs.8 index 19059e335834..97de1abf33c0 100644 --- a/sbin/tunefs/tunefs.8 +++ b/sbin/tunefs/tunefs.8 @@ -1,251 +1,249 @@ .\" Copyright (c) 1983, 1991, 1993 .\" The Regents of the University of California. All rights reserved. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: .\" 1. Redistributions of source code must retain the above copyright .\" notice, this list of conditions and the following disclaimer. .\" 2. Redistributions in binary form must reproduce the above copyright .\" notice, this list of conditions and the following disclaimer in the .\" documentation and/or other materials provided with the distribution. .\" 3. Neither the name of the University nor the names of its contributors .\" may be used to endorse or promote products derived from this software .\" without specific prior written permission. .\" .\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE .\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" @(#)tunefs.8 8.2 (Berkeley) 12/11/93 -.\" .Dd November 17, 2023 .Dt TUNEFS 8 .Os .Sh NAME .Nm tunefs .Nd tune up an existing UFS file system .Sh SYNOPSIS .Nm .Op Fl A .Op Fl a Cm enable | disable .Op Fl e Ar maxbpg .Op Fl f Ar avgfilesize .Op Fl j Cm enable | disable .Op Fl J Cm enable | disable .Op Fl k Ar held-for-metadata-blocks .Op Fl L Ar volname .Op Fl l Cm enable | disable .Op Fl m Ar minfree .Op Fl N Cm enable | disable .Op Fl n Cm enable | disable .Op Fl o Cm space | time .Op Fl p .Op Fl s Ar avgfpdir .Op Fl S Ar size .Op Fl t Cm enable | disable .Ar special | filesystem .Sh DESCRIPTION The .Nm utility is designed to change the dynamic parameters of a UFS file system which affect the layout policies. The .Nm utility cannot be run on an active file system. To change an active file system, it must be downgraded to read-only or unmounted. .Pp The parameters which are to be changed are indicated by the flags given below: .Bl -tag -width indent .It Fl A The file system has several backups of the super-block. Specifying this option will cause all backups to be modified as well as the primary super-block. This is potentially dangerous - use with caution. .It Fl a Cm enable | disable Turn on/off the administrative POSIX.1e ACL enable flag. .It Fl e Ar maxbpg Indicate the maximum number of blocks any single file can allocate out of a cylinder group before it is forced to begin allocating blocks from another cylinder group. Typically this value is set to about one quarter of the total blocks in a cylinder group. The intent is to prevent any single file from using up all the blocks in a single cylinder group, thus degrading access times for all files subsequently allocated in that cylinder group. The effect of this limit is to cause big files to do long seeks more frequently than if they were allowed to allocate all the blocks in a cylinder group before seeking elsewhere. For file systems with exclusively large files, this parameter should be set higher. .It Fl f Ar avgfilesize Specify the expected average file size. .It Fl j Cm enable | disable Turn on/off soft updates journaling. .Pp Enabling journaling reduces the time spent by .Xr fsck_ffs 8 cleaning up a filesystem after a crash to a few seconds from minutes to hours. Without journaling, the time to recover after a crash is a function of the number of files in the filesystem and the size of the filesystem. With journaling, the time to recover after a crash is a function of the amount of activity in the filesystem in the minute before the crash. Journaled recovery time is usually only a few seconds and never exceeds a minute. .Pp The drawback to using journaling is that the writes to its log adds an extra write load to the media containing the filesystem. Thus a write-intensive workload will have reduced throughput on a filesystem running with journaling. .Pp Like all journaling filesystems, the journal recovery will only fix issues known to the journal. Specifically if a media error occurs, the journal will not know about it and hence will not fix it. Thus when using journaling, it is still necessary to run a full fsck every few months or after a filesystem panic to check for and fix any errors brought on by media failure. A full fsck can be done by running a background fsck on a live filesystem or by running with the .Fl f flag on an unmounted filesystem. When running .Xr fsck_ffs 8 in background on a live filesystem the filesystem performance will be about half of normal during the time that the background .Xr fsck_ffs 8 is running. Running a full fsck on a UFS filesystem is the equivalent of running a scrub on a ZFS filesystem. .It Fl J Cm enable | disable Turn on/off gjournal flag. .It Fl k Ar held-for-metadata-blocks Set the amount of space to be held for metadata blocks. When set, the file system preference routines will try to save the specified amount of space immediately following the inode blocks in each cylinder group for use by metadata blocks. Clustering the metadata blocks speeds up random file access and decreases the running time of .Xr fsck 8 . While this option can be set at any time, it is most effective if set before any data is loaded into the file system. By default .Xr newfs 8 sets it to half of the space reserved to minfree. .It Fl L Ar volname Add/modify an optional file system volume label. Legal characters are alphanumerics, dashes, and underscores. .It Fl l Cm enable | disable Turn on/off MAC multilabel flag. .It Fl m Ar minfree Specify the percentage of space held back from normal users; the minimum free space threshold. The default value used is 8%. Note that lowering the threshold can adversely affect performance: .Bl -bullet .It Settings of 5% and less force space optimization to always be used which will greatly increase the overhead for file writes. .It The file system's ability to avoid fragmentation will be reduced when the total free space, including the reserve, drops below 15%. As free space approaches zero, throughput can degrade by up to a factor of three over the performance obtained at a 10% threshold. .El .Pp If the value is raised above the current usage level, users will be unable to allocate files until enough files have been deleted to get under the higher threshold. .It Fl N Cm enable | disable Turn on/off the administrative NFSv4 ACL enable flag. .It Fl n Cm enable | disable Turn on/off soft updates. .It Fl o Cm space | time The file system can either try to minimize the time spent allocating blocks, or it can attempt to minimize the space fragmentation on the disk. Optimization for space has much higher overhead for file writes. The kernel normally changes the preference automatically as the percent fragmentation changes on the file system. .It Fl p Show a summary of what the current tunable settings are on the selected file system. More detailed information can be obtained from the .Xr dumpfs 8 utility. .It Fl s Ar avgfpdir Specify the expected number of files per directory. .It Fl S Ar size Specify the softdep journal size in bytes. The minimum is 4M. .It Fl t Cm enable | disable Turn on/off the TRIM enable flag. If enabled, and if the underlying device supports the BIO_DELETE command, the file system will send a delete request to the underlying device for each freed block. The trim enable flag is typically set when the underlying device uses flash-memory as the device can use the delete command to pre-zero or at least avoid copying blocks that have been deleted. .Pp Note that this does not trim blocks that are already free. See the .Xr fsck_ffs 8 .Fl E flag. .El .Pp At least one of these flags is required. .Sh FILES .Bl -tag -width ".Pa /etc/fstab" .It Pa /etc/fstab read this to determine the device file for a specified mount point. .El .Sh SEE ALSO .Xr fs 5 , .Xr ffs 7 , .Xr tuning 7 , .Xr dumpfs 8 , .Xr gjournal 8 , .Xr growfs 8 , .Xr newfs 8 .Rs .%A M. McKusick .%A W. Joy .%A S. Leffler .%A R. Fabry .%T "A Fast File System for UNIX" .%J "ACM Transactions on Computer Systems 2" .%N 3 .%P pp 181-197 .%D August 1984 .%O "(reprinted in the BSD System Manager's Manual, SMM:5)" .Re .Sh HISTORY The .Nm utility appeared in .Bx 4.2 . .Sh BUGS This utility does not work on active file systems. To change the root file system, the system must be rebooted after the file system is tuned. .\" Take this out and a Unix Daemon will dog your steps from now until .\" the time_t's wrap around. .Pp You can tune a file system, but you cannot tune a fish. diff --git a/sbin/tunefs/tunefs.c b/sbin/tunefs/tunefs.c index 9b38e23effd0..803ef1c7aab4 100644 --- a/sbin/tunefs/tunefs.c +++ b/sbin/tunefs/tunefs.c @@ -1,1116 +1,1113 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1983, 1993 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #if 0 #ifndef lint static const char copyright[] = "@(#) Copyright (c) 1983, 1993\n\ The Regents of the University of California. All rights reserved.\n"; #endif /* not lint */ -#ifndef lint -static char sccsid[] = "@(#)tunefs.c 8.2 (Berkeley) 4/19/94"; -#endif /* not lint */ #endif #include /* * tunefs: change layout parameters to an existing file system. */ #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include /* the optimization warning string template */ #define OPTWARN "should optimize for %s with minfree %s %d%%" static int blocks; static char clrbuf[MAXBSIZE]; static struct uufsd disk; #define sblock disk.d_fs static void usage(void) __dead2; static void printfs(void); static int journal_alloc(int64_t size); static void journal_clear(void); static void sbdirty(void); int main(int argc, char *argv[]) { const char *avalue, *jvalue, *Jvalue, *Lvalue, *lvalue, *Nvalue, *nvalue; const char *tvalue; const char *special; const char *name; char *diskname; int Aflag, aflag, eflag, evalue, fflag, fvalue, jflag, Jflag, kflag; int kvalue, Lflag, lflag, mflag, mvalue, Nflag, nflag, oflag, ovalue; int pflag, sflag, svalue, Svalue, tflag; int ch, found_arg, i; const char *chg[2]; if (argc < 3) usage(); Aflag = aflag = eflag = fflag = jflag = Jflag = kflag = Lflag = 0; lflag = mflag = Nflag = nflag = oflag = pflag = sflag = tflag = 0; avalue = jvalue = Jvalue = Lvalue = lvalue = Nvalue = nvalue = NULL; evalue = fvalue = mvalue = ovalue = svalue = Svalue = 0; found_arg = 0; /* At least one arg is required. */ while ((ch = getopt(argc, argv, "Aa:e:f:j:J:k:L:l:m:N:n:o:ps:S:t:")) != -1) switch (ch) { case 'A': found_arg++; Aflag++; break; case 'a': found_arg++; name = "POSIX.1e ACLs"; avalue = optarg; if (strcmp(avalue, "enable") && strcmp(avalue, "disable")) { errx(10, "bad %s (options are %s)", name, "`enable' or `disable'"); } aflag = 1; break; case 'e': found_arg++; name = "maximum blocks per file in a cylinder group"; evalue = atoi(optarg); if (evalue < 1) errx(10, "%s must be >= 1 (was %s)", name, optarg); eflag = 1; break; case 'f': found_arg++; name = "average file size"; fvalue = atoi(optarg); if (fvalue < 1) errx(10, "%s must be >= 1 (was %s)", name, optarg); fflag = 1; break; case 'j': found_arg++; name = "softdep journaled file system"; jvalue = optarg; if (strcmp(jvalue, "enable") && strcmp(jvalue, "disable")) { errx(10, "bad %s (options are %s)", name, "`enable' or `disable'"); } jflag = 1; break; case 'J': found_arg++; name = "gjournaled file system"; Jvalue = optarg; if (strcmp(Jvalue, "enable") && strcmp(Jvalue, "disable")) { errx(10, "bad %s (options are %s)", name, "`enable' or `disable'"); } Jflag = 1; break; case 'k': found_arg++; name = "space to hold for metadata blocks"; kvalue = atoi(optarg); if (kvalue < 0) errx(10, "bad %s (%s)", name, optarg); kflag = 1; break; case 'L': found_arg++; name = "volume label"; Lvalue = optarg; i = -1; while (isalnum(Lvalue[++i]) || Lvalue[i] == '_' || Lvalue[i] == '-') ; if (Lvalue[i] != '\0') { errx(10, "bad %s. Valid characters are " "alphanumerics, dashes, and underscores.", name); } if (strlen(Lvalue) >= MAXVOLLEN) { errx(10, "bad %s. Length is longer than %d.", name, MAXVOLLEN - 1); } Lflag = 1; break; case 'l': found_arg++; name = "multilabel MAC file system"; lvalue = optarg; if (strcmp(lvalue, "enable") && strcmp(lvalue, "disable")) { errx(10, "bad %s (options are %s)", name, "`enable' or `disable'"); } lflag = 1; break; case 'm': found_arg++; name = "minimum percentage of free space"; mvalue = atoi(optarg); if (mvalue < 0 || mvalue > 99) errx(10, "bad %s (%s)", name, optarg); mflag = 1; break; case 'N': found_arg++; name = "NFSv4 ACLs"; Nvalue = optarg; if (strcmp(Nvalue, "enable") && strcmp(Nvalue, "disable")) { errx(10, "bad %s (options are %s)", name, "`enable' or `disable'"); } Nflag = 1; break; case 'n': found_arg++; name = "soft updates"; nvalue = optarg; if (strcmp(nvalue, "enable") != 0 && strcmp(nvalue, "disable") != 0) { errx(10, "bad %s (options are %s)", name, "`enable' or `disable'"); } nflag = 1; break; case 'o': found_arg++; name = "optimization preference"; if (strcmp(optarg, "space") == 0) ovalue = FS_OPTSPACE; else if (strcmp(optarg, "time") == 0) ovalue = FS_OPTTIME; else errx(10, "bad %s (options are `space' or `time')", name); oflag = 1; break; case 'p': found_arg++; pflag = 1; break; case 's': found_arg++; name = "expected number of files per directory"; svalue = atoi(optarg); if (svalue < 1) errx(10, "%s must be >= 1 (was %s)", name, optarg); sflag = 1; break; case 'S': found_arg++; name = "Softdep Journal Size"; Svalue = atoi(optarg); if (Svalue < SUJ_MIN) errx(10, "%s must be >= %d (was %s)", name, SUJ_MIN, optarg); break; case 't': found_arg++; name = "trim"; tvalue = optarg; if (strcmp(tvalue, "enable") != 0 && strcmp(tvalue, "disable") != 0) { errx(10, "bad %s (options are %s)", name, "`enable' or `disable'"); } tflag = 1; break; default: usage(); } argc -= optind; argv += optind; if (found_arg == 0 || argc != 1) usage(); special = argv[0]; if (ufs_disk_fillout(&disk, special) == -1) goto err; /* * Check for unclean filesystem. */ if ((sblock.fs_clean == 0 || (sblock.fs_flags & (FS_UNCLEAN | FS_NEEDSFSCK)) != 0) && (found_arg > 1 || !pflag)) errx(1, "%s is not clean - run fsck.\n", special); if (pflag) { printfs(); exit(0); } if (Lflag) { name = "volume label"; strncpy(sblock.fs_volname, Lvalue, MAXVOLLEN); } if (aflag) { name = "POSIX.1e ACLs"; if (strcmp(avalue, "enable") == 0) { if (sblock.fs_flags & FS_ACLS) { warnx("%s remains unchanged as enabled", name); } else if (sblock.fs_flags & FS_NFS4ACLS) { warnx("%s and NFSv4 ACLs are mutually " "exclusive", name); } else { sblock.fs_flags |= FS_ACLS; warnx("%s set", name); } } else if (strcmp(avalue, "disable") == 0) { if ((~sblock.fs_flags & FS_ACLS) == FS_ACLS) { warnx("%s remains unchanged as disabled", name); } else { sblock.fs_flags &= ~FS_ACLS; warnx("%s cleared", name); } } } if (eflag) { name = "maximum blocks per file in a cylinder group"; if (sblock.fs_maxbpg == evalue) warnx("%s remains unchanged as %d", name, evalue); else { warnx("%s changes from %d to %d", name, sblock.fs_maxbpg, evalue); sblock.fs_maxbpg = evalue; } } if (fflag) { name = "average file size"; if (sblock.fs_avgfilesize == (unsigned)fvalue) { warnx("%s remains unchanged as %d", name, fvalue); } else { warnx("%s changes from %d to %d", name, sblock.fs_avgfilesize, fvalue); sblock.fs_avgfilesize = fvalue; } } if (jflag) { name = "soft updates journaling"; if (strcmp(jvalue, "enable") == 0) { if ((sblock.fs_flags & (FS_DOSOFTDEP | FS_SUJ)) == (FS_DOSOFTDEP | FS_SUJ)) { warnx("%s remains unchanged as enabled", name); } else if (sblock.fs_clean == 0) { warnx("%s cannot be enabled until fsck is run", name); } else if (journal_alloc(Svalue) != 0) { warnx("%s cannot be enabled", name); } else { sblock.fs_flags |= FS_DOSOFTDEP | FS_SUJ; warnx("%s set", name); } } else if (strcmp(jvalue, "disable") == 0) { if ((~sblock.fs_flags & FS_SUJ) == FS_SUJ) { warnx("%s remains unchanged as disabled", name); } else { journal_clear(); sblock.fs_flags &= ~FS_SUJ; sblock.fs_sujfree = 0; warnx("%s cleared but soft updates still set.", name); warnx("remove .sujournal to reclaim space"); } } } if (Jflag) { name = "gjournal"; if (strcmp(Jvalue, "enable") == 0) { if (sblock.fs_flags & FS_GJOURNAL) { warnx("%s remains unchanged as enabled", name); } else { sblock.fs_flags |= FS_GJOURNAL; warnx("%s set", name); } } else if (strcmp(Jvalue, "disable") == 0) { if ((~sblock.fs_flags & FS_GJOURNAL) == FS_GJOURNAL) { warnx("%s remains unchanged as disabled", name); } else { sblock.fs_flags &= ~FS_GJOURNAL; warnx("%s cleared", name); } } } if (kflag) { name = "space to hold for metadata blocks"; if (sblock.fs_metaspace == kvalue) warnx("%s remains unchanged as %d", name, kvalue); else { kvalue = blknum(&sblock, kvalue); if (kvalue > sblock.fs_fpg / 2) { kvalue = blknum(&sblock, sblock.fs_fpg / 2); warnx("%s cannot exceed half the file system " "space", name); } warnx("%s changes from %jd to %d", name, sblock.fs_metaspace, kvalue); sblock.fs_metaspace = kvalue; } } if (lflag) { name = "multilabel"; if (strcmp(lvalue, "enable") == 0) { if (sblock.fs_flags & FS_MULTILABEL) { warnx("%s remains unchanged as enabled", name); } else { sblock.fs_flags |= FS_MULTILABEL; warnx("%s set", name); } } else if (strcmp(lvalue, "disable") == 0) { if ((~sblock.fs_flags & FS_MULTILABEL) == FS_MULTILABEL) { warnx("%s remains unchanged as disabled", name); } else { sblock.fs_flags &= ~FS_MULTILABEL; warnx("%s cleared", name); } } } if (mflag) { name = "minimum percentage of free space"; if (sblock.fs_minfree == mvalue) warnx("%s remains unchanged as %d%%", name, mvalue); else { warnx("%s changes from %d%% to %d%%", name, sblock.fs_minfree, mvalue); sblock.fs_minfree = mvalue; if (mvalue >= MINFREE && sblock.fs_optim == FS_OPTSPACE) warnx(OPTWARN, "time", ">=", MINFREE); if (mvalue < MINFREE && sblock.fs_optim == FS_OPTTIME) warnx(OPTWARN, "space", "<", MINFREE); } } if (Nflag) { name = "NFSv4 ACLs"; if (strcmp(Nvalue, "enable") == 0) { if (sblock.fs_flags & FS_NFS4ACLS) { warnx("%s remains unchanged as enabled", name); } else if (sblock.fs_flags & FS_ACLS) { warnx("%s and POSIX.1e ACLs are mutually " "exclusive", name); } else { sblock.fs_flags |= FS_NFS4ACLS; warnx("%s set", name); } } else if (strcmp(Nvalue, "disable") == 0) { if ((~sblock.fs_flags & FS_NFS4ACLS) == FS_NFS4ACLS) { warnx("%s remains unchanged as disabled", name); } else { sblock.fs_flags &= ~FS_NFS4ACLS; warnx("%s cleared", name); } } } if (nflag) { name = "soft updates"; if (strcmp(nvalue, "enable") == 0) { if (sblock.fs_flags & FS_DOSOFTDEP) warnx("%s remains unchanged as enabled", name); else if (sblock.fs_clean == 0) { warnx("%s cannot be enabled until fsck is run", name); } else { sblock.fs_flags |= FS_DOSOFTDEP; warnx("%s set", name); } } else if (strcmp(nvalue, "disable") == 0) { if ((~sblock.fs_flags & FS_DOSOFTDEP) == FS_DOSOFTDEP) warnx("%s remains unchanged as disabled", name); else { sblock.fs_flags &= ~FS_DOSOFTDEP; warnx("%s cleared", name); } } } if (oflag) { name = "optimization preference"; chg[FS_OPTSPACE] = "space"; chg[FS_OPTTIME] = "time"; if (sblock.fs_optim == ovalue) warnx("%s remains unchanged as %s", name, chg[ovalue]); else { warnx("%s changes from %s to %s", name, chg[sblock.fs_optim], chg[ovalue]); sblock.fs_optim = ovalue; if (sblock.fs_minfree >= MINFREE && ovalue == FS_OPTSPACE) warnx(OPTWARN, "time", ">=", MINFREE); if (sblock.fs_minfree < MINFREE && ovalue == FS_OPTTIME) warnx(OPTWARN, "space", "<", MINFREE); } } if (sflag) { name = "expected number of files per directory"; if (sblock.fs_avgfpdir == (unsigned)svalue) { warnx("%s remains unchanged as %d", name, svalue); } else { warnx("%s changes from %d to %d", name, sblock.fs_avgfpdir, svalue); sblock.fs_avgfpdir = svalue; } } if (tflag) { name = "issue TRIM to the disk"; if (strcmp(tvalue, "enable") == 0) { if (sblock.fs_flags & FS_TRIM) warnx("%s remains unchanged as enabled", name); else { sblock.fs_flags |= FS_TRIM; warnx("%s set", name); } } else if (strcmp(tvalue, "disable") == 0) { if ((~sblock.fs_flags & FS_TRIM) == FS_TRIM) warnx("%s remains unchanged as disabled", name); else { sblock.fs_flags &= ~FS_TRIM; warnx("%s cleared", name); } } } if (sbwrite(&disk, Aflag) == -1) goto err; diskname = strdup(disk.d_name); ufs_disk_close(&disk); chkdoreload(getmntpoint(diskname), warnx); exit(0); err: if (disk.d_error != NULL) errx(11, "%s: %s", special, disk.d_error); else err(12, "%s", special); } static void sbdirty(void) { disk.d_fs.fs_flags |= FS_UNCLEAN | FS_NEEDSFSCK; disk.d_fs.fs_clean = 0; } static ufs2_daddr_t journal_balloc(void) { ufs2_daddr_t blk; struct cg *cgp; int valid; static int contig = 1; cgp = &disk.d_cg; for (;;) { blk = cgballoc(&disk); if (blk > 0) break; /* * If we failed to allocate a block from this cg, move to * the next. */ if (cgwrite(&disk) < 0) { warn("Failed to write updated cg"); return (-1); } while ((valid = cgread(&disk)) == 1) { /* * Try to minimize fragmentation by requiring a minimum * number of blocks present. */ if (cgp->cg_cs.cs_nbfree > 256 * 1024) break; if (contig == 0 && cgp->cg_cs.cs_nbfree) break; } if (valid) continue; /* * Try once through looking only for large contiguous regions * and again taking any space we can find. */ if (contig) { contig = 0; disk.d_ccg = 0; warnx("Journal file fragmented."); continue; } warnx("Failed to find sufficient free blocks for the journal"); return -1; } if (bwrite(&disk, fsbtodb(&sblock, blk), clrbuf, sblock.fs_bsize) <= 0) { warn("Failed to initialize new block"); return -1; } return (blk); } /* * Search a directory block for the SUJ_FILE. */ static ino_t dir_search(ufs2_daddr_t blk, int bytes) { char block[MAXBSIZE]; struct direct *dp; int off; if (bread(&disk, fsbtodb(&sblock, blk), block, bytes) <= 0) { warn("Failed to read dir block"); return (-1); } for (off = 0; off < bytes; off += dp->d_reclen) { dp = (struct direct *)&block[off]; if (dp->d_reclen == 0) break; if (dp->d_ino == 0) continue; if (dp->d_namlen != strlen(SUJ_FILE)) continue; if (bcmp(dp->d_name, SUJ_FILE, dp->d_namlen) != 0) continue; return (dp->d_ino); } return (0); } /* * Search in the UFS_ROOTINO for the SUJ_FILE. If it exists we can not enable * journaling. */ static ino_t journal_findfile(void) { union dinodep dp; ino_t ino; int i; if (getinode(&disk, &dp, UFS_ROOTINO) != 0) { warn("Failed to get root inode: %s", disk.d_error); return (-1); } if (sblock.fs_magic == FS_UFS1_MAGIC) { if ((off_t)dp.dp1->di_size >= lblktosize(&sblock, UFS_NDADDR)) { warnx("UFS_ROOTINO extends beyond direct blocks."); return (-1); } for (i = 0; i < UFS_NDADDR; i++) { if (dp.dp1->di_db[i] == 0) break; if ((ino = dir_search(dp.dp1->di_db[i], sblksize(&sblock, (off_t)dp.dp1->di_size, i))) != 0) return (ino); } } else { if ((off_t)dp.dp2->di_size >= lblktosize(&sblock, UFS_NDADDR)) { warnx("UFS_ROOTINO extends beyond direct blocks."); return (-1); } for (i = 0; i < UFS_NDADDR; i++) { if (dp.dp2->di_db[i] == 0) break; if ((ino = dir_search(dp.dp2->di_db[i], sblksize(&sblock, (off_t)dp.dp2->di_size, i))) != 0) return (ino); } } return (0); } static void dir_clear_block(const char *block, off_t off) { struct direct *dp; for (; off < sblock.fs_bsize; off += DIRBLKSIZ) { dp = (struct direct *)&block[off]; dp->d_ino = 0; dp->d_reclen = DIRBLKSIZ; dp->d_type = DT_UNKNOWN; } } /* * Insert the journal at inode 'ino' into directory blk 'blk' at the first * free offset of 'off'. DIRBLKSIZ blocks after off are initialized as * empty. */ static int dir_insert(ufs2_daddr_t blk, off_t off, ino_t ino) { struct direct *dp; char block[MAXBSIZE]; if (bread(&disk, fsbtodb(&sblock, blk), block, sblock.fs_bsize) <= 0) { warn("Failed to read dir block"); return (-1); } bzero(&block[off], sblock.fs_bsize - off); dp = (struct direct *)&block[off]; dp->d_ino = ino; dp->d_reclen = DIRBLKSIZ; dp->d_type = DT_REG; dp->d_namlen = strlen(SUJ_FILE); bcopy(SUJ_FILE, &dp->d_name, strlen(SUJ_FILE)); dir_clear_block(block, off + DIRBLKSIZ); if (bwrite(&disk, fsbtodb(&sblock, blk), block, sblock.fs_bsize) <= 0) { warn("Failed to write dir block"); return (-1); } return (0); } /* * Extend a directory block in 'blk' by copying it to a full size block * and inserting the new journal inode into .sujournal. */ static int dir_extend(ufs2_daddr_t blk, ufs2_daddr_t nblk, off_t size, ino_t ino) { char block[MAXBSIZE]; if (bread(&disk, fsbtodb(&sblock, blk), block, roundup(size, sblock.fs_fsize)) <= 0) { warn("Failed to read dir block"); return (-1); } dir_clear_block(block, size); if (bwrite(&disk, fsbtodb(&sblock, nblk), block, sblock.fs_bsize) <= 0) { warn("Failed to write dir block"); return (-1); } return (dir_insert(nblk, size, ino)); } /* * Insert the journal file into the UFS_ROOTINO directory. We always extend the * last frag */ static int journal_insertfile(ino_t ino) { union dinodep dp; ufs2_daddr_t nblk; ufs2_daddr_t blk; ufs_lbn_t lbn; int size; int off; if (getinode(&disk, &dp, UFS_ROOTINO) != 0) { warn("Failed to get root inode: %s", disk.d_error); sbdirty(); return (-1); } blk = 0; size = 0; nblk = journal_balloc(); if (nblk <= 0) return (-1); /* * For simplicity sake we aways extend the UFS_ROOTINO into a new * directory block rather than searching for space and inserting * into an existing block. However, if the rootino has frags * have to free them and extend the block. */ if (sblock.fs_magic == FS_UFS1_MAGIC) { lbn = lblkno(&sblock, dp.dp1->di_size); off = blkoff(&sblock, dp.dp1->di_size); blk = dp.dp1->di_db[lbn]; size = sblksize(&sblock, (off_t)dp.dp1->di_size, lbn); } else { lbn = lblkno(&sblock, dp.dp2->di_size); off = blkoff(&sblock, dp.dp2->di_size); blk = dp.dp2->di_db[lbn]; size = sblksize(&sblock, (off_t)dp.dp2->di_size, lbn); } if (off != 0) { if (dir_extend(blk, nblk, off, ino) == -1) return (-1); } else { blk = 0; if (dir_insert(nblk, 0, ino) == -1) return (-1); } if (sblock.fs_magic == FS_UFS1_MAGIC) { dp.dp1->di_blocks += (sblock.fs_bsize - size) / DEV_BSIZE; dp.dp1->di_db[lbn] = nblk; dp.dp1->di_size = lblktosize(&sblock, lbn+1); } else { dp.dp2->di_blocks += (sblock.fs_bsize - size) / DEV_BSIZE; dp.dp2->di_db[lbn] = nblk; dp.dp2->di_size = lblktosize(&sblock, lbn+1); } if (putinode(&disk) < 0) { warn("Failed to write root inode: %s", disk.d_error); return (-1); } if (cgwrite(&disk) < 0) { warn("Failed to write updated cg"); sbdirty(); return (-1); } if (blk) { if (cgbfree(&disk, blk, size) < 0) { warn("Failed to write cg"); return (-1); } } return (0); } static int indir_fill(ufs2_daddr_t blk, int level, int *resid) { char indirbuf[MAXBSIZE]; ufs1_daddr_t *bap1; ufs2_daddr_t *bap2; ufs2_daddr_t nblk; int ncnt; int cnt; int i; bzero(indirbuf, sizeof(indirbuf)); bap1 = (ufs1_daddr_t *)indirbuf; bap2 = (void *)bap1; cnt = 0; for (i = 0; i < NINDIR(&sblock) && *resid != 0; i++) { nblk = journal_balloc(); if (nblk <= 0) return (-1); cnt++; if (sblock.fs_magic == FS_UFS1_MAGIC) *bap1++ = nblk; else *bap2++ = nblk; if (level != 0) { ncnt = indir_fill(nblk, level - 1, resid); if (ncnt <= 0) return (-1); cnt += ncnt; } else (*resid)--; } if (bwrite(&disk, fsbtodb(&sblock, blk), indirbuf, sblock.fs_bsize) <= 0) { warn("Failed to write indirect"); return (-1); } return (cnt); } /* * Clear the flag bits so the journal can be removed. */ static void journal_clear(void) { union dinodep dp; ino_t ino; ino = journal_findfile(); if (ino == (ino_t)-1 || ino == 0) { warnx("Journal file does not exist"); return; } printf("Clearing journal flags from inode %ju\n", (uintmax_t)ino); if (getinode(&disk, &dp, ino) != 0) { warn("Failed to get journal inode: %s", disk.d_error); return; } if (sblock.fs_magic == FS_UFS1_MAGIC) dp.dp1->di_flags = 0; else dp.dp2->di_flags = 0; if (putinode(&disk) < 0) { warn("Failed to write journal inode: %s", disk.d_error); return; } } static int journal_alloc(int64_t size) { union dinodep dp; ufs2_daddr_t blk; struct cg *cgp; int resid; ino_t ino; int blks; time_t utime; int i; cgp = &disk.d_cg; ino = 0; /* * If the journal file exists we can't allocate it. */ ino = journal_findfile(); if (ino == (ino_t)-1) { warnx("journal_findfile() failed."); return (-1); } if (ino > 0) { warnx("Journal file %s already exists, please remove.", SUJ_FILE); return (-1); } /* * If the user didn't supply a size pick one based on the filesystem * size constrained with hardcoded MIN and MAX values. We opt for * 1/1024th of the filesystem up to MAX but not exceeding one CG and * not less than the MIN. */ if (size == 0) { size = (sblock.fs_size * sblock.fs_bsize) / 1024; if (size / sblock.fs_fsize > sblock.fs_fpg) size = sblock.fs_fpg * sblock.fs_fsize; size = MAX(SUJ_MIN, size); } /* fsck does not support fragments in journal files. */ size = roundup(size, sblock.fs_bsize); resid = blocks = size / sblock.fs_bsize; if (sblock.fs_cstotal.cs_nbfree < blocks) { warn("Insufficient free space for %jd byte journal", size); return (-1); } /* * Find a cg with enough blocks to satisfy the journal * size. Presently the journal does not span cgs. */ while (cgread(&disk) == 1) { if (cgp->cg_cs.cs_nifree == 0) continue; ino = cgialloc(&disk); if (ino <= 0) break; printf("Using inode %ju in cg %d for %jd byte journal\n", (uintmax_t)ino, cgp->cg_cgx, size); if (getinode(&disk, &dp, ino) != 0) { warn("Failed to get allocated inode: %s", disk.d_error); sbdirty(); goto out; } /* * We leave fields unrelated to the number of allocated * blocks and size uninitialized. This causes legacy * fsck implementations to clear the inode. */ time(&utime); if (sblock.fs_magic == FS_UFS1_MAGIC) { bzero(dp.dp1, sizeof(*dp.dp1)); dp.dp1->di_size = size; dp.dp1->di_mode = IFREG | IREAD; dp.dp1->di_nlink = 1; dp.dp1->di_flags = SF_IMMUTABLE | SF_NOUNLINK | UF_NODUMP; dp.dp1->di_atime = utime; dp.dp1->di_mtime = utime; dp.dp1->di_ctime = utime; } else { bzero(dp.dp2, sizeof(*dp.dp2)); dp.dp2->di_size = size; dp.dp2->di_mode = IFREG | IREAD; dp.dp2->di_nlink = 1; dp.dp2->di_flags = SF_IMMUTABLE | SF_NOUNLINK | UF_NODUMP; dp.dp2->di_atime = utime; dp.dp2->di_mtime = utime; dp.dp2->di_ctime = utime; dp.dp2->di_birthtime = utime; } for (i = 0; i < UFS_NDADDR && resid; i++, resid--) { blk = journal_balloc(); if (blk <= 0) goto out; if (sblock.fs_magic == FS_UFS1_MAGIC) { dp.dp1->di_db[i] = blk; dp.dp1->di_blocks++; } else { dp.dp2->di_db[i] = blk; dp.dp2->di_blocks++; } } for (i = 0; i < UFS_NIADDR && resid; i++) { blk = journal_balloc(); if (blk <= 0) goto out; blks = indir_fill(blk, i, &resid) + 1; if (blks <= 0) { sbdirty(); goto out; } if (sblock.fs_magic == FS_UFS1_MAGIC) { dp.dp1->di_ib[i] = blk; dp.dp1->di_blocks += blks; } else { dp.dp2->di_ib[i] = blk; dp.dp2->di_blocks += blks; } } if (sblock.fs_magic == FS_UFS1_MAGIC) dp.dp1->di_blocks *= sblock.fs_bsize / disk.d_bsize; else dp.dp2->di_blocks *= sblock.fs_bsize / disk.d_bsize; if (putinode(&disk) < 0) { warn("Failed to write allocated inode: %s", disk.d_error); sbdirty(); return (-1); } if (cgwrite(&disk) < 0) { warn("Failed to write updated cg"); sbdirty(); return (-1); } if (journal_insertfile(ino) < 0) { sbdirty(); return (-1); } sblock.fs_sujfree = 0; return (0); } warnx("Insufficient free space for the journal."); out: return (-1); } static void usage(void) { fprintf(stderr, "%s\n%s\n%s\n%s\n%s\n%s\n", "usage: tunefs [-A] [-a enable | disable] [-e maxbpg] [-f avgfilesize]", " [-J enable | disable] [-j enable | disable] [-k metaspace]", " [-L volname] [-l enable | disable] [-m minfree]", " [-N enable | disable] [-n enable | disable]", " [-o space | time] [-p] [-s avgfpdir] [-t enable | disable]", " special | filesystem"); exit(2); } static void printfs(void) { warnx("POSIX.1e ACLs: (-a) %s", (sblock.fs_flags & FS_ACLS)? "enabled" : "disabled"); warnx("NFSv4 ACLs: (-N) %s", (sblock.fs_flags & FS_NFS4ACLS)? "enabled" : "disabled"); warnx("MAC multilabel: (-l) %s", (sblock.fs_flags & FS_MULTILABEL)? "enabled" : "disabled"); warnx("soft updates: (-n) %s", (sblock.fs_flags & FS_DOSOFTDEP)? "enabled" : "disabled"); warnx("soft update journaling: (-j) %s", (sblock.fs_flags & FS_SUJ)? "enabled" : "disabled"); warnx("gjournal: (-J) %s", (sblock.fs_flags & FS_GJOURNAL)? "enabled" : "disabled"); warnx("trim: (-t) %s", (sblock.fs_flags & FS_TRIM)? "enabled" : "disabled"); warnx("maximum blocks per file in a cylinder group: (-e) %d", sblock.fs_maxbpg); warnx("average file size: (-f) %d", sblock.fs_avgfilesize); warnx("average number of files in a directory: (-s) %d", sblock.fs_avgfpdir); warnx("minimum percentage of free space: (-m) %d%%", sblock.fs_minfree); warnx("space to hold for metadata blocks: (-k) %jd", sblock.fs_metaspace); warnx("optimization preference: (-o) %s", sblock.fs_optim == FS_OPTSPACE ? "space" : "time"); if (sblock.fs_minfree >= MINFREE && sblock.fs_optim == FS_OPTSPACE) warnx(OPTWARN, "time", ">=", MINFREE); if (sblock.fs_minfree < MINFREE && sblock.fs_optim == FS_OPTTIME) warnx(OPTWARN, "space", "<", MINFREE); warnx("volume label: (-L) %s", sblock.fs_volname); } diff --git a/sbin/umount/Makefile b/sbin/umount/Makefile index 5d8cb0670cc3..7b440db82af1 100644 --- a/sbin/umount/Makefile +++ b/sbin/umount/Makefile @@ -1,15 +1,13 @@ -# @(#)Makefile 8.4 (Berkeley) 6/22/95 -# PACKAGE=runtime PROG= umount SRCS= umount.c vfslist.c mounttab.c MAN= umount.8 MOUNT= ${.CURDIR:H}/mount UMNTALL= ${SRCTOP}/usr.sbin/rpc.umntall CFLAGS+= -I${MOUNT} -I${UMNTALL} .PATH: ${MOUNT} ${UMNTALL} .include diff --git a/sbin/umount/umount.8 b/sbin/umount/umount.8 index b5a7d7230269..180572017f6f 100644 --- a/sbin/umount/umount.8 +++ b/sbin/umount/umount.8 @@ -1,192 +1,190 @@ .\" Copyright (c) 1980, 1989, 1991, 1993 .\" The Regents of the University of California. All rights reserved. .\" .\" Redistribution and use in source and binary forms, with or without .\" modification, are permitted provided that the following conditions .\" are met: .\" 1. Redistributions of source code must retain the above copyright .\" notice, this list of conditions and the following disclaimer. .\" 2. Redistributions in binary form must reproduce the above copyright .\" notice, this list of conditions and the following disclaimer in the .\" documentation and/or other materials provided with the distribution. .\" 3. Neither the name of the University nor the names of its contributors .\" may be used to endorse or promote products derived from this software .\" without specific prior written permission. .\" .\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND .\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE .\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE .\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE .\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL .\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS .\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) .\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT .\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF .\" SUCH DAMAGE. .\" -.\" @(#)umount.8 8.2 (Berkeley) 5/8/95 -.\" .Dd June 19, 2020 .Dt UMOUNT 8 .Os .Sh NAME .Nm umount .Nd unmount file systems .Sh SYNOPSIS .Nm .Op Fl fNnv .Ar special ... | node ... | fsid ... .Nm .Fl a | A .Op Fl F Ar fstab .Op Fl fnv .Op Fl h Ar host .Op Fl t Ar type .Sh DESCRIPTION The .Nm utility calls the .Xr unmount 2 system call to remove a file system from the file system tree. The file system can be specified by its .Ar special device or remote node .Pq Ar rhost Ns Cm \& : Ns Ar path , the path to the mount point .Ar node or by the file system ID .Ar fsid as reported by .Dq mount -v when run by root. .Pp The options are as follows: .Bl -tag -width "-F fstab" .It Fl a All the file systems described in .Xr fstab 5 are unmounted. .It Fl A All the currently mounted file systems are unmounted, except for those mounted at .Pa / or .Pa /dev . .It Fl F Ar fstab Specify the .Pa fstab file to use. .It Fl f The file system is forcibly unmounted. Active special devices continue to work, but all other files return errors if further accesses are attempted. The root file system cannot be forcibly unmounted. For NFS, a forced dismount can take up to 1 minute or more to complete against an unresponsive server and may throw away data not yet written to the server for this case. If a process, such as .Nm without the .Fl f flag is hung on an .Tn NFS mount point, use the .Fl N flag instead. Also, doing a forced dismount of an NFSv3 mount when .Xr rpc.lockd 8 is running is unsafe and can result in a crash. .It Fl h Ar host Only file systems mounted from the specified host will be unmounted. This option implies the .Fl A option and, unless otherwise specified with the .Fl t option, will only unmount .Tn NFS file systems. .It Fl N Do a forced dismount of an .Tn NFS mount point without checking the mount path. This option can only be used with the path to the mount point .Ar node and the path must be specified exactly as it was at mount time. This option is useful when a process is hung waiting for an unresponsive .Tn NFS server while holding a vnode lock on the mounted-on vnode, such that .Nm with the .Fl f flag can't complete. Using this option can result in a loss of file updates that have not been flushed to the .Tn NFS server. .It Fl n Unless the .Fl f is used, the .Nm will not unmount an active file system. It will, however, perform a flush. This flag disables this behaviour, preventing the flush if there are any files open. .It Fl t Ar type Is used to indicate the actions should only be taken on file systems of the specified type. More than one type may be specified in a comma separated list. The list of file system types can be prefixed with .Dq no to specify the file system types for which action should .Em not be taken. For example, the .Nm command: .Bd -literal -offset indent umount -a -t nfs,nullfs .Ed .Pp unmounts all file systems of the type .Tn NFS and .Tn NULLFS that are listed in the .Xr fstab 5 file. .It Fl v Verbose, additional information is printed out as each file system is unmounted. .El .Sh ENVIRONMENT .Bl -tag -width ".Ev PATH_FSTAB" .It Ev PATH_FSTAB If the environment variable .Ev PATH_FSTAB is set, all operations are performed against the specified file. .Ev PATH_FSTAB will not be honored if the process environment or memory address space is considered .Dq tainted . (See .Xr issetugid 2 for more information.) .El .Sh FILES .Bl -tag -width /etc/fstab -compact .It Pa /etc/fstab file system table .El .Sh SEE ALSO .Xr unmount 2 , .Xr fstab 5 , .Xr autounmountd 8 , .Xr mount 8 .Sh HISTORY A .Nm utility appeared in .At v1 . diff --git a/sbin/umount/umount.c b/sbin/umount/umount.c index aca7c201bc9b..097f558e7f13 100644 --- a/sbin/umount/umount.c +++ b/sbin/umount/umount.c @@ -1,655 +1,652 @@ /*- * SPDX-License-Identifier: BSD-3-Clause * * Copyright (c) 1980, 1989, 1993 * The Regents of the University of California. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * 3. Neither the name of the University nor the names of its contributors * may be used to endorse or promote products derived from this software * without specific prior written permission. * * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. */ #ifndef lint static const char copyright[] = "@(#) Copyright (c) 1980, 1989, 1993\n\ The Regents of the University of California. All rights reserved.\n"; #endif /* not lint */ #ifndef lint -#if 0 -static char sccsid[] = "@(#)umount.c 8.8 (Berkeley) 5/8/95"; -#endif #endif /* not lint */ #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include #include "mounttab.h" typedef enum { FIND, REMOVE, CHECKUNIQUE } dowhat; static struct addrinfo *nfshost_ai = NULL; static int fflag, vflag; static char *nfshost; struct statfs *checkmntlist(char *); int checkvfsname (const char *, char **); struct statfs *getmntentry(const char *fromname, const char *onname, fsid_t *fsid, dowhat what); char **makevfslist (const char *); size_t mntinfo (struct statfs **); int namematch (struct addrinfo *); int parsehexfsid(const char *hex, fsid_t *fsid); int sacmp (void *, void *); int umountall (char **); int checkname (char *, char **); int umountfs(struct statfs *sfs); void usage (void); int xdr_dir (XDR *, char *); int main(int argc, char *argv[]) { int all, errs, ch, mntsize, error, nfsforce, ret; char **typelist = NULL; struct statfs *mntbuf, *sfs; struct addrinfo hints; nfsforce = all = errs = 0; while ((ch = getopt(argc, argv, "AaF:fh:Nnt:v")) != -1) switch (ch) { case 'A': all = 2; break; case 'a': all = 1; break; case 'F': setfstab(optarg); break; case 'f': fflag |= MNT_FORCE; break; case 'h': /* -h implies -A. */ all = 2; nfshost = optarg; break; case 'N': nfsforce = 1; break; case 'n': fflag |= MNT_NONBUSY; break; case 't': if (typelist != NULL) err(1, "only one -t option may be specified"); typelist = makevfslist(optarg); break; case 'v': vflag = 1; break; default: usage(); /* NOTREACHED */ } argc -= optind; argv += optind; if ((fflag & MNT_FORCE) != 0 && (fflag & MNT_NONBUSY) != 0) err(1, "-f and -n are mutually exclusive"); if ((argc == 0 && !all) || (argc != 0 && all)) usage(); if (nfsforce != 0 && (argc == 0 || nfshost != NULL || typelist != NULL)) usage(); /* -h implies "-t nfs" if no -t flag. */ if ((nfshost != NULL) && (typelist == NULL)) typelist = makevfslist("nfs"); if (nfshost != NULL) { memset(&hints, 0, sizeof hints); error = getaddrinfo(nfshost, NULL, &hints, &nfshost_ai); if (error) errx(1, "%s: %s", nfshost, gai_strerror(error)); } switch (all) { case 2: if ((mntsize = mntinfo(&mntbuf)) <= 0) break; /* * We unmount the nfs-mounts in the reverse order * that they were mounted. */ for (errs = 0, mntsize--; mntsize > 0; mntsize--) { sfs = &mntbuf[mntsize]; if (checkvfsname(sfs->f_fstypename, typelist)) continue; if (strcmp(sfs->f_mntonname, "/dev") == 0) continue; if (umountfs(sfs) != 0) errs = 1; } free(mntbuf); break; case 1: if (setfsent() == 0) err(1, "%s", getfstab()); errs = umountall(typelist); break; case 0: for (errs = 0; *argv != NULL; ++argv) if (nfsforce != 0) { /* * First do the nfssvc() syscall to shut down * the mount point and then do the forced * dismount. */ ret = nfssvc(NFSSVC_FORCEDISM, *argv); if (ret >= 0) ret = unmount(*argv, MNT_FORCE); if (ret < 0) { warn("%s", *argv); errs = 1; } } else if (checkname(*argv, typelist) != 0) errs = 1; break; } exit(errs); } int umountall(char **typelist) { struct xvfsconf vfc; struct fstab *fs; int rval; char *cp; static int firstcall = 1; if ((fs = getfsent()) != NULL) firstcall = 0; else if (firstcall) errx(1, "fstab reading failure"); else return (0); do { /* Ignore the root. */ if (strcmp(fs->fs_file, "/") == 0) continue; /* * !!! * Historic practice: ignore unknown FSTAB_* fields. */ if (strcmp(fs->fs_type, FSTAB_RW) && strcmp(fs->fs_type, FSTAB_RO) && strcmp(fs->fs_type, FSTAB_RQ)) continue; /* Ignore unknown file system types. */ if (getvfsbyname(fs->fs_vfstype, &vfc) == -1) continue; if (checkvfsname(fs->fs_vfstype, typelist)) continue; /* * We want to unmount the file systems in the reverse order * that they were mounted. So, we save off the file name * in some allocated memory, and then call recursively. */ if ((cp = malloc((size_t)strlen(fs->fs_file) + 1)) == NULL) err(1, "malloc failed"); (void)strcpy(cp, fs->fs_file); rval = umountall(typelist); rval = checkname(cp, typelist) || rval; free(cp); return (rval); } while ((fs = getfsent()) != NULL); return (0); } /* * Do magic checks on mountpoint/device/fsid, and then call unmount(2). */ int checkname(char *mntname, char **typelist) { char buf[MAXPATHLEN]; struct statfs sfsbuf; struct stat sb; struct statfs *sfs; char *delimp; dev_t dev; int len; /* * 1. Check if the name exists in the mounttable. */ sfs = checkmntlist(mntname); /* * 2. Remove trailing slashes if there are any. After that * we look up the name in the mounttable again. */ if (sfs == NULL) { len = strlen(mntname); while (len > 1 && mntname[len - 1] == '/') mntname[--len] = '\0'; sfs = checkmntlist(mntname); } /* * 3. Check if the deprecated NFS syntax with an '@' has been used * and translate it to the ':' syntax. Look up the name in the * mount table again. */ if (sfs == NULL && (delimp = strrchr(mntname, '@')) != NULL) { snprintf(buf, sizeof(buf), "%s:%.*s", delimp + 1, (int)(delimp - mntname), mntname); len = strlen(buf); while (len > 1 && buf[len - 1] == '/') buf[--len] = '\0'; sfs = checkmntlist(buf); } /* * 4. Resort to a statfs(2) call. This is the last check so that * hung NFS filesystems for example can be unmounted without * potentially blocking forever in statfs() as long as the * filesystem is specified unambiguously. This covers all the * hard cases such as symlinks and mismatches between the * mount list and reality. * We also do this if an ambiguous mount point was specified. */ if (sfs == NULL || (getmntentry(NULL, mntname, NULL, FIND) != NULL && getmntentry(NULL, mntname, NULL, CHECKUNIQUE) == NULL)) { if (statfs(mntname, &sfsbuf) != 0) { warn("%s: statfs", mntname); } else if (stat(mntname, &sb) != 0) { warn("%s: stat", mntname); } else if (S_ISDIR(sb.st_mode)) { /* Check that `mntname' is the root directory. */ dev = sb.st_dev; snprintf(buf, sizeof(buf), "%s/..", mntname); if (stat(buf, &sb) != 0) { warn("%s: stat", buf); } else if (sb.st_dev == dev) { warnx("%s: not a file system root directory", mntname); return (1); } else sfs = &sfsbuf; } } if (sfs == NULL) { warnx("%s: unknown file system", mntname); return (1); } if (checkvfsname(sfs->f_fstypename, typelist)) return (1); return (umountfs(sfs)); } /* * NFS stuff and unmount(2) call */ int umountfs(struct statfs *sfs) { char fsidbuf[64]; enum clnt_stat clnt_stat; struct timeval try; struct addrinfo *ai, hints; int do_rpc; CLIENT *clp; char *nfsdirname, *orignfsdirname; char *hostp, *delimp; char buf[1024]; struct nfscl_dumpmntopts dumpmntopts; const char *proto_ptr = NULL; ai = NULL; do_rpc = 0; hostp = NULL; nfsdirname = delimp = orignfsdirname = NULL; memset(&hints, 0, sizeof hints); if (strcmp(sfs->f_fstypename, "nfs") == 0) { if ((nfsdirname = strdup(sfs->f_mntfromname)) == NULL) err(1, "strdup"); orignfsdirname = nfsdirname; if (*nfsdirname == '[' && (delimp = strchr(nfsdirname + 1, ']')) != NULL && *(delimp + 1) == ':') { hostp = nfsdirname + 1; nfsdirname = delimp + 2; } else if ((delimp = strrchr(nfsdirname, ':')) != NULL) { hostp = nfsdirname; nfsdirname = delimp + 1; } if (hostp != NULL) { *delimp = '\0'; getaddrinfo(hostp, NULL, &hints, &ai); if (ai == NULL) { warnx("can't get net id for host"); } } /* * Check if we have to start the rpc-call later. * If there are still identical nfs-names mounted, * we skip the rpc-call. Obviously this has to * happen before unmount(2), but it should happen * after the previous namecheck. * A non-NULL return means that this is the last * mount from mntfromname that is still mounted. */ if (getmntentry(sfs->f_mntfromname, NULL, NULL, CHECKUNIQUE) != NULL) { do_rpc = 1; proto_ptr = "udp"; /* * Try and find out whether this NFS mount is NFSv4 and * what protocol is being used. If this fails, the * default is NFSv2,3 and use UDP for the Unmount RPC. */ dumpmntopts.ndmnt_fname = sfs->f_mntonname; dumpmntopts.ndmnt_buf = buf; dumpmntopts.ndmnt_blen = sizeof(buf); if (nfssvc(NFSSVC_DUMPMNTOPTS, &dumpmntopts) >= 0) { if (strstr(buf, "nfsv4,") != NULL) do_rpc = 0; else if (strstr(buf, ",tcp,") != NULL) proto_ptr = "tcp"; } } } if (!namematch(ai)) { free(orignfsdirname); return (1); } /* First try to unmount using the file system ID. */ snprintf(fsidbuf, sizeof(fsidbuf), "FSID:%d:%d", sfs->f_fsid.val[0], sfs->f_fsid.val[1]); if (unmount(fsidbuf, fflag | MNT_BYFSID) != 0) { /* XXX, non-root users get a zero fsid, so don't warn. */ if (errno != ENOENT || sfs->f_fsid.val[0] != 0 || sfs->f_fsid.val[1] != 0) warn("unmount of %s failed", sfs->f_mntonname); if (errno != ENOENT) { free(orignfsdirname); return (1); } /* Compatibility for old kernels. */ if (sfs->f_fsid.val[0] != 0 || sfs->f_fsid.val[1] != 0) warnx("retrying using path instead of file system ID"); if (unmount(sfs->f_mntonname, fflag) != 0) { warn("unmount of %s failed", sfs->f_mntonname); free(orignfsdirname); return (1); } } /* Mark this file system as unmounted. */ getmntentry(NULL, NULL, &sfs->f_fsid, REMOVE); if (vflag) (void)printf("%s: unmount from %s\n", sfs->f_mntfromname, sfs->f_mntonname); /* * Report to mountd-server which nfsname * has been unmounted. */ if (ai != NULL && !(fflag & MNT_FORCE) && do_rpc) { clp = clnt_create(hostp, MOUNTPROG, MOUNTVERS3, proto_ptr); if (clp == NULL) { warnx("%s: %s", hostp, clnt_spcreateerror("MOUNTPROG")); free(orignfsdirname); return (1); } clp->cl_auth = authsys_create_default(); try.tv_sec = 20; try.tv_usec = 0; clnt_stat = clnt_call(clp, MOUNTPROC_UMNT, (xdrproc_t)xdr_dir, nfsdirname, (xdrproc_t)xdr_void, (caddr_t)0, try); if (clnt_stat != RPC_SUCCESS) { warnx("%s: %s", hostp, clnt_sperror(clp, "RPCMNT_UMOUNT")); free(orignfsdirname); return (1); } /* * Remove the unmounted entry from /var/db/mounttab. */ if (read_mtab()) { clean_mtab(hostp, nfsdirname, vflag); if(!write_mtab(vflag)) warnx("cannot remove mounttab entry %s:%s", hostp, nfsdirname); free_mtab(); } auth_destroy(clp->cl_auth); clnt_destroy(clp); } free(orignfsdirname); return (0); } struct statfs * getmntentry(const char *fromname, const char *onname, fsid_t *fsid, dowhat what) { static struct statfs *mntbuf; static size_t mntsize = 0; static int *mntcheck = NULL; struct statfs *sfs, *foundsfs; int i, count; if (mntsize <= 0) { if ((mntsize = mntinfo(&mntbuf)) <= 0) return (NULL); } if (mntcheck == NULL) { if ((mntcheck = calloc(mntsize + 1, sizeof(int))) == NULL) err(1, "calloc"); } /* * We want to get the file systems in the reverse order * that they were mounted. Unmounted file systems are marked * in a table called 'mntcheck'. */ count = 0; foundsfs = NULL; for (i = mntsize - 1; i >= 0; i--) { if (mntcheck[i]) continue; sfs = &mntbuf[i]; if (fromname != NULL && strcmp(sfs->f_mntfromname, fromname) != 0) continue; if (onname != NULL && strcmp(sfs->f_mntonname, onname) != 0) continue; if (fsid != NULL && fsidcmp(&sfs->f_fsid, fsid) != 0) continue; switch (what) { case CHECKUNIQUE: foundsfs = sfs; count++; continue; case REMOVE: mntcheck[i] = 1; break; default: break; } return (sfs); } if (what == CHECKUNIQUE && count == 1) return (foundsfs); return (NULL); } int sacmp(void *sa1, void *sa2) { void *p1, *p2; int len; if (((struct sockaddr *)sa1)->sa_family != ((struct sockaddr *)sa2)->sa_family) return (1); switch (((struct sockaddr *)sa1)->sa_family) { case AF_INET: p1 = &((struct sockaddr_in *)sa1)->sin_addr; p2 = &((struct sockaddr_in *)sa2)->sin_addr; len = 4; break; case AF_INET6: p1 = &((struct sockaddr_in6 *)sa1)->sin6_addr; p2 = &((struct sockaddr_in6 *)sa2)->sin6_addr; len = 16; if (((struct sockaddr_in6 *)sa1)->sin6_scope_id != ((struct sockaddr_in6 *)sa2)->sin6_scope_id) return (1); break; default: return (1); } return memcmp(p1, p2, len); } int namematch(struct addrinfo *ai) { struct addrinfo *aip; if (nfshost == NULL || nfshost_ai == NULL) return (1); while (ai != NULL) { aip = nfshost_ai; while (aip != NULL) { if (sacmp(ai->ai_addr, aip->ai_addr) == 0) return (1); aip = aip->ai_next; } ai = ai->ai_next; } return (0); } struct statfs * checkmntlist(char *mntname) { struct statfs *sfs; fsid_t fsid; sfs = NULL; if (parsehexfsid(mntname, &fsid) == 0) sfs = getmntentry(NULL, NULL, &fsid, FIND); if (sfs == NULL) sfs = getmntentry(NULL, mntname, NULL, FIND); if (sfs == NULL) sfs = getmntentry(mntname, NULL, NULL, FIND); return (sfs); } size_t mntinfo(struct statfs **mntbuf) { static struct statfs *origbuf; size_t bufsize; int mntsize; mntsize = getfsstat(NULL, 0, MNT_NOWAIT); if (mntsize <= 0) return (0); bufsize = (mntsize + 1) * sizeof(struct statfs); if ((origbuf = malloc(bufsize)) == NULL) err(1, "malloc"); mntsize = getfsstat(origbuf, (long)bufsize, MNT_NOWAIT); *mntbuf = origbuf; return (mntsize); } /* * Convert a hexadecimal filesystem ID to an fsid_t. * Returns 0 on success. */ int parsehexfsid(const char *hex, fsid_t *fsid) { char hexbuf[3]; int i; if (strlen(hex) != sizeof(*fsid) * 2) return (-1); hexbuf[2] = '\0'; for (i = 0; i < (int)sizeof(*fsid); i++) { hexbuf[0] = hex[i * 2]; hexbuf[1] = hex[i * 2 + 1]; if (!isxdigit(hexbuf[0]) || !isxdigit(hexbuf[1])) return (-1); ((u_char *)fsid)[i] = strtol(hexbuf, NULL, 16); } return (0); } /* * xdr routines for mount rpc's */ int xdr_dir(XDR *xdrsp, char *dirp) { return (xdr_string(xdrsp, &dirp, MNTPATHLEN)); } void usage(void) { (void)fprintf(stderr, "%s\n%s\n", "usage: umount [-fNnv] special ... | node ... | fsid ...", " umount -a | -A [-F fstab] [-fnv] [-h host] [-t type]"); exit(1); } diff --git a/sbin/zfsbootcfg/Makefile b/sbin/zfsbootcfg/Makefile index e5e20fc52130..3d5589dcee48 100644 --- a/sbin/zfsbootcfg/Makefile +++ b/sbin/zfsbootcfg/Makefile @@ -1,20 +1,19 @@ -# @(#)Makefile 8.4 (Berkeley) 6/22/95 PROG= zfsbootcfg MAN= zfsbootcfg.8 LIBADD+=zfsbootenv CFLAGS+= -DIN_BASE CFLAGS+= -I${SRCTOP}/sys/contrib/openzfs/include CFLAGS+= -I${SRCTOP}/sys/contrib/openzfs/include/os/freebsd CFLAGS+= -I${SRCTOP}/sys/contrib/openzfs/lib/libspl/include CFLAGS+= -I${SRCTOP}/sys/contrib/openzfs/lib/libspl/include/os/freebsd CFLAGS+= -I${SRCTOP}/sys CFLAGS+= -I${SRCTOP}/cddl/compat/opensolaris/include CFLAGS+= -I${SRCTOP}/sys/contrib/openzfs/module/icp/include CFLAGS+= -include ${SRCTOP}/sys/contrib/openzfs/include/os/freebsd/spl/sys/ccompile.h CFLAGS+= -DHAVE_ISSETUGID CFLAGS+= -include ${SRCTOP}/sys/modules/zfs/zfs_config.h .include