diff options
author | Kirk McKusick <mckusick@FreeBSD.org> | 2018-10-23 21:10:06 +0000 |
---|---|---|
committer | Kirk McKusick <mckusick@FreeBSD.org> | 2018-10-23 21:10:06 +0000 |
commit | ec888383cff48d90ac65cdbcad1e3f8e152ff8ca (patch) | |
tree | 0f51492bb043f6e2c716b9eba95af4631be6c024 /sbin/fsck_ffs/main.c | |
parent | 8c6d2039230c7c4039c8fa42bf95dbec842783f4 (diff) | |
download | src-ec888383cff48d90ac65cdbcad1e3f8e152ff8ca.tar.gz src-ec888383cff48d90ac65cdbcad1e3f8e152ff8ca.zip |
Continuing efforts to provide hardening of FFS, this change adds a
check hash to the superblock. If a check hash fails when an attempt
is made to mount a filesystem, the mount fails with EINVAL (Invalid
argument). This avoids a class of filesystem panics related to
corrupted superblocks. The hash is done using crc32c.
Check hases are added only to UFS2 and not to UFS1 as UFS1 is primarily
used in embedded systems with small memories and low-powered processors
which need as light-weight a filesystem as possible.
Reviewed by: kib
Tested by: Peter Holm
Sponsored by: Netflix
Notes
Notes:
svn path=/head/; revision=339671
Diffstat (limited to 'sbin/fsck_ffs/main.c')
-rw-r--r-- | sbin/fsck_ffs/main.c | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/sbin/fsck_ffs/main.c b/sbin/fsck_ffs/main.c index c160295d2702..e5118619475b 100644 --- a/sbin/fsck_ffs/main.c +++ b/sbin/fsck_ffs/main.c @@ -460,11 +460,13 @@ checkfilesys(char *filesys) if ((sblock.fs_metackhash & CK_CYLGRP) == 0 && reply("ADD CYLINDER GROUP CHECK-HASH PROTECTION") != 0) ckhashadd |= CK_CYLGRP; -#ifdef notyet if ((sblock.fs_metackhash & CK_SUPERBLOCK) == 0 && getosreldate() >= P_OSREL_CK_SUPERBLOCK && - reply("ADD SUPERBLOCK CHECK-HASH PROTECTION") != 0) - ckhashadd |= CK_SUPERBLOCK; + reply("ADD SUPERBLOCK CHECK-HASH PROTECTION") != 0) { + sblock.fs_metackhash |= CK_SUPERBLOCK; + sbdirty(); + } +#ifdef notyet if ((sblock.fs_metackhash & CK_INODE) == 0 && getosreldate() >= P_OSREL_CK_INODE && reply("ADD INODE CHECK-HASH PROTECTION") != 0) |