aboutsummaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2020-09-11Fix typos found by Debian's lintian toolBastian Germann
Signed-off-by: Bastian Germann <bastiangermann@fishpost.de> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2020-07-31fix build of jffs2reader and jffs2dump if zlib or lzo headers are not in ↵Rolf Eike Beer
default paths Signed-off-by: Rolf Eike Beer <eb@emlix.com> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2020-07-13Release mtd-utils-2.1.2v2.1.2David Oberhollenzer
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2020-07-13Add the mkfs.ubifs sign.h header to the list of sourcesDavid Oberhollenzer
The sign.h header added by the authentication patch set was omitted from the automake file and thus not added to the distribution tarball. The resulting tarballs were unable to be compiled. Fixes: a739b59 ("mkfs.ubifs: Add authentication support") Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2020-02-09mkfs.ubifs: fix broken build if fscrtyp is disabledDavid Oberhollenzer
First, there is no option named of X509_OPTION. It was presumably changed during development to AUTH_CERT_OPTION. This commit fixes the name in the !WITH_CRYPTO branch. Similarly, '}' got moved into the WITH_CRYPTO branch, but not into else branch, resulting in tons of errors if fscrypt is disabled. This commit pulls it back out of both branches. Fixes: a739b59e ("mkfs.ubifs: Add authentication support") Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2020-02-09mtd-utils: Add checks to code that copies strings into fixed sized buffersDavid Oberhollenzer
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2020-02-09mtd-utils: Fix potentially unterminated stringsDavid Oberhollenzer
This commit fixes some uses of strncpy that could leave the destination buffer unterminated. Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2020-02-09mtd-utils: Fix "are we really at EOF" test logic in libubi read_dataDavid Oberhollenzer
The function reads file data into a buffer and then checks if we actually are at the end-of-file by trying to read one more byte. For whatever reason, the code uses an int instead of a char. It's not pretty but works. But again, this is something that every static analysis tool barks at. Further more, the error messages are inverted. "We aren't at EOF yet" is printed on failure and something like "read error %m" is printed on success. This patch fixes all of the above. Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2020-02-09mtd-utils: Fix wrong argument to sizeof in nanddumpDavid Oberhollenzer
Some temporary buffers are allocated with "sizeof(pointer) * count" as size argument, which cannot possibly be correct. Assuming what was meant was "sizeof(pointer[0]) * count" makes sense in the context of how the buffers are used, but is actually pretty pointless, since the buffers are unsigend char. Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2020-02-09mtd-utils: Fix some simple cases of uninitialized value readsDavid Oberhollenzer
This patch modifies the internal helpers to read and parse integers from sysfs files by initializing them first and removes turns an obscure "a = open(...) if (a >= 0) {...} if (a == -1) {...}" inside recv_image into a more straight forward if/else branch. Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2020-02-09mtd-utils: Fix various TOCTOU issuesDavid Oberhollenzer
This patch restructures various code parts that follow the pattern of "stat(x, &sb) ... makes_sense(&sb) ... open(x)". Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2020-02-09mtd-utils: Fix potential negative arguments passed to close(2)David Oberhollenzer
Many tools open a file descriptor, close it a the end and have some form of error path in between that jumps to the end. In some cases, if opening the file fails the error path is taken and the utility ends up closing one or more invalid file descriptors. It's technically not a real issue but something that pretty much any static analysis tool barks at. Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2020-02-09mtd-utils: Fix printf format specifiers with the wrong typeDavid Oberhollenzer
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2020-01-30libubi: remove private kernel header from includesBastian Germann
libubi.h includes ubi-media.h which was made private in the kernel a long time ago. There are users of libubi.h, e.g. swupdate, which have to have ubi-media.h available at build time with this inclusion. However, libubi.h uses only one symbol from ubi-media.h. Define that symbol in the header to enable using libubi.h without installing ubi-media.h. Make up for the transitive symbol use in ubiformat.c by including ubi-media.h. Signed-off-by: Bastian Germann <bastiangermann@fishpost.de> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2020-01-30libubigen: remove unnecessary includeBastian Germann
libubigen.h does not use any symbol from mtd/ubi-media.h, so remove it from includes. Signed-off-by: Bastian Germann <bastiangermann@fishpost.de> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2020-01-13mtd-utils: Fix return value of ubiformatBarry Grussling
This changeset fixes a feature regression in ubiformat. Older versions of ubiformat, when invoked with a flash-image, would return 0 in the case no error was encountered. Upon upgrading to latest, it was discovered that ubiformat returned 255 even without encountering an error condition. This changeset corrects the above issue and causes ubiformat, when given an image file, to return 0 when no errors are detected. Tested by running through my loading scripts and verifying ubiformat returned 0. Signed-off-by: Barry Grussling <barry@grussling.com> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2020-01-13mtd-utils: add optional offset parameter to flash_otp_dumpMichael Walle
There are flashes which have gaps between OTP regions and flashes where the regions don't start at 0 (for example the Winbond 25Q series, which has three 256 bytes OTP regions starting at 0x1000, 0x2000 and 0x3000). At the moment it is impossible to dump the OTP memory. Fix it by passing an optional offset parameter. Signed-off-by: Michael Walle <michael@walle.cc> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-12-08ubihealthd: Build only if sys/random.h is presentMarek Vasut
The ubihealthd depends on sys/random.h , which is not present on some older systems. Build ubihealthd only if sys/random.h is present. Signed-off-by: Marek Vasut <marex@denx.de> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-11-10fs-tests: don't leak temporary buffersDavid Oberhollenzer
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-11-10jittertest: fix error check for open system callDavid Oberhollenzer
The value 0 is a valid file descriptor. The existing error handling would not only treat that as an error, but subsequently leak the file descriptor in the error handling path. Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-11-10mtd_debug: cleanup error handling in flash_to_fileDavid Oberhollenzer
The existing code had multiple error handling labels and did things like checking if a buffer is not NULL before freeing it. This patch collapses all of this into a single label. We can do this, because the standard guarantees us that it is safe to call free() with a NULL pointer. This also has the side effect of removing the possibility of using the wrong error label and accidentally leaking something. Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-11-10nanddump: don't leak copied command line argumentsDavid Oberhollenzer
For some command line flags, the argument string is copied. Simply writing over the buffer leads to a resource leak if the same flag is specified on the command line more than once. This patch adds a free() call to the old buffer before overwriting it with the new copy. Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-11-10ubiformat: don't leak file descriptorsDavid Oberhollenzer
The original code had a 'goto out_close' directly after a return error code, which is obviously not what was intended. Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-11-10ftl_format: don't leak temporary buffersDavid Oberhollenzer
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-11-10ftl_check: don't leak temporary buffersDavid Oberhollenzer
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-11-10libmtd: don't leak temporary buffersDavid Oberhollenzer
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-11-10mkfs.jffs2: don't leak temporary buffer if readlink failsDavid Oberhollenzer
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-11-10mkfs.ubifs: propperly cleanup in ALL interpret_table_entry error pathsDavid Oberhollenzer
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-11-10mkfs.ubifs: don't leak temporary buffersDavid Oberhollenzer
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-11-10mkfs.ubifs: don't leak hastable iteratorsDavid Oberhollenzer
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-11-10mkfs.ubifs: free derived fscrypt context in add_directory error pathsDavid Oberhollenzer
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-11-10mkfs.ubifs: don't leak copied command line argumentsDavid Oberhollenzer
For some command line flags, the argument string is copied. Simply writing over the buffer leads to a resource leak if the same flag is specified on the command line more than once. This patch adds a free() call to the old buffer before overwriting it with the new copy. Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-11-10mkfs.ubifs: close file descriptor in add_file error pathDavid Oberhollenzer
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-11-10mkfs.ubifs: abort add_directory if readdir failsDavid Oberhollenzer
The existing code sets 'err' to -1 and breaks the readdir loop, but the error state is never read. This patch modifies the readdir loop to actualy jump to the error handling branch if readdir fails. Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-11-10mkfs.ubifs: fscrypt: bail from encrypt_block if gen_essiv_salt failsDavid Oberhollenzer
What originally cought my attention was that gen_essiv_salt has a size_t return type and error paths that return -1 on failure. Further investigation revealed that the error value is never checked for. The encrypt_block function doesn't use the return value in any way and simply continues onward. Furthermore, the gen_essiv_salt function has an error case that emits an error message but returns success state. This patch modifes gen_essiv_salt to return an error status in all error branches, changes the return type to ssize_t and adds a check to encrypt_block if gen_essiv_salt fails. Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-10-28flashcp: Add option -A/--erase-allAndrij Abyzov
Sometimes there's a need to erase the whole device when programming an image, and not just the area under the image itself. Therefore, option -A/--erase-all has been added which erases the whole device before writing the image. Signed-off-by: Andrij Abyzov <drolevar@gmail.com> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-10-07ubihealthd: Add option -h/--helpAlexander Dahl
Using '?' as option did not work, and would be strange to pass anyway, because it's a glob char for the shell and you would have to escape it like ./ubihealthd -\? … use the more common -h/--help instead. Note: this does not touch the output, just changes the options itself. Signed-off-by: Alexander Dahl <post@lespocky.de> Acked-by: Richard Weinberger <richard@nod.at> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-10-07ubihealthd: Add missing sentinel in options arrayAlexander Dahl
`getopt_long()` requires a null terminated array, otherwise we get segfaults when passing invalid options. Fixes: 7f0e2dc21fb2 ("ubi-utils: Implement a ubihealthd") Signed-off-by: Alexander Dahl <post@lespocky.de> Acked-by: Richard Weinberger <richard@nod.at> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-09-10ubiupdatevol: Prevent null pointer dereferenceBastian Germann
libubi_close(libubi) is called in the error handler if libubi is null. Prevent that by handling the error case similar to the other ubi executables. Signed-off-by: Bastian Germann <bastiangermann@fishpost.de> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-08-25Add ubihealthd to gitignore fileDavid Oberhollenzer
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-08-25ubi-utils: Implement a ubihealthdRichard Weinberger
ubihealthd is a simple daemon which scans every PEB of an UBI device in random order. It helps to deal with read disturb on systems which either reboot seldom, use fastmap or read few data. To use this daemon you need Linux >= v5.1. Signed-off-by: Richard Weinberger <richard@nod.at>
2019-08-19mkfs.ubifs: Add authentication supportSascha Hauer
This adds support for authenticated UBIFS images. In authenticated images all UBIFS nodes are hashed as described in the UBIFS authentication whitepaper. Additionally the superblock node contains a hash of the master node and itself is cryptographically signed in a node following the superblock node. The signature is in PKCS #7 CMS format. To generate an authenticated image these options are necessary: --hash-algo=NAME hash algorithm to use for signed images (Valid options include sha1, sha256, sha512) --auth-key=FILE filename or PKCS #11 uri containing the authentication key for signing --auth-cert=FILE Authentication certificate filename for signing. Unused when certificate is provided via PKCS #11 Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-08-19ubifs-media: Update to Linux-5.3-rc3Sascha Hauer
This updates ubifs-media.h to Linux-5.3-rc3 which brings us the bits and pieces necessary for UBIFS authentication and offline signing. Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-07-21Release mtd-utils-2.1.1v2.1.1David Oberhollenzer
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-07-18mkfs.ubifs: fix description of favor_lzoUwe Kleine-König
"favor_lzo" uses "lzo" unless the space savings when using "zlib" are big. The current wording got this wrong. Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-07-16mkfs.ubifs: fix compilation without ZSTDMartin Kaiser
Fix a trivial typo to make sure that zstd.h is included only if zstd is not disabled. Signed-off-by: Martin Kaiser <martin@kaiser.cx> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-07-09mkfs.ubifs: remove ZSTD_CLEVEL_DEFAULT for backwards compatibillityDavid Oberhollenzer
Support for ZSTD compression has been added recently through the ZSTD library, which is famously known for its incredibly well designed and stable API. This patch removes usage of ZSTD_CLEVEL_DEFAULT, which isn't exposed in older versions of the ZSTD library, and replaces it with with the constant parameter 0. According to the documentation this should then use a reasonable default (which is defined internally). Other possible approachs include defining ZSTD_CLEVEL_DEFAULT to 3 (the value it _currently_ has) if it isn't defined. This patch chooses the approach of passing 0 since this seems to be encouraged by the existing documentation. Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-07-02ubinize: Exit with non-zero exit code on error.Patrick Doyle
...specifically -1 in all of the new cases. Signed-off-by: Patrick Doyle <pdoyle@irobot.com> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-06-16ubi-tests: fm_param: Replace 'fm_auto' with 'fm_autoconvert'Zhihao Cheng
The value of fm_param should be 'fm_autoconvert' rather than 'fm_auto' when fastmap is supported by kernel. Currently, following verbose will appear in dmesg when fm_param is set to 'fm_auto': ubi: unknown parameter 'fm_auto' ignored This patch replace 'fm_auto' with 'fm_autoconvert' for fm_param, so ubi kernel module can receive correct parameters. ---------------------------------------- Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-06-16ubi-tests: mkvol test: Checks return value 'ENOSPC' for 'ubi_mkvol'Zhihao Cheng
UBI tests try to create too many volumes in mkvol_bad and mkvol_basic. Currently mtd-utils allows return value 'ENFILE' from 'ubi_mkvol', that works fine in most situations. But what if the number of PEBs equals to the maximum count of volumes? For example, mkvol_basic test will fail in a 64MiB flash with 512KiB PEB size. Following is the output of mkvol_basic test: ====================================================================== ====================================================================== ====================================================================== Test on mtdram, fastmap enabled, VID header offset factor 1 ====================================================================== ====================================================================== ====================================================================== mtdram: 64MiB, PEB size 512KiB, fastmap enabled Running mkvol_basic /dev/ubi0 [mkvol_basic] mkvol_multiple():182: function ubi_mkvol() failed with error 28 (No space left on device) [mkvol_basic] mkvol_multiple():183: vol_id 122 Error: mkvol_basic failed FAILURE The reason is that there is no available PEB to support a new volume. We can see following verbose in dmesg: ubi0: attached mtd0 (name "mtdram test device", size 64 MiB) ubi0: user volume: 0, internal volumes: 1, max. volumes count: 128 ubi0: available PEBs: 122, total reserved PEBs: 6, PEBs reserved for bad PEB handling: 0 The maximum count of volumes is 128, so we can create 128 volumes theoretically. But there are 122 available PEBs becauese of existence of reserved PEBs. In addition, a volume occupies at least one PEB. Actually, we can only create 122 volumes, Therefore, 'ubi_mkvol' returns 'ENOSPC' when mkvol_basic tries to create 123rd volume. And we can see corresponding error message in dmesg: ubi0 error: ubi_create_volume [ubi]: not enough PEBs, only 0 available ubi0 error: ubi_create_volume [ubi]: cannot create volume 122, error -28 So, 'ENOSPC' can happen before 'ENFILE' in flash with a small amount of PEBs. This patch checks return value 'ENOSPC' for 'ubi_mkvol' when mkvol test is trying to create too many volumes. ---------------------------------------- Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>