Commit Graph

635 Commits

Author SHA1 Message Date
Arnaud Ferraris
7683b11098 fs: ext4: skip journal state if fs has metadata_csum
As u-boot doesn't support the metadata_csum feature, writing to a
filesystem with this feature enabled will fail, as expected. However,
during the process, a journal state check is performed, which could
result in:
  - a fs recovery if the fs wasn't umounted properly
  - the fs being marked dirty

Both these cases result in a superblock change, leading to a mismatch
between the superblock checksum and its contents. Therefore, Linux will
consider the filesystem heavily corrupted and will require e2fsck to be
run manually to boot.

By bypassing the journal state check, this patch ensures the superblock
won't be corrupted if the filesystem has metadata_csum feature enabled.

Signed-off-by: Arnaud Ferraris <arnaud.ferraris@collabora.com>
2020-04-27 14:55:29 -04:00
Marek Behún
48180e15d3 fs: btrfs: support sparse extents
When logical address of a regular extent is 0, the extent is sparse and
consists of all zeros.

Without this when sparse extents are used in a file reading fails with
  Cannot map logical address 0 to physical

Signed-off-by: Marek Behún <marek.behun@nic.cz>
2020-04-20 12:23:29 -04:00
Qu Wenruo
b941d1cd16 fs: btrfs: Fix LZO false decompression error caused by pending zero
For certain btrfs files with compressed file extent, uboot will fail to
load it:

  btrfs_read_extent_reg: disk_bytenr=14229504 disk_len=73728 offset=0 nr_bytes=131
  072
  decompress_lzo: tot_len=70770
  decompress_lzo: in_len=1389
  decompress_lzo: in_len=2400
  decompress_lzo: in_len=3002
  decompress_lzo: in_len=1379
  decompress_lzo: in_len=88539136
  decompress_lzo: header error, in_len=88539136 clen=65534 tot_len=62580

NOTE: except the last line, all other lines are debug output.

Btrfs lzo compression uses its own format to record compressed size
(segment header, LE32).

However to make decompression easier, we never put such segment header
across page boundary.

In above case, the xxd dump of the lzo compressed data looks like this:

00001fe0: 4cdc 02fc 0bfd 02c0 dc02 0d13 0100 0001  L...............
00001ff0: 0000 0008 0300 0000 0000 0011 0000|0000  ................
00002000: 4705 0000 0001 cc02 0000 0000 0000 1e01  G...............

'|' is the "expected" segment header start position.

But in that page, there are only 2 bytes left, can't contain the 4 bytes
segment header.

So btrfs compression will skip that 2 bytes, put the segment header in
next page directly.

Uboot doesn't have such check, and read the header with 2 bytes offset,
result 0x05470000 (88539136), other than the expected result
0x00000547 (1351), resulting above error.

Follow the btrfs-progs restore implementation, by introducing tot_in to
record total processed bytes (including headers), and do proper page
boundary skip to fix it.

Please note that, current code base doesn't parse fs_info thus we can't
grab sector size easily, so it uses PAGE_SIZE, and relying on fs open
time check to exclude unsupported sector size.

Signed-off-by: Qu Wenruo <wqu@suse.com>
Cc: Marek Behun <marek.behun@nic.cz>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
2020-04-16 22:13:50 -04:00
Qu Wenruo
a62db24526 fs: btrfs: Reject fs with sector size other than PAGE_SIZE
Although in theory u-boot fs driver could easily support more sector
sizes, current code base doesn't have good enough way to grab sector
size yet.

This would cause problem for later LZO fixes which rely on sector size.

And considering that most u-boot boards are using 4K page size, which is
also the most common sector size for btrfs, rejecting fs with
non-page-sized sector size shouldn't cause much problem.

This should only be a quick fix before we implement better sector size
support.

Signed-off-by: Qu Wenruo <wqu@suse.com>
Cc: Marek Behun <marek.behun@nic.cz>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
2020-04-16 22:13:50 -04:00
Qu Wenruo
25babb7c1b fs: btrfs: Use LZO_LEN to replace immediate number
Just a cleanup. These immediate numbers make my eyes hurt.

Signed-off-by: Qu Wenruo <wqu@suse.com>
Cc: Marek Behun <marek.behun@nic.cz>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
2020-04-16 22:13:50 -04:00
Jan Kiszka
7b83060b1e fs: ext4: Fix alignment of cache buffers
We need to align the cache buffer to ARCH_DMA_MINALIGN in order to avoid
access errors like

CACHE: Misaligned operation at range [be0231e0, be0235e0]

seen on the MCIMX7SABRE.

Fixes: d5aee659f2 ("fs: ext4: cache extent data")
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Stephen Warren <swarren@nvidia.com>
Tested-by: Peter Robinson <pbrobinson@gmail.com>
2020-03-27 15:42:04 -04:00
Tom Rini
9a8942b53d sandbox conversion to SDL2
TPM TEE driver
 Various minor sandbox video enhancements
 New driver model core utility functions
 -----BEGIN PGP SIGNATURE-----
 
 iQEzBAABCgAdFiEEslwAIq+Gp8wWVbYnfxc6PpAIreYFAl48iogACgkQfxc6PpAI
 reaVzAf/an3/yKe6r3CVWlcRV6H/dVg1ApnnLpX7jS0p0b++oCVvOiy7z1WPXj3k
 b1SSgENDeeZ/8EHio+Gf7ZidH/TGEj7L6YEFwd1t60GMkZiWEkNf4Z53tw482YG+
 96hoPD+ySTW+ddIdVHWAFG2I4aEiKHANJAp/ItNdD+rLbrEwNQy+eiK5JTOk80B6
 /X8AJCLZeAC1s7vs+2+WolgjT78QGzA9HHalMiublcqh0ivKKk0QeQiOKKPe8JYJ
 om5YY1TxayQ60Xmo5f39/SBfzEEklxw83sU9o1tBeYzyVUpu7fQdkxiDbWdsij77
 DgwLdeYQJGbN+hdSWE0gjTqyhW+lWA==
 =KRoA
 -----END PGP SIGNATURE-----

Merge tag 'dm-pull-6feb20' of https://gitlab.denx.de/u-boot/custodians/u-boot-dm

sandbox conversion to SDL2
TPM TEE driver
Various minor sandbox video enhancements
New driver model core utility functions
2020-02-11 10:58:41 -05:00
Marek Szyprowski
a54ece4085 fat: write: adjust data written in each partial write
The code for handing file overwrite incorrectly calculated the amount of
data to write when writing to the last non-cluster aligned chunk. Fix
this by ensuring that no more data than the 'filesize' is written to disk.
While touching min()-based calculations, change it to type-safe min_t()
function.

Signed-off-by: Marek Szyprowski <m.szyprowski@samsung.com>

This patch finally fixes the issue revealed by the test script from the
previous patch. The correctness of the change has been also verified by
the following additional test scripts:

--->8-fat_test2.sh---
#!/bin/bash
make sandbox_defconfig
make
dd if=/dev/zero of=/tmp/10M.img bs=1024 count=10k
mkfs.vfat -v /tmp/10M.img
cat >/tmp/cmds <<EOF
x
host bind 0 /tmp/10M.img
fatls host 0
mw 0x1000000 0x0a434241 0x1000 # "ABC\n"
mw 0x1100000 0x0a464544 0x8000 # "DEF\n"
fatwrite host 0 0x1000000 file0001.raw 0x1000
fatwrite host 0 0x1000000 file0002.raw 0x1000
fatwrite host 0 0x1000000 file0003.raw 0x1000
fatwrite host 0 0x1000000 file0004.raw 0x1000
fatwrite host 0 0x1000000 file0005.raw 0x1000
fatrm host 0 file0002.raw
fatrm host 0 file0004.raw
fatls host 0
fatwrite host 0 0x1100000 file0007.raw 0x2000
fatwrite host 0 0x1100000 file0007.raw 0x1f00
reset
EOF
./u-boot </tmp/cmds
#verify
rm -r /tmp/result /tmp/model
mkdir /tmp/result
mkdir /tmp/model
yes ABC | head -c 4096 >/tmp/model/file0001.raw
yes ABC | head -c 4096 >/tmp/model/file0003.raw
yes ABC | head -c 4096 >/tmp/model/file0005.raw
yes DEF | head -c 7936 >/tmp/model/file0007.raw
mcopy -n -i /tmp/10M.img ::file0001.raw /tmp/result
mcopy -n -i /tmp/10M.img ::file0003.raw /tmp/result
mcopy -n -i /tmp/10M.img ::file0005.raw /tmp/result
mcopy -n -i /tmp/10M.img ::file0007.raw /tmp/result
hd /tmp/10M.img
if diff -urq /tmp/model /tmp/result
then
	echo Test okay
else
	echo Test fail
fi
--->8-fat_test3.sh---
#!/bin/bash
make sandbox_defconfig
make
dd if=/dev/zero of=/tmp/10M.img bs=1024 count=10k
mkfs.vfat -v /tmp/10M.img
cat >/tmp/cmds <<EOF
x
host bind 0 /tmp/10M.img
fatls host 0
mw 0x1000000 0x0a434241 0x1000 # "ABC\n"
mw 0x1100000 0x0a464544 0x8000 # "DEF\n"
fatwrite host 0 0x1000000 file0001.raw 0x1000
fatwrite host 0 0x1000000 file0002.raw 0x1000
fatwrite host 0 0x1000000 file0003.raw 0x1000
fatwrite host 0 0x1000000 file0004.raw 0x1000
fatwrite host 0 0x1000000 file0005.raw 0x1000
fatrm host 0 file0002.raw
fatrm host 0 file0004.raw
fatls host 0
fatwrite host 0 0x1100000 file0007.raw 0x2000
fatwrite host 0 0x1100000 file0007.raw 0x2100
reset
EOF
./u-boot </tmp/cmds
#verify
rm -r /tmp/result /tmp/model
mkdir /tmp/result
mkdir /tmp/model
yes ABC | head -c 4096 >/tmp/model/file0001.raw
yes ABC | head -c 4096 >/tmp/model/file0003.raw
yes ABC | head -c 4096 >/tmp/model/file0005.raw
yes DEF | head -c 8448 >/tmp/model/file0007.raw
mcopy -n -i /tmp/10M.img ::file0001.raw /tmp/result
mcopy -n -i /tmp/10M.img ::file0003.raw /tmp/result
mcopy -n -i /tmp/10M.img ::file0005.raw /tmp/result
mcopy -n -i /tmp/10M.img ::file0007.raw /tmp/result
hd /tmp/10M.img
if diff -urq /tmp/model /tmp/result
then
	echo Test okay
else
	echo Test fail
fi
--->8-fat_test4.sh---
#!/bin/bash
make sandbox_defconfig
make
dd if=/dev/zero of=/tmp/10M.img bs=1024 count=10k
mkfs.vfat -v /tmp/10M.img
cat >/tmp/cmds <<EOF
x
host bind 0 /tmp/10M.img
fatls host 0
mw 0x1000000 0x0a434241 0x1000 # "ABC\n"
mw 0x1100000 0x0a464544 0x8000 # "DEF\n"
mw 0x1200000 0x0a494847 0x8000 # "GHI\n"
fatwrite host 0 0x1000000 file0001.raw 0x1000
fatwrite host 0 0x1000000 file0002.raw 0x1000
fatwrite host 0 0x1000000 file0003.raw 0x1000
fatwrite host 0 0x1000000 file0004.raw 0x1000
fatwrite host 0 0x1000000 file0005.raw 0x1000
fatrm host 0 file0002.raw
fatrm host 0 file0004.raw
fatls host 0
fatwrite host 0 0x1100000 file0007.raw 0x900
fatwrite host 0 0x1200000 file0007.raw 0x900 0x900
fatwrite host 0 0x1100000 file0007.raw 0x900 0x1200
fatwrite host 0 0x1200000 file0007.raw 0x900 0x1b00
reset
EOF
./u-boot </tmp/cmds
#verify
rm -r /tmp/result /tmp/model
mkdir /tmp/result
mkdir /tmp/model
yes ABC | head -c 4096 >/tmp/model/file0001.raw
yes ABC | head -c 4096 >/tmp/model/file0003.raw
yes ABC | head -c 4096 >/tmp/model/file0005.raw
yes DEF | head -c 2304 >/tmp/model/file0007.raw
yes GHI | head -c 2304 >>/tmp/model/file0007.raw
yes DEF | head -c 2304 >>/tmp/model/file0007.raw
yes GHI | head -c 2304 >>/tmp/model/file0007.raw
mcopy -n -i /tmp/10M.img ::file0001.raw /tmp/result
mcopy -n -i /tmp/10M.img ::file0003.raw /tmp/result
mcopy -n -i /tmp/10M.img ::file0005.raw /tmp/result
mcopy -n -i /tmp/10M.img ::file0007.raw /tmp/result
hd /tmp/10M.img
if diff -urq /tmp/model /tmp/result
then
	echo Test okay
else
	echo Test fail
fi
--->8---
Feel free to prepare a proper sandbox/py_test based tests based on
the provided test scripts.
2020-02-07 13:59:58 -05:00
Marek Szyprowski
5e615b74e8 fat: write: fix broken write to fragmented files
The code for handing file overwrite incorrectly assumed that the file on
disk is always contiguous. This resulted in corrupting disk structure
every time when write to existing fragmented file happened. Fix this
by adding proper check for cluster discontinuity and adjust chunk size
on each partial write.

Signed-off-by: Marek Szyprowski <m.szyprowski@samsung.com>

This patch partially fixes the issue revealed by the following test
script:

--->8-fat_test1.sh---
#!/bin/bash
make sandbox_defconfig
make
dd if=/dev/zero of=/tmp/10M.img bs=1024 count=10k
mkfs.vfat -v /tmp/10M.img
cat >/tmp/cmds <<EOF
x
host bind 0 /tmp/10M.img
fatls host 0
mw 0x1000000 0x0a434241 0x1000 # "ABC\n"
mw 0x1100000 0x0a464544 0x8000 # "DEF\n"
fatwrite host 0 0x1000000 file0001.raw 0x1000
fatwrite host 0 0x1000000 file0002.raw 0x1000
fatwrite host 0 0x1000000 file0003.raw 0x1000
fatwrite host 0 0x1000000 file0004.raw 0x1000
fatwrite host 0 0x1000000 file0005.raw 0x1000
fatrm host 0 file0002.raw
fatrm host 0 file0004.raw
fatls host 0
fatwrite host 0 0x1100000 file0007.raw 0x4000
fatwrite host 0 0x1100000 file0007.raw 0x4000
reset
EOF
./u-boot </tmp/cmds
#verify
rm -r /tmp/result /tmp/model
mkdir /tmp/result
mkdir /tmp/model
yes ABC | head -c 4096 >/tmp/model/file0001.raw
yes ABC | head -c 4096 >/tmp/model/file0003.raw
yes ABC | head -c 4096 >/tmp/model/file0005.raw
yes DEF | head -c 16384 >/tmp/model/file0007.raw
mcopy -n -i /tmp/10M.img ::file0001.raw /tmp/result
mcopy -n -i /tmp/10M.img ::file0003.raw /tmp/result
mcopy -n -i /tmp/10M.img ::file0005.raw /tmp/result
mcopy -n -i /tmp/10M.img ::file0007.raw /tmp/result
hd /tmp/10M.img
if diff -urq /tmp/model /tmp/result
then
	echo Test okay
else
	echo Test fail
fi
--->8---

Overwritting a discontiguous test file (file0007.raw) no longer causes
corruption to file0003.raw, which's data lies between the chunks of the
test file. The amount of data written to disk is still incorrect, what
causes damage to the file (file0005.raw), which's data lies next to the
test file. This will be fixed by the next patch.

Feel free to prepare a proper sandbox/py_test based tests based on the
provided test scripts.
2020-02-07 13:59:58 -05:00
Simon Glass
336d4615f8 dm: core: Create a new header file for 'compat' features
At present dm/device.h includes the linux-compatible features. This
requires including linux/compat.h which in turn includes a lot of headers.
One of these is malloc.h which we thus end up including in every file in
U-Boot. Apart from the inefficiency of this, it is problematic for sandbox
which needs to use the system malloc() in some files.

Move the compatibility features into a separate header file.

Signed-off-by: Simon Glass <sjg@chromium.org>
2020-02-05 19:33:46 -07:00
Simon Glass
61b29b8268 dm: core: Require users of devres to include the header
At present devres.h is included in all files that include dm.h but few
make use of it. Also this pulls in linux/compat which adds several more
headers. Drop the automatic inclusion and require files to include devres
themselves. This provides a good indication of which files use devres.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Anatolij Gustschin <agust@denx.de>
2020-02-05 19:33:46 -07:00
AKASHI Takahiro
4839e86892 linux_compat: move kmemdup() from ubifs.c to linux_compat.c
linux_compat.c is the best place for kmemdup(), which is currenly used
only in ubifs.c, but will also be used when other kernel files
(in my case, lib/crypto/x509_cert_parser.c and pkcs7_parser.c) will be
imported. So just move it.

Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-12-06 16:44:19 -05:00
AKASHI Takahiro
39606d462c fs: fat: handle deleted directory entries correctly
Unlink test for FAT file system seems to fail at test_unlink2.
(When I added this test, I haven't seen any errors though.)
for example,
===8<===
fs_obj_unlink = ['fat', '/home/akashi/tmp/uboot_sandbox_test/128MB.fat32.img']

    def test_unlink2(self, u_boot_console, fs_obj_unlink):
        """
        Test Case 2 - delete many files
        """
        fs_type,fs_img = fs_obj_unlink
        with u_boot_console.log.section('Test Case 2 - unlink (many)'):
            output = u_boot_console.run_command('host bind 0 %s' % fs_img)

            for i in range(0, 20):
                output = u_boot_console.run_command_list([
                    '%srm host 0:0 dir2/0123456789abcdef%02x' % (fs_type, i),
                    '%sls host 0:0 dir2/0123456789abcdef%02x' % (fs_type, i)])
                assert('' == ''.join(output))

            output = u_boot_console.run_command(
                '%sls host 0:0 dir2' % fs_type)
>           assert('0 file(s), 2 dir(s)' in output)
E           AssertionError: assert '0 file(s), 2 dir(s)' in '            ./\r\r\n            ../\r\r\n        0   0123456789abcdef11\r\r\n\r\r\n1 file(s), 2 dir(s)'

test/py/tests/test_fs/test_unlink.py:52: AssertionError
===>8===

This can happen when fat_itr_next() wrongly detects an already-
deleted directory entry.

File deletion, which was added in the commit f8240ce95d ("fs: fat:
support unlink"), is implemented by marking its entry for a short name
with DELETED_FLAG, but related entry slots for a long file name are kept
unmodified. (So entries will never be actually deleted from media.)

To handle this case correctly, an additional check for a directory slot
will be needed in fat_itr_next().

In addition, I added extra comments about long file name and short file
name format in FAT file system. Although they are not directly related
to the issue, I hope it will be helpful for better understandings
in general.

Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
2019-12-05 10:28:38 -05:00
Simon Glass
8bef79bf3c common: Move sorting functions to their own header file
These don't need to be in common.h so move them out into a new header.
Also add some missing comments.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
2019-12-02 18:23:08 -05:00
Simon Glass
3db7110857 crc32: Use the crc.h header for crc functions
Drop inclusion of crc.h in common.h and use the correct header directly
instead.

With this we can drop the conflicting definition in fw_env.h and rely on
the crc.h header, which is already included.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
2019-12-02 18:23:08 -05:00
AKASHI Takahiro
b7cd95627b fs: add fs_get_type() for current filesystem type
This function is a variant of fs_get_type_name() and returns a filesystem
type with which the current device is associated.
We don't want to export fs_type variable directly because we have to take
care of it consistently within fs.c.

Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-10-17 19:19:56 +02:00
AKASHI Takahiro
185aed7855 fs: clean up around fs_type
fs_ls(), fs_mkdir() and fs_unlink() sets fs_type to FS_TYPE_ANY
explicitly, but it is redundant as they call fs_close().
So just remove those lines.

Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-10-17 19:19:56 +02:00
AKASHI Takahiro
64f49eb7d0 fs: export fs_close()
fs_close() closes the connection to a file system which opened with
either fs_set_blk_dev() or fs_set_dev_with_part(). Many file system
functions implicitly call fs_close(), e.g. fs_closedir(), fs_exist(),
fs_ln(), fs_ls(), fs_mkdir(), fs_read(), fs_size(), fs_write()
and fs_unlink().
So just export it.

Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-10-17 19:19:55 +02:00
Heinrich Schuchardt
f13683816b fs: fat: get_contents() always returns -1 for errors
If out of memory, return -1 and not -ENOMEM from get_contents().

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-10-11 19:05:14 -04:00
Heinrich Schuchardt
c7a86d1645 fs: fat: treat invalid FAT clusters as errors
When hitting an invalid FAT cluster while reading a file always print an
error message and return an error code.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-10-11 19:05:14 -04:00
Martin Vystrčil
d7af2a8630 fat: FAT filesystem premature release of info struct.
File was found on specified location. Info about file was read,
but then immediately destroyed using 'free' call. As a result
file size was set to 0, hence fat process didn't read any data.

Premature 'free' call removed. Resources are freed right before
function return. File is read correctly.

Signed-off-by: Martin Vystrcil <martin.vystrcil@m-linux.cz>
2019-08-26 11:46:21 -04:00
Uwe Kleine-König
ad49488ffb jffs2: remove unused code files
I failed to find where these two files are used and a few test compile
runs with JFFS2 enabled succeeded also without these.
2019-08-20 12:20:33 -04:00
Simon Glass
ad79d603aa cbfs: Rename camel-case variables
Rename some camel-case variables to match U-Boot style.

Camel case is not generally allowed in U-Boot. Rename this variable to fit
in with the style.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Tested-by: Bin Meng <bmeng.cn@gmail.com>
2019-08-18 21:54:10 +08:00
Simon Glass
630b2f39dd cbfs: Add functions to support multiple CBFSs
Sometimes an image has multiple CBFS. The current CBFS API is limited to
handling only one at time. Also it keeps track of the CBFS internally in
BSS, which does not work before relocation, for example.

Add a few new functions to overcome these limitations.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Tested-by: Bin Meng <bmeng.cn@gmail.com>
2019-08-18 21:54:10 +08:00
Simon Glass
c7f1693474 cbfs: Move result variable into the struct
Move the result variable into the struct also, so that it can be used when
BSS is not available. Add a function to read it.

Note that all functions sill use the BSS version of the data.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Tested-by: Bin Meng <bmeng.cn@gmail.com>
2019-08-18 21:54:10 +08:00
Simon Glass
02e4af63a9 cbfs: Move static variables into a struct
At present there are a number of static variables in BSS. This cannot work
with SPL, at least until BSS is available in board_init_r().

Move the variables into a struct, so it is possible to malloc() it and use
it before BSS is available.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Tested-by: Bin Meng <bmeng.cn@gmail.com>
2019-08-18 21:54:10 +08:00
Simon Glass
fc7b9e16a0 cbfs: Move declarations above functions
At present this file has a function at the top, above declarations. This
is normally avoided, so fix it.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Tested-by: Bin Meng <bmeng.cn@gmail.com>
2019-08-18 21:54:10 +08:00
Simon Glass
72b2465c6b cbfs: Allow CBFS to be used in SPL
Add a new Kconfig option to enable CBFS in SPL. This can be useful when
the memory-init code is in CBFS.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Tested-by: Bin Meng <bmeng.cn@gmail.com>
2019-08-18 21:54:10 +08:00
Simon Glass
c7694dd483 env: Move env_set_hex() to env.h
Move env_set_hex() over to the new header file along with env_set_addr()
which uses it.

Signed-off-by: Simon Glass <sjg@chromium.org>
Acked-by: Joe Hershberger <joe.hershberger@ni.com>
2019-08-11 16:43:41 -04:00
Simon Glass
0c670fc148 common: Move gzip functions into a new gzip header
As part of the effort to remove things from common.h, create a new header
for the gzip functions. Move the function declarations to it and add
missing documentation.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Simon Goldschmidt <simon.k.r.goldschmidt@gmail.com>
2019-08-11 16:43:41 -04:00
Simon Glass
ababe101d3 cbfs: Rename checksum to attributes_offset
It seems that this field has been renamed in later version of coreboot.
Update it.

Signed-off-by: Simon Glass <sjg@chromium.org>
2019-07-23 20:27:57 -07:00
Paul Emge
e205896c53 CVE-2019-13106: ext4: fix out-of-bounds memset
In ext4fs_read_file in ext4fs.c, a memset can overwrite the bounds of
the destination memory region. This patch adds a check to disallow
this.

Signed-off-by: Paul Emge <paulemge@forallsecure.com>
2019-07-18 11:31:29 -04:00
Paul Emge
084be43b75 ext4: gracefully fail on divide-by-0
This patch checks for 0 in several ext4 headers and gracefully
fails instead of raising a divide-by-0 exception.

Signed-off-by: Paul Emge <paulemge@forallsecure.com>
2019-07-18 11:31:29 -04:00
Paul Emge
878269dbe7 CVE-2019-13104: ext4: check for underflow in ext4fs_read_file
in ext4fs_read_file, it is possible for a broken/malicious file
system to cause a memcpy of a negative number of bytes, which
overflows all memory. This patch fixes the issue by checking for
a negative length.

Signed-off-by: Paul Emge <paulemge@forallsecure.com>
2019-07-18 11:31:29 -04:00
Paul Emge
6e5a79de65 CVE-2019-13105: ext4: fix double-free in ext4_cache_read
ext_cache_read doesn't null cache->buf, after freeing, which results
in a later function double-freeing it. This patch fixes
ext_cache_read to call ext_cache_fini instead of free.

Signed-off-by: Paul Emge <paulemge@forallsecure.com>
2019-07-18 11:31:28 -04:00
Marek Szyprowski
bd8fbd8a13 ext4: add support for filesystems without JOURNAL
JOURNAL is optional for EXT4 (and EXT3) filesystems, so add support for
skipping it. This fixes corrupting EXT4 volumes without JOURNAL after
using uboot's 'ext4write' command.

Signed-off-by: Marek Szyprowski <m.szyprowski@samsung.com>
Reviewed-by: Lukasz Majewski <lukma@denx.de>
2019-07-18 11:31:24 -04:00
Marek Szyprowski
1c9f8f6412 ext4: fix calculating inode blkcount for non-512 blocksize filesystems
The block count entry in the EXT4 filesystem disk structures uses
standard 512-bytes units for most of the typical files. The only
exception are HUGE files, which use the filesystem block size, but those
are not supported by uboot's EXT4 implementation anyway. This patch fixes
the EXT4 code to use proper unit count for inode block count. This fixes
errors reported by fsck.ext4 on disks with non-standard (i.e. 4KiB, in
case of new flash drives) PHYSICAL block size after using 'ext4write'
uboot's command.

Signed-off-by: Marek Szyprowski <m.szyprowski@samsung.com>
Reviewed-by: Lukasz Majewski <lukma@denx.de>
2019-07-18 11:31:24 -04:00
Mian Yousaf Kaukab
ee88eacbdd fs: do_load: pass device path for efi payload
fatload command can be used to load the EFI payload since EFI system
partition is always a FAT partition. Call into EFI code from do_load()
to set the device path from which the last binary was loaded. An EFI
application like grub2 can’t find its configuration file without the
device path set.

Since device path is now set in do_load() there is no need to set it
in do_load_wrapper() for the load command.

Signed-off-by: Mian Yousaf Kaukab <ykaukab@suse.de>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-06-20 22:26:20 +00:00
AKASHI Takahiro
cd2d727fff fs: fat: allocate a new cluster for root directory of fat32
Contrary to fat12/16, fat32 can have root directory at any location
and its size can be expanded.
Without this patch, root directory won't grow properly and so we will
eventually fail to add files under root directory. Please note that this
can happen even if you delete many files as deleted directory entries
are not reclaimed but just marked as "deleted" under the current
implementation.

Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Tested-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-05-28 18:55:09 -04:00
AKASHI Takahiro
9c709c7b41 fs: fat: flush a directory cluster properly
When a long name directory entry is created, multiple directory entries
may be occupied across a directory cluster boundary. Since only one
directory cluster is cached in a directory iterator, a first cluster must
be written back to device before switching over a second cluster.

Without this patch, some added files may be lost even if you don't see
any failures on write operation.

Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Tested-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-05-28 18:55:08 -04:00
AKASHI Takahiro
a9f6706cf0 fs: fat: write to non-cluster-aligned root directory
With the commit below, fat now correctly handles a file read under
a non-cluster-aligned root directory of fat12/16.
Write operation should be fixed in the same manner.

Fixes: commit 9b18358dc0 ("fs: fat: fix reading non-cluster-aligned
       root directory")
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Cc: Anssi Hannula <anssi.hannula@bitwise.fi>
Tested-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-05-28 18:55:08 -04:00
Andrew F. Davis
d0cd30eb81 fs: fat: Fix possible double free of fatbuf
fat_itr_root() allocates fatbuf so we free it on the exit path, if
the function fails we should not free it, check the return value
and skip freeing if the function fails.

Signed-off-by: Andrew F. Davis <afd@ti.com>
2019-05-28 13:57:52 -04:00
Heinrich Schuchardt
7b437807ee fs: fat: correct file name normalization
File names may not contain control characters (< 0x20).
Simplify the coding.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-05-28 13:57:52 -04:00
Marek Behún
53290e6efd fs: btrfs: add zstd decompression support
This adds decompression support for Zstandard, which has been included
in Linux btrfs driver for some time.

Signed-off-by: Marek Behún <marek.behun@nic.cz>
2019-05-05 08:48:50 -04:00
Marek Behún
cd22e34c11 fs: btrfs: fix btrfs methods return values on failure
The btrfs implementation methods .ls(), .size() and .read() returns 1 on
failure, but the command handlers expect values <0 on failure.

For example if given a nonexistent path, the load command currently
returns success, and hush scripting does not work.

Fix this by setting return values of these methods to -1 instead of 1 on
failure.

Signed-off-by: Marek Behún <marek.behun@nic.cz>
2019-05-03 07:30:31 -04:00
Marek Behún
881e020958 fs: btrfs: Do not print mount fail message when not btrfs filesystem
Other filesystem drivers don't do this.

Signed-off-by: Marek Behún <marek.behun@nic.cz>
2019-05-03 07:23:17 -04:00
Tom Rini
6aebc0d11a Revert "fs: btrfs: fix false negatives in ROOT_ITEM search"
Per Pierre this change shouldn't have been applied as it was superseded
by "fs: btrfs: fix btrfs_search_tree invalid results" which is also
applied now as 1627e5e598.

This reverts commit 633967f981.

Signed-off-by: Tom Rini <trini@konsulko.com>
2019-04-27 11:35:44 -04:00
Pierre Bourdon
1627e5e598 fs: btrfs: fix btrfs_search_tree invalid results
btrfs_search_tree should return the first item in the tree that is
greater or equal to the searched item.

The search algorithm did not properly handle the edge case where the
searched item is higher than the last item of the node but lower than
the first item of the next node. Instead of properly returning the first
item of the next node, it was returning an invalid path pointer
(pointing to a non-existent item after the last item of the node + 1).

This fixes two issues in the btrfs driver:
  - Looking for a ROOT_ITEM could fail if it was the first item of its
    leaf node.
  - Iterating through DIR_INDEX entries (for readdir) could fail if the
    first DIR_INDEX entry was the first item of a leaf node.

Signed-off-by: Pierre Bourdon <delroth@gmail.com>
Cc: Marek Behun <marek.behun@nic.cz>
2019-04-26 17:53:16 -04:00
Ismael Luceno Cortes
423eba241d fs: fat: Build only if CONFIG_FS_FAT=y
Signed-off-by: Ismael Luceno <ismael.luceno@silicon-gears.com>
2019-04-26 17:53:16 -04:00
Pierre Bourdon
633967f981 fs: btrfs: fix false negatives in ROOT_ITEM search
ROOT_ITEMs in btrfs are referenced without knowing their actual "offset"
value. To perform these searches using only two items from the key, the
btrfs driver uses a special "btrfs_search_tree_key_type" function.

The algorithm used by that function to transform a 3-tuple search into a
2-tuple search was subtly broken, leading to items not being found if
they were the first in their tree node.

This commit fixes btrfs_search_tree_key_type to properly behave in these
situations.

Signed-off-by: Pierre Bourdon <delroth@gmail.com>
Cc: Marek Behun <marek.behun@nic.cz>
2019-04-26 17:53:15 -04:00