path: root/stand/libsa/ufs.c
Commit message (Collapse)AuthorAgeFilesLines
* ufs: Rework shortlink handling to avoid subobject overflowsJessica Clarke2022-01-021-5/+2
| | | | | | | | | | | | | | | | | | | | Shortlinks occupy the space of both di_db and di_ib when used. However, everywhere that wants to read or write a shortlink takes a pointer do di_db and promptly runs off the end of it into di_ib. This is fine on most architectures, if a little dodgy. However, on CHERI, the compiler can optionally restrict the bounds on pointers to subobjects to just that subobject, in order to mitigate intra-object buffer overflows, and this is enabled in CheriBSD's pure-capability kernels. Instead, clean this up by inserting a union such that a new di_shortlink can be added with the right size and element type, avoiding the need to cast and allowing the use of the DIP macro to access the field. This also mirrors how the ext2fs code implements extents support, with the exact same structure other than having a uint32_t i_data[] instead of a char di_shortlink[]. Reviewed by: mckusick, jhb Differential Revision: https://reviews.freebsd.org/D33650
* Consolodate four copies of the STDSB define into a single place.Kirk McKusick2021-11-151-5/+0
| | | | | | | | | | | | | The STDSB macro is passed to the ffs_sbget() routine to fetch a UFS/FFS superblock "from the stadard place". It was identically defined in lib/libufs/libufs.h, stand/libsa/ufs.c, sys/ufs/ffs/ffs_extern.h, and sys/ufs/ffs/ffs_subr.c. Delete it from these four files and define it instead in sys/ufs/ffs/fs.h. All existing uses of this macro already include sys/ufs/ffs/fs.h so no include changes need to be made. No functional change intended. Sponsored by: Netflix
* loader: implement mount/unmount rootfsToomas Soome2021-09-081-70/+140
| | | | | | | | | We want to keep our root file system open to preserve bcache segment between file accesses, thus reducing physical disk IO. Reviewed by: imp, allanjude, kevans (previous version) Differential Revision: https://reviews.freebsd.org/D30848 MFC after: 1 month
* Move the pointers stored in the superblock into a separateKirk McKusick2020-06-191-2/+10
| | | | | | | | | | | | | | | | | fs_summary_info structure. This change was originally done by the CheriBSD project as they need larger pointers that do not fit in the existing superblock. This cleanup of the superblock eases the task of the commit that immediately follows this one. Suggested by: brooks Reviewed by: kib PR: 246983 Sponsored by: Netflix Notes: svn path=/head/; revision=362358
* Normally when an attempt is made to mount a UFS/FFS filesystem whoseKirk McKusick2018-12-061-1/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | superblock has a check-hash error, an error message noting the superblock check-hash failure is printed and the mount fails. The administrator then runs fsck to repair the filesystem and when successful, the filesystem can once again be mounted. This approach fails if the filesystem in question is a root filesystem from which you are trying to boot. Here, the loader fails when trying to access the filesystem to get the kernel to boot. So it is necessary to allow the loader to ignore the superblock check-hash error and make a best effort to read the kernel. The filesystem may be suffiently corrupted that the read attempt fails, but there is no harm in trying since the loader makes no attempt to write to the filesystem. Once the kernel is loaded and starts to run, it attempts to mount its root filesystem. Once again, failure means that it breaks to its prompt to ask where to get its root filesystem. Unless you have an alternate root filesystem, you are stuck. Since the root filesystem is initially mounted read-only, it is safe to make an attempt to mount the root filesystem with the failed superblock check-hash. Thus, when asked to mount a root filesystem with a failed superblock check-hash, the kernel prints a warning message that the root filesystem superblock check-hash needs repair, but notes that it is ignoring the error and proceeding. It does mark the filesystem as needing an fsck which prevents it from being enabled for writing until fsck has been run on it. The net effect is that the reboot fails to single user, but at least at that point the administrator has the tools at hand to fix the problem. Reported by: Rick Macklem (rmacklem@) Discussed with: Warner Losh (imp@) Sponsored by: Netflix Notes: svn path=/head/; revision=341608
* Remove unused variables.Warner Losh2018-06-131-2/+1
| | | | | | | Sponsored by: Netflix Notes: svn path=/head/; revision=335070
* Add st_mtime, st_ino and st_dev for ufs_statSimon J. Gerraty2018-06-091-0/+16
| | | | | | | Differential Revision: D15064 Notes: svn path=/head/; revision=334868
* Revert r313780 (UFS_ prefix)Ed Maste2018-03-171-2/+2
| | | | Notes: svn path=/head/; revision=331095
* Prefix UFS symbols with UFS_ to reduce namespace pollutionEd Maste2018-03-171-2/+2
| | | | | | | | | | | | | Followup to r313780. Also prefix ext2's and nandfs's versions with EXT2_ and NANDFS_. Reported by: kib Reviewed by: kib, mckusick Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D9623 Notes: svn path=/head/; revision=331083
* This change is some refactoring of Mark Johnston's changes in r329375Kirk McKusick2018-03-021-2/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | to fix the memory leak that I introduced in r328426. Instead of trying to clear up the possible memory leak in all the clients, I ensure that it gets cleaned up in the source (e.g., ffs_sbget ensures that memory is always freed if it returns an error). The original change in r328426 was a bit sparse in its description. So I am expanding on its description here (thanks cem@ and rgrimes@ for your encouragement for my longer commit messages). In preparation for adding check hashing to superblocks, r328426 is a refactoring of the code to get the reading/writing of the superblock into one place. Unlike the cylinder group reading/writing which ends up in two places (ffs_getcg/ffs_geom_strategy in the kernel and cgget/cgput in libufs), I have the core superblock functions just in the kernel (ffs_sbfetch/ffs_sbput in ffs_subr.c which is already imported into utilities like fsck_ffs as well as libufs to implement sbget/sbput). The ffs_sbfetch and ffs_sbput functions take a function pointer to do the actual I/O for which there are four variants: ffs_use_bread / ffs_use_bwrite for the in-kernel filesystem g_use_g_read_data / g_use_g_write_data for kernel geom clients ufs_use_sa_read for the standalone code (stand/libsa/ufs.c but not stand/libsa/ufsread.c which is size constrained) use_pread / use_pwrite for libufs Uses of these interfaces are in the UFS filesystem, geoms journal & label, libsa changes, and libufs. They also permeate out into the filesystem utilities fsck_ffs, newfs, growfs, clri, dump, quotacheck, fsirand, fstyp, and quot. Some of these utilities should probably be converted to directly use libufs (like dumpfs was for example), but there does not seem to be much win in doing so. Tested by: Peter Holm (pho@) Notes: svn path=/head/; revision=330264
* libsa: Const-ify buffer argument of write(2) analogConrad Meyer2018-02-231-5/+6
| | | | | | | | | | Reported by: kevans Reviewed by: delphij, eadler, imp, kevans Sponsored by: Dell EMC Isilon Differential Revision: https://reviews.freebsd.org/D14482 Notes: svn path=/head/; revision=329879
* Fix a memory leak introduced in r328426.Mark Johnston2018-02-161-0/+1
| | | | | | | | | | | | | | ffs_sbget() may return a superblock buffer even if it fails, so the caller must be prepared to free it in this case. Moreover, when tasting alternate superblock locations in a loop, ffs_sbget()'s readfunc callback must free the previously allocated buffer. Reported and tested by: pho Reviewed by: kib (previous version) Differential Revision: https://reviews.freebsd.org/D14390 Notes: svn path=/head/; revision=329375
* Refactoring of reading and writing of the UFS/FFS superblock.Kirk McKusick2018-01-261-25/+30
| | | | | | | | | | | | | | | Specifically reading is done if ffs_sbget() and writing is done in ffs_sbput(). These functions are exported to libufs via the sbget() and sbput() functions which then used in the various filesystem utilities. This work is in preparation for adding subperblock check hashes. No functional change intended. Reviewed by: kib Notes: svn path=/head/; revision=328426
* Move sys/boot to stand. Fix all references to new locationWarner Losh2017-11-141-0/+861
Sponsored by: Netflix Notes: svn path=/head/; revision=325834