Age | Commit message (Collapse) | Author |
|
mkfs.uibfs can add Selinux xattrs from a labeling file using
libselinux to parse it. The commit that added this feature simply
introduced a separate function, inode_add_selinux_xattr, which is
called instead of inode_add_xattr. If no --selinux argument is
specified for mkfs.ubifs, this is a no-op.
The problem is, that this breaks xattr scanning for any build with
Selinux enabled. The Selinux version is always called and it does
not scan for xattrs on the filesystem, or dispatch to the original.
This commit fixes the xattr scanning behavior. We unconditionally call
both functions (they each have no-op implementations if the feature
is missing) and in the regular xattr scanning code, we skip selinux
attributes, if the --selinux option was given.
Fixes: f1feccec5ad8 ("mkfs.ubifs: Implement selinux labelling support")
Reviewed-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: David Oberhollenzer <goliath@infraroot.at>
|
|
Below failure happens when mkfs.ubifs --selinux=FILE ...
"Error: bad file context FILE 1"
"No such file or directory (error 2)"
It is fixed by this change.
Signed-off-by: Zijun Hu <quic_zijuhu@quicinc.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
In v2.1.0, SELinux support was introduced. It never compiled with ubifs
because it uses the old add_xattr signature that also changed in v2.1.0
with a1bd316e23("mkfs.ubifs: Implement fscrypto context store as xattr").
Add the ubifs_ino_node and name to the call and remove the nm that is
contructed in the new function version.
Signed-off-by: Bastian Germann <bastiangermann@fishpost.de>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Signed-off-by: Bastian Germann <bastiangermann@fishpost.de>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
First, there is no option named of X509_OPTION. It was presumably
changed during development to AUTH_CERT_OPTION. This commit fixes
the name in the !WITH_CRYPTO branch.
Similarly, '}' got moved into the WITH_CRYPTO branch, but not into
else branch, resulting in tons of errors if fscrypt is disabled.
This commit pulls it back out of both branches.
Fixes: a739b59e ("mkfs.ubifs: Add authentication support")
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
For some command line flags, the argument string is copied. Simply
writing over the buffer leads to a resource leak if the same flag
is specified on the command line more than once.
This patch adds a free() call to the old buffer before overwriting
it with the new copy.
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
The existing code sets 'err' to -1 and breaks the readdir loop, but
the error state is never read. This patch modifies the readdir loop
to actualy jump to the error handling branch if readdir fails.
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
This adds support for authenticated UBIFS images. In authenticated
images all UBIFS nodes are hashed as described in the UBIFS
authentication whitepaper. Additionally the superblock node contains a
hash of the master node and itself is cryptographically signed in a node
following the superblock node. The signature is in PKCS #7 CMS format.
To generate an authenticated image these options are necessary:
--hash-algo=NAME hash algorithm to use for signed images
(Valid options include sha1, sha256, sha512)
--auth-key=FILE filename or PKCS #11 uri containing the authentication key
for signing
--auth-cert=FILE Authentication certificate filename for signing. Unused
when certificate is provided via PKCS #11
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
"favor_lzo" uses "lzo" unless the space savings when using "zlib" are
big. The current wording got this wrong.
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
I added ZSTD support to mkfs.ubifs and compared the ZSTD results with
zlib/lzo and the available ZSTD compression levels. The results are in
the following table:
Comp image MiB time image2 MiB time
none 271 0m 0,723s 223 0m 0,589s
lzo 164 0m13,705s 116 0m11,636s
zlib 150 0m 7,654s 103 0m 6,347s
favor-lzo 158 0m21,137s 110 0m17,764s
zstd-01 154 0m 1,607s 106 0m 1,429s
zstd-02 153 0m 1,704s 105 0m 1,479s
zstd-03* 152 0m 1,888s 104 0m 1,668s
zstd-04 151 0m 2,741s 103 0m 2,391s
zstd-05 150 0m 3,257s 102 0m 2,916s
zstd-06 150 0m 3,735s 102 0m 3,356s
zstd-07 150 0m 4,066s 102 0m 3,705s
zstd-08 152 0m 1,857s 104 0m 1,644s
zstd-09 152 0m 1,855s 104 0m 1,639s
zstd-10 150 0m 6,654s 102 0m 6,195s
zstd-11 150 0m10,027s 102 0m 9,130s
zstd-12 149 0m14,724s 101 0m13,415s
zstd-13 148 0m18,232s 100 0m16,719s
zstd-14 148 0m20,859s 100 0m19,554s
zstd-15 148 0m25,033s 100 0m23,186s
zstd-16 148 0m38,837s 100 0m36,543s
zstd-17 148 0m46,051s 100 0m43,120s
zstd-18 148 0m49,157s 100 0m45,807s
zstd-19 148 0m49,421s 100 0m45,951s
zstd-20 148 0m51,271s 100 0m48,030s
zstd-21 148 0m51,015s 100 0m48,676s
zstd-22 148 0m52,575s 100 0m50,013s
The UBIFS image was created via
mkfs.ubifs -x $Comp -m 512 -e 128KiB -c 2200 -r $image $out
I used "debootstrap sid" to create a basic RFS and the results are in
the `image' column. The image2 column denotes the results for the same
image but with .deb files removed.
The time column contains the output of the run time of the command.
ZSTD's compression level three is currently default. Based on the
compression results (for the default level) it outperforms LZO in
run time and compression and is almost as good as ZLIB in terms of
compression but quicker.
The higher compression levels make almost no difference in compression
but take a lot of time.
The compression level used is the default offered by ZSTD. It does not
make sense the higher levels.
Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Commit a767dd30 added a check to add_inode that bails when trying to
store extra data in anything other than a symlink. The symlink
encryption support added by that commit relies on the assumption.
Unfortionately it was overlooked that device special files also store
the device number as additional data in the inode. The check added in
commit a767dd30 broke support for device files in mkfs.ubifs.
This commit adds a quick and dirty fix, moving the check into the
fscrypt branch, breaking only the fscrypt version but restoring old
functionality for unencrypted file systems.
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
In inode_add_xattr(), it malloc a buffer for name, and then passes
the bufffer ptr to add_xattr(). The ptr will be used to create a new
idx_entry in add_to_index().
However, inode_add_xattr() will free the buffer before return.
which can cause double free in write_index(): free(idx_ptr[i]->name)
*** Error in `./mkfs.ubifs': double free or corruption (fasttop): 0x0000000000aae220 ***
======= Backtrace: =========
/lib64/libc.so.6(+0x7cbac)[0x7f4881ff5bac]
/lib64/libc.so.6(+0x87a59)[0x7f4882000a59]
/lib64/libc.so.6(cfree+0x16e)[0x7f48820063be]
./mkfs.ubifs[0x402fbf]
/lib64/libc.so.6(__libc_start_main+0xea)[0x7f4881f9988a]
./mkfs.ubifs[0x40356a]
Signed-off-by: Yufen Yu <yuyufen@huawei.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
AES-256-XTS is the default since dd0d9c623e22 ("mkfs.ubifs: Use AES-256-XTS as default"),
we want that to be correctly reflected in the help output as well.
Signed-off-by: David Gstir <david@sigma-star.at>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Encryption and compression are not friends.
Enable compression in encryption mode only if the user explicitly
sets a compressor.
Signed-off-by: Richard Weinberger <richard@nod.at>
Tested-by: Heiko Schocher <hsdenx.de>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
AES-128-CBC should only being used when 256-XTS is too slow
on low end hardware.
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
...if none is given. To be compatible with fscryptctl.
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
Signed-off-by: Richard Weinberger <richard@nod.at>
|
|
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
Signed-off-by: Richard Weinberger <richard@nod.at>
|
|
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
Signed-off-by: Richard Weinberger <richard@nod.at>
|
|
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
Signed-off-by: Richard Weinberger <richard@nod.at>
|
|
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
Signed-off-by: Richard Weinberger <richard@nod.at>
|
|
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
Signed-off-by: Richard Weinberger <richard@nod.at>
|
|
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
Signed-off-by: Richard Weinberger <richard@nod.at>
|
|
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
Signed-off-by: Richard Weinberger <richard@nod.at>
|
|
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
Signed-off-by: Richard Weinberger <richard@nod.at>
|
|
...and make valgrind memcheck happy
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
Signed-off-by: Richard Weinberger <richard@nod.at>
|
|
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
fscrypto is using the max key lenth (64), so we cannot use the
AES-128-ECB len.
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
since names are no longer strings, we need to know the length.
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
...and set UBIFS format version
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
...maybe we should add them to crypto.c?
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
most of them should be UAPI, therefore check using #ifndef
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Signed-off-by: Richard Weinberger <richard@nod.at>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
Signed-off-by: Richard Weinberger <richard@nod.at>
|
|
The nlink value of a xattr node must always be one, it has nothing to do
with the nlink value of the inode the attribute belongs to.
The bug can be observed when mounting a mkfs.ubifs generated image which
contains xattrs on directories or files with hardlinks to them. When
mounting such an image with chk_fs = 1 it fails with:
UBIFS error (ubi0:0 pid 1833): dbg_check_filesystem: inode 3308 nlink is 3, but calculated nlink is 1
Another bug that can be triggered is an assertion in
ubifs_xattr_remove() which assures that the xattr i_nlink count should
be one when the xattr is removed.
Fixes: 50044ef ("mkfs.ubifs: Add extended attribute support")
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Fix warnings abot PRIdoff_t in libmtd.c, in mtd_read (and mtd_write):
In file included from ../git/lib/libmtd.c:40:0:
../git/lib/libmtd.c: In function 'mtd_read':
../git/include/common.h:110:18: warning: format '%ld' expects argument of
type 'long int', but argument 5 has type 'off_t {aka long long int}'
[-Wformat=]
../git/include/common.h:120:2: note: in expansion of macro 'errmsg'
errmsg(fmt, ##__VA_ARGS__); \
^~~~~~
../git/lib/libmtd.c:1082:10: note: in expansion of macro 'sys_errmsg'
return sys_errmsg("cannot seek mtd%d to offset %"PRIdoff_t,
^~~~~~~~~~
/usr/lib/klibc/include/inttypes.h:28:17: note: format string is defined here
#define PRId32 "d"
Signed-off-by: Thorsten Glaser <tg@mirbsd.org>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
This implements/adds selinux labelling support to mkfs.ubifs
utility. It adds an extra option in configure to enable
selinux labelling support and then finally in mkfs.ubifs adds
an extra option to pass the file_contexts which is looked up
for filesystem file labels.
- Default behavior is kept without selinux so as to not break existing
support where selinux library/headers may not be present.
- If this is configured with --with-selinux then XATTR from the
file_contexts(passed with --selinux option while mkfs.ubifs)
will be taken and not from the host file's xattr.
This is done to avoid the problem where the host OS may have
selinux enabled and hence same xattr names will be present in both
host filesystem files and from the --selinux=file passed.
So the existing behavior is kept mutually exclusive and preference
is given to selinux xattrs (if configured with --with-selinux).
Signed-off-by: Ritesh Harjani <riteshh@codeaurora.org>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|