Rewrote large parts of the code.

Added safety checks to prevent formatting the wrong or mounted devs.
Instead of doing one large allocation and write a 4 MiB write buffer is now used.

Author: profi200

.gitignore

@@ -0,0 +1,2 @@
+.*
+!.git

Makefile

@@ -18,7 +18,7 @@ CXXFLAGS := $(ARCH) -std=c++20 -O2 -g -fstrict-aliasing \
 			-Wstrict-aliasing=2
 ASFLAGS  := $(ARCH) -O2 -g -x assembler-with-cpp
 ARFLAGS  := -rcs
-LDFLAGS  := $(ARCH) -O2 -g -Wl,--gc-sections
+LDFLAGS  := $(ARCH) -O2 -s -Wl,--gc-sections
 
 PREFIX   :=
 CC       := $(PREFIX)gcc

include/blockdev.h

@@ -6,10 +6,10 @@
 
 class BlockDev
 {
-	bool m_isRegularFile;
-	bool m_isDevDirty;
+	static constexpr u32 m_sectorSize = 512;
+	bool m_dirty;
 	int m_fd;
-	u64 m_diskSectors; // TODO: Store sector size along with this. ioctl(..., BLKSSZGET, ...). Or maybe BLKPBSZGET like dosfstools?
+	u64 m_sectors;
 
 
 	BlockDev(const BlockDev&) noexcept = delete; // Copy
@@ -20,7 +20,7 @@ class BlockDev
 
 
 public:
-	BlockDev(void) noexcept : m_isRegularFile(false), m_isDevDirty(false), m_fd(-1), m_diskSectors(0) {}
+	BlockDev(void) noexcept : m_dirty(false), m_fd(-1), m_sectors(0) {}
 	~BlockDev(void) noexcept
 	{
 		if(m_fd != -1) close();
@@ -36,12 +36,19 @@ class BlockDev
 	 */
 	int open(const char *const path, const bool rw = false) noexcept;
 
+	/**
+	 * @brief      Returns the sector size in bytes.
+	 *
+	 * @return     The sector size.
+	 */
+	static constexpr u32 getSectorSize(void) {return m_sectorSize;}
+
 	/**
 	 * @brief      Returns the number of sectors.
 	 *
 	 * @return     The number of sectors.
 	 */
-	u64 getSectors(void) const noexcept {return m_diskSectors;}
+	u64 getSectors(void) const noexcept {return m_sectors;}
 
 	/**
 	 * @brief      Reads sectors from the block device.
@@ -66,18 +73,9 @@ class BlockDev
 	int write(const u8 *buf, const u64 sector, const u64 count) noexcept;
 
 	/**
-	 * @brief      Truncates to the specified size if the device is a regular file. Otherwise not supported.
-	 *
-	 * @param[in]  sectors  The size in sectors.
-	 *
-	 * @return     Returns 0 on success or errno.
-	 */
-	int truncate(const u64 sectors) noexcept;
-
-	/**
-	 * @brief      Perform a TRIM/erase on the whole block device. Not supported for regular files.
+	 * @brief      Perform a TRIM/erase on the whole block device.
 	 *
-	 * @param[in]  secure  If true do a secure erase.
+	 * @param[in]  secure  If true do a secure erase. Currently unsupported by Linux.
 	 *
 	 * @return     Returns 0 on success or errno.
 	 */

include/buffered_fs_writer.h

@@ -0,0 +1,123 @@
+#pragma once
+
+#include <cstring>
+#include <memory>
+#include <stdexcept>
+#include "types.h"
+#include "blockdev.h"
+
+
+
+// Warning: This class is only suitable for overwriting like reformatting.
+//          Padding for alignment is filled with zeros (no read-modify-write).
+class BufferedFsWriter final : private BlockDev
+{
+	static constexpr u32 m_blkSize = 1024 * 1024 * 4; // Must be >=512 and power of 2.
+	static constexpr u32 m_blkMask = m_blkSize - 1;
+	static_assert(m_blkSize > 512 && (m_blkSize & m_blkMask) == 0, "Invalid buffer size for BufferedFsWriter.");
+
+	const std::unique_ptr<u8[]> m_buf;
+	u64 m_pos;
+
+
+	BufferedFsWriter(const BufferedFsWriter&) noexcept = delete; // Copy
+	BufferedFsWriter(BufferedFsWriter&&) noexcept = delete;      // Move
+
+	BufferedFsWriter& operator =(const BufferedFsWriter&) noexcept = delete; // Copy
+	BufferedFsWriter& operator =(BufferedFsWriter&&) noexcept = delete;      // Move
+
+
+public:
+	BufferedFsWriter(void) noexcept : m_buf(new(std::nothrow) u8[m_blkSize]), m_pos(0) {}
+	~BufferedFsWriter(void) noexcept(false)
+	{
+		if(m_pos > 0)
+		{
+			// Don't make errors on flushing the buffer go unnoticed.
+			if(close() != 0) throw std::runtime_error("Failed to flush buffer to device.");
+		}
+	}
+
+	/**
+	 * @brief      Opens the block device.
+	 *
+	 * @param[in]  path  The path.
+	 *
+	 * @return     Returns 0 on success or errno.
+	 */
+	int open(const char *const path) noexcept
+	{
+		if(!m_buf) return ENOMEM;
+		return BlockDev::open(path, true);
+	}
+
+	/**
+	 * @brief      Returns the number of sectors.
+	 *
+	 * @return     The number of sectors.
+	 */
+	u64 getSectors(void) const noexcept {return BlockDev::getSectors();}
+
+	/**
+	 * @brief      Returns the current write position/pointer.
+	 *
+	 * @return     The write position/pointer.
+	 */
+	u64 tell(void) const noexcept {return m_pos;}
+
+	/**
+	 * @brief      Seeks to offset and fills the distance with zeros.
+	 *
+	 * @param[in]  offset  The offset. Must not be lower than the current position.
+	 *
+	 * @return     Returns 0 on success or errno.
+	 */
+	int fill(const u64 offset) noexcept;
+
+	/**
+	 * @brief      Writes data.
+	 *
+	 * @param[in]  buf   The input buffer.
+	 * @param[in]  size  The number of bytes to write.
+	 *
+	 * @return     Returns 0 on success or errno.
+	 */
+	int write(const u8 *buf, const u64 size) noexcept;
+
+	/**
+	 * @brief      Fills until offset and writes size bytes from buf.
+	 *
+	 * @param[in]  buf     The input buffer.
+	 * @param[in]  offset  The offset. Must not be lower than the current position.
+	 * @param[in]  size    The number of bytes to write.
+	 *
+	 * @return     Returns 0 on success or errno.
+	 */
+	int fillAndWrite(const u8 *buf, const u64 offset, const u64 size) noexcept
+	{
+		int res = fill(offset);
+		if(res == 0) res = write(buf, size);
+		return res;
+	}
+
+	/**
+	 * @brief      Perform a TRIM/erase on the whole block device.
+	 *
+	 * @param[in]  secure  If true do a secure erase.
+	 *
+	 * @return     Returns 0 on success or errno.
+	 */
+	int discardAll(const bool secure = false) noexcept
+	{
+		memset(m_buf.get(), 0, m_pos & m_blkMask);
+		m_pos = 0;
+		return BlockDev::discardAll(secure);
+	}
+
+	/**
+	 * @brief      Flushes the buffer and closes the block device.
+	 *
+	 * @return     Returns 0 on success or errno.
+	 */
+	int close(void) noexcept;
+};

include/exfat.h

@@ -41,3 +41,7 @@ static_assert(offsetof(BootSector, bootSignature) == 510, "Member bootSignature
 	u8 extendedBootCode[(1u<<bytesPerSectorShift) - 4];
 	u32 extendedBootSignature;                          // 0xAA550000.
 } ExtendedBootSector;*/
+
+
+
+void calcFormatExFat(void); // (const u64 totSec, FormatParams *const paramsOut)

include/fat.h

@@ -2,34 +2,13 @@
 
 #include <cstddef>
 #include "types.h"
+#include "format.h"
+#include "buffered_fs_writer.h"
 
 // References:
 // FAT12/16/32: http://download.microsoft.com/download/1/6/1/161ba512-40e2-4cc9-843a-923143f3456c/fatgen103.doc
 
 
-typedef struct
-{
-	u8 bootable;
-	u8 startH;
-	u16 startSC;
-	u8 id;
-	u8 endH;
-	u16 endSC;
-	u32 startLba;
-	u32 sectorsLba;
-} __attribute__((packed)) PartInfo;
-static_assert(offsetof(PartInfo, sectorsLba) == 12, "Member sectorsLba of PartInfonfo not at offsetof 12.");
-
-typedef struct
-{
-	u8 code[440];
-	u32 diskId;
-	u16 reserved;
-	PartInfo partTable[4];
-	u16 magic;
-} __attribute__((packed)) Mbr;
-static_assert(offsetof(Mbr, magic) == 510, "Member magic of Mbr not at offsetof 510.");
-
 // Volume Boot Record.
 typedef struct
 {
@@ -81,6 +60,7 @@ typedef struct
 			u8 bootCode[420];
 		} fat32;
 	};
+
 	u16 sigWord; // 0xAA55.
 } __attribute__((packed)) Vbr;
 static_assert(offsetof(Vbr, fat16.bootCode) == 62, "Member fat16.bootCode of Vbr not at offsetof 62.");
@@ -104,9 +84,9 @@ typedef struct
 	char name[11];   // Short file name in 8:3 format. Maximum 11 characters.
 	u8 attr;         // Attribute bitmask. ATTR_READ_ONLY 0x01, ATTR_HIDDEN 0x02, ATTR_SYSTEM 0x04, ATTR_VOLUME_ID 0x08, ATTR_DIRECTORY 0x10, ATTR_ARCHIVE 0x20.
 	u8 ntRes;        // Must be 0.
-	u8 ctrTimeTenth; // Creation time tenths of a second.
-	u16 ctrTime;     // Creation time in 2 second units.
-	u16 ctrDate;     // Creation date.
+	u8 crtTimeTenth; // Creation time tenths of a second.
+	u16 crtTime;     // Creation time in 2 second units.
+	u16 crtDate;     // Creation date.
 	u16 lstAccDate;  // Last access date. Updated on write.
 	u16 fstClusHi;   // High u16 of first data cluster. Must be 0 for FAT12/16.
 	u16 wrtTime;     // Last (modification) write time.
@@ -115,3 +95,9 @@ typedef struct
 	u32 fileSize;    // File/directory size in bytes.
 } FatDir;
 static_assert(offsetof(FatDir, fileSize) == 28, "Member fileSize of FatDir not at offsetof 28.");
+
+
+
+void calcFormatFat(const u32 totSec, FormatParams &params);
+void calcFormatFat32(const u32 totSec, FormatParams &params);
+int makeFsFat(const FormatParams &params, BufferedFsWriter &dev, const std::string &label);

include/format.h

@@ -17,7 +17,22 @@ union ArgFlags
 	u8 allFlags;
 };
 
+typedef struct
+{
+	// TODO: union with exFAT vars.
+	u64 totSec;
+	u8  heads;
+	u8  secPerTrk;
+	u8  fatBits;
+	u32 alignment;
+	u32 secPerClus;
+	u32 rsvdSecCnt;
+	u32 secPerFat;
+	u32 fsAreaSize;
+	u32 partStart;
+	u32 maxClus;
+} FormatParams;
+
 
 
-void setVerboseMode(const bool verbose);
 u32 formatSd(const char *const path, const char *const label, const ArgFlags flags, const u64 overrTotSec);

include/mbr.h

@@ -0,0 +1,32 @@
+#pragma once
+
+#include <cstddef>
+#include "types.h"
+#include "format.h"
+#include "buffered_fs_writer.h"
+
+
+typedef struct
+{
+	u8 status; // 0x80 active/bootable, 0x00 inactive.
+	u8 startCHS[3];
+	u8 type;
+	u8 endCHS[3];
+	u32 startLBA;
+	u32 sectors;
+} __attribute__((packed)) PartEntry;
+static_assert(offsetof(PartEntry, sectors) == 12, "Member sectors of PartEntry not at offsetof 12.");
+
+typedef struct
+{
+	u8 bootstrap[440];
+	u32 diskSig;
+	u16 reserved; // 0x0000. 0x5A5A for copy protected.
+	PartEntry partTable[4];
+	u16 bootSig;
+} __attribute__((packed)) Mbr;
+static_assert(offsetof(Mbr, bootSig) == 510, "Member bootSig of Mbr not at offsetof 510.");
+
+
+
+int createMbrAndPartition(const FormatParams *const params, BufferedFsWriter &dev);

include/privileges.h

@@ -0,0 +1,5 @@
+#pragma once
+
+
+
+void dropPrivileges(void);

include/verbose_printf.h

@@ -0,0 +1,7 @@
+#pragma once
+
+
+
+void setVerboseMode(const bool verbose);
+int verbosePuts(const char *str);
+int verbosePrintf(const char *format, ...);