Commit graph

803 commits

Author SHA1 Message Date
Qu Wenruo
e3427184f3 fs: btrfs: Implement btrfs_file_read()
This version of btrfs_file_read() has the following new features:
- Tries all mirrors
- More handling on unaligned size
- Better compressed extent handling
  The old implementation doesn't handle compressed extent with offset
  properly: we need to read out the whole compressed extent, then
  decompress the whole extent, and only then copy the requested part.

Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
2020-09-07 21:00:36 -04:00
Qu Wenruo
01347f64d5 fs: btrfs: Introduce lookup_data_extent() for later use
This implements lookup_data_extent() function for the incoming
new implementation of btrfs_file_read().

Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
2020-09-07 20:57:27 -04:00
Qu Wenruo
a26a6bedaf fs: btrfs: Introduce btrfs_read_extent_inline() and btrfs_read_extent_reg()
These two functions are used to do sector aligned read, which will be
later used to implement btrfs_file_read().

Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
2020-09-07 20:57:27 -04:00
Qu Wenruo
0cc8fc65c1 fs: btrfs: Rename btrfs_file_read() and its callees to avoid name conflicts
Rename btrfs_file_read() and its callees to avoid name conflicts with
the incoming new code.

Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
2020-09-07 20:57:27 -04:00
Qu Wenruo
5bbb68d5f0 fs: btrfs: Use btrfs_lookup_path() to implement btrfs_exists() and btrfs_size()
After this the only remaining function that still utilizes
__btrfs_lookup_path() is btrfs_read().

Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
2020-09-07 20:57:27 -04:00
Qu Wenruo
325dd1f642 fs: btrfs: Use btrfs_iter_dir() to replace btrfs_readdir()
Use extent buffer based infrastructure to re-implement btrfs_readdir().

Along this rework, some small corner cases fixed:
- Subvolume tree mtime
  Mtime of a subvolume tree is recorded in its root item, since there is
  no INODE_ITEM for it.
  This needs extra search from tree root.

- Output the unknown type
  If the DIR_ITEM is corrupted, at least don't try to access the memory
  out of boundary.

Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
2020-09-07 20:57:27 -04:00
Qu Wenruo
c921aa20c3 fs: btrfs: Implement btrfs_lookup_path()
This is the extent buffer based path lookup routine.

To implement this, btrfs_lookup_dir_item() is crossported from
btrfs-progs, and implements btrfs_lookup_path() from scratch.

Unlike the existing __btrfs_lookup_path(), since btrfs_read_fs_root()
will check whether a root is a orphan at read time, there is no need to
check root backref, this makes the code a little easier to read.

Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
2020-09-07 20:57:27 -04:00
Qu Wenruo
5bdcb37495 fs: btrfs: inode: Allow next_length() to return value > BTRFS_NAME_LEN
All existing next_length() caller handles return value > BTRFS_NAME_LEN,
so there is no need to do BTRFS_NAME_LEN check in next_length().

But still, we want to exit early if we're beyond BTRFS_NAME_LEN, so this
patch makes next_length() exit as soon as we're beyond BTRFS_NAME_LEN.

Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
2020-09-07 20:57:27 -04:00
Qu Wenruo
92bc179c5f fs: btrfs: Use btrfs_readlink() to implement __btrfs_readlink()
The existing __btrfs_readlink() can be easily re-implemented using the
extent buffer based btrfs_readlink().

This is the first step to re-implement U-Boot's btrfs code.

Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
2020-09-07 20:57:27 -04:00
Qu Wenruo
cafffc50ad fs: btrfs: Rename path resolve related functions to avoid name conflicts
Since the old code is using __btrfs_path/__btrfs_root which is different
from the regular extent buffer based one, we add "__" prefix for the old
implementation to avoid name conflicts for the incoming crossport.

Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
2020-09-07 20:57:27 -04:00
Qu Wenruo
f06bfcf54d fs: btrfs: Crossport open_ctree_fs_info() from btrfs-progs
open_ctree_fs_info() is the main entry point to open btrfs.

This version is a simplfied version of __open_ctree_fd() of btrfs-progs,
the main differences are:
- Parameters on how to specify a block device
  Instead of @fd and @path, U-Boot uses blk_desc and disk_partition_t.

- Remove open_ctree flags
  There won't be multiple open ctree modes in U-Boot.

Otherwise functions structures are all kept the same.

With open_ctree_fs_info() implemented, also introduce the global
current_fs_info pointer to show the current opened btrfs.

Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
2020-09-07 20:57:27 -04:00
Qu Wenruo
57f24f1073 fs: btrfs: Crossport btrfs_read_sys_array() and btrfs_read_chunk_tree()
These two functions play a big role in btrfs bootstrap.

The following function is removed:
- Seed device support

Although in theory we can still support multiple devices, we don't have
a facility in U-Boot to do device scan without opening them.

Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
2020-09-07 20:57:27 -04:00
Qu Wenruo
29c26ae8bc fs: btrfs: Crossport btrfs_search_slot() from btrfs-progs
This patch copies the core function, btrfs_search_slot(), from
btrfs-progs.

This version has the following functionality removed:
- The ability to COW tree block
  Related code is commented out, and can be enabled in the future.

- The readahead functionality
  This is abused in kernel. Remove it completely.

With the core function in place, btrfs developers should feel at home now.

This also crossports supporting code like btrfs_previous_item() to
ctree.[ch].

Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
2020-09-07 20:57:27 -04:00
Qu Wenruo
bccee8bcb2 fs: btrfs: Crossport struct btrfs_root to ctree.h
Crossport struct btrfs_root to ctree.h from btrfs-progs, with write
related members deleted.

Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
2020-09-07 20:57:27 -04:00
Qu Wenruo
207011b81e fs: btrfs: Rename btrfs_root to __btrfs_root
This is to avoid naming conflicts between extent buffer based
btrfs_root.

Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
2020-09-07 20:57:27 -04:00
Qu Wenruo
33966de31f fs: btrfs: Rename struct btrfs_path to struct __btrfs_path
To avoid name conflicting between the extent buffer based btrfs_path
from btrfs-progs, rename struct btrfs_path to struct __btrfs_path.

Also rename btrfs_free_path() to __btrfs_free_path() to avoid conflicts.

Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
2020-09-07 20:57:27 -04:00
Qu Wenruo
75b0817bab fs: btrfs: Crossport read_tree_block() from btrfs-progs
This is the one of the basic stone function for btrfs, which:
- Resolves the chunk mappings
- Reads data from disk
- Does various sanity check

With read_tree_block(), we can finally crossport needed btrfs btree
operations to U-Boot.

Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
2020-09-07 20:57:27 -04:00
Qu Wenruo
b1f0067aba fs: btrfs: Crossport volumes.[ch] from btrfs-progs
This patch crossports volumes.[ch] from btrfs-progs, including:
- btrfs_map_block()
  The core mechanism to map btrfs logical address to physical address.
  This version includes multi-device support, along with RAID56 support.

- btrfs_scan_one_device()
  This is the function to register one btrfs device to the list.
  This is the main part of the multi-device btrfs assembling process.
  Although we're not going to support multiple devices until U-Boot
  allows us to scan one device without actually opening it.

Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
[trini: Use %zu in a debug print to avoid warning]
Signed-off-by: Tom Rini <trini@konsulko.com>
2020-09-07 20:57:27 -04:00
Qu Wenruo
be35942546 fs: btrfs: Crossport structure accessor into ctree.h
This brings all structure accessors from btrfs-progs/ctree.h, as in
kernel's ctree.h.

All these accessors handle the endian convert at runtime, and since all
of them are defined as static inline functions, those which aren't used
won't take space in resulting binary.

Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
2020-09-07 20:57:27 -04:00
Qu Wenruo
9a9be5ec17 fs: btrfs: Crossport extent-io.[ch] from btrfs-progs
This brings the extent_io_tree infrastructure, with which we can finally
bring in proper btrfs_fs_info structure to ctree.h.

With read/write_extent_buffer() implemented we also backport
read/write_eb_member() to ctree.h.

Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
2020-09-07 20:57:27 -04:00
Qu Wenruo
ab5c3046f2 fs: btrfs: Crossport extent-cache.[ch] from btrfs-progs
This patch implements an infrastructure to insert/search/merge an extent
range (with variable length).

This provides the basis for later extent buffer cache used in btrfs.

Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
2020-09-07 20:57:27 -04:00
Qu Wenruo
bc621e545b fs: btrfs: Crossport rbtree-utils from btrfs-progs
This is needed for incoming extent-cache infrastructure.

Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
2020-09-07 20:57:27 -04:00
Qu Wenruo
4aebb99486 fs: btrfs: Crossport btrfs_read_dev_super() from btrfs-progs
This patch uses generic code from btrfs-progs to read one super block
from block device.

To support the btrfs-progs coding style, the following is also
crossported:
- BTRFS_SETGET_FUNC for btrfs_super_block
- btrfs_check_super() function
- Move btrfs_read_superblock() to disk-io.[ch]
  Since super.c only contains pretty small amount of code, and
  the extra check will be covered in later root read patches.

Differences between this implementation and btrfs-progs:
- No sbflags/sb_bytenr support
  Since we only need to read the primary super block (like kernel),
  sbflags/sb_bytenr used by super block recovery is not needed.

This also changes the following behavior of U-Boot btrfs:
- Only reads the primary super block
  The old implementation reads all 3 super blocks, and also one
  non-existing backup.
  This is not correct, especially if there is another filesystem created
  on the device but old superblocks are not rewritten.

  Just like kernel, we only check the primary super block.

Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
[trini: Change error to be a define in compat.h]
Signed-off-by: Tom Rini <trini@konsulko.com>
2020-09-07 20:57:27 -04:00
Qu Wenruo
565a4147d1 fs: btrfs: Add more checksum algorithms
This mostly crossports crypto/hash.[ch] from btrfs-progs.

The differences are:
- No blake2 support
  No blake2 related library in U-Boot yet.

- Use uboot xxhash/sha256 directly
  No need to implement the code as U-Boot has already provided the
  interface.

This adds the support for the following csums:
- SHA256
- XXHASH

Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
2020-09-07 20:57:27 -04:00
Qu Wenruo
3b4b40c0d6 fs: btrfs: Sync btrfs_btree.h from kernel
This version includes all needed on-disk format from kernel.

Only need to modify the include headers for U-Boot, everything else is
untouched.

Also, since U-Boot btrfs is using a different endian convert timing (at
tree block read time), it needs some forced type conversion before
proper crossport.

Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
2020-09-07 20:57:27 -04:00
Heinrich Schuchardt
0d32d8cf9d fs: convert error and debug messages to log
Use log functions for error and debug messages of the file-system.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
2020-09-06 21:21:41 +02:00
Joao Marcos Costa
c9875a5fe8 fs/squashfs: Fix Coverity Scan defects
Fix defects such as uninitialized variables and untrusted pointer
operations. Most part of the tainted variables and the related defects
actually comes from Linux's macro get_unaligned_le**, extensively used
in SquashFS code. Add sanity checks for those variables.

Signed-off-by: Joao Marcos Costa <joaomarcos.costa@bootlin.com>
2020-08-24 14:11:31 -04:00
Joao Marcos Costa
6dfed163bd fs/squashfs: add support for LZO decompression
Add call to lzo's lzo1x_decompress_safe() into sqfs_decompress().

U-Boot's LZO sources may still have some unsolved issues that could make the
decompression crash when dealing with fragmented files, so those should be
avoided. The "-no-fragments" option can be passed to mksquashfs.

Signed-off-by: Joao Marcos Costa <joaomarcos.costa@bootlin.com>
2020-08-24 14:11:31 -04:00
Joao Marcos Costa
9c948f536f fs/squashfs: add support for ZSTD decompression
Add call to ZSTD's ZSTD_decompressDCtx(). In this use case, the caller
can upper bound the decompressed size, which will be the SquashFS data
block (or metadata block) size, so there is no need to use streaming
API. Add ZSTD's worskpace to squashfs_ctxt structure.

Signed-off-by: Joao Marcos Costa <joaomarcos.costa@bootlin.com>
2020-08-24 14:11:31 -04:00
Joao Marcos Costa
cdc114415c fs/squashfs: replace sqfs_decompress() parameter
Replace 'u16 comp_type' by a reference to squashfs_ctxt structure.

Signed-off-by: Joao Marcos Costa <joaomarcos.costa@bootlin.com>
2020-08-24 14:11:31 -04:00
Joao Marcos Costa
10f7cf5f12 fs/squashfs: Add init and clean-up functions to decompression
Add sqfs_decompressor_init() and sqfs_decompressor_cleanup(). These
functions are called respectively in sqfs_probe() and sqfs_close(). For
now, only ZSTD requires an initialization logic. ZSTD support will be
added in a follow-up commit.

Move squashfs_ctxt definition to sqfs_filesystem.h. This structure is
passed to sqfs_decompressor_init() and sqfs_decompressor_cleanup(), so
it can no longer be local to sqfs.c.

Signed-off-by: Joao Marcos Costa <joaomarcos.costa@bootlin.com>
2020-08-24 14:11:31 -04:00
Joao Marcos Costa
02c366b5d5 fs/fs.c: add symbolic link case to fs_ls_generic()
Adds an 'else if' statement inside the loop to check for symbolic links.

Signed-off-by: Joao Marcos Costa <joaomarcos.costa@bootlin.com>
2020-08-07 22:31:32 -04:00
Joao Marcos Costa
3634b35089 fs/squashfs: add support for zlib decompression
Add call to zlib's 'uncompress' function. Add function to display the
right error message depending on the decompression's return value.

Signed-off-by: Joao Marcos Costa <joaomarcos.costa@bootlin.com>
2020-08-07 22:31:32 -04:00
Joao Marcos Costa
81014f73f0 include/u-boot, lib/zlib: add sources for zlib decompression
Add zlib (v1.2.11) uncompr() function to U-Boot. SquashFS depends on
this function to decompress data from a raw disk image. The actual
support for zlib into SquashFS sources will be added in a follow-up
commit.

Signed-off-by: Joao Marcos Costa <joaomarcos.costa@bootlin.com>
2020-08-07 22:31:32 -04:00
Joao Marcos Costa
c510061303 fs/squashfs: new filesystem
Add support for SquashFS filesystem. Right now, it does not support
compression but support for zlib will be added in a follow-up commit.

Signed-off-by: Joao Marcos Costa <joaomarcos.costa@bootlin.com>
2020-08-07 22:31:32 -04:00
Jason Wessel
5b3ddb17ba fs/fat/fat.c: Do not perform zero block reads if there are no blocks left
While using u-boot with qemu's virtio driver I stumbled across a
problem reading files less than sector size.  On the real hardware the
block reader seems ok with reading zero blocks, and while we could fix
the virtio host side of qemu to deal with a zero block read instead of
crashing, the u-boot fat driver should not be doing zero block reads
in the first place.  If you ask hardware to read zero blocks you are
just going to get zero data.  There may also be other hardware that
responds similarly to the virtio interface so this is worth fixing.

Without the patch I get the following and have to restart qemu because
it dies.
---------------------------------
=> fatls virtio 0:1
       30   cmdline.txt
=> fatload virtio 0:1 ${loadaddr} cmdline.txt
qemu-system-aarch64: virtio: zero sized buffers are not allowed
---------------------------------

With the patch I get the expected results.
---------------------------------
=> fatls virtio 0:1
       30   cmdline.txt
=> fatload virtio 0:1 ${loadaddr} cmdline.txt
30 bytes read in 11 ms (2 KiB/s)
=> md.b ${loadaddr} 0x1E
40080000: 64 77 63 5f 6f 74 67 2e 6c 70 6d 5f 65 6e 61 62    dwc_otg.lpm_enab
40080010: 6c 65 3d 30 20 72 6f 6f 74 77 61 69 74 0a          le=0 rootwait.

---------------------------------

Signed-off-by: Jason Wessel <jason.wessel@windriver.com>

Signed-off-by: Jason Wessel <jason.wessel@windriver.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
2020-08-04 17:53:58 -04:00
Heinrich Schuchardt
1244f36900 fs: error handling in do_load()
If a file cannot be loaded, show an error message.
Set the EFI boot device only after successfully loading a file.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
2020-07-17 10:47:19 -04:00
Heinrich Schuchardt
5a8d1f60b2 fs/fat: reduce data size for FAT_WRITE
Allocated tmpbuf_cluster dynamically to reduce the data size added by
compiling with CONFIG_FAT_WRITE.

Reported-by: Tom Rini <trini@konsulko.com>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-07-11 23:14:16 +02:00
Heinrich Schuchardt
a20f0c820f fs: fat_write: fix short name creation.
Truncate file names if the buffer size is exceeded to avoid a buffer
overflow.

Use Sphinx style function description.

Add a TODO comment.

Reported-by: CID 303779
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
2020-07-07 18:23:48 -04:00
Niel Fourie
2280fa56a0 cmd: fs: Add command to list supported fs types
Added command "fstypes" to list supported/included filesystems.

Signed-off-by: Niel Fourie <lusus@denx.de>
Cc: Simon Glass <sjg@chromium.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
[trini: Limit to sandbox]
Signed-off-by: Tom Rini <trini@konsulko.com>
2020-07-07 15:36:59 -04:00
Christian Gmeiner
1788a9697f fs: fat: fix fat iteration
According to the FAT specification it is valid to have files with an
attribute value of 0x0. This fixes a regression where different U-Boot
versions are showing different amount of files on the same storage
device. With this change U-Boot shows the same number of files and folders
as Linux and Windows.

Fixes: 39606d462c ("fs: fat: handle deleted directory entries correctly")
Signed-off-by: Christian Gmeiner <christian.gmeiner@gmail.com>
2020-07-07 09:45:12 -04:00
Simon Glass
0621b5e1ee cbfs: Don't require the CBFS size with cbfs_init_mem()
The size is not actually used since it is present in the header. Drop this
parameter. Also tidy up error handling while we are here.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
2020-05-27 14:40:09 +08:00
Simon Glass
03d4c298fa cbfs: Allow reading a file from a CBFS given its base addr
Currently we support reading a file from CBFS given the address of the end
of the ROM. Sometimes we only know the start of the CBFS. Add a function
to find a file given that.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
2020-05-27 14:40:09 +08:00
Simon Glass
924e346a66 cbfs: Change file_cbfs_find_uncached() to return an error
This function currently returns a node pointer so there is no way to know
the error code. Also it uses data in BSS which seems unnecessary since the
caller might prefer to use a local variable.

Update the function and split its body out into a separate function so we
can use it later.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
2020-05-27 14:40:09 +08:00
Simon Glass
0e7b6312e7 cbfs: Return the error code from file_cbfs_init()
We may as well return the error code and use it directly in the command
code. CBFS still uses its own error enum which we may be able to remove,
but leave it for now.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
2020-05-27 14:40:09 +08:00
Simon Glass
c685f8bcfc cbfs: Record the start address in cbfs_priv
The start address of the CBFS is used when scanning for files. It makes
sense to put this in our cbfs_priv struct and calculate it when we read
the header.

Update the code accordingly.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
2020-05-27 14:40:09 +08:00
Simon Glass
e82ab51baf cbfs: Use void * for the position pointers
It doesn't make sense to use u8 * as the pointer type for accessing the
CBFS since we do not access it as bytes, but via structures. Change it to
void *, which allows us to avoid a cast.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
2020-05-27 14:40:09 +08:00
Simon Glass
9dc2355e51 cbfs: Unify the two header loaders
These two functions have mostly the same code. Pull this out into a common
function.

Also make this function zero the private data so that callers don't have
to do it. Finally, update cbfs_load_header_ptr() to take the base of the
ROM as its parameter, which makes more sense than passing the address of
the header within the ROM.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
2020-05-27 14:40:09 +08:00
Simon Glass
a2c528fe8a cbfs: Adjust cbfs_load_header_ptr() to use cbfs_priv
This function is strange at the moment in that it takes a header pointer
but then accesses the cbfs_s global. Currently clients have their own priv
pointer, so update the function to take that as a parameter instead.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
2020-05-27 14:40:09 +08:00
Simon Glass
54e19257a9 cbfs: Adjust file_cbfs_load_header() to use cbfs_priv
This function is strange at the moment in that it takes a header pointer
but then accesses the cbfs_s global. Currently clients have their own priv
pointer, so update the function to take that as a parameter instead.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
2020-05-27 14:40:09 +08:00
Simon Glass
c7bef7cf90 cbfs: Adjust return value of file_cbfs_next_file()
At present this uses a true return to indicate it found a file. Adjust it
to use 0 for this, so it is consistent with other functions.

Update its callers accordingly and add a check for malloc() failure in
file_cbfs_fill_cache().

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
2020-05-27 14:40:09 +08:00
Simon Glass
381e1130a2 cbfs: Use bool type for whether initialised
At present this uses an int type. U-Boot now supports bool so use this
instead.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
2020-05-27 14:40:09 +08:00
Simon Glass
45637dbfce cbfs: Use ulong consistently
U-Boot uses ulong for addresses but there are a few places in this driver
that don't use it. Convert this driver over to follow this convention
fully.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
2020-05-27 14:40:09 +08:00
Simon Glass
ea38ee93ef cbfs: Rename the result variable
At present the result variable in the cbfs_priv is called 'result' as is
the local variable in a few functions. Change the latter to 'ret' which is
more common in U-Boot and avoids confusion.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
2020-05-27 14:40:09 +08:00
Simon Glass
cd93d625fd common: Drop linux/bitops.h from common header
Move this uncommon header out of the common header.

Signed-off-by: Simon Glass <sjg@chromium.org>
2020-05-18 21:19:23 -04:00
Simon Glass
1af3c7f422 common: Drop linux/stringify.h from common header
Move this uncommon header out of the common header.

Signed-off-by: Simon Glass <sjg@chromium.org>
2020-05-18 21:19:23 -04:00
Simon Glass
eb41d8a1be common: Drop linux/bug.h from common header
Move this uncommon header out of the common header.

Signed-off-by: Simon Glass <sjg@chromium.org>
2020-05-18 21:19:23 -04:00
Simon Glass
f7ae49fc4f common: Drop log.h from common header
Move this header out of the common header.

Signed-off-by: Simon Glass <sjg@chromium.org>
2020-05-18 21:19:18 -04:00
Simon Glass
0914011310 command: Remove the cmd_tbl_t typedef
We should not use typedefs in U-Boot. They cannot be used as forward
declarations which means that header files must include the full header to
access them.

Drop the typedef and rename the struct to remove the _s suffix which is
now not useful.

This requires quite a few header-file additions.

Signed-off-by: Simon Glass <sjg@chromium.org>
2020-05-18 18:36:55 -04:00
Simon Glass
691d719db7 common: Drop init.h from common header
Move this uncommon header out of the common header.

Signed-off-by: Simon Glass <sjg@chromium.org>
2020-05-18 17:33:33 -04:00
Simon Glass
e6f6f9e648 common: Drop part.h from common header
Move this uncommon header out of the common header.

Signed-off-by: Simon Glass <sjg@chromium.org>
2020-05-18 17:33:33 -04:00
Simon Glass
0528979fa7 part: Drop disk_partition_t typedef
We should not be using typedefs and these make it harder to use
forward declarations (to reduce header file inclusions). Drop the typedef.

Signed-off-by: Simon Glass <sjg@chromium.org>
2020-05-18 17:33:33 -04:00
Simon Glass
90526e9fba common: Drop net.h from common header
Move this header out of the common header. Network support is used in
quite a few places but it still does not warrant blanket inclusion.

Note that this net.h header itself has quite a lot in it. It could be
split into the driver-mode support, functions, structures, checksumming,
etc.

Signed-off-by: Simon Glass <sjg@chromium.org>
2020-05-18 17:33:31 -04:00
Simon Glass
b79fdc7697 common: Drop flash.h from common header
Move this uncommon header out of the common header.

Fix up some style problems in flash.h while we are here.

Signed-off-by: Simon Glass <sjg@chromium.org>
2020-05-18 14:53:28 -04:00
Simon Glass
ba06b3c50b common: Drop uuid.h from common header
Move this uncommon header out of the common header.

Signed-off-by: Simon Glass <sjg@chromium.org>
2020-05-18 14:53:28 -04:00
Petr Borsodi
69dbebd1f7 JFFS2: Add useful fields into lists
The inode list uses version and ino, the dirent list uses version and pino.
This information is collected during scanning, reducing accesses to flash
and significantly speeding up ls and read.

Signed-off-by: Petr Borsodi <petr.borsodi@i.cz>
2020-05-15 14:47:35 -04:00
Petr Borsodi
25ec2282eb JFFS2: Process obsolete nodes as well as accurate ones
Obsolete nodes (ie. without the JFFS2_NODE_ACCURATE flag) were ignored
because they had seemingly invalid crc. This could lead to finding
the phantom node header in obsolete node data.

Signed-off-by: Petr Borsodi <petr.borsodi@i.cz>
2020-05-15 14:47:35 -04:00
Heinrich Schuchardt
4fb0f55fd2 fs: ext4: avoid NULL check before free()
free() checks if its argument is NULL. Don't duplicate this in the calling
code.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2020-05-01 11:34:01 -04:00
Arnaud Ferraris
7683b11098 fs: ext4: skip journal state if fs has metadata_csum
As u-boot doesn't support the metadata_csum feature, writing to a
filesystem with this feature enabled will fail, as expected. However,
during the process, a journal state check is performed, which could
result in:
  - a fs recovery if the fs wasn't umounted properly
  - the fs being marked dirty

Both these cases result in a superblock change, leading to a mismatch
between the superblock checksum and its contents. Therefore, Linux will
consider the filesystem heavily corrupted and will require e2fsck to be
run manually to boot.

By bypassing the journal state check, this patch ensures the superblock
won't be corrupted if the filesystem has metadata_csum feature enabled.

Signed-off-by: Arnaud Ferraris <arnaud.ferraris@collabora.com>
2020-04-27 14:55:29 -04:00
Marek Behún
48180e15d3 fs: btrfs: support sparse extents
When logical address of a regular extent is 0, the extent is sparse and
consists of all zeros.

Without this when sparse extents are used in a file reading fails with
  Cannot map logical address 0 to physical

Signed-off-by: Marek Behún <marek.behun@nic.cz>
2020-04-20 12:23:29 -04:00
Qu Wenruo
b941d1cd16 fs: btrfs: Fix LZO false decompression error caused by pending zero
For certain btrfs files with compressed file extent, uboot will fail to
load it:

  btrfs_read_extent_reg: disk_bytenr=14229504 disk_len=73728 offset=0 nr_bytes=131
  072
  decompress_lzo: tot_len=70770
  decompress_lzo: in_len=1389
  decompress_lzo: in_len=2400
  decompress_lzo: in_len=3002
  decompress_lzo: in_len=1379
  decompress_lzo: in_len=88539136
  decompress_lzo: header error, in_len=88539136 clen=65534 tot_len=62580

NOTE: except the last line, all other lines are debug output.

Btrfs lzo compression uses its own format to record compressed size
(segment header, LE32).

However to make decompression easier, we never put such segment header
across page boundary.

In above case, the xxd dump of the lzo compressed data looks like this:

00001fe0: 4cdc 02fc 0bfd 02c0 dc02 0d13 0100 0001  L...............
00001ff0: 0000 0008 0300 0000 0000 0011 0000|0000  ................
00002000: 4705 0000 0001 cc02 0000 0000 0000 1e01  G...............

'|' is the "expected" segment header start position.

But in that page, there are only 2 bytes left, can't contain the 4 bytes
segment header.

So btrfs compression will skip that 2 bytes, put the segment header in
next page directly.

Uboot doesn't have such check, and read the header with 2 bytes offset,
result 0x05470000 (88539136), other than the expected result
0x00000547 (1351), resulting above error.

Follow the btrfs-progs restore implementation, by introducing tot_in to
record total processed bytes (including headers), and do proper page
boundary skip to fix it.

Please note that, current code base doesn't parse fs_info thus we can't
grab sector size easily, so it uses PAGE_SIZE, and relying on fs open
time check to exclude unsupported sector size.

Signed-off-by: Qu Wenruo <wqu@suse.com>
Cc: Marek Behun <marek.behun@nic.cz>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
2020-04-16 22:13:50 -04:00
Qu Wenruo
a62db24526 fs: btrfs: Reject fs with sector size other than PAGE_SIZE
Although in theory u-boot fs driver could easily support more sector
sizes, current code base doesn't have good enough way to grab sector
size yet.

This would cause problem for later LZO fixes which rely on sector size.

And considering that most u-boot boards are using 4K page size, which is
also the most common sector size for btrfs, rejecting fs with
non-page-sized sector size shouldn't cause much problem.

This should only be a quick fix before we implement better sector size
support.

Signed-off-by: Qu Wenruo <wqu@suse.com>
Cc: Marek Behun <marek.behun@nic.cz>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
2020-04-16 22:13:50 -04:00
Qu Wenruo
25babb7c1b fs: btrfs: Use LZO_LEN to replace immediate number
Just a cleanup. These immediate numbers make my eyes hurt.

Signed-off-by: Qu Wenruo <wqu@suse.com>
Cc: Marek Behun <marek.behun@nic.cz>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
2020-04-16 22:13:50 -04:00
Jan Kiszka
7b83060b1e fs: ext4: Fix alignment of cache buffers
We need to align the cache buffer to ARCH_DMA_MINALIGN in order to avoid
access errors like

CACHE: Misaligned operation at range [be0231e0, be0235e0]

seen on the MCIMX7SABRE.

Fixes: d5aee659f2 ("fs: ext4: cache extent data")
Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
Reviewed-by: Stephen Warren <swarren@nvidia.com>
Tested-by: Peter Robinson <pbrobinson@gmail.com>
2020-03-27 15:42:04 -04:00
Tom Rini
9a8942b53d sandbox conversion to SDL2
TPM TEE driver
 Various minor sandbox video enhancements
 New driver model core utility functions
 -----BEGIN PGP SIGNATURE-----
 
 iQEzBAABCgAdFiEEslwAIq+Gp8wWVbYnfxc6PpAIreYFAl48iogACgkQfxc6PpAI
 reaVzAf/an3/yKe6r3CVWlcRV6H/dVg1ApnnLpX7jS0p0b++oCVvOiy7z1WPXj3k
 b1SSgENDeeZ/8EHio+Gf7ZidH/TGEj7L6YEFwd1t60GMkZiWEkNf4Z53tw482YG+
 96hoPD+ySTW+ddIdVHWAFG2I4aEiKHANJAp/ItNdD+rLbrEwNQy+eiK5JTOk80B6
 /X8AJCLZeAC1s7vs+2+WolgjT78QGzA9HHalMiublcqh0ivKKk0QeQiOKKPe8JYJ
 om5YY1TxayQ60Xmo5f39/SBfzEEklxw83sU9o1tBeYzyVUpu7fQdkxiDbWdsij77
 DgwLdeYQJGbN+hdSWE0gjTqyhW+lWA==
 =KRoA
 -----END PGP SIGNATURE-----

Merge tag 'dm-pull-6feb20' of https://gitlab.denx.de/u-boot/custodians/u-boot-dm

sandbox conversion to SDL2
TPM TEE driver
Various minor sandbox video enhancements
New driver model core utility functions
2020-02-11 10:58:41 -05:00
Marek Szyprowski
a54ece4085 fat: write: adjust data written in each partial write
The code for handing file overwrite incorrectly calculated the amount of
data to write when writing to the last non-cluster aligned chunk. Fix
this by ensuring that no more data than the 'filesize' is written to disk.
While touching min()-based calculations, change it to type-safe min_t()
function.

Signed-off-by: Marek Szyprowski <m.szyprowski@samsung.com>

This patch finally fixes the issue revealed by the test script from the
previous patch. The correctness of the change has been also verified by
the following additional test scripts:

--->8-fat_test2.sh---
#!/bin/bash
make sandbox_defconfig
make
dd if=/dev/zero of=/tmp/10M.img bs=1024 count=10k
mkfs.vfat -v /tmp/10M.img
cat >/tmp/cmds <<EOF
x
host bind 0 /tmp/10M.img
fatls host 0
mw 0x1000000 0x0a434241 0x1000 # "ABC\n"
mw 0x1100000 0x0a464544 0x8000 # "DEF\n"
fatwrite host 0 0x1000000 file0001.raw 0x1000
fatwrite host 0 0x1000000 file0002.raw 0x1000
fatwrite host 0 0x1000000 file0003.raw 0x1000
fatwrite host 0 0x1000000 file0004.raw 0x1000
fatwrite host 0 0x1000000 file0005.raw 0x1000
fatrm host 0 file0002.raw
fatrm host 0 file0004.raw
fatls host 0
fatwrite host 0 0x1100000 file0007.raw 0x2000
fatwrite host 0 0x1100000 file0007.raw 0x1f00
reset
EOF
./u-boot </tmp/cmds
#verify
rm -r /tmp/result /tmp/model
mkdir /tmp/result
mkdir /tmp/model
yes ABC | head -c 4096 >/tmp/model/file0001.raw
yes ABC | head -c 4096 >/tmp/model/file0003.raw
yes ABC | head -c 4096 >/tmp/model/file0005.raw
yes DEF | head -c 7936 >/tmp/model/file0007.raw
mcopy -n -i /tmp/10M.img ::file0001.raw /tmp/result
mcopy -n -i /tmp/10M.img ::file0003.raw /tmp/result
mcopy -n -i /tmp/10M.img ::file0005.raw /tmp/result
mcopy -n -i /tmp/10M.img ::file0007.raw /tmp/result
hd /tmp/10M.img
if diff -urq /tmp/model /tmp/result
then
	echo Test okay
else
	echo Test fail
fi
--->8-fat_test3.sh---
#!/bin/bash
make sandbox_defconfig
make
dd if=/dev/zero of=/tmp/10M.img bs=1024 count=10k
mkfs.vfat -v /tmp/10M.img
cat >/tmp/cmds <<EOF
x
host bind 0 /tmp/10M.img
fatls host 0
mw 0x1000000 0x0a434241 0x1000 # "ABC\n"
mw 0x1100000 0x0a464544 0x8000 # "DEF\n"
fatwrite host 0 0x1000000 file0001.raw 0x1000
fatwrite host 0 0x1000000 file0002.raw 0x1000
fatwrite host 0 0x1000000 file0003.raw 0x1000
fatwrite host 0 0x1000000 file0004.raw 0x1000
fatwrite host 0 0x1000000 file0005.raw 0x1000
fatrm host 0 file0002.raw
fatrm host 0 file0004.raw
fatls host 0
fatwrite host 0 0x1100000 file0007.raw 0x2000
fatwrite host 0 0x1100000 file0007.raw 0x2100
reset
EOF
./u-boot </tmp/cmds
#verify
rm -r /tmp/result /tmp/model
mkdir /tmp/result
mkdir /tmp/model
yes ABC | head -c 4096 >/tmp/model/file0001.raw
yes ABC | head -c 4096 >/tmp/model/file0003.raw
yes ABC | head -c 4096 >/tmp/model/file0005.raw
yes DEF | head -c 8448 >/tmp/model/file0007.raw
mcopy -n -i /tmp/10M.img ::file0001.raw /tmp/result
mcopy -n -i /tmp/10M.img ::file0003.raw /tmp/result
mcopy -n -i /tmp/10M.img ::file0005.raw /tmp/result
mcopy -n -i /tmp/10M.img ::file0007.raw /tmp/result
hd /tmp/10M.img
if diff -urq /tmp/model /tmp/result
then
	echo Test okay
else
	echo Test fail
fi
--->8-fat_test4.sh---
#!/bin/bash
make sandbox_defconfig
make
dd if=/dev/zero of=/tmp/10M.img bs=1024 count=10k
mkfs.vfat -v /tmp/10M.img
cat >/tmp/cmds <<EOF
x
host bind 0 /tmp/10M.img
fatls host 0
mw 0x1000000 0x0a434241 0x1000 # "ABC\n"
mw 0x1100000 0x0a464544 0x8000 # "DEF\n"
mw 0x1200000 0x0a494847 0x8000 # "GHI\n"
fatwrite host 0 0x1000000 file0001.raw 0x1000
fatwrite host 0 0x1000000 file0002.raw 0x1000
fatwrite host 0 0x1000000 file0003.raw 0x1000
fatwrite host 0 0x1000000 file0004.raw 0x1000
fatwrite host 0 0x1000000 file0005.raw 0x1000
fatrm host 0 file0002.raw
fatrm host 0 file0004.raw
fatls host 0
fatwrite host 0 0x1100000 file0007.raw 0x900
fatwrite host 0 0x1200000 file0007.raw 0x900 0x900
fatwrite host 0 0x1100000 file0007.raw 0x900 0x1200
fatwrite host 0 0x1200000 file0007.raw 0x900 0x1b00
reset
EOF
./u-boot </tmp/cmds
#verify
rm -r /tmp/result /tmp/model
mkdir /tmp/result
mkdir /tmp/model
yes ABC | head -c 4096 >/tmp/model/file0001.raw
yes ABC | head -c 4096 >/tmp/model/file0003.raw
yes ABC | head -c 4096 >/tmp/model/file0005.raw
yes DEF | head -c 2304 >/tmp/model/file0007.raw
yes GHI | head -c 2304 >>/tmp/model/file0007.raw
yes DEF | head -c 2304 >>/tmp/model/file0007.raw
yes GHI | head -c 2304 >>/tmp/model/file0007.raw
mcopy -n -i /tmp/10M.img ::file0001.raw /tmp/result
mcopy -n -i /tmp/10M.img ::file0003.raw /tmp/result
mcopy -n -i /tmp/10M.img ::file0005.raw /tmp/result
mcopy -n -i /tmp/10M.img ::file0007.raw /tmp/result
hd /tmp/10M.img
if diff -urq /tmp/model /tmp/result
then
	echo Test okay
else
	echo Test fail
fi
--->8---
Feel free to prepare a proper sandbox/py_test based tests based on
the provided test scripts.
2020-02-07 13:59:58 -05:00
Marek Szyprowski
5e615b74e8 fat: write: fix broken write to fragmented files
The code for handing file overwrite incorrectly assumed that the file on
disk is always contiguous. This resulted in corrupting disk structure
every time when write to existing fragmented file happened. Fix this
by adding proper check for cluster discontinuity and adjust chunk size
on each partial write.

Signed-off-by: Marek Szyprowski <m.szyprowski@samsung.com>

This patch partially fixes the issue revealed by the following test
script:

--->8-fat_test1.sh---
#!/bin/bash
make sandbox_defconfig
make
dd if=/dev/zero of=/tmp/10M.img bs=1024 count=10k
mkfs.vfat -v /tmp/10M.img
cat >/tmp/cmds <<EOF
x
host bind 0 /tmp/10M.img
fatls host 0
mw 0x1000000 0x0a434241 0x1000 # "ABC\n"
mw 0x1100000 0x0a464544 0x8000 # "DEF\n"
fatwrite host 0 0x1000000 file0001.raw 0x1000
fatwrite host 0 0x1000000 file0002.raw 0x1000
fatwrite host 0 0x1000000 file0003.raw 0x1000
fatwrite host 0 0x1000000 file0004.raw 0x1000
fatwrite host 0 0x1000000 file0005.raw 0x1000
fatrm host 0 file0002.raw
fatrm host 0 file0004.raw
fatls host 0
fatwrite host 0 0x1100000 file0007.raw 0x4000
fatwrite host 0 0x1100000 file0007.raw 0x4000
reset
EOF
./u-boot </tmp/cmds
#verify
rm -r /tmp/result /tmp/model
mkdir /tmp/result
mkdir /tmp/model
yes ABC | head -c 4096 >/tmp/model/file0001.raw
yes ABC | head -c 4096 >/tmp/model/file0003.raw
yes ABC | head -c 4096 >/tmp/model/file0005.raw
yes DEF | head -c 16384 >/tmp/model/file0007.raw
mcopy -n -i /tmp/10M.img ::file0001.raw /tmp/result
mcopy -n -i /tmp/10M.img ::file0003.raw /tmp/result
mcopy -n -i /tmp/10M.img ::file0005.raw /tmp/result
mcopy -n -i /tmp/10M.img ::file0007.raw /tmp/result
hd /tmp/10M.img
if diff -urq /tmp/model /tmp/result
then
	echo Test okay
else
	echo Test fail
fi
--->8---

Overwritting a discontiguous test file (file0007.raw) no longer causes
corruption to file0003.raw, which's data lies between the chunks of the
test file. The amount of data written to disk is still incorrect, what
causes damage to the file (file0005.raw), which's data lies next to the
test file. This will be fixed by the next patch.

Feel free to prepare a proper sandbox/py_test based tests based on the
provided test scripts.
2020-02-07 13:59:58 -05:00
Simon Glass
336d4615f8 dm: core: Create a new header file for 'compat' features
At present dm/device.h includes the linux-compatible features. This
requires including linux/compat.h which in turn includes a lot of headers.
One of these is malloc.h which we thus end up including in every file in
U-Boot. Apart from the inefficiency of this, it is problematic for sandbox
which needs to use the system malloc() in some files.

Move the compatibility features into a separate header file.

Signed-off-by: Simon Glass <sjg@chromium.org>
2020-02-05 19:33:46 -07:00
Simon Glass
61b29b8268 dm: core: Require users of devres to include the header
At present devres.h is included in all files that include dm.h but few
make use of it. Also this pulls in linux/compat which adds several more
headers. Drop the automatic inclusion and require files to include devres
themselves. This provides a good indication of which files use devres.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Anatolij Gustschin <agust@denx.de>
2020-02-05 19:33:46 -07:00
AKASHI Takahiro
4839e86892 linux_compat: move kmemdup() from ubifs.c to linux_compat.c
linux_compat.c is the best place for kmemdup(), which is currenly used
only in ubifs.c, but will also be used when other kernel files
(in my case, lib/crypto/x509_cert_parser.c and pkcs7_parser.c) will be
imported. So just move it.

Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-12-06 16:44:19 -05:00
AKASHI Takahiro
39606d462c fs: fat: handle deleted directory entries correctly
Unlink test for FAT file system seems to fail at test_unlink2.
(When I added this test, I haven't seen any errors though.)
for example,
===8<===
fs_obj_unlink = ['fat', '/home/akashi/tmp/uboot_sandbox_test/128MB.fat32.img']

    def test_unlink2(self, u_boot_console, fs_obj_unlink):
        """
        Test Case 2 - delete many files
        """
        fs_type,fs_img = fs_obj_unlink
        with u_boot_console.log.section('Test Case 2 - unlink (many)'):
            output = u_boot_console.run_command('host bind 0 %s' % fs_img)

            for i in range(0, 20):
                output = u_boot_console.run_command_list([
                    '%srm host 0:0 dir2/0123456789abcdef%02x' % (fs_type, i),
                    '%sls host 0:0 dir2/0123456789abcdef%02x' % (fs_type, i)])
                assert('' == ''.join(output))

            output = u_boot_console.run_command(
                '%sls host 0:0 dir2' % fs_type)
>           assert('0 file(s), 2 dir(s)' in output)
E           AssertionError: assert '0 file(s), 2 dir(s)' in '            ./\r\r\n            ../\r\r\n        0   0123456789abcdef11\r\r\n\r\r\n1 file(s), 2 dir(s)'

test/py/tests/test_fs/test_unlink.py:52: AssertionError
===>8===

This can happen when fat_itr_next() wrongly detects an already-
deleted directory entry.

File deletion, which was added in the commit f8240ce95d ("fs: fat:
support unlink"), is implemented by marking its entry for a short name
with DELETED_FLAG, but related entry slots for a long file name are kept
unmodified. (So entries will never be actually deleted from media.)

To handle this case correctly, an additional check for a directory slot
will be needed in fat_itr_next().

In addition, I added extra comments about long file name and short file
name format in FAT file system. Although they are not directly related
to the issue, I hope it will be helpful for better understandings
in general.

Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
2019-12-05 10:28:38 -05:00
Simon Glass
8bef79bf3c common: Move sorting functions to their own header file
These don't need to be in common.h so move them out into a new header.
Also add some missing comments.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
2019-12-02 18:23:08 -05:00
Simon Glass
3db7110857 crc32: Use the crc.h header for crc functions
Drop inclusion of crc.h in common.h and use the correct header directly
instead.

With this we can drop the conflicting definition in fw_env.h and rely on
the crc.h header, which is already included.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Tom Rini <trini@konsulko.com>
2019-12-02 18:23:08 -05:00
AKASHI Takahiro
b7cd95627b fs: add fs_get_type() for current filesystem type
This function is a variant of fs_get_type_name() and returns a filesystem
type with which the current device is associated.
We don't want to export fs_type variable directly because we have to take
care of it consistently within fs.c.

Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-10-17 19:19:56 +02:00
AKASHI Takahiro
185aed7855 fs: clean up around fs_type
fs_ls(), fs_mkdir() and fs_unlink() sets fs_type to FS_TYPE_ANY
explicitly, but it is redundant as they call fs_close().
So just remove those lines.

Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-10-17 19:19:56 +02:00
AKASHI Takahiro
64f49eb7d0 fs: export fs_close()
fs_close() closes the connection to a file system which opened with
either fs_set_blk_dev() or fs_set_dev_with_part(). Many file system
functions implicitly call fs_close(), e.g. fs_closedir(), fs_exist(),
fs_ln(), fs_ls(), fs_mkdir(), fs_read(), fs_size(), fs_write()
and fs_unlink().
So just export it.

Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-10-17 19:19:55 +02:00
Heinrich Schuchardt
f13683816b fs: fat: get_contents() always returns -1 for errors
If out of memory, return -1 and not -ENOMEM from get_contents().

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-10-11 19:05:14 -04:00
Heinrich Schuchardt
c7a86d1645 fs: fat: treat invalid FAT clusters as errors
When hitting an invalid FAT cluster while reading a file always print an
error message and return an error code.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-10-11 19:05:14 -04:00
Martin Vystrčil
d7af2a8630 fat: FAT filesystem premature release of info struct.
File was found on specified location. Info about file was read,
but then immediately destroyed using 'free' call. As a result
file size was set to 0, hence fat process didn't read any data.

Premature 'free' call removed. Resources are freed right before
function return. File is read correctly.

Signed-off-by: Martin Vystrcil <martin.vystrcil@m-linux.cz>
2019-08-26 11:46:21 -04:00
Uwe Kleine-König
ad49488ffb jffs2: remove unused code files
I failed to find where these two files are used and a few test compile
runs with JFFS2 enabled succeeded also without these.
2019-08-20 12:20:33 -04:00
Simon Glass
ad79d603aa cbfs: Rename camel-case variables
Rename some camel-case variables to match U-Boot style.

Camel case is not generally allowed in U-Boot. Rename this variable to fit
in with the style.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Tested-by: Bin Meng <bmeng.cn@gmail.com>
2019-08-18 21:54:10 +08:00
Simon Glass
630b2f39dd cbfs: Add functions to support multiple CBFSs
Sometimes an image has multiple CBFS. The current CBFS API is limited to
handling only one at time. Also it keeps track of the CBFS internally in
BSS, which does not work before relocation, for example.

Add a few new functions to overcome these limitations.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Tested-by: Bin Meng <bmeng.cn@gmail.com>
2019-08-18 21:54:10 +08:00
Simon Glass
c7f1693474 cbfs: Move result variable into the struct
Move the result variable into the struct also, so that it can be used when
BSS is not available. Add a function to read it.

Note that all functions sill use the BSS version of the data.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Tested-by: Bin Meng <bmeng.cn@gmail.com>
2019-08-18 21:54:10 +08:00
Simon Glass
02e4af63a9 cbfs: Move static variables into a struct
At present there are a number of static variables in BSS. This cannot work
with SPL, at least until BSS is available in board_init_r().

Move the variables into a struct, so it is possible to malloc() it and use
it before BSS is available.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Tested-by: Bin Meng <bmeng.cn@gmail.com>
2019-08-18 21:54:10 +08:00
Simon Glass
fc7b9e16a0 cbfs: Move declarations above functions
At present this file has a function at the top, above declarations. This
is normally avoided, so fix it.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Tested-by: Bin Meng <bmeng.cn@gmail.com>
2019-08-18 21:54:10 +08:00
Simon Glass
72b2465c6b cbfs: Allow CBFS to be used in SPL
Add a new Kconfig option to enable CBFS in SPL. This can be useful when
the memory-init code is in CBFS.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Tested-by: Bin Meng <bmeng.cn@gmail.com>
2019-08-18 21:54:10 +08:00
Simon Glass
c7694dd483 env: Move env_set_hex() to env.h
Move env_set_hex() over to the new header file along with env_set_addr()
which uses it.

Signed-off-by: Simon Glass <sjg@chromium.org>
Acked-by: Joe Hershberger <joe.hershberger@ni.com>
2019-08-11 16:43:41 -04:00
Simon Glass
0c670fc148 common: Move gzip functions into a new gzip header
As part of the effort to remove things from common.h, create a new header
for the gzip functions. Move the function declarations to it and add
missing documentation.

Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Simon Goldschmidt <simon.k.r.goldschmidt@gmail.com>
2019-08-11 16:43:41 -04:00
Simon Glass
ababe101d3 cbfs: Rename checksum to attributes_offset
It seems that this field has been renamed in later version of coreboot.
Update it.

Signed-off-by: Simon Glass <sjg@chromium.org>
2019-07-23 20:27:57 -07:00
Paul Emge
e205896c53 CVE-2019-13106: ext4: fix out-of-bounds memset
In ext4fs_read_file in ext4fs.c, a memset can overwrite the bounds of
the destination memory region. This patch adds a check to disallow
this.

Signed-off-by: Paul Emge <paulemge@forallsecure.com>
2019-07-18 11:31:29 -04:00
Paul Emge
084be43b75 ext4: gracefully fail on divide-by-0
This patch checks for 0 in several ext4 headers and gracefully
fails instead of raising a divide-by-0 exception.

Signed-off-by: Paul Emge <paulemge@forallsecure.com>
2019-07-18 11:31:29 -04:00
Paul Emge
878269dbe7 CVE-2019-13104: ext4: check for underflow in ext4fs_read_file
in ext4fs_read_file, it is possible for a broken/malicious file
system to cause a memcpy of a negative number of bytes, which
overflows all memory. This patch fixes the issue by checking for
a negative length.

Signed-off-by: Paul Emge <paulemge@forallsecure.com>
2019-07-18 11:31:29 -04:00
Paul Emge
6e5a79de65 CVE-2019-13105: ext4: fix double-free in ext4_cache_read
ext_cache_read doesn't null cache->buf, after freeing, which results
in a later function double-freeing it. This patch fixes
ext_cache_read to call ext_cache_fini instead of free.

Signed-off-by: Paul Emge <paulemge@forallsecure.com>
2019-07-18 11:31:28 -04:00
Marek Szyprowski
bd8fbd8a13 ext4: add support for filesystems without JOURNAL
JOURNAL is optional for EXT4 (and EXT3) filesystems, so add support for
skipping it. This fixes corrupting EXT4 volumes without JOURNAL after
using uboot's 'ext4write' command.

Signed-off-by: Marek Szyprowski <m.szyprowski@samsung.com>
Reviewed-by: Lukasz Majewski <lukma@denx.de>
2019-07-18 11:31:24 -04:00
Marek Szyprowski
1c9f8f6412 ext4: fix calculating inode blkcount for non-512 blocksize filesystems
The block count entry in the EXT4 filesystem disk structures uses
standard 512-bytes units for most of the typical files. The only
exception are HUGE files, which use the filesystem block size, but those
are not supported by uboot's EXT4 implementation anyway. This patch fixes
the EXT4 code to use proper unit count for inode block count. This fixes
errors reported by fsck.ext4 on disks with non-standard (i.e. 4KiB, in
case of new flash drives) PHYSICAL block size after using 'ext4write'
uboot's command.

Signed-off-by: Marek Szyprowski <m.szyprowski@samsung.com>
Reviewed-by: Lukasz Majewski <lukma@denx.de>
2019-07-18 11:31:24 -04:00
Mian Yousaf Kaukab
ee88eacbdd fs: do_load: pass device path for efi payload
fatload command can be used to load the EFI payload since EFI system
partition is always a FAT partition. Call into EFI code from do_load()
to set the device path from which the last binary was loaded. An EFI
application like grub2 can’t find its configuration file without the
device path set.

Since device path is now set in do_load() there is no need to set it
in do_load_wrapper() for the load command.

Signed-off-by: Mian Yousaf Kaukab <ykaukab@suse.de>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-06-20 22:26:20 +00:00
AKASHI Takahiro
cd2d727fff fs: fat: allocate a new cluster for root directory of fat32
Contrary to fat12/16, fat32 can have root directory at any location
and its size can be expanded.
Without this patch, root directory won't grow properly and so we will
eventually fail to add files under root directory. Please note that this
can happen even if you delete many files as deleted directory entries
are not reclaimed but just marked as "deleted" under the current
implementation.

Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Tested-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-05-28 18:55:09 -04:00
AKASHI Takahiro
9c709c7b41 fs: fat: flush a directory cluster properly
When a long name directory entry is created, multiple directory entries
may be occupied across a directory cluster boundary. Since only one
directory cluster is cached in a directory iterator, a first cluster must
be written back to device before switching over a second cluster.

Without this patch, some added files may be lost even if you don't see
any failures on write operation.

Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Tested-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-05-28 18:55:08 -04:00
AKASHI Takahiro
a9f6706cf0 fs: fat: write to non-cluster-aligned root directory
With the commit below, fat now correctly handles a file read under
a non-cluster-aligned root directory of fat12/16.
Write operation should be fixed in the same manner.

Fixes: commit 9b18358dc0 ("fs: fat: fix reading non-cluster-aligned
       root directory")
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Cc: Anssi Hannula <anssi.hannula@bitwise.fi>
Tested-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-05-28 18:55:08 -04:00
Andrew F. Davis
d0cd30eb81 fs: fat: Fix possible double free of fatbuf
fat_itr_root() allocates fatbuf so we free it on the exit path, if
the function fails we should not free it, check the return value
and skip freeing if the function fails.

Signed-off-by: Andrew F. Davis <afd@ti.com>
2019-05-28 13:57:52 -04:00
Heinrich Schuchardt
7b437807ee fs: fat: correct file name normalization
File names may not contain control characters (< 0x20).
Simplify the coding.

Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-05-28 13:57:52 -04:00
Marek Behún
53290e6efd fs: btrfs: add zstd decompression support
This adds decompression support for Zstandard, which has been included
in Linux btrfs driver for some time.

Signed-off-by: Marek Behún <marek.behun@nic.cz>
2019-05-05 08:48:50 -04:00
Marek Behún
cd22e34c11 fs: btrfs: fix btrfs methods return values on failure
The btrfs implementation methods .ls(), .size() and .read() returns 1 on
failure, but the command handlers expect values <0 on failure.

For example if given a nonexistent path, the load command currently
returns success, and hush scripting does not work.

Fix this by setting return values of these methods to -1 instead of 1 on
failure.

Signed-off-by: Marek Behún <marek.behun@nic.cz>
2019-05-03 07:30:31 -04:00
Marek Behún
881e020958 fs: btrfs: Do not print mount fail message when not btrfs filesystem
Other filesystem drivers don't do this.

Signed-off-by: Marek Behún <marek.behun@nic.cz>
2019-05-03 07:23:17 -04:00
Tom Rini
6aebc0d11a Revert "fs: btrfs: fix false negatives in ROOT_ITEM search"
Per Pierre this change shouldn't have been applied as it was superseded
by "fs: btrfs: fix btrfs_search_tree invalid results" which is also
applied now as 1627e5e598.

This reverts commit 633967f981.

Signed-off-by: Tom Rini <trini@konsulko.com>
2019-04-27 11:35:44 -04:00
Pierre Bourdon
1627e5e598 fs: btrfs: fix btrfs_search_tree invalid results
btrfs_search_tree should return the first item in the tree that is
greater or equal to the searched item.

The search algorithm did not properly handle the edge case where the
searched item is higher than the last item of the node but lower than
the first item of the next node. Instead of properly returning the first
item of the next node, it was returning an invalid path pointer
(pointing to a non-existent item after the last item of the node + 1).

This fixes two issues in the btrfs driver:
  - Looking for a ROOT_ITEM could fail if it was the first item of its
    leaf node.
  - Iterating through DIR_INDEX entries (for readdir) could fail if the
    first DIR_INDEX entry was the first item of a leaf node.

Signed-off-by: Pierre Bourdon <delroth@gmail.com>
Cc: Marek Behun <marek.behun@nic.cz>
2019-04-26 17:53:16 -04:00
Ismael Luceno Cortes
423eba241d fs: fat: Build only if CONFIG_FS_FAT=y
Signed-off-by: Ismael Luceno <ismael.luceno@silicon-gears.com>
2019-04-26 17:53:16 -04:00
Pierre Bourdon
633967f981 fs: btrfs: fix false negatives in ROOT_ITEM search
ROOT_ITEMs in btrfs are referenced without knowing their actual "offset"
value. To perform these searches using only two items from the key, the
btrfs driver uses a special "btrfs_search_tree_key_type" function.

The algorithm used by that function to transform a 3-tuple search into a
2-tuple search was subtly broken, leading to items not being found if
they were the first in their tree node.

This commit fixes btrfs_search_tree_key_type to properly behave in these
situations.

Signed-off-by: Pierre Bourdon <delroth@gmail.com>
Cc: Marek Behun <marek.behun@nic.cz>
2019-04-26 17:53:15 -04:00
Benjamin Lim
febbc58331 Fix ext4 block group descriptor sizing
Ext4 allows for arbitrarily sized block group descriptors when 64-bit
addressing is enabled, which was previously not properly supported. This
patch dynamically allocates a chunk of memory of the correct size.

Signed-off-by: Benjamin Lim <jarsp.ctf@gmail.com>
2019-04-09 20:04:06 -04:00
Anssi Hannula
9b18358dc0 fs: fat: fix reading non-cluster-aligned root directory
A FAT12/FAT16 root directory location is specified by a sector offset and
it might not start at a cluster boundary. It also resides before the
data area (before cluster 2).

However, the current code assumes that the root directory is located at
a beginning of a cluster, causing no files to be found if that is not
the case.

Since the FAT12/FAT16 root directory is located before the data area
and is not aligned to clusters, using unsigned cluster numbers to refer
to the root directory does not work well (the "cluster number" may be
negative, and even allowing it be signed would not make it properly
aligned).

Modify the code to not use the normal cluster numbering when referring to
the root directory of FAT12/FAT16 and instead use a cluster-sized
offsets counted from the root directory start sector.

This is a relatively common case as at least the filesystem formatter on
Win7 seems to create such filesystems by default on 2GB USB sticks when
"FAT" is selected (cluster size 64 sectors, rootdir size 32 sectors,
rootdir starts at half a cluster before cluster 2).

dosfstools mkfs.vfat does not seem to create affected filesystems.

Signed-off-by: Anssi Hannula <anssi.hannula@bitwise.fi>
Reviewed-by: Bernhard Messerklinger <bernhard.messerklinger@br-automation.com>
Tested-by: Bernhard Messerklinger <bernhard.messerklinger@br-automation.com>
2019-04-09 20:04:04 -04:00
Gero Schumacher
1c48fda3e5 fs: ext4: Problem with ext4load and sparse files
Hi,

when I try to load a sparse file via ext4load, I am getting the error message
'invalid extent'

After a deeper look in the code, it seems to be an issue in the function ext4fs_get_extent_block in fs/ext4/ext4_common.c:

The file starts with 1k of zeros. The blocksize is 1024. So the first extend block contains the following information:

eh_entries: 1
eh_depth: 1
ei_block 1

When the upper layer (ext4fs_read_file) asks for fileblock 0, we are running in the 'invalid extent' error message.
For me it seems, that the code is not prepared for handling a sparse block at the beginning of the file. The following change, solved my problem:

I am really not an expert in ext4 filesystems. Can somebody please have a look at this issue and give me a feedback, if I am totally wrong or not?
2019-04-09 20:04:03 -04:00
Jean-Jacques Hiblot
aaa12157c7 fs: Add a new command to create symbolic links
The command line is:
ln <interface> <dev[:part]> target linkname

Currently symbolic links are supported only in ext4 and only if the option
CMD_EXT4_WRITE is enabled.

Signed-off-by: Jean-Jacques Hiblot <jjhiblot@ti.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
2019-04-09 20:04:03 -04:00
Jean-Jacques Hiblot
5efc0686ee fs: ext4: Add support for the creation of symbolic links
Re-use the functions used to write/create a file, to support creation of a
symbolic link.
The difference with a regular file are small:
- The inode mode is flagged with S_IFLNK instead of S_IFREG
- The ext2_dirent's filetype is FILETYPE_SYMLINK instead of FILETYPE_REG
- Instead of storing the content of a file in allocated blocks, the path
to the target is stored. And if the target's path is short enough, no block
is allocated and the target's path is stored in ext2_inode.b.symlink

As with regulars files, if a file/symlink with the same name exits, it is
unlinked first and then re-created.

Signed-off-by: Jean-Jacques Hiblot <jjhiblot@ti.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
[trini: Fix ext4 env code]
Signed-off-by: Tom Rini <trini@konsulko.com>
2019-04-09 20:03:30 -04:00
Jean-Jacques Hiblot
b000180b0f fs: ext4: constify the buffer passed to write functions
There is no need to modify the buffer passed to ext4fs_write_file().
The memset() call is not required here and was likely copied from the
equivalent part of the ext4fs_read_file() function where we do need it.

Signed-off-by: Jean-Jacques Hiblot <jjhiblot@ti.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
2019-04-09 15:34:15 -04:00
Stephen Warren
d5aee659f2 fs: ext4: cache extent data
When a file contains extents, U-Boot currently reads extent-related data
for each block in the file, even if that data is located in the same
block each time. This significantly slows down loading of files that use
extents. Implement a very dumb cache to prevent repeatedly reading the
same block. Files with extents now load as fast as files without.

Note: There are many cases where read_allocated_block() is called. This
patch only addresses one of those places; all others still read redundant
data in any case they did before. This is a minimal patch to fix the
load command; other cases aren't fixed.

Signed-off-by: Stephen Warren <swarren@nvidia.com>
2019-04-09 15:34:15 -04:00
Eran Matityahu
734b080e78 mtd: ubi, ubifs debug: Use pr_debug instead of pr_crit
Before printk.h was introduced and MTDDEBUG was removed,
pr_crit() was calling MTDDEBUG(), which was since then
replaced by the current pr_debug().

pr_debug is more appropriate here.

Signed-off-by: Eran Matityahu <eran.m@variscite.com>
Reviewed-by: Heiko Schocher <hs@denx.de>
2019-04-09 07:46:42 +02:00
Sébastien Szymanski
2e7365518a fs: ext4: do not write on filesystem with metadata_csum feature
U-Boot doesn't support metadata_csum feature. Writing to filesystem with
metadata_csum feature makes the filesystem corrupted and unbootable by
Linux:

[    2.527495] EXT4-fs (mmcblk0p2): ext4_check_descriptors: Checksum for group 0 failed (52188!=0)
[    2.537421] EXT4-fs (mmcblk0p2): ext4_check_descriptors: Checksum for group 1 failed (5262!=0)
...
[    2.653308] EXT4-fs (mmcblk0p2): ext4_check_descriptors: Checksum for group 14 failed (42611!=0)
[    2.662179] EXT4-fs (mmcblk0p2): ext4_check_descriptors: Checksum for group 15 failed (21527!=0)
[    2.687920] JBD2: journal checksum error
[    2.691982] EXT4-fs (mmcblk0p2): error loading journal
[    2.698292] VFS: Cannot open root device "mmcblk0p2" or unknown-block(179,2): error -74

Don't write to filesystem with meatadata_csum feature to not corrupt the
filesystem.

Signed-off-by: Sébastien Szymanski <sebastien.szymanski@armadeus.com>
2019-03-22 12:15:24 -04:00
Heinrich Schuchardt
7274b7638a fs: fat: fix link error when building with DEBUG=1
When compiling with DEBUG=1 an error
fs/fat/fat_write.c:831: undefined reference to `__aeabi_ldivmod'
occurred.

We should use do_div() instead of the modulus operator.

filesize and cur_pos cannot be negative. So let's use u64 to avoid
warnings.

Fixes: cb8af8af5b ("fs: fat: support write with non-zero offset")
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2019-02-28 14:21:46 -05:00
Tien Fong Chee
e48485f5e4 fs: fat: Reduce default max clustersize 64KiB from malloc pool
Release cluster block immediately when no longer use would help to reduce
64KiB memory allocated to the memory pool.

Signed-off-by: Tien Fong Chee <tien.fong.chee@intel.com>
2019-02-19 08:55:43 -05:00
Tien Fong Chee
8537874a65 fs: fat: dynamically allocate memory for temporary buffer
Drop the statically allocated get_contents_vfatname_block and
dynamically allocate a buffer only if required. This saves
64KiB of memory.

Signed-off-by: Stefan Agner <stefan.ag...@toradex.com>
Signed-off-by: Tien Fong Chee <tien.fong.chee@intel.com>
2019-02-19 08:55:43 -05:00
Marek Vasut
e531c6731b fs: ext4: Unmount FS in do_fs_type()
Unlike other generic FS accessors, fs_get_info() does not call fs_close()
at the end of it's operation. Thus, using fs_get_info() in do_fs_type()
without calling fs_close() causes potential memory leak by creating new
filesystem structures on each call of do_fs_type().

The test case to trigger this problem is as follows. It is required to
have ext4 filesystem on the first partition of the SDMMC device, since
ext4 requires stateful mount and causes memory allocation.
=> while true ; do mmc rescan ; fstype mmc 1 ; done
Eventually, the mounting of ext4 will fail due to malloc failures
and the filesystem will not be correctly detected.

This patch fixes the problem by adding the missing fs_close().

Signed-off-by: Marek Vasut <marek.vasut+renesas@gmail.com>
Cc: Simon Glass <sjg@chromium.org>
Cc: Tom Rini <trini@konsulko.com>
2019-02-09 11:08:40 +01:00
Simon Goldschmidt
9cc2323fee lmb: handle more than one DRAM BANK
This fixes the automatic lmb initialization and reservation for boards
with more than one DRAM bank.

This fixes the CVE-2018-18439 and -18440 fixes that only allowed to load
files into the firs DRAM bank from fs and via tftp.

Found-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: Simon Goldschmidt <simon.k.r.goldschmidt@gmail.com>
Tested-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
2019-02-02 08:19:17 -05:00
Tien Fong Chee
cafc429fa8 spl: fat/fs: Add control to build FS EXT4 in SPL
CONFIG_SPL_FS_EXT4 can be used to include/exclude the FS EXT4 from
SPL build. Excluding the FS EXT4 from SPL build can help to save 20KiB
memory.

Signed-off-by: Tien Fong Chee <tien.fong.chee@intel.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
2019-02-01 09:14:21 -05:00
Tien Fong Chee
f4b4092474 spl: Kconfig: Replace CONFIG_SPL_EXT_SUPPORT to CONFIG_SPL_FS_EXT4
Replace CONFIG_SPL_EXT_SUPPORT to CONFIG_SPLY_FS_EXT4 so both
obj-$(CONFIG_$(SPL_)FS_EXT4) and CONFIG_IS_ENABLED(FS_EXT4) can be
used to control the build in both SPL and U-Boot.

Signed-off-by: Tien Fong Chee <tien.fong.chee@intel.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
2019-02-01 09:14:21 -05:00
Tien Fong Chee
d8c3ea9982 spl: fat/fs: Add option to include/exclude FAT write build in SPL
Most of the time SPL only needs very simple FAT reading, so having
CONFIG_IS_ENABLED(FAT_WRITE) to exclude it from SPL build would help
to save 64KiB default max clustersize from memory.

Signed-off-by: Tien Fong Chee <tien.fong.chee@intel.com>
Reviewed-by: Simon Goldschmidt <simon.k.r.goldschmidt@gmail.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
2019-02-01 09:12:48 -05:00
Tien Fong Chee
0c3a9ed409 spl: Kconfig: Replace CONFIG_SPL_FAT_SUPPORT with CONFIG_SPL_FS_FAT
Replace CONFIG_SPL_FAT_SUPPORT with CONFIG_SPL_FS_FAT so
obj-$(CONFIG_$(SPL_)FS_FAT) can be used to control the build in both
SPL and U-Boot.

Signed-off-by: Tien Fong Chee <tien.fong.chee@intel.com>
Reviewed-by: Simon Goldschmidt <simon.k.r.goldschmidt@gmail.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
2019-02-01 09:12:48 -05:00
Simon Goldschmidt
aa3c609e2b fs: prevent overwriting reserved memory
This fixes CVE-2018-18440 ("insufficient boundary checks in filesystem
image load") by using lmb to check the load size of a file against
reserved memory addresses.

Signed-off-by: Simon Goldschmidt <simon.k.r.goldschmidt@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2019-01-16 16:37:05 -05:00
Tom Rini
d3035b8560 Revert "fs: fat: assign rootdir sector when accessing root directory"
This particular commit is causing a regression on stih410-b2260 and
other platforms when reading from FAT16.  Noting that I had rebased the
original fix from Thomas onto then-current master, there is also
question from Akashi-san if the change is still needed after other FAT
fixes that have gone in.

This reverts commit a68b0e11ea.

Reported-by: Patrice Chotard <patrice.chotard@st.com>
Cc: AKASHI Takahiro <takahiro.akashi@linaro.org>
Cc: Thomas RIENOESSL <thomas.rienoessl@bachmann.info>
Signed-off-by: Tom Rini <trini@konsulko.com>
2019-01-11 10:15:42 -05:00
Bin Meng
d94bf13c85 fs: cbfs: Fix out of bound access during CBFS walking through
The call to file_cbfs_fill_cache() is given with the parameter
'start' pointing to the offset by the CBFS base address, but
with the parameter 'size' that equals to the whole CBFS size.
During CBFS walking through, it checks files one by one and
after it pass over the end of the CBFS which is 4GiB boundary
it tries to check files from address 0 and so on, until the
overall size the codes checked hits to the given 'size'.

Fix this by passing 'start' pointing to the CBFS base address.

Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2018-12-31 09:42:41 +08:00
Christian Gmeiner
9914c73261 fs: cbfs: remove wrong header validation
cbfs_fileheader.len indicates the content size of the file in the
cbfs, and it has nothing to do with cbfs_fileheader.offset which
is the starting address of the file in the cbfs.

Remove such check in file_cbfs_next_file(). Before this change
'cbfsinit' failed with 'Bad CBFS file'. After this change all cbfs
commands are working as expected.

Signed-off-by: Christian Gmeiner <christian.gmeiner@gmail.com>
[bmeng: keep the necessary header sanity check]
Signed-off-by: Bin Meng <bmeng.cn@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2018-12-31 09:42:41 +08:00
Patrick Wildt
8b021bb956 fs: fix FAT name extraction
The long name apparently can be accumulated using multiple
13-byte slots.  Unfortunately we never checked how many we
can actually fit in the buffer we are reading to.

Signed-off-by: Patrick Wildt <patrick@blueri.se>
2018-12-06 23:26:31 -05:00
Patrick Wildt
cd80a4fe61 fs: check FAT cluster size
The cluster size specifies how many sectors make up a cluster.  A
cluster size of zero makes no sense, as it would mean that the
cluster is made up of no sectors.  This will later lead into a
division by zero in sect_to_clust(), so better take care of that
early.

The MAX_CLUSTSIZE define can reduced using a define to make some
room in low-memory system.  Unfortunately if the code reads a
filesystem with a bigger cluster size it will overflow the buffer.

Signed-off-by: Patrick Wildt <patrick@blueri.se>
2018-12-06 23:26:31 -05:00
AKASHI Takahiro
b0c78d8ffc fs: update fs_dev_part in fs_set_blk_dev_with_part()
As in the case of fs_set_blk_dev(), fs_set_blk_dev_with_part() should
maintain and update fs_dev_part whenever called.

Without this patch, a problem will come up when an efi binary associated
with efi's BOOTxxxx variable is invoked via "bootefi bootmgr".

Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Signed-off-by: Alexander Graf <agraf@suse.de>
2018-12-02 21:59:36 +01:00
Thomas RIENOESSL
a68b0e11ea fs: fat: assign rootdir sector when accessing root directory
This fixes problems accessing drives formated under
Windows as FAT16.

Signed-off-by: Thomas RIENOESSL <thomas.rienoessl@bachmann.info>
[trini: Rebase on top of f528c140c8]
Signed-off-by: Tom Rini <trini@konsulko.com>
2018-11-20 12:35:35 -05:00
Keerthy
48e2f0c966 fs: Makefile: Add fs.c under SPL for fs_loader
Add fs.c under SPL as well as it is needed for fs_loader

Signed-off-by: Keerthy <j-keerthy@ti.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
[trini: Add as obj-$(CONFIG_FS_LOADER) for non-SPL_FRAMEWORK builds]
Signed-off-by: Tom Rini <trini@konsulko.com>
2018-11-16 16:52:00 -05:00
Paul Davey
e4aa10ba57 fs: ubifs: Fix UBIFS decompression on 64 bit
Add local size_t variable to crypto_comp_decompress as intermediate
storage for destination length to avoid memory corruption and incorrect
results on 64 bit targets.

This is what linux does for the various lz compression implementations.

Signed-off-by: Paul Davey <paul.davey@alliedtelesis.co.nz>
Cc: Heiko Schocher <hs@denx.de>
Tested-by: Heiko Schocher <hs@denx.de>
2018-11-07 08:49:27 +01:00
Tom Rini
819c80f528 fs: fat: Fix warning in normalize_longname()
As observed with clang:
fs/fat/fat_write.c:1024:13: warning: comparison of constant 128
      with expression of type 'char' is always false
      [-Wtautological-constant-out-of-range-compare]
                if ((0x80 <= c) && (c <= 0xff))
                     ~~~~ ^  ~
fs/fat/fat_write.c:1024:25: warning: comparison of constant 255
      with expression of type 'char' is always true
      [-Wtautological-constant-out-of-range-compare]
                if ((0x80 <= c) && (c <= 0xff))
                                    ~ ^  ~~~~

Fixes: 25bb9dab14 ("fs: fat: check and normalize file name")
Signed-off-by: Tom Rini <trini@konsulko.com>
Signed-off-by: Alexander Graf <agraf@suse.de>
2018-10-16 16:44:12 +02:00
Yevgeny Popovych
5b781cf08d fs: btrfs: Fix tree traversal with btrfs_next_slot()
When traversing slots in a btree (via btrfs_path) with btrfs_next_slot(),
we didn't correctly identify that the last slot in the leaf was reached
and we should jump to the next leaf.

This could lead to any kind of runtime errors or corruptions, like:
* file data not being read at all, or is read partially
* file is read but is corrupted
* (any) metadata being corrupted or not read at all, etc

The easiest way to reproduce this is to read a large enough file that
its EXTENT_DATA items don't fit into a single leaf.

Signed-off-by: Yevgeny Popovych <yevgenyp@pointgrab.com>
Cc: Marek Behun <marek.behun@nic.cz>
Tested-by: Marek Behún <marek.behun@nic.cz>
2018-10-08 14:45:02 -04:00
Heinrich Schuchardt
f105fe7bc5 fs: fat: fix set_cluster()
Avoid CoverityScan warning SIGN_EXTENSION by changing the type of
parameter size of set_cluster().

Avoid leaking stack content when writing an incomplete last sector.

Reported-by: Coverity (CID: 184096)
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2018-10-06 14:09:41 -04:00
Heinrich Schuchardt
0d532e911c fs: fat: memory leak in fat_unlink()
Do not leak filename_copy in case of error.
Catch out of memory when calling strdup.

Reported-by: Coverity (CID: 184086)
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
2018-10-06 14:09:41 -04:00