1 /*	$OpenBSD: ar_io.c,v 1.39 2009/10/27 23:59:22 deraadt Exp $	*/
2 /*	$NetBSD: ar_io.c,v 1.5 1996/03/26 23:54:13 mrg Exp $	*/
3 
4 /*-
5  * Copyright (c) 2012
6  *	Thorsten Glaser <tg@debian.org>
7  * Copyright (c) 1992 Keith Muller.
8  * Copyright (c) 1992, 1993
9  *	The Regents of the University of California.  All rights reserved.
10  *
11  * This code is derived from software contributed to Berkeley by
12  * Keith Muller of the University of California, San Diego.
13  *
14  * Redistribution and use in source and binary forms, with or without
15  * modification, are permitted provided that the following conditions
16  * are met:
17  * 1. Redistributions of source code must retain the above copyright
18  *    notice, this list of conditions and the following disclaimer.
19  * 2. Redistributions in binary form must reproduce the above copyright
20  *    notice, this list of conditions and the following disclaimer in the
21  *    documentation and/or other materials provided with the distribution.
22  * 3. Neither the name of the University nor the names of its contributors
23  *    may be used to endorse or promote products derived from this software
24  *    without specific prior written permission.
25  *
26  * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
27  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
28  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
29  * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
30  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
31  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
32  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
33  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
34  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
35  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
36  * SUCH DAMAGE.
37  */
38 
39 #include <sys/param.h>
40 #include <sys/time.h>
41 #include <sys/stat.h>
42 #include <sys/ioctl.h>
43 #include <sys/wait.h>
44 #include <signal.h>
45 #include <string.h>
46 #include <fcntl.h>
47 #include <unistd.h>
48 #include <stdio.h>
49 #include <errno.h>
50 #include <stdlib.h>
51 #include <time.h>
52 #include <err.h>
53 #include "pax.h"
54 #include "options.h"
55 #include "extern.h"
56 
57 #if HAS_TAPE
58 #include <sys/mtio.h>
59 #endif
60 
61 __RCSID("$MirOS: src/bin/pax/ar_io.c,v 1.18 2012/06/05 19:09:41 tg Exp $");
62 
63 /*
64  * Routines which deal directly with the archive I/O device/file.
65  */
66 
67 #define DMOD		0666		/* default mode of created archives */
68 #define EXT_MODE	O_RDONLY	/* open mode for list/extract */
69 #define AR_MODE		(O_WRONLY | O_CREAT | O_TRUNC)	/* mode for archive */
70 #define APP_MODE	O_RDWR		/* mode for append */
71 #define STDO		"<STDOUT>"	/* pseudo name for stdout */
72 #define STDN		"<STDIN>"	/* pseudo name for stdin */
73 int arfd = -1;				/* archive file descriptor */
74 static int artyp = ISREG;		/* archive type: file/FIFO/tape */
75 static int arvol = 1;			/* archive volume number */
76 static int lstrval = -1;		/* return value from last i/o */
77 static int io_ok;			/* i/o worked on volume after resync */
78 static int did_io;			/* did i/o ever occur on volume? */
79 static int done;			/* set via tty termination */
80 static struct stat arsb;		/* stat of archive device at open */
81 static int invld_rec;			/* tape has out of spec record size */
82 static int wr_trail = 1;		/* trailer was rewritten in append */
83 static int can_unlnk = 0;		/* do we unlink null archives?  */
84 const char *arcname;			/* printable name of archive */
85 static char *arcname_alloc = NULL;	/* this is so we can free(3) it */
86 const char *compress_program;		/* name of compression programme */
87 static pid_t zpid = -1;			/* pid of child process */
88 int force_one_volume;			/* 1 if we ignore volume changes */
89 
90 #if HAS_TAPE
91 static int get_phys(void);
92 #endif
93 extern sigset_t s_mask;
94 static void ar_start_compress(int, int);
95 
96 /*
97  * ar_open()
98  *	Opens the next archive volume. Determines the type of the device and
99  *	sets up block sizes as required by the archive device and the format.
100  *	Note: we may be called with name == NULL on the first open only.
101  * Return:
102  *	-1 on failure, 0 otherwise
103  */
104 
105 int
ar_open(const char * name)106 ar_open(const char *name)
107 {
108 #if HAS_TAPE
109 	struct mtget mb;
110 #endif
111 
112 	if (arfd != -1)
113 		(void)close(arfd);
114 	arfd = -1;
115 	can_unlnk = did_io = io_ok = invld_rec = 0;
116 	artyp = ISREG;
117 	flcnt = 0;
118 
119 	/*
120 	 * open based on overall operation mode
121 	 */
122 	switch (act) {
123 	case LIST:
124 	case EXTRACT:
125 		if (name == NULL) {
126 			arfd = STDIN_FILENO;
127 			arcname = STDN;
128 		} else if ((arfd = open(name, EXT_MODE, DMOD)) < 0)
129 			syswarn(1, errno, "Failed open to read on %s", name);
130 		if (arfd != -1 && compress_program != NULL)
131 			ar_start_compress(arfd, 0);
132 		break;
133 	case ARCHIVE:
134 		if (name == NULL) {
135 			arfd = STDOUT_FILENO;
136 			arcname = STDO;
137 		} else if ((arfd = open(name, AR_MODE, DMOD)) < 0)
138 			syswarn(1, errno, "Failed open to write on %s", name);
139 		else
140 			can_unlnk = 1;
141 		if (arfd != -1 && compress_program != NULL)
142 			ar_start_compress(arfd, 1);
143 		break;
144 	case APPND:
145 		if (name == NULL) {
146 			arfd = STDOUT_FILENO;
147 			arcname = STDO;
148 		} else if ((arfd = open(name, APP_MODE, DMOD)) < 0)
149 			syswarn(1, errno, "Failed open to read/write on %s",
150 				name);
151 		break;
152 	case COPY:
153 		/*
154 		 * arfd not used in COPY mode
155 		 */
156 		arcname = "<NONE>";
157 		lstrval = 1;
158 		return(0);
159 	}
160 	if (arfd < 0)
161 		return(-1);
162 
163 	if (chdname != NULL)
164 		if (chdir(chdname) != 0) {
165 			syswarn(1, errno, "Failed chdir to %s", chdname);
166 			return(-1);
167 		}
168 	/*
169 	 * set up is based on device type
170 	 */
171 	if (fstat(arfd, &arsb) < 0) {
172 		syswarn(1, errno, "Failed stat on %s", arcname);
173 		(void)close(arfd);
174 		arfd = -1;
175 		can_unlnk = 0;
176 		return(-1);
177 	}
178 	if (S_ISDIR(arsb.st_mode)) {
179 		paxwarn(0, "Cannot write an archive on top of a directory %s",
180 		    arcname);
181 		(void)close(arfd);
182 		arfd = -1;
183 		can_unlnk = 0;
184 		return(-1);
185 	}
186 
187 	if (S_ISCHR(arsb.st_mode))
188 #if HAS_TAPE
189 		artyp = ioctl(arfd, MTIOCGET, &mb) ? ISCHR : ISTAPE;
190 #else
191 		artyp = ISCHR;
192 #endif
193 	else if (S_ISBLK(arsb.st_mode))
194 		artyp = ISBLK;
195 	else if ((lseek(arfd, (off_t)0L, SEEK_CUR) == -1) && (errno == ESPIPE))
196 		artyp = ISPIPE;
197 	else
198 		artyp = ISREG;
199 
200 	/*
201 	 * make sure we beyond any doubt that we only can unlink regular files
202 	 * we created
203 	 */
204 	if (artyp != ISREG)
205 		can_unlnk = 0;
206 	/*
207 	 * if we are writing, we are done
208 	 */
209 	if (act == ARCHIVE) {
210 		blksz = rdblksz = wrblksz;
211 		lstrval = 1;
212 		return(0);
213 	}
214 
215 	/*
216 	 * set default blksz on read. APPNDs writes rdblksz on the last volume
217 	 * On all new archive volumes, we shift to wrblksz (if the user
218 	 * specified one, otherwise we will continue to use rdblksz). We
219 	 * must set blocksize based on what kind of device the archive is
220 	 * stored.
221 	 */
222 	switch (artyp) {
223 	case ISTAPE:
224 		/*
225 		 * Tape drives come in at least two flavors. Those that support
226 		 * variable sized records and those that have fixed sized
227 		 * records. They must be treated differently. For tape drives
228 		 * that support variable sized records, we must make large
229 		 * reads to make sure we get the entire record, otherwise we
230 		 * will just get the first part of the record (up to size we
231 		 * asked). Tapes with fixed sized records may or may not return
232 		 * multiple records in a single read. We really do not care
233 		 * what the physical record size is UNLESS we are going to
234 		 * append. (We will need the physical block size to rewrite
235 		 * the trailer). Only when we are appending do we go to the
236 		 * effort to figure out the true PHYSICAL record size.
237 		 */
238 		blksz = rdblksz = MAXBLK;
239 		break;
240 	case ISPIPE:
241 	case ISBLK:
242 	case ISCHR:
243 		/*
244 		 * Blocksize is not a major issue with these devices (but must
245 		 * be kept a multiple of 512). If the user specified a write
246 		 * block size, we use that to read. Under append, we must
247 		 * always keep blksz == rdblksz. Otherwise we go ahead and use
248 		 * the device optimal blocksize as (and if) returned by stat
249 		 * and if it is within pax specs.
250 		 */
251 		if ((act == APPND) && wrblksz) {
252 			blksz = rdblksz = wrblksz;
253 			break;
254 		}
255 
256 		if ((arsb.st_blksize > 0) && (arsb.st_blksize < MAXBLK) &&
257 		    ((arsb.st_blksize % BLKMULT) == 0))
258 			rdblksz = arsb.st_blksize;
259 		else
260 			rdblksz = DEVBLK;
261 		/*
262 		 * For performance go for large reads when we can without harm
263 		 */
264 		if ((act == APPND) || (artyp == ISCHR))
265 			blksz = rdblksz;
266 		else
267 			blksz = MAXBLK;
268 		break;
269 	case ISREG:
270 		/*
271 		 * if the user specified wrblksz works, use it. Under appends
272 		 * we must always keep blksz == rdblksz
273 		 */
274 		if ((act == APPND) && wrblksz && ((arsb.st_size%wrblksz)==0)){
275 			blksz = rdblksz = wrblksz;
276 			break;
277 		}
278 		/*
279 		 * See if we can find the blocking factor from the file size
280 		 */
281 		for (rdblksz = MAXBLK; rdblksz > 0; rdblksz -= BLKMULT)
282 			if ((arsb.st_size % rdblksz) == 0)
283 				break;
284 		/*
285 		 * When we cannot find a match, we may have a flawed archive.
286 		 */
287 		if (rdblksz <= 0)
288 			rdblksz = FILEBLK;
289 		/*
290 		 * for performance go for large reads when we can
291 		 */
292 		if (act == APPND)
293 			blksz = rdblksz;
294 		else
295 			blksz = MAXBLK;
296 		break;
297 	default:
298 		/*
299 		 * should never happen, worst case, slow...
300 		 */
301 		blksz = rdblksz = BLKMULT;
302 		break;
303 	}
304 	lstrval = 1;
305 	return(0);
306 }
307 
308 /*
309  * ar_close()
310  *	closes archive device, increments volume number, and prints i/o summary
311  */
312 void
ar_close(void)313 ar_close(void)
314 {
315 	int status;
316 
317 	if (arfd < 0) {
318 		did_io = io_ok = flcnt = 0;
319 		if (vfpart) {
320 			(void)putc('\n', listf);
321 			vfpart = 0;
322 		}
323 		return;
324 	}
325 
326 	/*
327 	 * Close archive file. This may take a LONG while on tapes (we may be
328 	 * forced to wait for the rewind to complete) so tell the user what is
329 	 * going on (this avoids the user hitting control-c thinking pax is
330 	 * broken).
331 	 */
332 	if (vflag && (artyp == ISTAPE)) {
333 		if (vfpart)
334 			(void)putc('\n', listf);
335 		(void)fprintf(listf,
336 			"%s: Waiting for tape drive close to complete...",
337 			argv0);
338 		(void)fflush(listf);
339 	}
340 
341 	/*
342 	 * if nothing was written to the archive (and we created it), we remove
343 	 * it
344 	 */
345 	if (can_unlnk && (fstat(arfd, &arsb) == 0) && (S_ISREG(arsb.st_mode)) &&
346 	    (arsb.st_size == 0)) {
347 		(void)unlink(arcname);
348 		can_unlnk = 0;
349 	}
350 
351 	/*
352 	 * for a quick extract/list, pax frequently exits before the child
353 	 * process is done
354 	 */
355 	if ((act == LIST || act == EXTRACT) && nflag && zpid > 0)
356 		kill(zpid, SIGINT);
357 
358 	(void)close(arfd);
359 
360 	/* Do not exit before child to ensure data integrity */
361 	if (zpid > 0)
362 		waitpid(zpid, &status, 0);
363 
364 	if (vflag && (artyp == ISTAPE)) {
365 		(void)fputs("done.\n", listf);
366 		vfpart = 0;
367 		(void)fflush(listf);
368 	}
369 	arfd = -1;
370 
371 	if (!io_ok && !did_io) {
372 		flcnt = 0;
373 		return;
374 	}
375 	did_io = io_ok = 0;
376 
377 	/*
378 	 * The volume number is only increased when the last device has data
379 	 * and we have already determined the archive format.
380 	 */
381 	if (frmt != NULL)
382 		++arvol;
383 
384 	/* Vflag can cause this to have been set */
385 	if (vfpart) {
386 		(void)putc('\n', listf);
387 		vfpart = 0;
388 	}
389 
390 	/* nothing to do any more, unless vflag */
391 	if (!vflag) {
392 		flcnt = 0;
393 		return;
394 	}
395 
396 	/*
397 	 * Print out a summary of I/O for this archive volume.
398 	 */
399 
400 	/*
401 	 * If we have not determined the format yet, we just say how many bytes
402 	 * we have skipped over looking for a header to id. there is no way we
403 	 * could have written anything yet.
404 	 */
405 	if (frmt == NULL) {
406 		(void)fprintf(listf, "%s: unknown format, %" OT_FMT
407 		    " bytes skipped.\n", argv0, (ot_type)rdcnt);
408 		(void)fflush(listf);
409 		flcnt = 0;
410 		return;
411 	}
412 
413 	if (strcmp(NM_CPIO, argv0) == 0)
414 		(void)fprintf(listf, "%" OT_FMT " blocks\n",
415 		    (ot_type)((rdcnt ? rdcnt : wrcnt) / 5120));
416 	else if (strcmp(NM_TAR, argv0) != 0)
417 		(void)fprintf(listf,
418 		    "%s: %s vol %d, %lu files, %" OT_FMT " bytes read, %"
419 		    OT_FMT " bytes written.\n", argv0, frmt->name, arvol-1,
420 		    flcnt, (ot_type)rdcnt, (ot_type)wrcnt);
421 	(void)fflush(listf);
422 	flcnt = 0;
423 }
424 
425 /*
426  * ar_drain()
427  *	drain any archive format independent padding from an archive read
428  *	from a socket or a pipe. This is to prevent the process on the
429  *	other side of the pipe from getting a SIGPIPE (pax will stop
430  *	reading an archive once a format dependent trailer is detected).
431  */
432 void
ar_drain(void)433 ar_drain(void)
434 {
435 	int res;
436 	char drbuf[MAXBLK];
437 
438 	/*
439 	 * we only drain from a pipe/socket. Other devices can be closed
440 	 * without reading up to end of file. We sure hope that pipe is closed
441 	 * on the other side so we will get an EOF.
442 	 */
443 	if ((artyp != ISPIPE) || (lstrval <= 0))
444 		return;
445 
446 	/*
447 	 * keep reading until pipe is drained
448 	 */
449 	while ((res = read(arfd, drbuf, sizeof(drbuf))) > 0)
450 		;
451 	lstrval = res;
452 }
453 
454 /*
455  * ar_set_wr()
456  *	Set up device right before switching from read to write in an append.
457  *	device dependent code (if required) to do this should be added here.
458  *	For all archive devices we are already positioned at the place we want
459  *	to start writing when this routine is called.
460  * Return:
461  *	0 if all ready to write, -1 otherwise
462  */
463 
464 int
ar_set_wr(void)465 ar_set_wr(void)
466 {
467 	off_t cpos;
468 
469 	/*
470 	 * we must make sure the trailer is rewritten on append, ar_next()
471 	 * will stop us if the archive containing the trailer was not written
472 	 */
473 	wr_trail = 0;
474 
475 	/*
476 	 * Add any device dependent code as required here
477 	 */
478 	if (artyp != ISREG)
479 		return(0);
480 	/*
481 	 * Ok we have an archive in a regular file. If we were rewriting a
482 	 * file, we must get rid of all the stuff after the current offset
483 	 * (it was not written by pax).
484 	 */
485 	if (((cpos = lseek(arfd, (off_t)0L, SEEK_CUR)) < 0) ||
486 	    (ftruncate(arfd, cpos) < 0)) {
487 		syswarn(1, errno, "Unable to truncate archive file");
488 		return(-1);
489 	}
490 	return(0);
491 }
492 
493 /*
494  * ar_app_ok()
495  *	check if the last volume in the archive allows appends. We cannot check
496  *	this until we are ready to write since there is no spec that says all
497  *	volumes in a single archive have to be of the same type...
498  * Return:
499  *	0 if we can append, -1 otherwise.
500  */
501 
502 int
ar_app_ok(void)503 ar_app_ok(void)
504 {
505 	if (artyp == ISPIPE) {
506 		paxwarn(1, "Cannot append to an archive obtained from a pipe.");
507 		return(-1);
508 	}
509 
510 	if (!invld_rec)
511 		return(0);
512 	paxwarn(1,"Cannot append, device record size %d does not support %s spec",
513 		rdblksz, argv0);
514 	return(-1);
515 }
516 
517 /*
518  * ar_read()
519  *	read up to a specified number of bytes from the archive into the
520  *	supplied buffer. When dealing with tapes we may not always be able to
521  *	read what we want.
522  * Return:
523  *	Number of bytes in buffer. 0 for end of file, -1 for a read error.
524  */
525 
526 int
ar_read(char * buf,int cnt)527 ar_read(char *buf, int cnt)
528 {
529 	int res = 0;
530 
531 	/*
532 	 * if last i/o was in error, no more reads until reset or new volume
533 	 */
534 	if (lstrval <= 0)
535 		return(lstrval);
536 
537 	/*
538 	 * how we read must be based on device type
539 	 */
540 	switch (artyp) {
541 	case ISTAPE:
542 		if ((res = read(arfd, buf, cnt)) > 0) {
543 			/*
544 			 * CAUTION: tape systems may not always return the same
545 			 * sized records so we leave blksz == MAXBLK. The
546 			 * physical record size that a tape drive supports is
547 			 * very hard to determine in a uniform and portable
548 			 * manner.
549 			 */
550 			io_ok = 1;
551 			if (res != rdblksz) {
552 				/*
553 				 * Record size changed. If this happens on
554 				 * any record after the first, we probably have
555 				 * a tape drive which has a fixed record size
556 				 * (we are getting multiple records in a single
557 				 * read). Watch out for record blocking that
558 				 * violates pax spec (must be a multiple of
559 				 * BLKMULT).
560 				 */
561 				rdblksz = res;
562 				if (rdblksz % BLKMULT)
563 					invld_rec = 1;
564 			}
565 			return(res);
566 		}
567 		break;
568 	case ISREG:
569 	case ISBLK:
570 	case ISCHR:
571 	case ISPIPE:
572 	default:
573 		/*
574 		 * Files are so easy to deal with. These other things cannot
575 		 * be trusted at all. So when we are dealing with character
576 		 * devices and pipes we just take what they have ready for us
577 		 * and return. Trying to do anything else with them runs the
578 		 * risk of failure.
579 		 */
580 		if ((res = read(arfd, buf, cnt)) > 0) {
581 			io_ok = 1;
582 			return(res);
583 		}
584 		break;
585 	}
586 
587 	/*
588 	 * We are in trouble at this point, something is broken...
589 	 */
590 	lstrval = res;
591 	if (res < 0)
592 		syswarn(1, errno, "Failed read on archive volume %d", arvol);
593 	else if (!frmt || !frmt->is_uar)
594 		paxwarn(0, "End of archive volume %d reached", arvol);
595 	return(res);
596 }
597 
598 /*
599  * ar_write()
600  *	Write a specified number of bytes in supplied buffer to the archive
601  *	device so it appears as a single "block". Deals with errors and tries
602  *	to recover when faced with short writes.
603  * Return:
604  *	Number of bytes written. 0 indicates end of volume reached and with no
605  *	flaws (as best that can be detected). A -1 indicates an unrecoverable
606  *	error in the archive occurred.
607  */
608 
609 int
ar_write(char * buf,int bsz)610 ar_write(char *buf, int bsz)
611 {
612 	int res;
613 	off_t cpos;
614 
615 	/*
616 	 * do not allow pax to create a "bad" archive. Once a write fails on
617 	 * an archive volume prevent further writes to it.
618 	 */
619 	if (lstrval <= 0)
620 		return(lstrval);
621 
622 	if ((res = write(arfd, buf, bsz)) == bsz) {
623 		wr_trail = 1;
624 		io_ok = 1;
625 		return(bsz);
626 	}
627 	/*
628 	 * write broke, see what we can do with it. We try to send any partial
629 	 * writes that may violate pax spec to the next archive volume.
630 	 */
631 	if (res < 0)
632 		lstrval = res;
633 	else
634 		lstrval = 0;
635 
636 	switch (artyp) {
637 	case ISREG:
638 		if ((res > 0) && (res % BLKMULT)) {
639 			/*
640 			 * try to fix up partial writes which are not BLKMULT
641 			 * in size by forcing the runt record to next archive
642 			 * volume
643 			 */
644 			if ((cpos = lseek(arfd, (off_t)0L, SEEK_CUR)) < 0)
645 				break;
646 			cpos -= (off_t)res;
647 			if (ftruncate(arfd, cpos) < 0)
648 				break;
649 			res = lstrval = 0;
650 			break;
651 		}
652 		if (res >= 0)
653 			break;
654 		/*
655 		 * if file is out of space, handle it like a return of 0
656 		 */
657 		if ((errno == ENOSPC) || (errno == EFBIG) || (errno == EDQUOT))
658 			res = lstrval = 0;
659 		break;
660 	case ISTAPE:
661 	case ISCHR:
662 	case ISBLK:
663 		if (res >= 0)
664 			break;
665 		if (errno == EACCES) {
666 			paxwarn(0, "Write failed, archive is write protected.");
667 			res = lstrval = 0;
668 			return(0);
669 		}
670 		/*
671 		 * see if we reached the end of media, if so force a change to
672 		 * the next volume
673 		 */
674 		if ((errno == ENOSPC) || (errno == EIO) || (errno == ENXIO))
675 			res = lstrval = 0;
676 		break;
677 	case ISPIPE:
678 	default:
679 		/*
680 		 * we cannot fix errors to these devices
681 		 */
682 		break;
683 	}
684 
685 	/*
686 	 * Better tell the user the bad news...
687 	 * if this is a block aligned archive format, we may have a bad archive
688 	 * if the format wants the header to start at a BLKMULT boundary.. While
689 	 * we can deal with the mis-aligned data, it violates spec and other
690 	 * archive readers will likely fail. if the format is not block
691 	 * aligned, the user may be lucky (and the archive is ok).
692 	 */
693 	if (res >= 0) {
694 		if (res > 0)
695 			wr_trail = 1;
696 		io_ok = 1;
697 	}
698 
699 	/*
700 	 * If we were trying to rewrite the trailer and it didn't work, we
701 	 * must quit right away.
702 	 */
703 	if (!wr_trail && (res <= 0)) {
704 		paxwarn(1,"Unable to append, trailer re-write failed. Quitting.");
705 		return(res);
706 	}
707 
708 	if (res == 0)
709 		paxwarn(0, "End of archive volume %d reached", arvol);
710 	else if (res < 0)
711 		syswarn(1, errno, "Failed write to archive volume: %d", arvol);
712 	else if (!frmt->blkalgn || ((res % frmt->blkalgn) == 0))
713 		paxwarn(0,"WARNING: partial archive write. Archive MAY BE FLAWED");
714 	else
715 		paxwarn(1,"WARNING: partial archive write. Archive IS FLAWED");
716 	return(res);
717 }
718 
719 /*
720  * ar_rdsync()
721  *	Try to move past a bad spot on a flawed archive as needed to continue
722  *	I/O. Clears error flags to allow I/O to continue.
723  * Return:
724  *	0 when ok to try i/o again, -1 otherwise.
725  */
726 
727 int
ar_rdsync(void)728 ar_rdsync(void)
729 {
730 	long fsbz;
731 	off_t cpos;
732 	off_t mpos;
733 #if HAS_TAPE
734 	struct mtop mb;
735 #endif
736 
737 	/*
738 	 * Fail resync attempts at user request (done) or if this is going to be
739 	 * an update/append to a existing archive. if last i/o hit media end,
740 	 * we need to go to the next volume not try a resync
741 	 */
742 	if ((done > 0) || (lstrval == 0))
743 		return(-1);
744 
745 	if ((act == APPND) || (act == ARCHIVE)) {
746 		paxwarn(1, "Cannot allow updates to an archive with flaws.");
747 		return(-1);
748 	}
749 	if (io_ok)
750 		did_io = 1;
751 
752 	switch (artyp) {
753 #if HAS_TAPE
754 	case ISTAPE:
755 		/*
756 		 * if the last i/o was a successful data transfer, we assume
757 		 * the fault is just a bad record on the tape that we are now
758 		 * past. If we did not get any data since the last resync try
759 		 * to move the tape forward one PHYSICAL record past any
760 		 * damaged tape section. Some tape drives are stubborn and need
761 		 * to be pushed.
762 		 */
763 		if (io_ok) {
764 			io_ok = 0;
765 			lstrval = 1;
766 			break;
767 		}
768 		mb.mt_op = MTFSR;
769 		mb.mt_count = 1;
770 		if (ioctl(arfd, MTIOCTOP, &mb) < 0)
771 			break;
772 		lstrval = 1;
773 		break;
774 #endif
775 	case ISREG:
776 	case ISCHR:
777 	case ISBLK:
778 		/*
779 		 * try to step over the bad part of the device.
780 		 */
781 		io_ok = 0;
782 		if (((fsbz = arsb.st_blksize) <= 0) || (artyp != ISREG))
783 			fsbz = BLKMULT;
784 		if ((cpos = lseek(arfd, (off_t)0L, SEEK_CUR)) < 0)
785 			break;
786 		mpos = fsbz - (cpos % (off_t)fsbz);
787 		if (lseek(arfd, mpos, SEEK_CUR) < 0)
788 			break;
789 		lstrval = 1;
790 		break;
791 	case ISPIPE:
792 	default:
793 		/*
794 		 * cannot recover on these archive device types
795 		 */
796 		io_ok = 0;
797 		break;
798 	}
799 	if (lstrval <= 0) {
800 		paxwarn(1, "Unable to recover from an archive read failure.");
801 		return(-1);
802 	}
803 	paxwarn(0, "Attempting to recover from an archive read failure.");
804 	return(0);
805 }
806 
807 /*
808  * ar_fow()
809  *	Move the I/O position within the archive forward the specified number of
810  *	bytes as supported by the device. If we cannot move the requested
811  *	number of bytes, return the actual number of bytes moved in skipped.
812  * Return:
813  *	0 if moved the requested distance, -1 on complete failure, 1 on
814  *	partial move (the amount moved is in skipped)
815  */
816 
817 int
ar_fow(off_t sksz,off_t * skipped)818 ar_fow(off_t sksz, off_t *skipped)
819 {
820 	off_t cpos;
821 	off_t mpos;
822 
823 	*skipped = 0;
824 	if (sksz <= 0)
825 		return(0);
826 
827 	/*
828 	 * we cannot move forward at EOF or error
829 	 */
830 	if (lstrval <= 0)
831 		return(lstrval);
832 
833 	/*
834 	 * Safer to read forward on devices where it is hard to find the end of
835 	 * the media without reading to it. With tapes we cannot be sure of the
836 	 * number of physical blocks to skip (we do not know physical block
837 	 * size at this point), so we must only read forward on tapes!
838 	 */
839 	if (artyp != ISREG)
840 		return(0);
841 
842 	/*
843 	 * figure out where we are in the archive
844 	 */
845 	if ((cpos = lseek(arfd, (off_t)0L, SEEK_CUR)) >= 0) {
846 		/*
847 		 * we can be asked to move farther than there are bytes in this
848 		 * volume, if so, just go to file end and let normal buf_fill()
849 		 * deal with the end of file (it will go to next volume by
850 		 * itself)
851 		 */
852 		if ((mpos = cpos + sksz) > arsb.st_size) {
853 			*skipped = arsb.st_size - cpos;
854 			mpos = arsb.st_size;
855 		} else
856 			*skipped = sksz;
857 		if (lseek(arfd, mpos, SEEK_SET) >= 0)
858 			return(0);
859 	}
860 	syswarn(1, errno, "Forward positioning operation on archive failed");
861 	lstrval = -1;
862 	return(-1);
863 }
864 
865 /*
866  * ar_rev()
867  *	move the i/o position within the archive backwards the specified byte
868  *	count as supported by the device. With tapes drives we RESET rdblksz to
869  *	the PHYSICAL blocksize.
870  *	NOTE: We should only be called to move backwards so we can rewrite the
871  *	last records (the trailer) of an archive (APPEND).
872  * Return:
873  *	0 if moved the requested distance, -1 on complete failure
874  */
875 
876 int
ar_rev(off_t sksz)877 ar_rev(off_t sksz)
878 {
879 	off_t cpos;
880 #if HAS_TAPE
881 	int phyblk;
882 	struct mtop mb;
883 #endif
884 
885 	/*
886 	 * make sure we do not have try to reverse on a flawed archive
887 	 */
888 	if (lstrval < 0)
889 		return(lstrval);
890 
891 	switch (artyp) {
892 	case ISPIPE:
893 		if (sksz <= 0)
894 			break;
895 		/*
896 		 * cannot go backwards on these critters
897 		 */
898 		paxwarn(1, "Reverse positioning on pipes is not supported.");
899 		lstrval = -1;
900 		return(-1);
901 	case ISREG:
902 	case ISBLK:
903 	case ISCHR:
904 	default:
905 		if (sksz <= 0)
906 			break;
907 
908 		/*
909 		 * For things other than files, backwards movement has a very
910 		 * high probability of failure as we really do not know the
911 		 * true attributes of the device we are talking to (the device
912 		 * may not even have the ability to lseek() in any direction).
913 		 * First we figure out where we are in the archive.
914 		 */
915 		if ((cpos = lseek(arfd, (off_t)0L, SEEK_CUR)) < 0) {
916 			syswarn(1, errno,
917 			   "Unable to obtain current archive byte offset");
918 			lstrval = -1;
919 			return(-1);
920 		}
921 
922 		/*
923 		 * we may try to go backwards past the start when the archive
924 		 * is only a single record. If this happens and we are on a
925 		 * multi-volume archive, we need to go to the end of the
926 		 * previous volume and continue our movement backwards from
927 		 * there.
928 		 */
929 		if ((cpos -= sksz) < (off_t)0L) {
930 			if (arvol > 1) {
931 				/*
932 				 * this should never happen
933 				 */
934 				paxwarn(1,"Reverse position on previous volume.");
935 				lstrval = -1;
936 				return(-1);
937 			}
938 			cpos = (off_t)0L;
939 		}
940 		if (lseek(arfd, cpos, SEEK_SET) < 0) {
941 			syswarn(1, errno, "Unable to seek archive backwards");
942 			lstrval = -1;
943 			return(-1);
944 		}
945 		break;
946 #if HAS_TAPE
947 	case ISTAPE:
948 		/*
949 		 * Calculate and move the proper number of PHYSICAL tape
950 		 * blocks. If the sksz is not an even multiple of the physical
951 		 * tape size, we cannot do the move (this should never happen).
952 		 * (We also cannot handle trailers spread over two vols.)
953 		 * get_phys() also makes sure we are in front of the filemark.
954 		 */
955 		if ((phyblk = get_phys()) <= 0) {
956 			lstrval = -1;
957 			return(-1);
958 		}
959 
960 		/*
961 		 * make sure future tape reads only go by physical tape block
962 		 * size (set rdblksz to the real size).
963 		 */
964 		rdblksz = phyblk;
965 
966 		/*
967 		 * if no movement is required, just return (we must be after
968 		 * get_phys() so the physical blocksize is properly set)
969 		 */
970 		if (sksz <= 0)
971 			break;
972 
973 		/*
974 		 * ok we have to move. Make sure the tape drive can do it.
975 		 */
976 		if (sksz % phyblk) {
977 			paxwarn(1,
978 			    "Tape drive unable to backspace requested amount");
979 			lstrval = -1;
980 			return(-1);
981 		}
982 
983 		/*
984 		 * move backwards the requested number of bytes
985 		 */
986 		mb.mt_op = MTBSR;
987 		mb.mt_count = sksz/phyblk;
988 		if (ioctl(arfd, MTIOCTOP, &mb) < 0) {
989 			syswarn(1,errno, "Unable to backspace tape %d blocks.",
990 			    mb.mt_count);
991 			lstrval = -1;
992 			return(-1);
993 		}
994 		break;
995 #endif
996 	}
997 	lstrval = 1;
998 	return(0);
999 }
1000 
1001 #if HAS_TAPE
1002 /*
1003  * get_phys()
1004  *	Determine the physical block size on a tape drive. We need the physical
1005  *	block size so we know how many bytes we skip over when we move with
1006  *	mtio commands. We also make sure we are BEFORE THE TAPE FILEMARK when
1007  *	return.
1008  *	This is one really SLOW routine...
1009  * Return:
1010  *	physical block size if ok (ok > 0), -1 otherwise
1011  */
1012 
1013 static int
get_phys(void)1014 get_phys(void)
1015 {
1016 	int padsz = 0;
1017 	int res;
1018 	int phyblk;
1019 	struct mtop mb;
1020 	char scbuf[MAXBLK];
1021 
1022 	/*
1023 	 * move to the file mark, and then back up one record and read it.
1024 	 * this should tell us the physical record size the tape is using.
1025 	 */
1026 	if (lstrval == 1) {
1027 		/*
1028 		 * we know we are at file mark when we get back a 0 from
1029 		 * read()
1030 		 */
1031 		while ((res = read(arfd, scbuf, sizeof(scbuf))) > 0)
1032 			padsz += res;
1033 		if (res < 0) {
1034 			syswarn(1, errno, "Unable to locate tape filemark.");
1035 			return(-1);
1036 		}
1037 	}
1038 
1039 	/*
1040 	 * move backwards over the file mark so we are at the end of the
1041 	 * last record.
1042 	 */
1043 	mb.mt_op = MTBSF;
1044 	mb.mt_count = 1;
1045 	if (ioctl(arfd, MTIOCTOP, &mb) < 0) {
1046 		syswarn(1, errno, "Unable to backspace over tape filemark.");
1047 		return(-1);
1048 	}
1049 
1050 	/*
1051 	 * move backwards so we are in front of the last record and read it to
1052 	 * get physical tape blocksize.
1053 	 */
1054 	mb.mt_op = MTBSR;
1055 	mb.mt_count = 1;
1056 	if (ioctl(arfd, MTIOCTOP, &mb) < 0) {
1057 		syswarn(1, errno, "Unable to backspace over last tape block.");
1058 		return(-1);
1059 	}
1060 	if ((phyblk = read(arfd, scbuf, sizeof(scbuf))) <= 0) {
1061 		syswarn(1, errno, "Cannot determine archive tape blocksize.");
1062 		return(-1);
1063 	}
1064 
1065 	/*
1066 	 * read forward to the file mark, then back up in front of the filemark
1067 	 * (this is a bit paranoid, but should be safe to do).
1068 	 */
1069 	while ((res = read(arfd, scbuf, sizeof(scbuf))) > 0)
1070 		;
1071 	if (res < 0) {
1072 		syswarn(1, errno, "Unable to locate tape filemark.");
1073 		return(-1);
1074 	}
1075 	mb.mt_op = MTBSF;
1076 	mb.mt_count = 1;
1077 	if (ioctl(arfd, MTIOCTOP, &mb) < 0) {
1078 		syswarn(1, errno, "Unable to backspace over tape filemark.");
1079 		return(-1);
1080 	}
1081 
1082 	/*
1083 	 * set lstrval so we know that the filemark has not been seen
1084 	 */
1085 	lstrval = 1;
1086 
1087 	/*
1088 	 * return if there was no padding
1089 	 */
1090 	if (padsz == 0)
1091 		return(phyblk);
1092 
1093 	/*
1094 	 * make sure we can move backwards over the padding. (this should
1095 	 * never fail).
1096 	 */
1097 	if (padsz % phyblk) {
1098 		paxwarn(1, "Tape drive unable to backspace requested amount");
1099 		return(-1);
1100 	}
1101 
1102 	/*
1103 	 * move backwards over the padding so the head is where it was when
1104 	 * we were first called (if required).
1105 	 */
1106 	mb.mt_op = MTBSR;
1107 	mb.mt_count = padsz/phyblk;
1108 	if (ioctl(arfd, MTIOCTOP, &mb) < 0) {
1109 		syswarn(1,errno,"Unable to backspace tape over %d pad blocks",
1110 		    mb.mt_count);
1111 		return(-1);
1112 	}
1113 	return(phyblk);
1114 }
1115 #endif
1116 
1117 /*
1118  * ar_next()
1119  *	prompts the user for the next volume in this archive. For some devices
1120  *	we may allow the media to be changed. Otherwise a new archive is
1121  *	prompted for. By pax spec, if there is no controlling tty or an eof is
1122  *	read on tty input, we must quit pax.
1123  * Return:
1124  *	0 when ready to continue, -1 when all done
1125  */
1126 
1127 int
ar_next(void)1128 ar_next(void)
1129 {
1130 	char *buf;
1131 	sigset_t o_mask;
1132 
1133 	/*
1134 	 * WE MUST CLOSE THE DEVICE. A lot of devices must see last close, (so
1135 	 * things like writing EOF etc will be done) (Watch out ar_close() can
1136 	 * also be called via a signal handler, so we must prevent a race.
1137 	 */
1138 	if (sigprocmask(SIG_BLOCK, &s_mask, &o_mask) < 0)
1139 		syswarn(0, errno, "Unable to set signal mask");
1140 	ar_close();
1141 	if (sigprocmask(SIG_SETMASK, &o_mask, NULL) < 0)
1142 		syswarn(0, errno, "Unable to restore signal mask");
1143 
1144 	if (done || !wr_trail || force_one_volume || strcmp(NM_TAR, argv0) == 0)
1145 		return(-1);
1146 
1147 	tty_prnt("\nATTENTION! %s archive volume change required.\n", argv0);
1148 
1149 	/*
1150 	 * if i/o is on stdin or stdout, we cannot reopen it (we do not know
1151 	 * the name), the user will be forced to type it in.
1152 	 */
1153 	if (strcmp(arcname, STDO) && strcmp(arcname, STDN) && (artyp != ISREG)
1154 	    && (artyp != ISPIPE)) {
1155 		if (artyp == ISTAPE) {
1156 			tty_prnt("%s ready for archive tape volume: %d\n",
1157 				arcname, arvol);
1158 			tty_prnt("Load the NEXT TAPE on the tape drive");
1159 		} else {
1160 			tty_prnt("%s ready for archive volume: %d\n",
1161 				arcname, arvol);
1162 			tty_prnt("Load the NEXT STORAGE MEDIA (if required)");
1163 		}
1164 
1165 		if ((act == ARCHIVE) || (act == APPND))
1166 			tty_prnt(" and make sure it is WRITE ENABLED.\n");
1167 		else
1168 			tty_prnt("\n");
1169 
1170 		for (;;) {
1171 			tty_prnt("Type \"y\" to continue, \".\" to quit %s,",
1172 				argv0);
1173 			tty_prnt(" or \"s\" to switch to new device.\nIf you");
1174 			tty_prnt(" cannot change storage media, type \"s\"\n");
1175 			tty_prnt("Is the device ready and online? > ");
1176 
1177 			if ((buf = tty_rd()) == NULL ||
1178 			    !strcmp(buf, ".")) {
1179 				free(buf);
1180 				done = 1;
1181 				lstrval = -1;
1182 				tty_prnt("Quitting %s!\n", argv0);
1183 				vfpart = 0;
1184 				return(-1);
1185 			}
1186 
1187 			if ((buf[0] == '\0') || (buf[1] != '\0')) {
1188 				goto eunknown;
1189 			}
1190 
1191 			switch (buf[0]) {
1192 			case 'y':
1193 			case 'Y':
1194 				/*
1195 				 * we are to continue with the same device
1196 				 */
1197 				free(buf);
1198 				if (ar_open(arcname) >= 0)
1199 					return (0);
1200 				tty_prnt("Cannot re-open %s, try again\n",
1201 				    arcname);
1202 				continue;
1203 			case 's':
1204 			case 'S':
1205 				/*
1206 				 * user wants to open a different device
1207 				 */
1208 				free(buf);
1209 				tty_prnt("Switching to a different archive\n");
1210 				break;
1211 			default:
1212  eunknown:
1213 				tty_prnt("%s unknown command, try again\n", buf);
1214 				free(buf);
1215 				continue;
1216 			}
1217 			break;
1218 		}
1219 	} else
1220 		tty_prnt("Ready for archive volume: %d\n", arvol);
1221 
1222 	/*
1223 	 * have to go to a different archive
1224 	 */
1225 	for (;;) {
1226 		tty_prnt("Input archive name or \".\" to quit %s.\n", argv0);
1227 		tty_prnt("Archive name > ");
1228 
1229 		if ((buf = tty_rd()) == NULL || !strcmp(buf, ".")) {
1230 			free(buf);
1231 			done = 1;
1232 			lstrval = -1;
1233 			tty_prnt("Quitting %s!\n", argv0);
1234 			vfpart = 0;
1235 			return(-1);
1236 		}
1237 		if (buf[0] == '\0') {
1238 			tty_prnt("Empty file name, try again\n");
1239 			free(buf);
1240 			continue;
1241 		}
1242 		if (!strcmp(buf, "..")) {
1243 			tty_prnt("Illegal file name: .. try again\n");
1244 			free(buf);
1245 			continue;
1246 		}
1247 		if (strlen(buf) > PAXPATHLEN) {
1248 			tty_prnt("File name too long, try again\n");
1249 			free(buf);
1250 			continue;
1251 		}
1252 
1253 		/*
1254 		 * try to open new archive
1255 		 */
1256 		if (ar_open(buf) >= 0) {
1257 			free(arcname_alloc);
1258 			arcname = arcname_alloc = buf;
1259 			break;
1260 		}
1261 		tty_prnt("Cannot open %s, try again\n", buf);
1262 		free(buf);
1263 		continue;
1264 	}
1265 	return (0);
1266 }
1267 
1268 /*
1269  * ar_start_compress()
1270  * starts the compression/decompression process as a child, using magic
1271  * to keep the fd the same in the calling function (parent).
1272  */
1273 void
ar_start_compress(int fd,int wr)1274 ar_start_compress(int fd, int wr)
1275 {
1276 	int fds[2];
1277 	const char *compress_flags;
1278 
1279 	guess_compress_program(wr);
1280 	if (compress_program == NULL)
1281 		return;
1282 
1283 	if (pipe(fds) < 0)
1284 		err(1, "could not pipe");
1285 	zpid = fork();
1286 	if (zpid < 0)
1287 		err(1, "could not fork");
1288 
1289 	/* parent */
1290 	if (zpid) {
1291 		dup2(fds[wr ? 1 : 0], fd);
1292 		close(fds[0]);
1293 		close(fds[1]);
1294 	} else {
1295 		if (wr) {
1296 			dup2(fds[0], STDIN_FILENO);
1297 			dup2(fd, STDOUT_FILENO);
1298 			compress_flags = "-c";
1299 		} else {
1300 			dup2(fds[1], STDOUT_FILENO);
1301 			dup2(fd, STDIN_FILENO);
1302 			compress_flags = "-dc";
1303 		}
1304 		close(fds[0]);
1305 		close(fds[1]);
1306 		if (execlp(compress_program, compress_program,
1307 		    compress_flags, NULL) < 0)
1308 			err(1, "could not exec %s", compress_program);
1309 		/* NOTREACHED */
1310 	}
1311 }
1312