Age | Commit message (Collapse) | Author |
|
In XTS mode we don't need ESSIV, just use the block number
as tweak.
Also apply EVP_EncryptFinal().
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
This works currently by chance since the sizes match, but
that might change with different cipher setups.
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
No longer hard code AES-128-CBC, we support AES-256-XTS too.
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
The key length can be very long, for example in xts mode.
So we have to use the right sizes for block and iv lengths.
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
Signed-off-by: Richard Weinberger <richard@nod.at>
|
|
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
Signed-off-by: Richard Weinberger <richard@nod.at>
|
|
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
Signed-off-by: Richard Weinberger <richard@nod.at>
|
|
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
Signed-off-by: Richard Weinberger <richard@nod.at>
|
|
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
Signed-off-by: Richard Weinberger <richard@nod.at>
|
|
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
Signed-off-by: Richard Weinberger <richard@nod.at>
|
|
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
Signed-off-by: Richard Weinberger <richard@nod.at>
|
|
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
Signed-off-by: Richard Weinberger <richard@nod.at>
|
|
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
Signed-off-by: Richard Weinberger <richard@nod.at>
|
|
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
Signed-off-by: Richard Weinberger <richard@nod.at>
|
|
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
Signed-off-by: Richard Weinberger <richard@nod.at>
|
|
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
Signed-off-by: Richard Weinberger <richard@nod.at>
|
|
...and make valgrind memcheck happy
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
Signed-off-by: Richard Weinberger <richard@nod.at>
|
|
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
fscrypto is using the max key lenth (64), so we cannot use the
AES-128-ECB len.
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
since names are no longer strings, we need to know the length.
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
...and set UBIFS format version
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
...maybe we should add them to crypto.c?
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
most of them should be UAPI, therefore check using #ifndef
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
As of now all filenames known by UBIFS are strings with a NUL
terminator. With encrypted filenames a filename can be any binary
string and the r5 function cannot search for the NUL terminator.
UBIFS always knows how long a filename is, therefore we can change
the hash function to iterate over the filename length to work
correctly with binary strings.
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
Signed-off-by: Richard Weinberger <richard@nod.at>
|
|
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
The nlink value of a xattr node must always be one, it has nothing to do
with the nlink value of the inode the attribute belongs to.
The bug can be observed when mounting a mkfs.ubifs generated image which
contains xattrs on directories or files with hardlinks to them. When
mounting such an image with chk_fs = 1 it fails with:
UBIFS error (ubi0:0 pid 1833): dbg_check_filesystem: inode 3308 nlink is 3, but calculated nlink is 1
Another bug that can be triggered is an assertion in
ubifs_xattr_remove() which assures that the xattr i_nlink count should
be one when the xattr is removed.
Fixes: 50044ef ("mkfs.ubifs: Add extended attribute support")
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Fix warnings abot PRIdoff_t in libmtd.c, in mtd_read (and mtd_write):
In file included from ../git/lib/libmtd.c:40:0:
../git/lib/libmtd.c: In function 'mtd_read':
../git/include/common.h:110:18: warning: format '%ld' expects argument of
type 'long int', but argument 5 has type 'off_t {aka long long int}'
[-Wformat=]
../git/include/common.h:120:2: note: in expansion of macro 'errmsg'
errmsg(fmt, ##__VA_ARGS__); \
^~~~~~
../git/lib/libmtd.c:1082:10: note: in expansion of macro 'sys_errmsg'
return sys_errmsg("cannot seek mtd%d to offset %"PRIdoff_t,
^~~~~~~~~~
/usr/lib/klibc/include/inttypes.h:28:17: note: format string is defined here
#define PRId32 "d"
Signed-off-by: Thorsten Glaser <tg@mirbsd.org>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
The prompt() function is intended to query a yes/no reply from a command
line user by reading in an entire line of text using getline() and checking
the first character. If the line is empty, a default value is returned.
First of all, this patch replaces the usage of getline() with fgets() to
avoid compilation problems on some smaller C libraries, like klibc, that
do not have a getline() implementation. Since we now have a static line
length, this may break some build setups that input lengthy giberish
instead of 'y' or 'n'.
Second, this patch fixes a more severe bug in prompt(), replacing a 'while'
keyword with the 'if' that was most likely intended. In the old version, if
getline() reported an error, it would print an error message inside a while
loop, immediately followed by a break and then march on and process the
erroneous input instead of using the default value as printed to stdout.
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
The libmtd library tries to obtain the available OOB size via the sysfs
with a fallback to the ECCGETLAYOUT ioctl. For some devices (e.g. plat-ram),
the fallback path is always taken and prints an error message to stderr
since the ioctl fails.
This patch fixes the fallback path by suppressing the error message if
errno is set to EOPNOTSUPP (i.e. the device simply doesn't support that).
Fixes: a10353584f93 ("libmtd: Add support to access OOB available size")
Reported-by: Chris Packham <Chris.Packham@alliedtelesis.co.nz>
Reviewed-by: Xiaolei Li <xiaolei.li@mediatek.com>
Tested-by: Chris Packham <Chris.Packham@alliedtelesis.co.nz>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
The io_paral test returns success even in case it throws e.g. the
following error message:
[io_paral] update_volume():125: written and read data are different
This patch fixes so that the io_paral application returns a non-zero
error code when an error is detected.
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
default
The program expects req.flags to be zero-initialized, but it's not
the case. Let's explicitly initialize req to zero at declaration time.
Fixes: 7b4a65a27d26 ("ubi-utils: ubimkvol: add support for skipping CRC check of a static volume when opening")
Reviewed-by: Quentin Schulz <quentin.schulz@bootlin.com>
Signed-off-by: Boris Brezillon <boris.brezillon@bootlin.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
when opening
Let's let the user configure static UBI volume with CRC checking at
opening disabled if desired.
Introduce the skip-check setting for vol_flags configuration of a
volume.
There is no point in having both autoresize and skip-check set as
skip-check is reserved for static volumes only and it's useless to have
a static volume's size set to autoresize.
Suggested-by: Boris Brezillon <boris.brezillon@bootlin.com>
Reviewed-by: Boris Brezillon <boris.brezillon@bootlin.com>
Signed-off-by: Quentin Schulz <quentin.schulz@bootlin.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
when opening
Let's let the user create static UBI volume with CRC checking at opening
disabled if desired.
Introduce the `--skipcheck` or `-k` option for such feature.
Suggested-by: Boris Brezillon <boris.brezillon@bootlin.com>
Reviewed-by: Boris Brezillon <boris.brezillon@bootlin.com>
Signed-off-by: Quentin Schulz <quentin.schulz@bootlin.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Now that we have per-UBI volume flags (for instance for skipping CRC
check when opening it) from the Linux header, let's add it to the
ubi_mkvol_request in libubi and assign the flags to ubi_mkvol_req from
the Linux header from ubi_mkvol.
Suggested-by: Boris Brezillon <boris.brezillon@bootlin.com>
Reviewed-by: Boris Brezillon <boris.brezillon@bootlin.com>
Signed-off-by: Quentin Schulz <quentin.schulz@bootlin.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Update both header files to add support for flag specifying whether to
skip the CRC check for static UBI volumes.
Taken from the kernel headers.
Some users of static UBI volumes implement their own integrity check,
thus making the volume CRC check done at open time useless. For
instance, this is the case when one use the ubiblock + dm-verity +
squashfs combination, where dm-verity already checks integrity of the
block device but this time at the block granularity instead of verifying
the whole volume.
Skipping this test drastically improves the boot-time.
Suggested-by: Boris Brezillon <boris.brezillon@bootlin.com>
Reviewed-by: Boris Brezillon <boris.brezillon@bootlin.com>
Signed-off-by: Quentin Schulz <quentin.schulz@bootlin.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
This patch adds a program called "lsmtd". The program produces a pretty
printed list of the hierarchy of UBI and MTD devices on a system. It
tries to imitate the lsblk program from util-linux as closely as
possible.
A number of command line switches are available to fine tune what information
should be exposed and in what output format.
The goal is to have a simple way of displaying the complete MTD stack on
a system in a human readable form instead of piecing details together
from proc files and various UBI utilities.
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
This implements/adds selinux labelling support to mkfs.ubifs
utility. It adds an extra option in configure to enable
selinux labelling support and then finally in mkfs.ubifs adds
an extra option to pass the file_contexts which is looked up
for filesystem file labels.
- Default behavior is kept without selinux so as to not break existing
support where selinux library/headers may not be present.
- If this is configured with --with-selinux then XATTR from the
file_contexts(passed with --selinux option while mkfs.ubifs)
will be taken and not from the host file's xattr.
This is done to avoid the problem where the host OS may have
selinux enabled and hence same xattr names will be present in both
host filesystem files and from the --selinux=file passed.
So the existing behavior is kept mutually exclusive and preference
is given to selinux xattrs (if configured with --with-selinux).
Signed-off-by: Ritesh Harjani <riteshh@codeaurora.org>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
add_xattr adds the xattr to the ubifs image and has nothing
to do with host XATTR support.
Now that we are adding support where selinux interfaces
may use this API even when host OS(where ubi/ubifs image
is being created) does not support XATTR -so remove it
from WITHOUT_XATTR #ifdef.
Signed-off-by: Ritesh Harjani <riteshh@codeaurora.org>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|