Date: Wed, 26 Feb 1997 00:25:57 +1100 From: Bruce Evans <bde@zeta.org.au> To: bde@zeta.org.au, rhh@ct.picker.com Cc: hackers@FreeBSD.ORG Subject: Re: dd of=/dev/rwd1s2 -- How? Message-ID: <199702251325.AAA10544@godzilla.zeta.org.au>
next in thread | raw e-mail | index | archive | help
> |Remove the BSD label from the slice. This isn't easy. IIRC, the easiest > |way is to corrupt the label by writing to it via /dev/rwd1. This exploits > |a bug in the write protection. > |... >I would have thought this would have been easier. It should have been. >I lost my root partition with 2.2-ALPHA Saturday due to it overwriting the >boot record and the FreeBSD boot blocks on my root partition (wd1s3), so >some piece of code got permission to do this, and given that my other >partitions are fine, I wouldn't guess it was via /dev/rwd1. There's an ioctl to do it. Writing directly to the label sector works provided this ioctl is issued and a valid label is written, at least if writing the label would not cause an open partition to move or shrink. You can arrange this for copying partitions something like this: 1. Edit the label on the target to make it identical with the label on the source. This can be difficult if the normal label partition (`c') would move or shrink. The disklabel man page has a hint about what to do: add a dummy partition starting at offset 0 with length >= 2 and run disklabel on that. 2. Keep a device on drive open using something like `cat /dev/rwd1 >/dev/null' followed by ^Z. 3. Disable write protection using disklabel -N. >Will changing the slice type to something other than A5 with fdisk give me >write access on rwd1s3 again? It would make sense -- FreeBSD magic >shouldn't be checked for in a non-FreeBSD slice. No, FreeBSD only uses the type byte for deciding where the compatibility slice is. The label has magic numbers and a checksum so it can be relied on more than the type byte. >Speaking of my 2.2-ALPHA corruption, I don't know if this bug has been >fixed or not in 2.2-GAMMA, but is there a person I should mail a MIMEd copy >of the 1st 16k or so of my corrupted image to. It looks like the >corruption is limited to that section, and the content might gives some >clues as to the bug at work. (I saved off the whole partition in hopes of >being able to re-disklabel it, without success I'm afraid). You can send a uuencoded copy of it to me. Bruce
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199702251325.AAA10544>