aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2013-03-11integck.c: Fix buffer overflow in save_fileElie De Brauwer
In the problem above I've spend several hours waiting for the issue to appear, only to had the 'luck' that it was found in a file whose name was 256 bytes in length, resulting in the write to fail. Closer examination showed that the buffer to store the path was 256 bytes in length, but this buffer also includes /tmp and the read/write suffix and should be able to contain a filename which is up to 255 bytes (NAME_MAX in linux/limits.h) in size which is a bad fit. So that array is modified to FILENAME_MAX (stdio_lim.h) and some checking is added to truncate the filename should it cause an overflow. The following log shows the first patch in action (see the correct seed), and shows why this third patch is needed: <quote> integck:     File Data: integck:         Offset: 0  Size: 1  Seed: 5008310  R.Off: 0 integck:     1 writes integck:     ============================================ integck:     Write Info: integck:         Offset: 0  Size: 1  Seed: 5008310  R.Off: 0 integck:         Offset: 0  Size: 1  Seed: 8246352  R.Off: 0 integck:         Offset: 0  Size: 1  Seed: 5078796  R.Off: 0 integck:         Offset: 0  Size: 1  Seed: 2267087  R.Off: 0 integck:         Offset: 0  Size: 1  Seed: 3602680  R.Off: 0 integck:     5 writes or truncations integck:     ============================================ integck: Saving /tmp/yqcnfygfitaatyeyvffrguegcdttamcnyhowhgieljfuxfipiljsjcbluaeaghwyinkggommsbwnmvekihgnwgiibccpbwfrpxuxwkmnyghnutrudienngxwgorudbskedaaekiuiyqksfazrwzfwbfhzjjqoiulebtlpbfiuffmsnguqkjzqjqizimsmhbqqagaebjdhqwmzdxghiavtcxubegawlgtvstuqurkurpnrckjfkgostdtpg.integ.sav.readn integck: error!: condition 'w_fd != -1' failed in save_file() at integck.c:1445 integck: error 36 (File name too long) </quote> Signed-off-by: Elie De Brauwer <eliedebrauwer@gmail.com> Signed-off-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>
2013-03-11integck.c: rework file_check_data to immediately dump the buffer containing ↵Elie De Brauwer
the errors See my problem description int the previous commit, the point is that integck in file_check_data reads a buffer, and then checks if the data is correct,  it will do a seek(0), and reread from the same fd. The point is that in the scenario I observed integck failed (due to a buffer mismatch) but the it saved (and what was in flash) was actually correct. So I modified this function to dump the buffers to stderr at the moment an error is found. Signed-off-by: Elie De Brauwer <eliedebrauwer@gmail.com> Signed-off-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>
2013-03-11integck.c: Only verify the operation after all datastructures have been updatedElie De Brauwer
<quote> integck: File Data: integck: Offset: 0 Size: 196 Seed: 5999877 R.Off: 0 integck: Offset: 196 Size: 33 Seed: 4160795 R.Off: 0 integck: Offset: 229 Size: 1252 Seed: 8070052 R.Off: 0 integck: Offset: 1481 Size: 612 Seed: 4160795 R.Off: 1285 integck: Offset: 2093 Size: 6 Seed: 6946586 R.Off: 0 integck: Offset: 2099 Size: 536 Seed: 4160795 R.Off: 1903 integck: Offset: 2635 Size: 1562 Seed: 9845455 R.Off: 0 integck: Offset: 4197 Size: 80 Seed: 702818 R.Off: 0 integck: Offset: 4277 Size: 115 Seed: 9845455 R.Off: 1642 integck: 9 writes integck: ============================================ integck: Write Info: integck: Offset: 826 Size: 357 Seed: 5908448 R.Off: 0 integck: Offset: 4197 Size: 80 Seed: 702818 R.Off: 0 ... </quote> And I would expect the file data listing to include at offset 826 something with a size of 357 and a seed of 5908448. Clearly it is not there (which is already extremely confusing). The point is that file_write_info first updates the raw_write, then verifies the data (passing the new write) and only after that updates the write structure. But in file_check_data only the newly written data is verified (passed as an argument) whilst the save_file() function to dump the file uses the raw_writes to recreate the written data (while raw_writes is only updated after after this check would have succeeded). Several lines to say that in this patch the verify only gets called _after_ the datastructures are updated. Signed-off-by: Elie De Brauwer <eliedebrauwer@gmail.com> Signed-off-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>
2013-03-11flash_otp_write: fix a buffer overflow on NAND with write size > 2048Uwe Kleine-König
I'm not aware of any chip having a write size bigger than 2048 today. Still checking for that instead of a sleeping problem to bite us maybe in a few years is easy. Signed-off-by: Uwe Kleine-König <u.kleine-koenig@pengutronix.de> Signed-off-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>
2013-03-11flash_otp_write: fix writing to NAND in presence of partial readsUwe Kleine-König
When doing something like: { printf "\xff"; printf "\xfe"; } | flash_otp_write -u /dev/mtd0 0 flash_otp_write might see only a single byte when reading from stdin for the first tim. In this case (and without this patch) it pads to $writesize with '\xff's and writes that out. In the next iteration it reads the 2nd byte, pads and writes again. So the 2nd byte is written to offset $writesize instead of 1. Signed-off-by: Uwe Kleine-König <u.kleine-koenig@pengutronix.de> Signed-off-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>
2013-03-06Makefile: also build and install flash_otp_lock and flash_otp_writeUwe Kleine-König
Signed-off-by: Uwe Kleine-König <u.kleine-koenig@pengutronix.de> Signed-off-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>
2013-01-15ubiformat: fix error pathWolfram Sang
A few error paths were closing the device, although it was not opened yet. Signed-off-by: Wolfram Sang <w.sang@pengutronix.de> Signed-off-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>
2013-01-15ubiformat: clean up synopsis of command-line parametersWolfram Sang
Add -Q and --image-seq, remove double -v Signed-off-by: Wolfram Sang <w.sang@pengutronix.de> Signed-off-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>
2012-12-03ubi-tests: fix pthreads linkingBrian Norris
Technically, '-l' linker options should be included only after the objects which must link to the library. So when we include '-lpthread' in the LDFLAGS variable, it gets placed too early (i.e., before the io_paral.o object), and so the pthread linkage never occurs. The following error probably only shows up with linkers that don't link pthreads by default. $ make tests V=1 ... gcc -I../../ubi-utils//include -I ../../include -lpthread -Wall -Wextra -Wwrite-strings -Wno-sign-compare -ffunction-sections -fdata-sections -Wl,--gc-sections -g -o /home/norris/git/mtd-utils/tests/ubi-tests/io_paral /home/norris/git/mtd-utils/tests/ubi-tests/io_paral.o /home/norris/git/mtd-utils/tests/ubi-tests/helpers.o libubi.a /home/norris/git/mtd-utils/tests/ubi-tests/io_paral.o: In function `main': /home/norris/git/mtd-utils/tests/ubi-tests/io_paral.c:287: undefined reference to `pthread_create' /home/norris/git/mtd-utils/tests/ubi-tests/io_paral.c:295: undefined reference to `pthread_create' /home/norris/git/mtd-utils/tests/ubi-tests/io_paral.c:303: undefined reference to `pthread_join' collect2: ld returned 1 exit status make[2]: *** [/home/norris/git/mtd-utils/tests/ubi-tests/io_paral] Error 1 ... $ ld --version GNU ld (GNU Binutils for Ubuntu) 2.22 ... $ gcc --version gcc (Ubuntu/Linaro 4.6.3-1ubuntu5) 4.6.3 ... Signed-off-by: Brian Norris <computersforpeace@gmail.com> Signed-off-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>
2012-11-16ubi-tests: switch to using common.h from the top levelArtem Bityutskiy
Sorry, the commit is huge, I just did not have time to split it. Signed-off-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>
2012-11-16ubi-tests: rename common.[ch] to helpers.[ch]Artem Bityutskiy
... to avoid confusion when the local common.h shadows the top-level common.h. Signed-off-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>
2012-11-16ubi-tests: ubi_leb_change_start() no longer uses 'dtype'.Bill Pringlemeir
This will not compile for me (due to bit rot?). Maybe the program is never used? Signed-off-by: Bill Pringlemeir <bpringlemeir@nbsps.com> Signed-off-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>
2012-11-12ubiformat: really skip some messages when quietWolfram Sang
Both logic (only print when not quiet) and the indentation suggest that the braces around the block have been forgotten. Signed-off-by: Wolfram Sang <w.sang@pengutronix.de> Signed-off-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>
2012-10-26mkfs.ubifs: Improve error handling of is_contained()Marcus Prebble
The is_contained() function returns -1 if an error occurs when canonicalizing the output file path/root directory. This resulted in the confusing error message 'Error: The output file cannot be in the UBIFS root' when specifying a non-existent directory for the output. This patch changes the error handling to display a different error message for the case when is_contained() returns -1. Additionally it frees all memory allocated by is_contained(). Signed-off-by: Marcus Prebble <marcus.prebble@axis.com> Signed-off-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>
2012-10-11mkfs.ubifs: rewrite path checkingArtem Bityutskiy
We use the 'in_path()' function to check whether the output image is withing the mkfs.ubifs root directory or not. However, this function is not correct and it fails for the following situation, as Marcus Prebble <marcus.prebble@axis.com> reports: 1. We have our root file-system mounted at / and want to build an image out of it. 2. We have tmpfs mounted at /tmp 3. We mount the root file-system under /tmp/newroot 4. We run mkfs.ubifs with -r /tmp/newroot -o /tmp/image And this fails. It fails because 'in_path()' misses this use-case. This patch re-implements the check completely. Now we use 'realpath()' to find canonical paths and just check that the output file is not under the root mkfs.ubifs directory. Reported-by: Marcus Prebble <marcus.prebble@axis.com> Signed-off-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com> Tested-by: Marcus Prebble <marcus.prebble@axis.com>
2012-09-25mkfs.jffs2: correct some warnings using PRIdoff_tRichard Genoud
When compiled with WITHOUT_LARGEFILE, there was warnings like that: warning: format '%9llu' expects type 'long long unsigned int', but argument 3 has type '__off_t' Using PRIdoff_t corrects that. Signed-off-by: Richard Genoud <richard.genoud@gmail.com> Signed-off-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>
2012-09-25consistency between u_int32_t / off_t / off64_tRichard Genoud
We should use the off_t type instead of off64_t or u_int32_t as its length is controlled by the WITHOUT_LARGEFILE flag. Signed-off-by: Richard Genoud <richard.genoud@gmail.com> Signed-off-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>
2012-09-25introduce PRIxoff_t and PRIdoff_t printf helpersRichard Genoud
They will be usefull when printing offsets. Signed-off-by: Richard Genoud <richard.genoud@gmail.com> Signed-off-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>
2012-09-25tests: io_update correct lseek parameters orderRichard Genoud
There's a typo in lseek parameters order. But, due to the value of SEEK_SET, this commit doesn't introduce a change. Signed-off-by: Richard Genoud <richard.genoud@gmail.com> Signed-off-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>
2012-09-25ubiformat: fix failure on big partitions (>4Gio)Richard Genoud
The offset (which is 64bits when mtd-utils are not compile with WITHOUT_LARGEFILE) is calculated like that: offset = nb * size; But nb and size are int, so on 32bits platforms, there's a possible overflow. So, it should be replace with: offset = (off_t)nb * size; If WITHOUT_LARGEFILE is defined, there still be an overflow, but it's what we want, right ? Cheney Chen tested an ubiformat on a NAND (5.9 GiB mtd part). Reported-by: Cheney Chen <cheneychencl2012@gmail.com> Tested-by: Cheney Chen <cheneychencl2012@gmail.com> Signed-off-by: Richard Genoud <richard.genoud@gmail.com> Signed-off-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>
2012-09-03ubirmvol: correct missing space on usageRichard Genoud
Signed-off-by: Richard Genoud <richard.genoud@gmail.com> Signed-off-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>
2012-08-23ubiattach: fail if kernel ignores max_beb_per1024Richard Genoud
If the kernel doesn't know the max_beb_per1024 parameter in the attach ioctl, but the call still succeeded ubi_attach and ubi_attach_mtd will return 1 instead of 0. In this case, the ubiattach command will detach the device and fail with an error message. Signed-off-by: Richard Genoud <richard.genoud@gmail.com> Signed-off-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>
2012-08-23ubiattach: introduce max_beb_per1024 in UBI_IOCATTRichard Genoud
The ioctl UBI_IOCATT has been extended with max_beb_per1024 parameter. This parameter is used for adjusting the "maximum expected number of bad blocks per 1024 blocks" for each mtd device. The number of physical erase blocks (PEB) that UBI will reserve for bad block handling is now: whole_flash_chipset__PEB_number * max_beb_per1024 / 1024 This means that for a 4096 PEB NAND device with 3 MTD partitions: mtd0: 512 PEB mtd1: 1536 PEB mtd2: 2048 PEB the commands: ubiattach -m 0 -d 0 -b 20 /dev/ubi_ctrl ubiattach -m 1 -d 1 -b 20 /dev/ubi_ctrl ubiattach -m 2 -d 2 -b 20 /dev/ubi_ctrl will attach mtdx to UBIx and reserve: 80 PEB for bad block handling on UBI0 80 PEB for bad block handling on UBI1 80 PEB for bad block handling on UBI2 => for the whole device, 240 PEB will be reserved for bad block handling. This may seems a waste of space, but as far as the bad blocks can appear every where on a flash device, in the worst case scenario they can all appear in one MTD partition. So the maximum number of expected erase blocks given by the NAND manufacturer should be reserve on each MTD partition. Signed-off-by: Richard Genoud <richard.genoud@gmail.com> Signed-off-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>
2012-08-23libubi: kill ubi_attach_mtdArtem Bityutskiy
The 'ubi_attach_mtd()' is not used and it is redundant now. 'ubi_attach()' function may be used instead. Signed-off-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>
2012-08-23libubi: factorize ubi_attach and ubi_attach_mtd codeRichard Genoud
The req->mtd_num value is now updated with the MTD device number found by mtd_node_to_num. Signed-off-by: Richard Genoud <richard.genoud@gmail.com> Signed-off-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>
2012-08-22ubi-user.h: add max_beb_per1024 parameterRichard Genoud
Signed-off-by: Richard Genoud <richard.genoud@gmail.com> Signed-off-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>
2012-08-22UBI: sync ubi-user.h with kernel v3.6-rc1Richard Genoud
Also remove the eraseblock type support, because kernel commit a65a0eb6d198e058687a9214683bd1c418f20d39 set the dtype parameter as obsolete. Also adjust to some renames: * 'UBI_PROP_DIRECT_WRITE' -> 'UBI_VOL_PROP_DIRECT_WRITE' * 'struct ubi_set_prop_req' -> 'struct ubi_set_vol_prop_req'. * 'UBI_IOCSETPROP' -> 'UBI_IOCSETVOLPROP' Signed-off-by: Richard Genoud <richard.genoud@gmail.com> Signed-off-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>
2012-08-03stress-test.sh: remove a warningArtem Bityutskiy
If /proc/mtd does not exist, we have this warning: grep: /proc/mtd: No such file or directory Get rid of this. Signed-off-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>
2012-08-03stress-test.sh: add mtdram testsArtem Bityutskiy
Signed-off-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>
2012-08-03stress-test.sh: support testing without sub-pagesArtem Bityutskiy
Run the tests with VID header at the second page as well for better coverage. Signed-off-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>
2012-08-03stress-test.sh: develop the test furtherArtem Bityutskiy
Add a lot of test passes on nandsim with different geometry. Signed-off-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>
2012-08-03runtests.sh: print more consistent messagesArtem Bityutskiy
On success we print "SUCCESS", lets print "FAILURE" on failure. Signed-off-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>
2012-08-03load_nandsim: switch to shArtem Bityutskiy
We do not use bashizms any longer, so we can switch to 'sh'. Also, use strict sh options. Signed-off-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>
2012-08-03load_nandsim.sh: simplify the codeArtem Bityutskiy
First find out what the kernel module parameters should be, then load it once, instead of doing it in each 'case' section. Signed-off-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>
2012-08-03load_nandsim.sh: rename variableArtem Bityutskiy
Rename local variables - make them more descriptive and stop using capital letters. Signed-off-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>
2012-08-03load_nandsim.sh: introduce a separate usage functionArtem Bityutskiy
Just because this is more readable. Signed-off-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>
2012-08-03load_nandsim.sh: intruduce fatal functionArtem Bityutskiy
And used it, which simplifies the code. Signed-off-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>
2012-08-03load_nandsim.sh: use dochere for help outputArtem Bityutskiy
Because it is cleaner. Signed-off-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>
2012-08-03stress-test.sh: do not use pipe unnecessarilyArtem Bityutskiy
Use 'grep patt file' instead of cat file | grep patt. Signed-off-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>
2012-08-03load_nandsim.sh: use less bashisms + cleanupsArtem Bityutskiy
Use posix shell constructs in the "if" statements. Additionally, use quotes everywhere for variables. Signed-off-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>
2012-08-03load_nandsim.sh: remove useless functionArtem Bityutskiy
We do not really need a separate complex function to check if nandsim is already loaded or not. Besides, it is safer to check /proc/mtd in case nandsim is compiled-in. Signed-off-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>
2012-08-02tests: ubi: add stress-test.shArtem Bityutskiy
It is not finished yet, but it will run all tests on nandsim and mtdram of different geometry. Signed-off-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>
2012-08-02tests: ubi: clean-up runtests.sh some moreArtem Bityutskiy
Signed-off-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>
2012-08-02tests: ubi: clean-up the runtests.sh scriptArtem Bityutskiy
Signed-off-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>
2012-06-29mtd-utils: Check mtdoffset is not larger than mtd.size in case of a bad block.Tomer Barletz
mtdoffset is being tested against mtd.size in the outer two loops, but the third nested one does not test against it. In case of a bad block we'll try to access an out of bounds offset in the next MEMGETBADBLOCK ioctl, which will fail with EINVAL. In case mtdoffset is indeed larger than the partition size, we need to bail, since there are not enough "good" blocks to complete the write. Signed-off-by: Tomer Barletz <barletz@gmail.com> Signed-off-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>
2012-06-29nandwrite: minor cleanupsArtem Bityutskiy
Remove extra brackets and some style changes to make it more readable for a person who deals mostly with the kernel code. Signed-off-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>
2012-05-07Release mtd-utils-1.5.0v1.5.0Artem Bityutskiy
Signed-off-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>
2012-05-04mtd-utils: better document --pagesize of mkfs.jffs2Shmulik Ladkani
Add a strict explanation '--pagesize' refers to target system's mm page size. Signed-off-by: Shmulik Ladkani <shmulik.ladkani@gmail.com> Signed-off-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>
2012-04-02Makefile: fixup previous 'make clean' fixBrian Norris
Apparently, Makefile comments need to be made without indentation. Otherwise, they are printed out as shell commands. This fix prevents seeing this in your shell during 'make clean': $ make clean ... # findutils v4.1.x (RHEL 4) do not have '+' syntax ... Signed-off-by: Brian Norris <computersforpeace@gmail.com> Acked-by: Mike Frysinger <vapier@gentoo.org> Signed-off-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>
2012-03-12Makefile: fix "make clean" for old GNU findBrian Norris
findutils v4.1.x does not have the `-exec CMD {} +' syntax. We can just as easily use the `-exec CMD {} \;' syntax. However, it will launch a lot more `rm' processes, so we only use it if the first form fails with an error. This isn't a perfect solution (`find -exec +' can fail for other reasons) but it works well enough. This problem manifests itself in RHEL 4, findutils 4.1.20: $ make clean rm -f /XXX/mtd-utils/*.o /XXX/mtd-utils/ftl_format ... find: missing argument to `-exec' make: *** [clean] Error 1 Signed-off-by: Brian Norris <computersforpeace@gmail.com> Acked-by: Mike Frysinger <vapier@gentoo.org> Signed-off-by: Artem Bityutskiy <artem.bityutskiy@linux.intel.com>