aboutsummaryrefslogtreecommitdiffstats
path: root/sbin/fsck_ffs
diff options
context:
space:
mode:
authorKirk McKusick <mckusick@FreeBSD.org>2018-10-23 21:10:06 +0000
committerKirk McKusick <mckusick@FreeBSD.org>2018-10-23 21:10:06 +0000
commitec888383cff48d90ac65cdbcad1e3f8e152ff8ca (patch)
tree0f51492bb043f6e2c716b9eba95af4631be6c024 /sbin/fsck_ffs
parent8c6d2039230c7c4039c8fa42bf95dbec842783f4 (diff)
downloadsrc-ec888383cff48d90ac65cdbcad1e3f8e152ff8ca.tar.gz
src-ec888383cff48d90ac65cdbcad1e3f8e152ff8ca.zip
Continuing efforts to provide hardening of FFS, this change adds a
check hash to the superblock. If a check hash fails when an attempt is made to mount a filesystem, the mount fails with EINVAL (Invalid argument). This avoids a class of filesystem panics related to corrupted superblocks. The hash is done using crc32c. Check hases are added only to UFS2 and not to UFS1 as UFS1 is primarily used in embedded systems with small memories and low-powered processors which need as light-weight a filesystem as possible. Reviewed by: kib Tested by: Peter Holm Sponsored by: Netflix
Notes
Notes: svn path=/head/; revision=339671
Diffstat (limited to 'sbin/fsck_ffs')
-rw-r--r--sbin/fsck_ffs/main.c8
1 files changed, 5 insertions, 3 deletions
diff --git a/sbin/fsck_ffs/main.c b/sbin/fsck_ffs/main.c
index c160295d2702..e5118619475b 100644
--- a/sbin/fsck_ffs/main.c
+++ b/sbin/fsck_ffs/main.c
@@ -460,11 +460,13 @@ checkfilesys(char *filesys)
if ((sblock.fs_metackhash & CK_CYLGRP) == 0 &&
reply("ADD CYLINDER GROUP CHECK-HASH PROTECTION") != 0)
ckhashadd |= CK_CYLGRP;
-#ifdef notyet
if ((sblock.fs_metackhash & CK_SUPERBLOCK) == 0 &&
getosreldate() >= P_OSREL_CK_SUPERBLOCK &&
- reply("ADD SUPERBLOCK CHECK-HASH PROTECTION") != 0)
- ckhashadd |= CK_SUPERBLOCK;
+ reply("ADD SUPERBLOCK CHECK-HASH PROTECTION") != 0) {
+ sblock.fs_metackhash |= CK_SUPERBLOCK;
+ sbdirty();
+ }
+#ifdef notyet
if ((sblock.fs_metackhash & CK_INODE) == 0 &&
getosreldate() >= P_OSREL_CK_INODE &&
reply("ADD INODE CHECK-HASH PROTECTION") != 0)