Provide hints to direct people towards gptzfsboot, zfsbootcfg, efibootmgr, etc
PR: 199103
MFC after: 2 weeks
Sponsored by: Klara Inc.
Event: July 2020 Bugathon
sectors.
On my SanDisk Cruzer Blade 16GB USB stick this made formatting much faster:
x before
+ after
+--------------------------------------------------------------------------+
|+ |
|+ x |
|+ x x|
|A MA||
+--------------------------------------------------------------------------+
N Min Max Median Avg Stddev
x 3 15.89 16.38 16 16.09 0.2570992
+ 3 0.32 0.37 0.35 0.34666667 0.025166115
Difference at 95.0% confidence
-15.7433 +/- 0.414029
-97.8455% +/- 0.25668%
(Student's t, pooled s = 0.182665)
Reviewed by: emaste
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D24508
The new function operates similarly to ifconfig_lagg_get_lagg_status and
likewise is accompanied by a function to free the bridge status data structure.
I have included in this patch the relocation of some strings describing STP
parameters and the PV2ID macro from ifconfig into net/if_bridgevar.h as they
are useful for consumers of libifconfig.
Reviewed by: kp, melifaro, mmacy
Approved by: mmacy (mentor)
MFC after: 1 week
Relnotes: yes
Differential Revision: https://reviews.freebsd.org/D25460
dumpon has accepted device names without the prefix ever since r291207.
Since dumpon and savecore are always paired, they ought to accept the same
arguments. Prior to this change, specifying 'dumpdev="da3"' in
/etc/rc.conf, for example, would result in dumpon working just fine but
savecore complaining that "Dump device does not exist".
PR: 247618
Reviewed by: cem, bcr
MFC after: 2 weeks
Sponsored by: Axcient
Differential Revision: https://reviews.freebsd.org/D25500
Switch to the simplified while loop suggest by Aaron LI
Post commit review via: https://reviews.freebsd.org/rS301185#inline-232
Submitted by: Aaron LI <aly@aaronly.me>
Sponsored by: Klara Inc.
The change from "slave" processes to "minion" processes to "worker"
processes left some less-than-coherent names:
1. "enslave" turned into the ungrammatical "enworker".
2. "slp" (SLave Pointer) turned into "mlp" (Minion [L] Pointer?).
Convert "enworker" to "create_workers" (the function in question forks
off 3 worker processes), and replace "mlp" with "wp" (Worker Pointer)
and "tmlp" with "twp" (Temporary Worker Pointer).
Reviewed by: imp, cem, danfe
Differential Revision: https://reviews.freebsd.org/D25403
- Fix formatting issues such as:
- Use Ql instead of Dq Li as Li is deprecated
- Address some mandoc warnings
- Add arguments missing from the list of options (i.e., document "-k keep"
instead of just "-k").
- Document that -k and -s can be specified multiple times
- Use sshd instead of named for the example in the BUGS section, as named
is not in the base system. Also, use Nm instead of Xr there as it is not
the sshd binary that is required to be running, but the service.
- Use Sy instead of Cm for KEYWORDS. Cm is reserved for command-line
modifiers of the CLI.
- Add an EXAMPLES section
- Cross-reference service(8).
MFC after: 2 weeks
Previously, the -p and -c flags were ignored when reading from stdin
Additionally, -s and -c can be used together now.
PR: 247295
Reviewed by: kevans
MFC after: 2 weeks
Relnotes: yes
Sponsored by: Klara Inc.
Differential Revision: https://reviews.freebsd.org/D25362
fs_summary_info structure. This change was originally done
by the CheriBSD project as they need larger pointers that
do not fit in the existing superblock.
This cleanup of the superblock eases the task of the commit
that immediately follows this one.
Suggested by: brooks
Reviewed by: kib
PR: 246983
Sponsored by: Netflix
r286700 added the "lacp_fast_timeout" option to `ifconfig', but we forgot to
include the new option in the string used to decode the option bits. Add
"LACP_FAST_TIMO" to LAGG_OPT_BITS.
Also, s/LAGG_OPT_LACP_TIMEOUT/LAGG_OPT_LACP_FAST_TIMO/g , to be clearer that
the flag indicates "Fast Timeout" mode.
Reported by: Greg Foster <gfoster at panasas dot com>
Reviewed by: jpaetzel
MFC after: 1 week
Sponsored by: Panasas
Differential Revision: https://reviews.freebsd.org/D25239
x86 boot uses loader(8) and the boot2-direct-to-kernel process is not
supported. Remove the documentation, which doesn't document a working
process and leads to confusion.
PR: 247074
Reported by: Alex K.
vfs.zfs.boot.primary_pool is only set on BIOS boot, use vfs.root.mountfrom
instead and update all vdevs on pool.
Reviewed by: allanjude
Sponsored by: Netflix, Klara Inc.
Differential Revision: https://reviews.freebsd.org/D25103
At this point, AES is the more common name for Rijndael128. setkey(8)
will still accept the old name, and old constants remain for
compatiblity.
Reviewed by: cem, bcr (manpages)
MFC after: 2 weeks
Sponsored by: Chelsio Communications
Differential Revision: https://reviews.freebsd.org/D24964
A logic bug in remove_protocol() meant that it would remove (leak) all
structures in the list preceding the one intended for removal.
PR: 245971
Submitted by: joost@jodocus.org (original version)
MFC after: 1 week
Now options -g/-G allow to select/unselect interfaces by groups
in the "ifconfig -a" output just like already existing -d/-u.
Examples:
to exclude loopback from the list: ifconfig -a -G lo
to show vlan interfaces only: ifconfig -a -g vlan
to show tap interfaces that are up: ifconfig -aug tap
Arguments to -g/-G may be shell patterns and both may be specified.
Later options -g/-G override previous ones.
MFC after: 2 weeks
Relnotes: yes
Differential Revision: https://reviews.freebsd.org/D25029
Some capability descriptions under list scan actually described flags.
Some capability descriptions were missing.
Some flag descriptions under list sta actually described capabilites.
Reviewed by: adrian
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D25014
Comparing fsid_t objects requires internal knowledge of the fsid structure
and yet this is duplicated across a number of places in the code.
Simplify by creating a fsidcmp function (macro).
Reviewed by: mjg, rmacklem
Approved by: mav (mentor)
MFC after: 1 week
Sponsored by: iXsystems, Inc.
Differential Revision: https://reviews.freebsd.org/D24749
Before this change, swapon(8) implied that -F works as a standalone option,
which is not the case and would produce a usage message. This change extends
the description of the -F option to mention that -a is required with it.
PR: 238551
Submitted by: Christian Baltini
MFC after: 5 days
Examples of depecrated algorithms in manual pages and sample configs
are updated where relevant. I removed the one example of combining
ESP and AH (vs using a cipher and auth in ESP) as RFC 8221 says this
combination is NOT RECOMMENDED.
Specifically, this removes support for the following ciphers:
- des-cbc
- 3des-cbc
- blowfish-cbc
- cast128-cbc
- des-deriv
- des-32iv
- camellia-cbc
This also removes support for the following authentication algorithms:
- hmac-md5
- keyed-md5
- keyed-sha1
- hmac-ripemd160
Reviewed by: cem, gnn (older verisons)
Relnotes: yes
Sponsored by: Chelsio Communications
Differential Revision: https://reviews.freebsd.org/D24342
o Be consistent about device-id and namespace-id
o Use consistent arg markup for these
o document you can use disk names too
o document nsid command better
o document the idenntify command
o add a couple of examples.
Differential Revision: https://reviews.freebsd.org/D24638
Reported by: Hyeongseok Kim <hyeongseok kim lge com>
Reviewed by: cem, Hyeongseok Kim
MFC after: 3 days
Differential Revision: https://reviews.freebsd.org/D24603
r356313 broke handling of dirty file system because we have restricted
the correction of "odd" byte sequences to checkfat(), and as a result
the dirty bit is never cleared. The old fsck_msdosfs code would write
FAT twice to fix the dirty bit, which is also not ideal.
Fix this by introducing a new rountine, cleardirty() which will perform
the set of clean bit only, and use it in checkfilesys() if we thought
the file system was dirty.
Reviewed by: cem, emaste
MFC after: 3 day
Differential Revision: https://reviews.freebsd.org/D24581
dumpon(8) has not accepted 1024-bit RSA keys since prior to r339784 (2018-10).
The manual page language was not updated at that time (oops). The minimum
accepted is 2048 bits, which is also a good default choice.
Sponsored by: Dell EMC Isilon
Preload OpenSSL ERR string data so that the formatted error messages are
vaguely meaningful. Add OpenSSL error information to the RSA_public_encrypt()
operation failure case in one-time key generation.
For obsolescent OpenSSL versions (*cough* FIPS *cough*), pre-seed the PRNG
before entering Cap mode, as old versions of OpenSSL are unaware of kernel
RNG interfaces aside from /dev/random (such as the long-supported kern.arnd, or
the slightly more recent getentropy(3) or getrandom(2)). (RSA_public_encrypt()
wants a seeded PRNG to randomize the "PS" portion of PKCS 1.5 padding or the
"MGF" pseudo-random function in OAEP padding.)
Switch dumpon to encrypt the one-time key with OAEP padding (recommended since
1998; RFC2437) rather than the obsolescent PKCS 1.5 padding (1993; RFC2313).
Switch decryptcore to attempt OAEP decryption first, and try PKCS 1.5
decryption on failure. This is intended only for transition convenience, and
we should obsolete support for non-OAEP padding in a release or two.
Reviewed by: markj
MFC After: 2 weeks
Sponsored by: Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D24534
It makes tool more convenient to not require user to explicitly convert
namespace device name into controller device name. There should be no
changes to already existing syntaxes.
MFC after: 1 week
ifa_grouplookup() uses the data loaded in ifa_load() (through is_a_group()), so
we must call ifa_load() before we can rely on any of the data it populates.
Submitted by: Nick Rogers
MFC after: 1 week
Sponsored by: RG Nets
Load the nls data before the openssl will try to do it in the
capability mode.
On my machine the sa_ossl_private_decrypt is trying to do that.
MFC after: 2 weeks
Trace the cause down to journalled soft updates recovery code in
fsck failing to recompute the check-hash after updating an inode.
As inode check-hash was first introduced to UFS in FreeBSD 13,
there is no need to MFC this commit.
Reported by: Chuck Silvers
Sponsored by: Netflix
soft update recovery code with the debugging (-d) option.
As inode check-hash was first introduced to UFS in FreeBSD 13,
there is no need to MFC this commit.
Reported by: Chuck Silvers
Sponsored by: Netflix
I recently made some bug fixes in nvmecontrol. It occurred to me that
since nvmecontrol lacks any kyua tests, I should convert the informal
testing I did into a more formal automated test. The test in this
change should be considered just a starting point; it is neither
complete nor thorough. While converting the test to ATF/kyua, I
discovered a small bug in nvmecontrol; the nvmecontrol devlist command
would always exit with an unsuccessful status. So I included the fix
for that, too, so that the test won't fail.
Reviewed by: imp@
MFC after: 3 days
Sponsored by: Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D24269
utilities so that they will compile with -fno-common.
Started by: Kyle Evans (kevans)
Reviewed by: Kyle Evans (kevans)
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D24210
data-archæology project:
-u pattern
Fill unread parts of the output with pattern.
Default pattern is "_UNREAD_", empty pattern disables.
-v
Fancy status reporting using ANSI escapes and UTF-8
This fixes several Coverity-detected errors in nvmecontrol. While in
here, a couple additional errors with shift/mask confusion that were
not diagnosed by Coverity are also fixed.
CIDs addressed: 1040299, 1040300, 1403972, 1403973, 1403985, 1403988,
1403990, 1404374, 1404427, 1404469, 1404510, 1404534, 1418118
CID 1403657 (resource leak of shared library handle) was marked
"intentional" in the Coverity scan database.
Reviewed by: vangyzen, robert.herndon_dell.com
Reviewed by: daniel.william.ryan_gmail.com (earlier version)
Reviewed by: rramsden_isilon.com (earlier version), imp
MFC after: 5 days
Sponsored by: Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D24203
This one is also a small list:
- 3x duplicate definition (ufs2_zino, returntosingle, nflag)
- 5x 'needs extern', 3/5 of which are referenced in fsdb
-fno-common will become the default in GCC10/LLVM11.
MFC after: 1 week
NAT instance.
The NAT44 group of opcodes for IP_FW3 socket option is modern way
to control NAT instances and this method can be used in future to
switch from numeric to named NAT instances, like was done for ipfw
tables.
The IP_FW_NAT_DEL opcode is the last remnant of old ipfw_ctl control
plane that doesn't support versioned operations. This interface will
be retired soon.
Reviewed by: melifaro
MFC after: 10 days
Sponsored by: Yandex LLC
r343287 / D18759 introduced ifa_add_groups_to_map() which is now run by
ifa_load/ifa_lookup/host_if. When loading an anchor or ruleset via pfctl that
does NOT contain ifnames as hosts, host() still ends up iterating all
interfaces twice, grabbing SIOCGIFGROUP ioctl twice for each. This adds an
unnecessary amount of time on systems with thousands or tens of thousands of
interfaces.
Prioritize the IPv4/6 check over the interface name lookup, which skips loading
the iftab and iterating all interfaces when the configuration does not contain
interface names.
Submitted by: Nick Rogers
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D24100
aout support in ldconfig hasn't been required since FreeBSD 2.x.
Anyone still using FreeBSD 2 shared libraries can also use a FreeBSD 2
ldconfig to generate aout ldconfig hints.
Sponsored by: The FreeBSD Foundation
interfaces are configured, but for many interfaces (e.g. all Intel)
ifconfig causes link renegotiation, so the first attempt to mount
NFS always fails. After that mount_nfs sleeps for 30 seconds, while
only a couple seconds are actually required for interface to get up.
Instead of sleeping, do select(2) on routing socket and check if
some interface became UP and in this case retry immediately.
Reviewed by: rmacklem
Differential Revision: https://reviews.freebsd.org/D23934
As with gzip, let the dump device be smaller than physical memory
when using zstd and full dumps.
Also print the error message if the size check fails, even if -v
is not specified. Failing silently is not friendly.
Reviewed by: cem markj
MFC after: 2 weeks
Sponsored by: Dell EMC Isilon
Differential Revision: https://reviews.freebsd.org/D23923
When every sendto() call originated by ping6(1) fails, current code always
returns 2 ("transmission was successful but no responses were received")
which is incorrect. Return EX_OSERR instead as in many cases it indicates
some kernel-level problems.
MFC after: 3 weeks
sbin/sconfig/sconfig.c:909:5: error: misleading indentation; statement is not part of the previous 'else' [-Werror,-Wmisleading-indentation]
exit (-1);
^
sbin/sconfig/sconfig.c:907:6: note: previous statement is here
} else
^
The intent was to group the exit() call with the previous fprintf()
call.
MFC after: 3 days
It was only built on sparc64. Since it wasn't a general tool on other
architectures, no need to keep it around for another release.
Reviewed by: emaste
Differential Revision: https://reviews.freebsd.org/D23524
Specifically, when running /etc/rc. This allows one to specify via
login.conf(5) an environment that should be used when running services to
ease, e.g., setting up env vars for an HTTP proxy consistently across cron
and services alike.
Future changes will extend cron(8)/service(8) to use environment vars
pecified in login.conf(5) as well to promote a more cohesive experience.
This is a part of D21481.
Submitted by: Andrew Gierth <andrew_tao173.riddles.org.uk>
sbin/newfs_msdos/newfs_msdos.c:181:2: error: misleading indentation; statement is not part of the previous 'if' [-Werror,-Wmisleading-indentation]
if (o.align) {
^
sbin/newfs_msdos/newfs_msdos.c:179:5: note: previous statement is here
if (argc < 1 || argc > 2)
^
MFC after: 3 days
In order to do so we need to install the msdosfs headers to the bootstrap
sysroot and avoid includes of kernel headers that may not exist on every
host (e.g. sys/lockmgr.h). This change should allow bootstrapping of makefs
on FreeBSD 11+ as well as Linux and macOS.
We also have to avoid using the IO_SYNC macro since that may not be
available. In makefs it is only used to switch between calling
bwrite() and bdwrite() which both call the same function. Therefore we
can simply always call bwrite().
For our CheriBSD builds we always bootstrap makefs by setting
LOCAL_XTOOL_DIRS='lib/libnetbsd usr.sbin/makefs' and use the makefs binary
from the build tree to create a bootable disk image.
Reviewed By: brooks
Differential Revision: https://reviews.freebsd.org/D23201
In libalias, a new flag PKT_ALIAS_UNREGISTERED_RFC6598 is added.
This is like PKT_ALIAS_UNREGISTERED_ONLY, but also is RFC 6598 aware.
Also, we add a new NAT option to ipfw called unreg_cgn, which is like
unreg_only, but also is RFC 6598-aware. The reason for the new
flags/options is to avoid breaking existing networks, especially those
which rely on RFC 6598 as an external address.
Submitted by: Neel Chauhan <neel AT neelc DOT org>
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D22877
I sent out an e-mail on 2020/01/21 with a plan to do this to Kyle, Rob, and
Wes; all parties have responded in the affirmative that it's OK to drop it
from these files.
'shutdown -c' is supposed to power cycle the system rather than doing a normal
reboot. However, when that fails, it halts the system. This is not quite right
since the intent isn't to halt the system but to restart. Make the default init
behavior be to restart the system. The halt(8) interface can be used if you'd
like to powercycle or halt.
MFC After: 1 week
Differential Revision: https://reviews.freebsd.org/D23129
This helps with event correlation when machines are distributed
across multiple time zones.
Format the time with relaxed ISO 8601 for all the usual reasons.
MFC after: 2 weeks
Sponsored by: Dell EMC Isilon
sbin/fsck_msdosfs/fat.c:
- readfat:
* Only truncate out-of-range cluster pointers (1, or greater than
NumClusters but smaller than CLUST_RSRVD), as the current cluster
may contain some data. We can't fix reserved cluster pointers at
this pass, because we do no know the potential cluster preceding
it.
* Accept valid cluster for head bitmap. This is a no-op, and mainly
to improve code readability, because the 1 is already handled in
the previous else if block.
- truncate_at: absorbed into checkchain.
- checkchain: save the previous node we have traversed in case that we
have a chain that ends with a special (>= CLUST_RSRVD) cluster, or is
free. In these cases, we need to truncate at the cluster preceding the
current cluster, as the current cluster contains a marker instead of
a next pointer and can not be changed to CLUST_EOF (the else case can
happen if the user answered "no" at some point in readfat()).
- clearchain: correct the iterator for next cluster so that we don't
stop after clearing the first cluster.
- checklost: If checkchain() thinks the chain have no cluster, it
doesn't make sense to reconnect it, so don't bother asking.
Reviewed by: kevlo
MFC after: 24 days
X-MFC-With: r356313
Differential Revision: https://reviews.freebsd.org/D23065
In the code we used NumClusters as the upper (non-inclusive) boundary
of valid cluster number, so the actual value was 2 (CLUST_FIRST) more
than the real number of clusters. This causes a FAT16 media with
65524 clusters be treated as FAT32 and might affect FAT12 media with
4084 clusters as well.
To fix this, we increment NumClusters by CLUST_FIRST after the type
determination.
PR: 243179
MFC after: 2 weeks
Differential Revision: https://reviews.freebsd.org/D23082
Add an option flag so that arbitrary updates to a lagg's configuration
do not clear sc_stride. Preseve compatibility for old ifconfig
binaries. Update ifconfig to use the new flag and improve the casting
used when parsing the option parameter.
Modify the RR transmit function to avoid locklessly reading sc_stride
twice. Ensure that sc_stride is always 1 or greater.
Reviewed by: hselasky
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Differential Revision: https://reviews.freebsd.org/D23092
This is a re-apply r356249 with changes to make GCC happy.
This utility was initially written for FAT12/16, which were inherently
small. When FAT32 support was added, the old data structure and
algorithms remain used with minimal changes.
With growing size of FAT32 media, the current data structure that
requires 4 32-bit variables per each FAT32 table entry would consume up
to 4 GiB of RAM, which can be too big for systems with limited RAM
available.
Address this by taking a different approach of validating the FAT.
The FAT is essentially a set of linked lists of chains that was
referenced by directory entries, and the checker needs to make sure that
the linked chains of clusters do not have cross-linked chains, and every
chain were referenced by one and only one directory entry. Instead of
keeping track of the chain's 'head' cluster number, the size of the
chain, the used status of the chain and the "next" pointer which is
content of the FAT table, we create accessors for the FAT table data
for the "next" pointer, and keep only one bit to indicate if the
current cluster is a 'head' node of a cluster chain, in a bitmap.
We further overhaul the FAT checker to find out the possible head nodes
by excluding ones that are not (in other words, nodes that have some
other nodes claiming them as the next node) instead of marking the head
nodes for each node on the chain. This approach greatly reduced the
complexiety of computation from O(N^2) worst case, to an O(N) scan for
worst case. The file (cluster chain) length is not useful for the FAT
checker, so don't bother to calculate them in the FAT checker and
instead leave the task to the directory structure check, at which point
we would have non-crossed cluster chains, and we are guaranteed that
each cluster will be visited for at most one time.
When checking the directory structures, we use the head node indicator
to as the visited (used) flag: every cluster chain can only be
referenced by one directory entry, so we clear them when calculating
the length of the chain, and we can immediately tell if there are
anomalies in the directory entry.
As a result, the required RAM size is now 1 bit per each entry of
the FAT table, plus memory needed to hold the FAT table in memory,
instead of 16 bytes (=128 bits) per each entry. For FAT12 and FAT16,
we will load the whole FAT table into memory as they are smaller than
128KiB, and for FAT32, we first attempt to mmap() it into memory, and
when that fails, we would fall back to a simple LRU cache of 4 MiB of
RAM.
sbin/fsck_msdosfs/boot.c:
- Added additional sanity checks for valid FAT32/FAT16/FAT12 cluster
number.
- FAT32: check if root directory starts with a valid cluster number,
moved from dir.c. There is no point to proceed if the filesystem
is already damaged beyond repair.
sbin/fsck_msdosfs/check.c:
- Combine phase 1 and phase 2, now that the readfat() is able to
detect cross chains.
sbin/fsck_msdosfs/dir.c:
- Refactor code to use FAT accessor instead of accessing the internal
representation of FAT table.
- Make use of the cluster chain head bitmap.
- Clarify and simplify directory entry check, remove unnecessary
checks that are would be done at a later time (for example, whether
the directory's second cluster is a valid one, which is examined
more throughly in a later checkchain() and does not prevent us
from proceeding further).
sbin/fsck_msdosfs/dosfs.h:
- Remove internal representation of FAT table, which is replaced by
the head bitmap that is opaque to other code.
- Added a special CLUST_DEAD cluster type to indicate errors.
sbin/fsck_msdosfs/ext.h:
- Added a flag that overrides mmap(2) setting. The corresponding
command line option, -M is intentionally undocumented as we do not
expect users to need it.
- Added accessors for FAT table and convert existing interface to use
it.
sbin/fsck_msdosfs/fat.c:
- Added head bitmap to represent whether a cluster is a head cluster.
- Converted FAT internal representation to accessors.
- Implemented a LRU cache for FAT32 when mmap(2) should not or can not
be used.
- _readfat: Attempt a mmap(2) and fall back to regular read for
non-FAT32 file systems; use the LRU cache for FAT32 and prepopulate
the cache with the first 4MiB of the entries.
- readfat: Added support of head bitmap and use the population scan to
detect bogus chains.
- clusterdiff: removed, FATs are copied from the checked copy via
writefat()/copyfat().
- checkchain: calculates the length of a cluster chain and make sure
that it ends with a valid EOF marker.
- clearchain: follow and clear a chain and maintain the free cluster
count.
- checklost: convert to use head bitmap. At the end of all other scans,
the remaining 'head' nodes are leaders of lost cluster chains.
sbin/fsck_msdosfs/fat.c:
- Added a new -M option which is intentionally undocumented, to disable
the use of mmap().
Reviewed by: kevlo
MFC after: 1 month
Relnotes: yes
Differential Revision: https://reviews.freebsd.org/D22965
When removing a boot environment iterate over the dependents and process the
snapshots by grabbing any clones. Promote the clones we found and then
remove the target environment.
This fixes the ability to destroy a boot environment when it has been used
to spawn one or more other boot environments.
PR: 242592
Submitted by: Wes Maag <jwmaag gmail com> (with changes by myself)
MFC after: 1 week
Differential Revision: https://reviews.freebsd.org/D22953
This utility was initially written for FAT12/16, which were inherently
small. When FAT32 support was added, the old data structure and
algorithms remain used with minimal changes.
With growing size of FAT32 media, the current data structure that
requires 4 32-bit variables per each FAT32 table entry would consume up
to 4 GiB of RAM, which can be too big for systems with limited RAM
available.
Address this by taking a different approach of validating the FAT.
The FAT is essentially a set of linked lists of chains that was
referenced by directory entries, and the checker needs to make sure that
the linked chains of clusters do not have cross-linked chains, and every
chain were referenced by one and only one directory entry. Instead of
keeping track of the chain's 'head' cluster number, the size of the
chain, the used status of the chain and the "next" pointer which is
content of the FAT table, we create accessors for the FAT table data
for the "next" pointer, and keep only one bit to indicate if the
current cluster is a 'head' node of a cluster chain, in a bitmap.
We further overhaul the FAT checker to find out the possible head nodes
by excluding ones that are not (in other words, nodes that have some
other nodes claiming them as the next node) instead of marking the head
nodes for each node on the chain. This approach greatly reduced the
complexiety of computation from O(N^2) worst case, to an O(N) scan for
worst case. The file (cluster chain) length is not useful for the FAT
checker, so don't bother to calculate them in the FAT checker and
instead leave the task to the directory structure check, at which point
we would have non-crossed cluster chains, and we are guaranteed that
each cluster will be visited for at most one time.
When checking the directory structures, we use the head node indicator
to as the visited (used) flag: every cluster chain can only be
referenced by one directory entry, so we clear them when calculating
the length of the chain, and we can immediately tell if there are
anomalies in the directory entry.
As a result, the required RAM size is now 1 bit per each entry of
the FAT table, plus memory needed to hold the FAT table in memory,
instead of 16 bytes (=128 bits) per each entry. For FAT12 and FAT16,
we will load the whole FAT table into memory as they are smaller than
128KiB, and for FAT32, we first attempt to mmap() it into memory, and
when that fails, we would fall back to a simple LRU cache of 4 MiB of
RAM.
sbin/fsck_msdosfs/boot.c:
- Added additional sanity checks for valid FAT32/FAT16/FAT12 cluster
number.
- FAT32: check if root directory starts with a valid cluster number,
moved from dir.c. There is no point to proceed if the filesystem
is already damaged beyond repair.
sbin/fsck_msdosfs/check.c:
- Combine phase 1 and phase 2, now that the readfat() is able to
detect cross chains.
sbin/fsck_msdosfs/dir.c:
- Refactor code to use FAT accessor instead of accessing the internal
representation of FAT table.
- Make use of the cluster chain head bitmap.
- Clarify and simplify directory entry check, remove unnecessary
checks that are would be done at a later time (for example, whether
the directory's second cluster is a valid one, which is examined
more throughly in a later checkchain() and does not prevent us
from proceeding further).
sbin/fsck_msdosfs/dosfs.h:
- Remove internal representation of FAT table, which is replaced by
the head bitmap that is opaque to other code.
- Added a special CLUST_DEAD cluster type to indicate errors.
sbin/fsck_msdosfs/ext.h:
- Added a flag that overrides mmap(2) setting. The corresponding
command line option, -M is intentionally undocumented as we do not
expect users to need it.
- Added accessors for FAT table and convert existing interface to use
it.
sbin/fsck_msdosfs/fat.c:
- Added head bitmap to represent whether a cluster is a head cluster.
- Converted FAT internal representation to accessors.
- Implemented a LRU cache for FAT32 when mmap(2) should not or can not
be used.
- _readfat: Attempt a mmap(2) and fall back to regular read for
non-FAT32 file systems; use the LRU cache for FAT32 and prepopulate
the cache with the first 4MiB of the entries.
- readfat: Added support of head bitmap and use the population scan to
detect bogus chains.
- clusterdiff: removed, FATs are copied from the checked copy via
writefat()/copyfat().
- checkchain: calculates the length of a cluster chain and make sure
that it ends with a valid EOF marker.
- clearchain: follow and clear a chain and maintain the free cluster
count.
- checklost: convert to use head bitmap. At the end of all other scans,
the remaining 'head' nodes are leaders of lost cluster chains.
sbin/fsck_msdosfs/fat.c:
- Added a new -M option which is intentionally undocumented, to disable
the use of mmap().
Reviewed by: kevlo
MFC after: 1 month
Relnotes: yes
Differential Revision: https://reviews.freebsd.org/D22965
When mount_nfs calls nmount(2), certain NFSv4 specific errors such as
NFSERR_MINORVERMISMATCH can be returned.
Without this patch, 10021 is reported as an unknown error.
This is not particulcarily serious, but make it difficult for sysadmins
to figure out why the mount attempt is failing.
This patch uses nfsv4_errstr.h to convert 10021 and similar to error strings
that can be printed out.
A positive side effect of this patch is the removal of a reference to
sys/nfsclient/nfs.h, which should no longer be used, since it is
part of the old NFS client.
This patch should only affect reporting of failed mount attempts and not the
semantics of NFS mount attempts.