diff options
-rw-r--r-- | sbin/Makefile | 2 | ||||
-rw-r--r-- | sbin/fsirand/Makefile | 8 | ||||
-rw-r--r-- | sbin/fsirand/fsirand.8 | 109 | ||||
-rw-r--r-- | sbin/fsirand/fsirand.c | 292 | ||||
-rw-r--r-- | sbin/newfs/Makefile | 2 | ||||
-rw-r--r-- | sbin/newfs/mkfs.c | 43 | ||||
-rw-r--r-- | sys/kern/vfs_extattr.c | 14 | ||||
-rw-r--r-- | sys/kern/vfs_syscalls.c | 14 | ||||
-rw-r--r-- | sys/ufs/ffs/ffs_alloc.c | 9 | ||||
-rw-r--r-- | sys/ufs/ffs/ffs_vfsops.c | 13 | ||||
-rw-r--r-- | sys/ufs/ffs/fs.h | 5 |
11 files changed, 486 insertions, 25 deletions
diff --git a/sbin/Makefile b/sbin/Makefile index 9307980..dc06d53 100644 --- a/sbin/Makefile +++ b/sbin/Makefile @@ -3,7 +3,7 @@ # XXX MISSING: icheck ncheck SUBDIR= adjkerntz badsect ccdconfig clri disklabel dmesg dset dump dumpfs \ - dumpon fsck fsdb ifconfig init ipfw md5 mknod modload \ + dumpon fsck fsdb fsirand ifconfig init ipfw md5 mknod modload \ modunload mount mount_cd9660 mount_ext2fs \ mount_lfs mount_nfs mount_null mount_portal mount_std \ mount_umap mount_union mountd newfs nfsd nfsiod \ diff --git a/sbin/fsirand/Makefile b/sbin/fsirand/Makefile new file mode 100644 index 0000000..5f2446b --- /dev/null +++ b/sbin/fsirand/Makefile @@ -0,0 +1,8 @@ +# $OpenBSD: Makefile,v 1.1 1997/01/26 02:23:20 millert Exp $ + +PROG= fsirand +MAN= fsirand.8 +DPADD= ${LIBUTIL} +LDADD= -lutil + +.include <bsd.prog.mk> diff --git a/sbin/fsirand/fsirand.8 b/sbin/fsirand/fsirand.8 new file mode 100644 index 0000000..94a02e3 --- /dev/null +++ b/sbin/fsirand/fsirand.8 @@ -0,0 +1,109 @@ +.\" Copyright (c) 1997 Todd C. Miller <Todd.Miller@courtesan.com> +.\" All rights reserved. +.\" +.\" Redistribution and use in source and binary forms, with or without +.\" modification, are permitted provided that the following conditions +.\" are met: +.\" 1. Redistributions of source code must retain the above copyright +.\" notice, this list of conditions and the following disclaimer. +.\" 2. Redistributions in binary form must reproduce the above copyright +.\" notice, this list of conditions and the following disclaimer in the +.\" documentation and/or other materials provided with the distribution. +.\" 3. All advertising materials mentioning features or use of this software +.\" must display the following acknowledgement: +.\" This product includes software developed by Todd C. Miller. +.\" 4. The name of the author may not be used to endorse or promote products +.\" derived from this software without specific prior written permission. +.\" +.\" THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, +.\" INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY +.\" AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL +.\" THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, +.\" EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, +.\" PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; +.\" OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, +.\" WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR +.\" OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF +.\" ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +.\" +.\" $OpenBSD: fsirand.8,v 1.6 1997/02/23 03:58:26 millert Exp $ +.\" +.Dd January 25, 1997 +.Dt FSIRAND 8 +.Os +.Sh NAME +.Nm fsirand +.Nd randomize inode generation numbers +.Sh SYNOPSIS +.Nm fsirand +.Op Fl b +.Op Fl f +.Op Fl p +.Ar special +.Op Ar "special ..." +.Sh DESCRIPTION +The +.Nm fsirand +command installs random generation numbers on all the inodes for +each filesystem specified on the command line by +.Ar special . +This increases the security of NFS-exported filesystems by making +it difficult to ``guess'' filehandles. +.Pp +.Em Note: +.Xr newfs 8 +now does the equivalent of +.Nm +itself so it is no longer necesary to +run +.Nm +by hand on a new filesystem. It is only used to +re-randomize or report on an existing filesystem. +.Pp +.Nm Fsirand +should only be used on an unmounted filesystem that +has been checked with +.Xr fsck 8 +or a filesystem that is mounted read-only. +.Nm Fsirand +may be used on the root filesystem in single-user mode +but the system should be rebooted via ``reboot -n'' afterwards. +.Sh OPTIONS +.Bl -tag -width indent +The available options are as follows: +.It Fl b +Use the default block size (usuallyt 512 bytes) instead +of the value gleaned from the disklabel. +.It Fl f +Force +.Nm +to run even if the filesystem on +.Ar special +is not marked as clean. +.It Fl p +Print the current generation numbers for all inodes instead of +generating new ones. +.Sh CAVEATS +Since +.Nm +allocates enough memory to hold all the inodes in +a given cylinder group it is may use a large amount +of memory for large disks with few cylinder groups. +.Sh SEE ALSO +.Xr fs 5 , +.Xr fsck 8 , +.Xr newfs 8 . +.Sh HISTORY +The +.Nm +command appeared in SunOS 3.x. +.br +This version of +.Nm +first appeared in +.Bx Open +2.1. +.Sh AUTHOR +.nf +Todd C. Miller <Todd.Miller@courtesan.com> +.fi diff --git a/sbin/fsirand/fsirand.c b/sbin/fsirand/fsirand.c new file mode 100644 index 0000000..4875ef5 --- /dev/null +++ b/sbin/fsirand/fsirand.c @@ -0,0 +1,292 @@ +/* $OpenBSD: fsirand.c,v 1.9 1997/02/28 00:46:33 millert Exp $ */ + +/* + * Copyright (c) 1997 Todd C. Miller <Todd.Miller@courtesan.com> + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. All advertising materials mentioning features or use of this software + * must display the following acknowledgement: + * This product includes software developed by Todd C. Miller. + * 4. The name of the author may not be used to endorse or promote products + * derived from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL + * THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, + * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, + * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; + * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, + * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR + * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF + * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#ifndef lint +static char rcsid[] = "$OpenBSD: fsirand.c,v 1.9 1997/02/28 00:46:33 millert Exp $"; +#endif /* not lint */ + +#include <sys/types.h> +#include <sys/disklabel.h> +#include <sys/ioctl.h> +#include <sys/param.h> +#include <sys/time.h> +#include <sys/resource.h> + +#include <ufs/ffs/fs.h> +#include <ufs/ufs/dinode.h> + +#include <err.h> +#include <errno.h> +#include <fcntl.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +#include <unistd.h> + +void usage __P((int)); +int fsirand __P((char *)); + +extern char *__progname; + +int printonly = 0, force = 0, ignorelabel = 0; + +int +main(argc, argv) + int argc; + char *argv[]; +{ + int n, ex = 0; + struct rlimit rl; + + while ((n = getopt(argc, argv, "bfp")) != -1) { + switch (n) { + case 'b': + ignorelabel++; + break; + case 'p': + printonly++; + break; + case 'f': + force++; + break; + default: + usage(1); + } + } + if (argc - optind < 1) + usage(1); + + /* Increase our data size to the max */ + if (getrlimit(RLIMIT_DATA, &rl) == 0) { + rl.rlim_cur = rl.rlim_max; + if (setrlimit(RLIMIT_DATA, &rl) < 0) + warn("Can't get resource limit to max data size"); + } else + warn("Can't get resource limit for data size"); + + for (n = optind; n < argc; n++) { + if (argc - optind != 1) + (void)puts(argv[n]); + ex += fsirand(argv[n]); + if (n < argc - 1) + putchar('\n'); + } + + exit(ex); +} + +int +fsirand(device) + char *device; +{ + static struct dinode *inodebuf; + static size_t oldibufsize; + size_t ibufsize; + struct fs *sblock; + ino_t inumber, maxino; + daddr_t dblk; + char sbuf[SBSIZE], sbuftmp[SBSIZE]; + int devfd, n, cg; + u_int32_t bsize = DEV_BSIZE; + struct disklabel label; + + if ((devfd = open(device, printonly ? O_RDONLY : O_RDWR)) < 0) { + warn("Can't open %s", device); + return (1); + } + + /* Get block size (usually 512) from disklabel if possible */ + if (!ignorelabel) { + if (ioctl(devfd, DIOCGDINFO, &label) < 0) + warn("Can't read disklabel, using sector size of %d", + bsize); + else + bsize = label.d_secsize; + } + + /* Read in master superblock */ + (void)memset(&sbuf, 0, sizeof(sbuf)); + sblock = (struct fs *)&sbuf; + if (lseek(devfd, SBOFF, SEEK_SET) == -1) { + warn("Can't seek to superblock (%qd) on %s", SBOFF, device); + return (1); + } + if ((n = read(devfd, (void *)sblock, SBSIZE)) != SBSIZE) { + warnx("Can't read superblock on %s: %s", device, + (n < SBSIZE) ? "short read" : strerror(errno)); + return (1); + } + maxino = sblock->fs_ncg * sblock->fs_ipg; + + /* Simple sanity checks on the superblock */ + if (sblock->fs_magic != FS_MAGIC) { + warnx("Bad magic number in superblock"); + return (1); + } + if (sblock->fs_sbsize > SBSIZE) { + warnx("Superblock size is preposterous"); + return (1); + } + if (sblock->fs_postblformat == FS_42POSTBLFMT) { + warnx("Filesystem format is too old, sorry"); + return (1); + } + if (!force && !printonly && sblock->fs_clean != 1) { + warnx("Filesystem is not clean, fsck %s first.", device); + return (1); + } + + /* Make sure backup superblocks are sane. */ + sblock = (struct fs *)&sbuftmp; + for (cg = 0; cg < sblock->fs_ncg; cg++) { + dblk = fsbtodb(sblock, cgsblock(sblock, cg)); + if (lseek(devfd, (off_t)dblk * bsize, SEEK_SET) < 0) { + warn("Can't seek to %qd", (off_t)dblk * bsize); + return (1); + } else if ((n = write(devfd, (void *)sblock, SBSIZE)) != SBSIZE) { + warn("Can't read backup superblock %d on %s: %s", + cg + 1, device, (n < SBSIZE) ? "short write" + : strerror(errno)); + return (1); + } + if (sblock->fs_magic != FS_MAGIC) { + warnx("Bad magic number in backup superblock %d on %s", + cg + 1, device); + return (1); + } + if (sblock->fs_sbsize > SBSIZE) { + warnx("Size of backup superblock %d on %s is preposterous", + cg + 1, device); + return (1); + } + } + sblock = (struct fs *)&sbuf; + + /* XXX - should really cap buffer at 512kb or so */ + ibufsize = sizeof(struct dinode) * sblock->fs_ipg; + if (oldibufsize < ibufsize) { + if ((inodebuf = realloc(inodebuf, ibufsize)) == NULL) + errx(1, "Can't allocate memory for inode buffer"); + oldibufsize = ibufsize; + } + + if (printonly && (sblock->fs_id[0] || sblock->fs_id[1])) { + if (sblock->fs_inodefmt >= FS_44INODEFMT && sblock->fs_id[0]) + (void)printf("%s was randomized on %s", device, + ctime((const time_t *)&(sblock->fs_id[0]))); + (void)printf("fsid: %x %x\n", sblock->fs_id[0], + sblock->fs_id[1]); + } + + /* Randomize fs_id unless old 4.2BSD filesystem */ + if ((sblock->fs_inodefmt >= FS_44INODEFMT) && !printonly) { + /* Randomize fs_id and write out new sblock and backups */ + sblock->fs_id[0] = (u_int32_t)time(NULL); + sblock->fs_id[1] = random(); + + if (lseek(devfd, SBOFF, SEEK_SET) == -1) { + warn("Can't seek to superblock (%qd) on %s", SBOFF, + device); + return (1); + } + if ((n = write(devfd, (void *)sblock, SBSIZE)) != SBSIZE) { + warn("Can't read superblock on %s: %s", device, + (n < SBSIZE) ? "short write" : strerror(errno)); + return (1); + } + } + + /* For each cylinder group, randomize inodes and update backup sblock */ + for (cg = 0, inumber = 0; cg < sblock->fs_ncg; cg++) { + /* Update superblock if appropriate */ + if ((sblock->fs_inodefmt >= FS_44INODEFMT) && !printonly) { + dblk = fsbtodb(sblock, cgsblock(sblock, cg)); + if (lseek(devfd, (off_t)dblk * bsize, SEEK_SET) < 0) { + warn("Can't seek to %qd", (off_t)dblk * bsize); + return (1); + } else if ((n = write(devfd, (void *)sblock, SBSIZE)) != SBSIZE) { + warn("Can't read backup superblock %d on %s: %s", + cg + 1, device, (n < SBSIZE) ? "short write" + : strerror(errno)); + return (1); + } + } + + /* Read in inodes, then print or randomize generation nums */ + dblk = fsbtodb(sblock, ino_to_fsba(sblock, inumber)); + if (lseek(devfd, (off_t)dblk * bsize, SEEK_SET) < 0) { + warn("Can't seek to %qd", (off_t)dblk * bsize); + return (1); + } else if ((n = read(devfd, inodebuf, ibufsize)) != ibufsize) { + warnx("Can't read inodes: %s", + (n < ibufsize) ? "short read" : strerror(errno)); + return (1); + } + + for (n = 0; n < sblock->fs_ipg; n++, inumber++) { + if (inumber >= ROOTINO) { + if (printonly) + (void)printf("ino %d gen %x\n", inumber, + inodebuf[n].di_gen); + else + inodebuf[n].di_gen = random(); + } + } + + /* Write out modified inodes */ + if (!printonly) { + if (lseek(devfd, (off_t)dblk * bsize, SEEK_SET) < 0) { + warn("Can't seek to %qd", + (off_t)dblk * bsize); + return (1); + } else if ((n = write(devfd, inodebuf, ibufsize)) != + ibufsize) { + warnx("Can't write inodes: %s", + (n != ibufsize) ? "short write" : + strerror(errno)); + return (1); + } + } + } + (void)close(devfd); + + return(0); +} + +void +usage(ex) + int ex; +{ + (void)fprintf(stderr, "Usage: %s [ -b ] [ -f ] [ -p ] special [special ...]\n", + __progname); + exit(ex); +} diff --git a/sbin/newfs/Makefile b/sbin/newfs/Makefile index ed9ad9d..d44fdba 100644 --- a/sbin/newfs/Makefile +++ b/sbin/newfs/Makefile @@ -6,7 +6,7 @@ MAN8= newfs.8 MOUNT= ${.CURDIR}/../mount CFLAGS+= -D_NEW_VFSCONF -CFLAGS+=-DMFS -I${MOUNT} +CFLAGS+=-DMFS -DFSIRAND -I${MOUNT} .PATH: ${MOUNT} ${.CURDIR}/../disklabel LINKS= ${BINDIR}/newfs ${BINDIR}/mount_mfs diff --git a/sbin/newfs/mkfs.c b/sbin/newfs/mkfs.c index ab4713d..63ad1bf 100644 --- a/sbin/newfs/mkfs.c +++ b/sbin/newfs/mkfs.c @@ -86,8 +86,6 @@ extern int realsectorsize; /* bytes/sector in hardware*/ extern int rpm; /* revolutions/minute of drive */ extern int interleave; /* hardware sector interleave */ extern int trackskew; /* sector 0 skew, per track */ -extern int headswitch; /* head switch time, usec */ -extern int trackseek; /* track-to-track seek, usec */ extern int fsize; /* fragment size */ extern int bsize; /* block size */ extern int cpg; /* cylinders/cylinder group */ @@ -121,6 +119,10 @@ union { struct dinode zino[MAXBSIZE / sizeof(struct dinode)]; +#ifdef FSIRAND +long fsi_random __P((void)); +#endif + int fsi, fso; daddr_t alloc(); static int charsperline(); @@ -591,8 +593,6 @@ next: sblock.fs_rotdelay = rotdelay; sblock.fs_minfree = minfree; sblock.fs_maxcontig = maxcontig; - sblock.fs_headswitch = headswitch; - sblock.fs_trkseek = trackseek; sblock.fs_maxbpg = maxbpg; sblock.fs_rps = rpm / 60; sblock.fs_optim = opt; @@ -604,6 +604,11 @@ next: sblock.fs_fmod = 0; sblock.fs_ronly = 0; sblock.fs_clean = 1; +#ifdef FSIRAND + sblock.fs_id[0] = (long)utime; + sblock.fs_id[1] = fsi_random(); +#endif + /* * Dump out summary information about file system. */ @@ -751,9 +756,14 @@ initcg(cylno, utime) setbit(cg_inosused(&acg), i); acg.cg_cs.cs_nifree--; } - for (i = 0; i < sblock.fs_ipg / INOPF(&sblock); i += sblock.fs_frag) + for (i = 0; i < sblock.fs_ipg / INOPF(&sblock); i += sblock.fs_frag) { +#ifdef FSIRAND + for (j = 0; j < sblock.fs_bsize / sizeof(struct dinode); j++) + zino[j].di_gen = fsi_random(); +#endif wtfs(fsbtodb(&sblock, cgimin(&sblock, cylno) + i), sblock.fs_bsize, (char *)zino); + } if (cylno > 0) { /* * In cylno 0, beginning space is reserved @@ -1057,6 +1067,9 @@ iput(ip, ino) daddr_t d; int c; +#ifdef FSIRAND + ip->di_gen = fsi_random(); +#endif c = ino_to_cg(&sblock, ino); rdfs(fsbtodb(&sblock, cgtod(&sblock, 0)), sblock.fs_cgsize, (char *)&acg); @@ -1336,3 +1349,23 @@ charsperline() columns = 80; /* last resort */ return columns; } + +#ifdef FSIRAND +long +fsi_random(void) { + static int fd = -1; + long ret; + + if (fd == -1) { + if ((fd = open("/dev/urandom", O_RDONLY)) == -1) { + perror("open /dev/urandom"); + exit(1); + } + } + if (read(fd, &ret, sizeof(ret)) != sizeof(ret)) { + perror("read /dev/urandom"); + exit(1); + } + return(ret); +} +#endif diff --git a/sys/kern/vfs_extattr.c b/sys/kern/vfs_extattr.c index 6404a8c..2997fe5 100644 --- a/sys/kern/vfs_extattr.c +++ b/sys/kern/vfs_extattr.c @@ -36,7 +36,7 @@ * SUCH DAMAGE. * * @(#)vfs_syscalls.c 8.13 (Berkeley) 4/15/94 - * $Id: vfs_syscalls.c,v 1.59 1997/03/05 01:42:14 msmith Exp $ + * $Id: vfs_syscalls.c,v 1.60 1997/03/23 03:36:35 bde Exp $ */ /* @@ -558,6 +558,7 @@ statfs(p, uap, retval) register struct statfs *sp; int error; struct nameidata nd; + struct statfs sb; NDINIT(&nd, LOOKUP, FOLLOW, UIO_USERSPACE, SCARG(uap, path), p); if (error = namei(&nd)) @@ -569,6 +570,11 @@ statfs(p, uap, retval) if (error) return (error); sp->f_flags = mp->mnt_flag & MNT_VISFLAGMASK; + if (p->p_ucred->cr_uid != 0) { + bcopy((caddr_t)sp, (caddr_t)&sb, sizeof(sb)); + sb.f_fsid.val[0] = sb.f_fsid.val[1] = 0; + sp = &sb; + } return (copyout((caddr_t)sp, (caddr_t)SCARG(uap, buf), sizeof(*sp))); } @@ -595,6 +601,7 @@ fstatfs(p, uap, retval) struct mount *mp; register struct statfs *sp; int error; + struct statfs sb; if (error = getvnode(p->p_fd, SCARG(uap, fd), &fp)) return (error); @@ -604,6 +611,11 @@ fstatfs(p, uap, retval) if (error) return (error); sp->f_flags = mp->mnt_flag & MNT_VISFLAGMASK; + if (p->p_ucred->cr_uid != 0) { + bcopy((caddr_t)sp, (caddr_t)&sb, sizeof(sb)); + sb.f_fsid.val[0] = sb.f_fsid.val[1] = 0; + sp = &sb; + } return (copyout((caddr_t)sp, (caddr_t)SCARG(uap, buf), sizeof(*sp))); } diff --git a/sys/kern/vfs_syscalls.c b/sys/kern/vfs_syscalls.c index 6404a8c..2997fe5 100644 --- a/sys/kern/vfs_syscalls.c +++ b/sys/kern/vfs_syscalls.c @@ -36,7 +36,7 @@ * SUCH DAMAGE. * * @(#)vfs_syscalls.c 8.13 (Berkeley) 4/15/94 - * $Id: vfs_syscalls.c,v 1.59 1997/03/05 01:42:14 msmith Exp $ + * $Id: vfs_syscalls.c,v 1.60 1997/03/23 03:36:35 bde Exp $ */ /* @@ -558,6 +558,7 @@ statfs(p, uap, retval) register struct statfs *sp; int error; struct nameidata nd; + struct statfs sb; NDINIT(&nd, LOOKUP, FOLLOW, UIO_USERSPACE, SCARG(uap, path), p); if (error = namei(&nd)) @@ -569,6 +570,11 @@ statfs(p, uap, retval) if (error) return (error); sp->f_flags = mp->mnt_flag & MNT_VISFLAGMASK; + if (p->p_ucred->cr_uid != 0) { + bcopy((caddr_t)sp, (caddr_t)&sb, sizeof(sb)); + sb.f_fsid.val[0] = sb.f_fsid.val[1] = 0; + sp = &sb; + } return (copyout((caddr_t)sp, (caddr_t)SCARG(uap, buf), sizeof(*sp))); } @@ -595,6 +601,7 @@ fstatfs(p, uap, retval) struct mount *mp; register struct statfs *sp; int error; + struct statfs sb; if (error = getvnode(p->p_fd, SCARG(uap, fd), &fp)) return (error); @@ -604,6 +611,11 @@ fstatfs(p, uap, retval) if (error) return (error); sp->f_flags = mp->mnt_flag & MNT_VISFLAGMASK; + if (p->p_ucred->cr_uid != 0) { + bcopy((caddr_t)sp, (caddr_t)&sb, sizeof(sb)); + sb.f_fsid.val[0] = sb.f_fsid.val[1] = 0; + sp = &sb; + } return (copyout((caddr_t)sp, (caddr_t)SCARG(uap, buf), sizeof(*sp))); } diff --git a/sys/ufs/ffs/ffs_alloc.c b/sys/ufs/ffs/ffs_alloc.c index 3be3f2f..3483b56 100644 --- a/sys/ufs/ffs/ffs_alloc.c +++ b/sys/ufs/ffs/ffs_alloc.c @@ -31,7 +31,7 @@ * SUCH DAMAGE. * * @(#)ffs_alloc.c 8.18 (Berkeley) 5/26/95 - * $Id: ffs_alloc.c,v 1.31 1997/03/09 06:00:40 mpp Exp $ + * $Id: ffs_alloc.c,v 1.32 1997/03/22 06:53:28 bde Exp $ */ #include "opt_quota.h" @@ -55,8 +55,6 @@ #include <ufs/ffs/fs.h> #include <ufs/ffs/ffs_extern.h> -extern u_long nextgennumber; - typedef ufs_daddr_t allocfcn_t __P((struct inode *ip, int cg, ufs_daddr_t bpref, int size)); @@ -601,9 +599,8 @@ ffs_valloc(ap) /* * Set up a new generation number for this inode. */ - if (++nextgennumber < (u_long)time.tv_sec) - nextgennumber = time.tv_sec; - ip->i_gen = nextgennumber; + if (ip->i_gen == 0 || ++(ip->i_gen) == 0) + ip->i_gen = random() / 2 + 1; return (0); noinodes: ffs_fserr(fs, ap->a_cred->cr_uid, "out of inodes"); diff --git a/sys/ufs/ffs/ffs_vfsops.c b/sys/ufs/ffs/ffs_vfsops.c index 6250975..31c5486 100644 --- a/sys/ufs/ffs/ffs_vfsops.c +++ b/sys/ufs/ffs/ffs_vfsops.c @@ -31,7 +31,7 @@ * SUCH DAMAGE. * * @(#)ffs_vfsops.c 8.31 (Berkeley) 5/20/95 - * $Id: ffs_vfsops.c,v 1.49 1997/03/22 06:53:30 bde Exp $ + * $Id: ffs_vfsops.c,v 1.50 1997/03/23 03:37:34 bde Exp $ */ #include "opt_quota.h" @@ -92,8 +92,6 @@ struct vfsops ufs_vfsops = { VFS_SET(ufs_vfsops, ufs, MOUNT_UFS, 0); -extern u_long nextgennumber; - /* * ffs_mount * @@ -585,7 +583,10 @@ ffs_mountfs(devvp, mp, p) } mp->mnt_data = (qaddr_t)ump; mp->mnt_stat.f_fsid.val[0] = (long)dev; - mp->mnt_stat.f_fsid.val[1] = mp->mnt_vfc->vfc_typenum; + if (fs->fs_id[0] != 0 && fs->fs_id[1] != 0) + mp->mnt_stat.f_fsid.val[1] = fs->fs_id[1]; + else + mp->mnt_stat.f_fsid.val[1] = mp->mnt_vfc->vfc_typenum; mp->mnt_maxsymlinklen = fs->fs_maxsymlinklen; mp->mnt_flag |= MNT_LOCAL; ump->um_mountp = mp; @@ -1015,9 +1016,7 @@ restart: * already have one. This should only happen on old filesystems. */ if (ip->i_gen == 0) { - if (++nextgennumber < (u_long)time.tv_sec) - nextgennumber = time.tv_sec; - ip->i_gen = nextgennumber; + ip->i_gen = random() / 2 + 1; if ((vp->v_mount->mnt_flag & MNT_RDONLY) == 0) ip->i_flag |= IN_MODIFIED; } diff --git a/sys/ufs/ffs/fs.h b/sys/ufs/ffs/fs.h index df9f95a..9c9debe 100644 --- a/sys/ufs/ffs/fs.h +++ b/sys/ufs/ffs/fs.h @@ -31,7 +31,7 @@ * SUCH DAMAGE. * * @(#)fs.h 8.13 (Berkeley) 3/21/95 - * $Id$ + * $Id: fs.h,v 1.10 1997/02/22 09:47:11 peter Exp $ */ #ifndef _UFS_FFS_FS_H_ @@ -200,8 +200,7 @@ struct fs { int32_t fs_npsect; /* # sectors/track including spares */ int32_t fs_interleave; /* hardware sector interleave */ int32_t fs_trackskew; /* sector 0 skew, per track */ - int32_t fs_headswitch; /* head switch time, usec */ - int32_t fs_trkseek; /* track-to-track seek, usec */ +/* fs_id takes the space of the unused fs_headswitch and fs_trkseek fields */ int32_t fs_id[2]; /* unique filesystem id */ /* sizes determined by number of cylinder groups and their sizes */ ufs_daddr_t fs_csaddr; /* blk addr of cyl grp summary area */ int32_t fs_cssize; /* size of cyl grp summary area */ |