When trying to create a file in the full root directory of a FAT32
filesystem a NULL dereference can be observed.
When the root directory of a FAT16 filesystem is full fill_dir_slot() must
return -1 to signal that a new directory entry could not be allocated.
Fixes: cd2d727fff ("fs: fat: allocate a new cluster for root directory of fat32")
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
This permits to find a file and use the distro_bootcmd
Reviewed-by: Joao Marcos Costa <jmcosta944@gmail.com>
Signed-off-by: Richard Genoud <richard.genoud@posteo.net>
offset is the offset in the file read, not the offset in the destination
buffer.
If the offset is not null, this will lead to a memory corruption.
So, for now, we are returning an error if the offset is used.
Signed-off-by: Richard Genoud <richard.genoud@posteo.net>
sqfs_decompressor_init() returns a value, so it's better to use it than
to force the return value to EINVAL (it could be ENOMEM)
Reviewed-by: Joao Marcos Costa <jmcosta944@gmail.com>
Signed-off-by: Richard Genoud <richard.genoud@posteo.net>
Resetting the context on error will prevent some checks like:
if (!ctx.cur_dev)
To pass when the probe method has failed
Signed-off-by: Richard Genoud <richard.genoud@posteo.net>
If SquashFS magic number is invalid, there's a memory leak.
Reviewed-by: Joao Marcos Costa <jmcosta944@gmail.com>
Signed-off-by: Richard Genoud <richard.genoud@posteo.net>
finfo.blk_sizes may not be freed in case of error in the for loop
Setting it to null and freeing it at the end makes prevents that from
happening.
Reviewed-by: Joao Marcos Costa <jmcosta944@gmail.com>
Signed-off-by: Richard Genoud <richard.genoud@posteo.net>
if sqfs_tokenize(rel_tokens, rc, rel); fails, the function exits
without freeing the array base_tokens.
Reviewed-by: Joao Marcos Costa <jmcosta944@gmail.com>
Signed-off-by: Richard Genoud <richard.genoud@posteo.net>
the return value of sqfs_tokenize(rel_tokens, rc, rel); wasn't checked.
(but "ret" value was !)
This is obviouly a typo.
Reviewed-by: Joao Marcos Costa <jmcosta944@gmail.com>
Signed-off-by: Richard Genoud <richard.genoud@posteo.net>
sqfs_closedir() should be called to free memory allocated by
sqfs_opendir()
Reviewed-by: Joao Marcos Costa <jmcosta944@gmail.com>
Signed-off-by: Richard Genoud <richard.genoud@posteo.net>
memory allocation should always be checked
Reviewed-by: Joao Marcos Costa <jmcosta944@gmail.com>
Signed-off-by: Richard Genoud <richard.genoud@posteo.net>
path, target, res, rem and sym_tokens were not free on error nor success.
Reviewed-by: Joao Marcos Costa <jmcosta944@gmail.com>
Signed-off-by: Richard Genoud <richard.genoud@posteo.net>
Using only one label permits to prevents bugs when moving code around.
Reviewed-by: Joao Marcos Costa <jmcosta944@gmail.com>
Signed-off-by: Richard Genoud <richard.genoud@posteo.net>
add missing squashfs function to prevent dangling or null pointers.
For exemple, when calling test [ -e somefile ], squashfs.exists may be
called.
Signed-off-by: Richard Genoud <richard.genoud@posteo.net>
Reviewed-by: Joao Marcos Costa <jmcosta944@gmail.com>
In show_dir() if we hit a ROOT_ITEM, we can exit with uninitialized
@ret.
Fix it by initializing it to 0.
Reported-by: Coverity CID 312955
Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
In btrfs_lookup_path() the local variable @type should always be updated
after we hit any file/dir.
But if @filename is NULL from the very beginning, then we don't
initialize it and return it directly.
To prevent such problem from happening, we initialize @type to
BTRFS_FT_UNKNOWN.
For normal execution route, it will get updated for each filename we
resolved.
Buf if we didn't find any path, we check if the type is still FT_UNKNOWN
and ret == 0. If true we know there is something wrong, just return
-EUCLEAN to inform the caller.
Reported-by: Coverity CID 312958
Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
I've created a squashfs file system with Yocto (it use squashfs-tools)
and u-boot command sqfsls give the error:'Error while searching inode:
unknown type.'
After some digging in the code I found that the index is off by 1.
This patch fix this issue and I can successful use the sqfsls command.
After search for the squashfs format I found a link talk about a
similar issue but this time in the documentation. The link is:
https://github.com/AgentD/squashfs-tools-ng/commit/e6588526838caece9529
Signed-off-by: Gerard Koskamp <gerard.koskamp@nedap.com>
Tested-by: Joao Marcos Costa <joaomarcos.costa@bootlin.com>
We should check if the incoming parameter file_mapping is not NULL instead
of checking after adding an offset.
Reported-by: Coverity CID 307210
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Acked-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
This cleans up the now unneeded code from the old btrfs implementation.
Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
This patch introduces a new function, list_one_subvol(), which will
resolve the path to FS_TREE of one subvolume.
Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
This patch introduces a new function, get_path_in_subvolume(), which
resolves inode number into path inside a subvolume.
This function will be later used for btrfs subvolume list functionality.
Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
This version of btrfs_file_read() has the following new features:
- Tries all mirrors
- More handling on unaligned size
- Better compressed extent handling
The old implementation doesn't handle compressed extent with offset
properly: we need to read out the whole compressed extent, then
decompress the whole extent, and only then copy the requested part.
Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
This implements lookup_data_extent() function for the incoming
new implementation of btrfs_file_read().
Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
These two functions are used to do sector aligned read, which will be
later used to implement btrfs_file_read().
Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Rename btrfs_file_read() and its callees to avoid name conflicts with
the incoming new code.
Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
After this the only remaining function that still utilizes
__btrfs_lookup_path() is btrfs_read().
Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Use extent buffer based infrastructure to re-implement btrfs_readdir().
Along this rework, some small corner cases fixed:
- Subvolume tree mtime
Mtime of a subvolume tree is recorded in its root item, since there is
no INODE_ITEM for it.
This needs extra search from tree root.
- Output the unknown type
If the DIR_ITEM is corrupted, at least don't try to access the memory
out of boundary.
Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
This is the extent buffer based path lookup routine.
To implement this, btrfs_lookup_dir_item() is crossported from
btrfs-progs, and implements btrfs_lookup_path() from scratch.
Unlike the existing __btrfs_lookup_path(), since btrfs_read_fs_root()
will check whether a root is a orphan at read time, there is no need to
check root backref, this makes the code a little easier to read.
Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
All existing next_length() caller handles return value > BTRFS_NAME_LEN,
so there is no need to do BTRFS_NAME_LEN check in next_length().
But still, we want to exit early if we're beyond BTRFS_NAME_LEN, so this
patch makes next_length() exit as soon as we're beyond BTRFS_NAME_LEN.
Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
The existing __btrfs_readlink() can be easily re-implemented using the
extent buffer based btrfs_readlink().
This is the first step to re-implement U-Boot's btrfs code.
Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Since the old code is using __btrfs_path/__btrfs_root which is different
from the regular extent buffer based one, we add "__" prefix for the old
implementation to avoid name conflicts for the incoming crossport.
Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
open_ctree_fs_info() is the main entry point to open btrfs.
This version is a simplfied version of __open_ctree_fd() of btrfs-progs,
the main differences are:
- Parameters on how to specify a block device
Instead of @fd and @path, U-Boot uses blk_desc and disk_partition_t.
- Remove open_ctree flags
There won't be multiple open ctree modes in U-Boot.
Otherwise functions structures are all kept the same.
With open_ctree_fs_info() implemented, also introduce the global
current_fs_info pointer to show the current opened btrfs.
Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
These two functions play a big role in btrfs bootstrap.
The following function is removed:
- Seed device support
Although in theory we can still support multiple devices, we don't have
a facility in U-Boot to do device scan without opening them.
Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
This patch copies the core function, btrfs_search_slot(), from
btrfs-progs.
This version has the following functionality removed:
- The ability to COW tree block
Related code is commented out, and can be enabled in the future.
- The readahead functionality
This is abused in kernel. Remove it completely.
With the core function in place, btrfs developers should feel at home now.
This also crossports supporting code like btrfs_previous_item() to
ctree.[ch].
Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Crossport struct btrfs_root to ctree.h from btrfs-progs, with write
related members deleted.
Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
This is to avoid naming conflicts between extent buffer based
btrfs_root.
Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
To avoid name conflicting between the extent buffer based btrfs_path
from btrfs-progs, rename struct btrfs_path to struct __btrfs_path.
Also rename btrfs_free_path() to __btrfs_free_path() to avoid conflicts.
Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
This is the one of the basic stone function for btrfs, which:
- Resolves the chunk mappings
- Reads data from disk
- Does various sanity check
With read_tree_block(), we can finally crossport needed btrfs btree
operations to U-Boot.
Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
This patch crossports volumes.[ch] from btrfs-progs, including:
- btrfs_map_block()
The core mechanism to map btrfs logical address to physical address.
This version includes multi-device support, along with RAID56 support.
- btrfs_scan_one_device()
This is the function to register one btrfs device to the list.
This is the main part of the multi-device btrfs assembling process.
Although we're not going to support multiple devices until U-Boot
allows us to scan one device without actually opening it.
Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
[trini: Use %zu in a debug print to avoid warning]
Signed-off-by: Tom Rini <trini@konsulko.com>
This brings all structure accessors from btrfs-progs/ctree.h, as in
kernel's ctree.h.
All these accessors handle the endian convert at runtime, and since all
of them are defined as static inline functions, those which aren't used
won't take space in resulting binary.
Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
This brings the extent_io_tree infrastructure, with which we can finally
bring in proper btrfs_fs_info structure to ctree.h.
With read/write_extent_buffer() implemented we also backport
read/write_eb_member() to ctree.h.
Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
This patch implements an infrastructure to insert/search/merge an extent
range (with variable length).
This provides the basis for later extent buffer cache used in btrfs.
Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
This patch uses generic code from btrfs-progs to read one super block
from block device.
To support the btrfs-progs coding style, the following is also
crossported:
- BTRFS_SETGET_FUNC for btrfs_super_block
- btrfs_check_super() function
- Move btrfs_read_superblock() to disk-io.[ch]
Since super.c only contains pretty small amount of code, and
the extra check will be covered in later root read patches.
Differences between this implementation and btrfs-progs:
- No sbflags/sb_bytenr support
Since we only need to read the primary super block (like kernel),
sbflags/sb_bytenr used by super block recovery is not needed.
This also changes the following behavior of U-Boot btrfs:
- Only reads the primary super block
The old implementation reads all 3 super blocks, and also one
non-existing backup.
This is not correct, especially if there is another filesystem created
on the device but old superblocks are not rewritten.
Just like kernel, we only check the primary super block.
Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
[trini: Change error to be a define in compat.h]
Signed-off-by: Tom Rini <trini@konsulko.com>
This mostly crossports crypto/hash.[ch] from btrfs-progs.
The differences are:
- No blake2 support
No blake2 related library in U-Boot yet.
- Use uboot xxhash/sha256 directly
No need to implement the code as U-Boot has already provided the
interface.
This adds the support for the following csums:
- SHA256
- XXHASH
Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
This version includes all needed on-disk format from kernel.
Only need to modify the include headers for U-Boot, everything else is
untouched.
Also, since U-Boot btrfs is using a different endian convert timing (at
tree block read time), it needs some forced type conversion before
proper crossport.
Signed-off-by: Qu Wenruo <wqu@suse.com>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Use log functions for error and debug messages of the file-system.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Fix defects such as uninitialized variables and untrusted pointer
operations. Most part of the tainted variables and the related defects
actually comes from Linux's macro get_unaligned_le**, extensively used
in SquashFS code. Add sanity checks for those variables.
Signed-off-by: Joao Marcos Costa <joaomarcos.costa@bootlin.com>
Add call to lzo's lzo1x_decompress_safe() into sqfs_decompress().
U-Boot's LZO sources may still have some unsolved issues that could make the
decompression crash when dealing with fragmented files, so those should be
avoided. The "-no-fragments" option can be passed to mksquashfs.
Signed-off-by: Joao Marcos Costa <joaomarcos.costa@bootlin.com>
Add call to ZSTD's ZSTD_decompressDCtx(). In this use case, the caller
can upper bound the decompressed size, which will be the SquashFS data
block (or metadata block) size, so there is no need to use streaming
API. Add ZSTD's worskpace to squashfs_ctxt structure.
Signed-off-by: Joao Marcos Costa <joaomarcos.costa@bootlin.com>
Add sqfs_decompressor_init() and sqfs_decompressor_cleanup(). These
functions are called respectively in sqfs_probe() and sqfs_close(). For
now, only ZSTD requires an initialization logic. ZSTD support will be
added in a follow-up commit.
Move squashfs_ctxt definition to sqfs_filesystem.h. This structure is
passed to sqfs_decompressor_init() and sqfs_decompressor_cleanup(), so
it can no longer be local to sqfs.c.
Signed-off-by: Joao Marcos Costa <joaomarcos.costa@bootlin.com>
Add call to zlib's 'uncompress' function. Add function to display the
right error message depending on the decompression's return value.
Signed-off-by: Joao Marcos Costa <joaomarcos.costa@bootlin.com>
Add zlib (v1.2.11) uncompr() function to U-Boot. SquashFS depends on
this function to decompress data from a raw disk image. The actual
support for zlib into SquashFS sources will be added in a follow-up
commit.
Signed-off-by: Joao Marcos Costa <joaomarcos.costa@bootlin.com>
Add support for SquashFS filesystem. Right now, it does not support
compression but support for zlib will be added in a follow-up commit.
Signed-off-by: Joao Marcos Costa <joaomarcos.costa@bootlin.com>
While using u-boot with qemu's virtio driver I stumbled across a
problem reading files less than sector size. On the real hardware the
block reader seems ok with reading zero blocks, and while we could fix
the virtio host side of qemu to deal with a zero block read instead of
crashing, the u-boot fat driver should not be doing zero block reads
in the first place. If you ask hardware to read zero blocks you are
just going to get zero data. There may also be other hardware that
responds similarly to the virtio interface so this is worth fixing.
Without the patch I get the following and have to restart qemu because
it dies.
---------------------------------
=> fatls virtio 0:1
30 cmdline.txt
=> fatload virtio 0:1 ${loadaddr} cmdline.txt
qemu-system-aarch64: virtio: zero sized buffers are not allowed
---------------------------------
With the patch I get the expected results.
---------------------------------
=> fatls virtio 0:1
30 cmdline.txt
=> fatload virtio 0:1 ${loadaddr} cmdline.txt
30 bytes read in 11 ms (2 KiB/s)
=> md.b ${loadaddr} 0x1E
40080000: 64 77 63 5f 6f 74 67 2e 6c 70 6d 5f 65 6e 61 62 dwc_otg.lpm_enab
40080010: 6c 65 3d 30 20 72 6f 6f 74 77 61 69 74 0a le=0 rootwait.
---------------------------------
Signed-off-by: Jason Wessel <jason.wessel@windriver.com>
Signed-off-by: Jason Wessel <jason.wessel@windriver.com>
Reviewed-by: Tom Rini <trini@konsulko.com>
If a file cannot be loaded, show an error message.
Set the EFI boot device only after successfully loading a file.
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Allocated tmpbuf_cluster dynamically to reduce the data size added by
compiling with CONFIG_FAT_WRITE.
Reported-by: Tom Rini <trini@konsulko.com>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Truncate file names if the buffer size is exceeded to avoid a buffer
overflow.
Use Sphinx style function description.
Add a TODO comment.
Reported-by: CID 303779
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Reviewed-by: Simon Glass <sjg@chromium.org>
Added command "fstypes" to list supported/included filesystems.
Signed-off-by: Niel Fourie <lusus@denx.de>
Cc: Simon Glass <sjg@chromium.org>
Reviewed-by: Simon Glass <sjg@chromium.org>
[trini: Limit to sandbox]
Signed-off-by: Tom Rini <trini@konsulko.com>
According to the FAT specification it is valid to have files with an
attribute value of 0x0. This fixes a regression where different U-Boot
versions are showing different amount of files on the same storage
device. With this change U-Boot shows the same number of files and folders
as Linux and Windows.
Fixes: 39606d462c ("fs: fat: handle deleted directory entries correctly")
Signed-off-by: Christian Gmeiner <christian.gmeiner@gmail.com>
The size is not actually used since it is present in the header. Drop this
parameter. Also tidy up error handling while we are here.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Currently we support reading a file from CBFS given the address of the end
of the ROM. Sometimes we only know the start of the CBFS. Add a function
to find a file given that.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
This function currently returns a node pointer so there is no way to know
the error code. Also it uses data in BSS which seems unnecessary since the
caller might prefer to use a local variable.
Update the function and split its body out into a separate function so we
can use it later.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
We may as well return the error code and use it directly in the command
code. CBFS still uses its own error enum which we may be able to remove,
but leave it for now.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
The start address of the CBFS is used when scanning for files. It makes
sense to put this in our cbfs_priv struct and calculate it when we read
the header.
Update the code accordingly.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
It doesn't make sense to use u8 * as the pointer type for accessing the
CBFS since we do not access it as bytes, but via structures. Change it to
void *, which allows us to avoid a cast.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
These two functions have mostly the same code. Pull this out into a common
function.
Also make this function zero the private data so that callers don't have
to do it. Finally, update cbfs_load_header_ptr() to take the base of the
ROM as its parameter, which makes more sense than passing the address of
the header within the ROM.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
This function is strange at the moment in that it takes a header pointer
but then accesses the cbfs_s global. Currently clients have their own priv
pointer, so update the function to take that as a parameter instead.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
This function is strange at the moment in that it takes a header pointer
but then accesses the cbfs_s global. Currently clients have their own priv
pointer, so update the function to take that as a parameter instead.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
At present this uses a true return to indicate it found a file. Adjust it
to use 0 for this, so it is consistent with other functions.
Update its callers accordingly and add a check for malloc() failure in
file_cbfs_fill_cache().
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
At present this uses an int type. U-Boot now supports bool so use this
instead.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
U-Boot uses ulong for addresses but there are a few places in this driver
that don't use it. Convert this driver over to follow this convention
fully.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
At present the result variable in the cbfs_priv is called 'result' as is
the local variable in a few functions. Change the latter to 'ret' which is
more common in U-Boot and avoids confusion.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
We should not use typedefs in U-Boot. They cannot be used as forward
declarations which means that header files must include the full header to
access them.
Drop the typedef and rename the struct to remove the _s suffix which is
now not useful.
This requires quite a few header-file additions.
Signed-off-by: Simon Glass <sjg@chromium.org>