Conrad Meyer ddf6115613 fstyp(8): fix exfat detection
In the presence of high-level errors (spec violations, bad boot blocks
checksum), report non-detection instead of detection.

PR:	252787 (related, but does not fully address)
2021-01-17 11:55:06 -08:00

375 lines
10 KiB
C

/*
* Copyright (c) 2017 Conrad Meyer <cem@FreeBSD.org>
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#include <sys/cdefs.h>
__FBSDID("$FreeBSD$");
#include <sys/param.h>
#include <sys/endian.h>
#include <assert.h>
#include <err.h>
#include <errno.h>
#ifdef WITH_ICONV
#include <iconv.h>
#endif
#include <stdbool.h>
#include <stdint.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include "fstyp.h"
/*
* https://docs.microsoft.com/en-us/windows/win32/fileio/exfat-specification
*/
struct exfat_vbr {
char ev_jmp[3];
char ev_fsname[8];
char ev_zeros[53];
uint64_t ev_part_offset;
uint64_t ev_vol_length;
uint32_t ev_fat_offset;
uint32_t ev_fat_length;
uint32_t ev_cluster_offset;
uint32_t ev_cluster_count;
uint32_t ev_rootdir_cluster;
uint32_t ev_vol_serial;
uint16_t ev_fs_revision;
uint16_t ev_vol_flags;
uint8_t ev_log_bytes_per_sect;
uint8_t ev_log_sect_per_clust;
uint8_t ev_num_fats;
uint8_t ev_drive_sel;
uint8_t ev_percent_used;
} __packed;
struct exfat_dirent {
uint8_t xde_type;
#define XDE_TYPE_INUSE_MASK 0x80 /* 1=in use */
#define XDE_TYPE_INUSE_SHIFT 7
#define XDE_TYPE_CATEGORY_MASK 0x40 /* 0=primary */
#define XDE_TYPE_CATEGORY_SHIFT 6
#define XDE_TYPE_IMPORTNC_MASK 0x20 /* 0=critical */
#define XDE_TYPE_IMPORTNC_SHIFT 5
#define XDE_TYPE_CODE_MASK 0x1f
/* InUse=0, ..., TypeCode=0: EOD. */
#define XDE_TYPE_EOD 0x00
#define XDE_TYPE_ALLOC_BITMAP (XDE_TYPE_INUSE_MASK | 0x01)
#define XDE_TYPE_UPCASE_TABLE (XDE_TYPE_INUSE_MASK | 0x02)
#define XDE_TYPE_VOL_LABEL (XDE_TYPE_INUSE_MASK | 0x03)
#define XDE_TYPE_FILE (XDE_TYPE_INUSE_MASK | 0x05)
#define XDE_TYPE_VOL_GUID (XDE_TYPE_INUSE_MASK | XDE_TYPE_IMPORTNC_MASK)
#define XDE_TYPE_STREAM_EXT (XDE_TYPE_INUSE_MASK | XDE_TYPE_CATEGORY_MASK)
#define XDE_TYPE_FILE_NAME (XDE_TYPE_INUSE_MASK | XDE_TYPE_CATEGORY_MASK | 0x01)
#define XDE_TYPE_VENDOR (XDE_TYPE_INUSE_MASK | XDE_TYPE_CATEGORY_MASK | XDE_TYPE_IMPORTNC_MASK)
#define XDE_TYPE_VENDOR_ALLOC (XDE_TYPE_INUSE_MASK | XDE_TYPE_CATEGORY_MASK | XDE_TYPE_IMPORTNC_MASK | 0x01)
union {
uint8_t xde_generic_[19];
struct exde_primary {
/*
* Count of "secondary" dirents following this one.
*
* A single logical entity may be composed of a
* sequence of several dirents, starting with a primary
* one; the rest are secondary dirents.
*/
uint8_t xde_secondary_count_;
uint16_t xde_set_chksum_;
uint16_t xde_prim_flags_;
uint8_t xde_prim_generic_[14];
} __packed xde_primary_;
struct exde_secondary {
uint8_t xde_sec_flags_;
uint8_t xde_sec_generic_[18];
} __packed xde_secondary_;
} u;
uint32_t xde_first_cluster;
uint64_t xde_data_len;
} __packed;
#define xde_generic u.xde_generic_
#define xde_secondary_count u.xde_primary_.xde_secondary_count
#define xde_set_chksum u.xde_primary_.xde_set_chksum_
#define xde_prim_flags u.xde_primary_.xde_prim_flags_
#define xde_sec_flags u.xde_secondary_.xde_sec_flags_
_Static_assert(sizeof(struct exfat_dirent) == 32, "spec");
struct exfat_de_label {
uint8_t xdel_type; /* XDE_TYPE_VOL_LABEL */
uint8_t xdel_char_cnt; /* Length of UCS-2 label */
uint16_t xdel_vol_lbl[11];
uint8_t xdel_reserved[8];
} __packed;
_Static_assert(sizeof(struct exfat_de_label) == 32, "spec");
#define MAIN_BOOT_REGION_SECT 0
#define BACKUP_BOOT_REGION_SECT 12
#define SUBREGION_CHKSUM_SECT 11
#define FIRST_CLUSTER 2
#define BAD_BLOCK_SENTINEL 0xfffffff7u
#define END_CLUSTER_SENTINEL 0xffffffffu
static inline void *
read_sectn(FILE *fp, off_t sect, unsigned count, unsigned bytespersec)
{
return (read_buf(fp, sect * bytespersec, bytespersec * count));
}
static inline void *
read_sect(FILE *fp, off_t sect, unsigned bytespersec)
{
return (read_sectn(fp, sect, 1, bytespersec));
}
/*
* Compute the byte-by-byte multi-sector checksum of the given boot region
* (MAIN or BACKUP), for a given bytespersec (typically 512 or 4096).
*
* Endian-safe; result is host endian.
*/
static int
exfat_compute_boot_chksum(FILE *fp, unsigned region, unsigned bytespersec,
uint32_t *result)
{
unsigned char *sector;
unsigned n, sect;
uint32_t checksum;
checksum = 0;
for (sect = 0; sect < 11; sect++) {
sector = read_sect(fp, region + sect, bytespersec);
if (sector == NULL)
return (ENXIO);
for (n = 0; n < bytespersec; n++) {
if (sect == 0) {
switch (n) {
case 106:
case 107:
case 112:
continue;
}
}
checksum = ((checksum & 1) ? 0x80000000u : 0u) +
(checksum >> 1) + (uint32_t)sector[n];
}
free(sector);
}
*result = checksum;
return (0);
}
#ifdef WITH_ICONV
static void
convert_label(const uint16_t *ucs2label /* LE */, unsigned ucs2len, char
*label_out, size_t label_sz)
{
const char *label;
char *label_out_orig;
iconv_t cd;
size_t srcleft, rc;
/* Currently hardcoded in fstyp.c as 256 or so. */
assert(label_sz > 1);
if (ucs2len == 0) {
/*
* Kind of seems bogus, but the spec allows an empty label
* entry with the same meaning as no label.
*/
return;
}
if (ucs2len > 11) {
warnx("exfat: Bogus volume label length: %u", ucs2len);
return;
}
/* dstname="" means convert to the current locale. */
cd = iconv_open("", EXFAT_ENC);
if (cd == (iconv_t)-1) {
warn("exfat: Could not open iconv");
return;
}
label_out_orig = label_out;
/* Dummy up the byte pointer and byte length iconv's API wants. */
label = (const void *)ucs2label;
srcleft = ucs2len * sizeof(*ucs2label);
rc = iconv(cd, __DECONST(char **, &label), &srcleft, &label_out,
&label_sz);
if (rc == (size_t)-1) {
warn("exfat: iconv()");
*label_out_orig = '\0';
} else {
/* NUL-terminate result (iconv advances label_out). */
if (label_sz == 0)
label_out--;
*label_out = '\0';
}
iconv_close(cd);
}
/*
* Using the FAT table, look up the next cluster in this chain.
*/
static uint32_t
exfat_fat_next(FILE *fp, const struct exfat_vbr *ev, unsigned BPS,
uint32_t cluster)
{
uint32_t fat_offset_sect, clsect, clsectoff;
uint32_t *fatsect, nextclust;
fat_offset_sect = le32toh(ev->ev_fat_offset);
clsect = fat_offset_sect + (cluster / (BPS / sizeof(cluster)));
clsectoff = (cluster % (BPS / sizeof(cluster)));
/* XXX This is pretty wasteful without a block cache for the FAT. */
fatsect = read_sect(fp, clsect, BPS);
nextclust = le32toh(fatsect[clsectoff]);
free(fatsect);
return (nextclust);
}
static void
exfat_find_label(FILE *fp, const struct exfat_vbr *ev, unsigned BPS,
char *label_out, size_t label_sz)
{
uint32_t rootdir_cluster, sects_per_clust, cluster_offset_sect;
off_t rootdir_sect;
struct exfat_dirent *declust, *it;
cluster_offset_sect = le32toh(ev->ev_cluster_offset);
rootdir_cluster = le32toh(ev->ev_rootdir_cluster);
sects_per_clust = (1u << ev->ev_log_sect_per_clust);
if (rootdir_cluster < FIRST_CLUSTER) {
warnx("%s: invalid rootdir cluster %u < %d", __func__,
rootdir_cluster, FIRST_CLUSTER);
return;
}
for (; rootdir_cluster != END_CLUSTER_SENTINEL;
rootdir_cluster = exfat_fat_next(fp, ev, BPS, rootdir_cluster)) {
if (rootdir_cluster == BAD_BLOCK_SENTINEL) {
warnx("%s: Bogus bad block in root directory chain",
__func__);
return;
}
rootdir_sect = (rootdir_cluster - FIRST_CLUSTER) *
sects_per_clust + cluster_offset_sect;
declust = read_sectn(fp, rootdir_sect, sects_per_clust, BPS);
for (it = declust;
it < declust + (sects_per_clust * BPS / sizeof(*it)); it++) {
bool eod = false;
/*
* Simplistic directory traversal; doesn't do any
* validation of "MUST" requirements in spec.
*/
switch (it->xde_type) {
case XDE_TYPE_EOD:
eod = true;
break;
case XDE_TYPE_VOL_LABEL: {
struct exfat_de_label *lde = (void*)it;
convert_label(lde->xdel_vol_lbl,
lde->xdel_char_cnt, label_out, label_sz);
free(declust);
return;
}
}
if (eod)
break;
}
free(declust);
}
}
#endif /* WITH_ICONV */
int
fstyp_exfat(FILE *fp, char *label, size_t size)
{
struct exfat_vbr *ev;
uint32_t *cksect;
unsigned bytespersec;
uint32_t chksum;
int error;
error = 1;
cksect = NULL;
ev = (struct exfat_vbr *)read_buf(fp, 0, 512);
if (ev == NULL || strncmp(ev->ev_fsname, "EXFAT ", 8) != 0)
goto out;
if (ev->ev_log_bytes_per_sect < 9 || ev->ev_log_bytes_per_sect > 12) {
warnx("exfat: Invalid BytesPerSectorShift");
goto out;
}
bytespersec = (1u << ev->ev_log_bytes_per_sect);
error = exfat_compute_boot_chksum(fp, MAIN_BOOT_REGION_SECT,
bytespersec, &chksum);
if (error != 0)
goto out;
cksect = read_sect(fp, MAIN_BOOT_REGION_SECT + SUBREGION_CHKSUM_SECT,
bytespersec);
/*
* Technically the entire sector should be full of repeating 4-byte
* checksum pattern, but we only verify the first.
*/
if (chksum != le32toh(cksect[0])) {
warnx("exfat: Found checksum 0x%08x != computed 0x%08x",
le32toh(cksect[0]), chksum);
error = 1;
goto out;
}
#ifdef WITH_ICONV
if (show_label)
exfat_find_label(fp, ev, bytespersec, label, size);
#endif
out:
free(cksect);
free(ev);
return (error != 0);
}