2017-11-20 19:49:47 +00:00
|
|
|
/*-
|
|
|
|
* SPDX-License-Identifier: BSD-3-Clause
|
|
|
|
*
|
2013-12-30 05:02:57 +00:00
|
|
|
* Copyright (c) 1980, 1986, 1993
|
|
|
|
* The Regents of the University of California. All rights reserved.
|
|
|
|
*
|
|
|
|
* Redistribution and use in source and binary forms, with or without
|
|
|
|
* modification, are permitted provided that the following conditions
|
|
|
|
* are met:
|
|
|
|
* 1. Redistributions of source code must retain the above copyright
|
|
|
|
* notice, this list of conditions and the following disclaimer.
|
|
|
|
* 2. Redistributions in binary form must reproduce the above copyright
|
|
|
|
* notice, this list of conditions and the following disclaimer in the
|
|
|
|
* documentation and/or other materials provided with the distribution.
|
2017-02-28 23:42:47 +00:00
|
|
|
* 3. Neither the name of the University nor the names of its contributors
|
2013-12-30 05:02:57 +00:00
|
|
|
* may be used to endorse or promote products derived from this software
|
|
|
|
* without specific prior written permission.
|
|
|
|
*
|
|
|
|
* THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
|
|
|
|
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
|
|
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
|
|
* ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
|
|
|
|
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
|
|
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
|
|
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
|
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
|
|
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
|
|
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
|
|
* SUCH DAMAGE.
|
|
|
|
*/
|
|
|
|
|
|
|
|
#if 0
|
|
|
|
#ifndef lint
|
|
|
|
static const char copyright[] =
|
|
|
|
"@(#) Copyright (c) 1980, 1986, 1993\n\
|
|
|
|
The Regents of the University of California. All rights reserved.\n";
|
|
|
|
#endif /* not lint */
|
|
|
|
|
|
|
|
#ifndef lint
|
|
|
|
static char sccsid[] = "@(#)main.c 8.6 (Berkeley) 5/14/95";
|
|
|
|
#endif /* not lint */
|
|
|
|
#endif
|
|
|
|
#include <sys/cdefs.h>
|
|
|
|
__FBSDID("$FreeBSD$");
|
|
|
|
|
|
|
|
#include <sys/param.h>
|
|
|
|
#include <ufs/ufs/dinode.h>
|
|
|
|
#include <ufs/ffs/fs.h>
|
|
|
|
#include <string.h>
|
|
|
|
#include "fsck.h"
|
|
|
|
|
|
|
|
long readcnt[BT_NUMBUFTYPES];
|
|
|
|
long totalreadcnt[BT_NUMBUFTYPES];
|
|
|
|
struct timespec readtime[BT_NUMBUFTYPES];
|
|
|
|
struct timespec totalreadtime[BT_NUMBUFTYPES];
|
|
|
|
struct timespec startprog;
|
|
|
|
struct bufarea sblk; /* file system superblock */
|
|
|
|
struct bufarea *pdirbp; /* current directory contents */
|
|
|
|
ino_t cursnapshot;
|
2017-04-22 14:50:11 +00:00
|
|
|
long dirhash, inplast;
|
|
|
|
unsigned long numdirs, listmax;
|
2013-12-30 05:02:57 +00:00
|
|
|
long countdirs; /* number of directories we actually found */
|
|
|
|
int adjrefcnt[MIBSIZE]; /* MIB command to adjust inode reference cnt */
|
|
|
|
int adjblkcnt[MIBSIZE]; /* MIB command to adjust inode block count */
|
2019-02-25 21:58:19 +00:00
|
|
|
int setsize[MIBSIZE]; /* MIB command to set inode size */
|
2013-12-30 05:02:57 +00:00
|
|
|
int adjndir[MIBSIZE]; /* MIB command to adjust number of directories */
|
|
|
|
int adjnbfree[MIBSIZE]; /* MIB command to adjust number of free blocks */
|
|
|
|
int adjnifree[MIBSIZE]; /* MIB command to adjust number of free inodes */
|
|
|
|
int adjnffree[MIBSIZE]; /* MIB command to adjust number of free frags */
|
|
|
|
int adjnumclusters[MIBSIZE]; /* MIB command to adjust number of free clusters */
|
|
|
|
int freefiles[MIBSIZE]; /* MIB command to free a set of files */
|
|
|
|
int freedirs[MIBSIZE]; /* MIB command to free a set of directories */
|
|
|
|
int freeblks[MIBSIZE]; /* MIB command to free a set of data blocks */
|
|
|
|
struct fsck_cmd cmd; /* sysctl file system update commands */
|
|
|
|
char snapname[BUFSIZ]; /* when doing snapshots, the name of the file */
|
|
|
|
char *cdevname; /* name of device being checked */
|
|
|
|
long dev_bsize; /* computed value of DEV_BSIZE */
|
|
|
|
long secsize; /* actual disk sector size */
|
2015-10-21 05:37:09 +00:00
|
|
|
u_int real_dev_bsize; /* actual disk sector size, not overridden */
|
2013-12-30 05:02:57 +00:00
|
|
|
char nflag; /* assume a no response */
|
|
|
|
char yflag; /* assume a yes response */
|
|
|
|
int bkgrdflag; /* use a snapshot to run on an active system */
|
2018-01-26 00:58:32 +00:00
|
|
|
off_t bflag; /* location of alternate super block */
|
2013-12-30 05:02:57 +00:00
|
|
|
int debug; /* output debugging info */
|
|
|
|
int Eflag; /* delete empty data blocks */
|
|
|
|
int Zflag; /* zero empty data blocks */
|
This update eliminates a kernel stack disclosure bug in UFS/FFS
directory entries that is caused by uninitialized directory entry
padding written to the disk. It can be viewed by any user with read
access to that directory. Up to 3 bytes of kernel stack are disclosed
per file entry, depending on the the amount of padding the kernel
needs to pad out the entry to a 32 bit boundry. The offset in the
kernel stack that is disclosed is a function of the filename size.
Furthermore, if the user can create files in a directory, this 3
byte window can be expanded 3 bytes at a time to a 254 byte window
with 75% of the data in that window exposed. The additional exposure
is done by removing the entry, creating a new entry with a 4-byte
longer name, extracting 3 more bytes by reading the directory, and
repeating until a 252 byte name is created.
This exploit works in part because the area of the kernel stack
that is being disclosed is in an area that typically doesn't change
that often (perhaps a few times a second on a lightly loaded system),
and these file creates and unlinks themselves don't overwrite the
area of kernel stack being disclosed.
It appears that this bug originated with the creation of the Fast
File System in 4.1b-BSD (Circa 1982, more than 36 years ago!), and
is likely present in every Unix or Unix-like system that uses
UFS/FFS. Amazingly, nobody noticed until now.
This update also adds the -z flag to fsck_ffs to have it scrub
the leaked information in the name padding of existing directories.
It only needs to be run once on each UFS/FFS filesystem after a
patched kernel is installed and running.
Submitted by: David G. Lawrence <dg@dglawrence.com>
Reviewed by: kib
MFC after: 1 week
2019-05-03 21:54:14 +00:00
|
|
|
int zflag; /* zero unused directory space */
|
2013-12-30 05:02:57 +00:00
|
|
|
int inoopt; /* trim out unused inodes */
|
|
|
|
char ckclean; /* only do work if not cleanly unmounted */
|
|
|
|
int cvtlevel; /* convert to newer file system format */
|
2018-02-08 23:14:24 +00:00
|
|
|
int ckhashadd; /* check hashes to be added */
|
2013-12-30 05:02:57 +00:00
|
|
|
int bkgrdcheck; /* determine if background check is possible */
|
|
|
|
int bkgrdsumadj; /* whether the kernel have ability to adjust superblock summary */
|
|
|
|
char usedsoftdep; /* just fix soft dependency inconsistencies */
|
|
|
|
char preen; /* just fix normal inconsistencies */
|
|
|
|
char rerun; /* rerun fsck. Only used in non-preen mode */
|
|
|
|
int returntosingle; /* 1 => return to single user mode on exit */
|
|
|
|
char resolved; /* cleared if unresolved changes => not clean */
|
|
|
|
char havesb; /* superblock has been read */
|
|
|
|
char skipclean; /* skip clean file systems if preening */
|
|
|
|
int fsmodified; /* 1 => write done to file system */
|
|
|
|
int fsreadfd; /* file descriptor for reading file system */
|
|
|
|
int fswritefd; /* file descriptor for writing file system */
|
|
|
|
int surrender; /* Give up if reads fail */
|
|
|
|
int wantrestart; /* Restart fsck on early termination */
|
|
|
|
ufs2_daddr_t maxfsblock; /* number of blocks in the file system */
|
|
|
|
char *blockmap; /* ptr to primary blk allocation map */
|
|
|
|
ino_t maxino; /* number of inodes in file system */
|
|
|
|
ino_t lfdir; /* lost & found directory inode number */
|
|
|
|
const char *lfname; /* lost & found directory name */
|
|
|
|
int lfmode; /* lost & found directory creation mode */
|
|
|
|
ufs2_daddr_t n_blks; /* number of blocks in use */
|
2023-04-18 23:10:49 +00:00
|
|
|
int cgheader_corrupt; /* one or more CG headers are corrupt */
|
2013-12-30 05:02:57 +00:00
|
|
|
ino_t n_files; /* number of files in use */
|
|
|
|
volatile sig_atomic_t got_siginfo; /* received a SIGINFO */
|
|
|
|
volatile sig_atomic_t got_sigalarm; /* received a SIGALRM */
|
2021-01-07 01:37:08 +00:00
|
|
|
union dinode zino;
|
2013-12-30 05:02:57 +00:00
|
|
|
|
2020-03-29 20:03:46 +00:00
|
|
|
struct dups *duplist;
|
|
|
|
struct dups *muldup;
|
|
|
|
struct inostatlist *inostathead;
|
|
|
|
|
2013-12-30 05:02:57 +00:00
|
|
|
void
|
|
|
|
fsckinit(void)
|
|
|
|
{
|
|
|
|
bzero(readcnt, sizeof(long) * BT_NUMBUFTYPES);
|
|
|
|
bzero(totalreadcnt, sizeof(long) * BT_NUMBUFTYPES);
|
|
|
|
bzero(readtime, sizeof(struct timespec) * BT_NUMBUFTYPES);
|
|
|
|
bzero(totalreadtime, sizeof(struct timespec) * BT_NUMBUFTYPES);
|
2016-04-15 22:31:22 +00:00
|
|
|
bzero(&startprog, sizeof(struct timespec));
|
2013-12-30 05:02:57 +00:00
|
|
|
bzero(&sblk, sizeof(struct bufarea));
|
|
|
|
cursnapshot = 0;
|
2017-04-22 14:50:11 +00:00
|
|
|
listmax = numdirs = dirhash = inplast = 0;
|
2013-12-30 05:02:57 +00:00
|
|
|
countdirs = 0;
|
|
|
|
bzero(adjrefcnt, sizeof(int) * MIBSIZE);
|
|
|
|
bzero(adjblkcnt, sizeof(int) * MIBSIZE);
|
2019-02-25 21:58:19 +00:00
|
|
|
bzero(setsize, sizeof(int) * MIBSIZE);
|
2013-12-30 05:02:57 +00:00
|
|
|
bzero(adjndir, sizeof(int) * MIBSIZE);
|
|
|
|
bzero(adjnbfree, sizeof(int) * MIBSIZE);
|
|
|
|
bzero(adjnifree, sizeof(int) * MIBSIZE);
|
|
|
|
bzero(adjnffree, sizeof(int) * MIBSIZE);
|
|
|
|
bzero(adjnumclusters, sizeof(int) * MIBSIZE);
|
|
|
|
bzero(freefiles, sizeof(int) * MIBSIZE);
|
|
|
|
bzero(freedirs, sizeof(int) * MIBSIZE);
|
|
|
|
bzero(freeblks, sizeof(int) * MIBSIZE);
|
|
|
|
bzero(&cmd, sizeof(struct fsck_cmd));
|
|
|
|
bzero(snapname, sizeof(char) * BUFSIZ);
|
|
|
|
cdevname = NULL;
|
|
|
|
dev_bsize = 0;
|
|
|
|
secsize = 0;
|
|
|
|
real_dev_bsize = 0;
|
|
|
|
bkgrdsumadj = 0;
|
|
|
|
usedsoftdep = 0;
|
|
|
|
rerun = 0;
|
|
|
|
returntosingle = 0;
|
|
|
|
resolved = 0;
|
|
|
|
havesb = 0;
|
|
|
|
fsmodified = 0;
|
2022-02-04 19:46:36 +00:00
|
|
|
fsreadfd = -1;
|
|
|
|
fswritefd = -1;
|
2013-12-30 05:02:57 +00:00
|
|
|
maxfsblock = 0;
|
|
|
|
maxino = 0;
|
|
|
|
lfdir = 0;
|
|
|
|
lfname = "lost+found";
|
|
|
|
lfmode = 0700;
|
|
|
|
n_blks = 0;
|
|
|
|
n_files = 0;
|
2023-04-18 23:10:49 +00:00
|
|
|
cgheader_corrupt = 0;
|
2013-12-30 05:02:57 +00:00
|
|
|
got_siginfo = 0;
|
|
|
|
got_sigalarm = 0;
|
2021-01-07 01:37:08 +00:00
|
|
|
bzero(&zino.dp1, sizeof(struct ufs1_dinode));
|
|
|
|
bzero(&zino.dp2, sizeof(struct ufs2_dinode));
|
2013-12-30 05:02:57 +00:00
|
|
|
}
|