diff --git a/sys/ufs/ffs/ffs_alloc.c b/sys/ufs/ffs/ffs_alloc.c index e57c8acd2..734280d69 100644 --- a/sys/ufs/ffs/ffs_alloc.c +++ b/sys/ufs/ffs/ffs_alloc.c @@ -996,7 +996,7 @@ ffs_fragextend(struct inode *ip, int cg, daddr_t bprev, int osize, int nsize) if (error) goto fail; cgp = (struct cg *)bp->b_data; - if (!cg_chkmagic(cgp, UFS_FSNEEDSWAP(fs))) + if (!cg_bpchkmagic(bp, UFS_FSNEEDSWAP(fs))) goto fail; cgp->cg_old_time = ufs_rw32(time_second, UFS_FSNEEDSWAP(fs)); if ((fs->fs_magic != FS_UFS1_MAGIC) || @@ -1071,7 +1071,7 @@ ffs_alloccg(struct inode *ip, int cg, daddr_t bpref, int size, int realsize, if (error) goto fail; cgp = (struct cg *)bp->b_data; - if (!cg_chkmagic(cgp, needswap) || + if (!cg_bpchkmagic(bp, needswap) || (cgp->cg_cs.cs_nbfree == 0 && size == fs->fs_bsize)) goto fail; cgp->cg_old_time = ufs_rw32(time_second, needswap); @@ -1291,7 +1291,7 @@ retry: if (error) goto fail; cgp = (struct cg *)bp->b_data; - if (!cg_chkmagic(cgp, needswap) || cgp->cg_cs.cs_nifree == 0) + if (!cg_bpchkmagic(bp, needswap) || cgp->cg_cs.cs_nifree == 0) goto fail; if (ibp != NULL && @@ -1471,7 +1471,7 @@ ffs_blkalloc_ump(struct ufsmount *ump, daddr_t bno, long size) return error; } cgp = (struct cg *)bp->b_data; - if (!cg_chkmagic(cgp, needswap)) { + if (!cg_bpchkmagic(bp, needswap)) { brelse(bp, 0); return EIO; } @@ -1556,7 +1556,6 @@ ffs_blkalloc_ump(struct ufsmount *ump, daddr_t bno, long size) static void ffs_blkfree_cg(struct fs *fs, struct vnode *devvp, daddr_t bno, long size) { - struct cg *cgp; struct buf *bp; struct ufsmount *ump; daddr_t cgblkno; @@ -1578,8 +1577,7 @@ ffs_blkfree_cg(struct fs *fs, struct vnode *devvp, daddr_t bno, long size) if (error) { return; } - cgp = (struct cg *)bp->b_data; - if (!cg_chkmagic(cgp, needswap)) { + if (!cg_bpchkmagic(bp, needswap)) { brelse(bp, 0); return; } @@ -1826,7 +1824,6 @@ void ffs_blkfree_snap(struct fs *fs, struct vnode *devvp, daddr_t bno, long size, ino_t inum) { - struct cg *cgp; struct buf *bp; struct ufsmount *ump; daddr_t cgblkno; @@ -1851,8 +1848,7 @@ ffs_blkfree_snap(struct fs *fs, struct vnode *devvp, daddr_t bno, long size, if (error) { return; } - cgp = (struct cg *)bp->b_data; - if (!cg_chkmagic(cgp, needswap)) { + if (!cg_bpchkmagic(bp, needswap)) { brelse(bp, 0); return; } @@ -1989,7 +1985,6 @@ ffs_freefile(struct mount *mp, ino_t ino, int mode) struct ufsmount *ump = VFSTOUFS(mp); struct fs *fs = ump->um_fs; struct vnode *devvp; - struct cg *cgp; struct buf *bp; int error, cg; daddr_t cgbno; @@ -2009,8 +2004,7 @@ ffs_freefile(struct mount *mp, ino_t ino, int mode) if (error) { return (error); } - cgp = (struct cg *)bp->b_data; - if (!cg_chkmagic(cgp, needswap)) { + if (!cg_bpchkmagic(bp, needswap)) { brelse(bp, 0); return (0); } @@ -2026,7 +2020,6 @@ int ffs_freefile_snap(struct fs *fs, struct vnode *devvp, ino_t ino, int mode) { struct ufsmount *ump; - struct cg *cgp; struct buf *bp; int error, cg; daddr_t cgbno; @@ -2048,8 +2041,7 @@ ffs_freefile_snap(struct fs *fs, struct vnode *devvp, ino_t ino, int mode) if (error) { return (error); } - cgp = (struct cg *)bp->b_data; - if (!cg_chkmagic(cgp, needswap)) { + if (!cg_bpchkmagic(bp, needswap)) { brelse(bp, 0); return (0); } @@ -2130,7 +2122,7 @@ ffs_checkfreefile(struct fs *fs, struct vnode *devvp, ino_t ino) return 1; } cgp = (struct cg *)bp->b_data; - if (!cg_chkmagic(cgp, UFS_FSNEEDSWAP(fs))) { + if (!cg_bpchkmagic(bp, UFS_FSNEEDSWAP(fs))) { brelse(bp, 0); return 1; } diff --git a/sys/ufs/ffs/ffs_snapshot.c b/sys/ufs/ffs/ffs_snapshot.c index 3bf21a427..4bd1175c5 100644 --- a/sys/ufs/ffs/ffs_snapshot.c +++ b/sys/ufs/ffs/ffs_snapshot.c @@ -982,7 +982,7 @@ cgaccount1(int cg, struct vnode *vp, void *data, int passno) return (error); } cgp = (struct cg *)bp->b_data; - if (!cg_chkmagic(cgp, ns)) { + if (!cg_bpchkmagic(bp, ns)) { brelse(bp, 0); return (EIO); } diff --git a/sys/ufs/ffs/ffs_vfsops.c b/sys/ufs/ffs/ffs_vfsops.c index b0d914a40..ea6f22554 100644 --- a/sys/ufs/ffs/ffs_vfsops.c +++ b/sys/ufs/ffs/ffs_vfsops.c @@ -220,7 +220,7 @@ ffs_checkrange(struct mount *mp, uint32_t ino) const int needswap = UFS_FSNEEDSWAP(fs); struct cg *cgp = (struct cg *)bp->b_data; - if (!cg_chkmagic(cgp, needswap)) { + if (!cg_bpchkmagic(bp, needswap)) { brelse(bp, 0); DPRINTF("bad cylinder group magic cg %d ino %u\n", cg, ino); return ESTALE; diff --git a/sys/ufs/ffs/ffs_wapbl.c b/sys/ufs/ffs/ffs_wapbl.c index 235cdfe2d..725d57b65 100644 --- a/sys/ufs/ffs/ffs_wapbl.c +++ b/sys/ufs/ffs/ffs_wapbl.c @@ -867,7 +867,7 @@ wapbl_find_log_start(struct mount *mp, struct vnode *vp, off_t logsize, continue; } cgp = (struct cg *)bp->b_data; - if (!cg_chkmagic(cgp, UFS_FSNEEDSWAP(fs))) { + if (!cg_bpchkmagic(bp, UFS_FSNEEDSWAP(fs))) { brelse(bp, 0); continue; } diff --git a/sys/ufs/ffs/fs.h b/sys/ufs/ffs/fs.h index ca92949e7..710eede2f 100644 --- a/sys/ufs/ffs/fs.h +++ b/sys/ufs/ffs/fs.h @@ -603,6 +603,11 @@ struct ocg { cg_blksfree_old(cgp, ns) : cg_blksfree_new(cgp, ns)) #define cg_chkmagic(cgp, ns) \ (cg_chkmagic_new(cgp, ns) || cg_chkmagic_old(cgp, ns)) +#define cg_bpchkmagic(bp, ns) \ + ((offsetof(struct cg, cg_magic) < (bp)->b_bufsize && \ + cg_chkmagic_new((struct cg *)(bp)->b_data, ns)) || \ + (offsetof(struct ocg, cg_magic) < (bp)->b_bufsize && \ + cg_chkmagic_old((struct ocg *)(bp)->b_data, ns))) \ #define cg_clustersfree(cgp, ns) \ ((u_int8_t *)((u_int8_t *)(cgp) + \