summaryrefslogtreecommitdiff
path: root/ubifs-utils
AgeCommit message (Collapse)Author
2020-02-09mkfs.ubifs: fix broken build if fscrtyp is disabledDavid Oberhollenzer
First, there is no option named of X509_OPTION. It was presumably changed during development to AUTH_CERT_OPTION. This commit fixes the name in the !WITH_CRYPTO branch. Similarly, '}' got moved into the WITH_CRYPTO branch, but not into else branch, resulting in tons of errors if fscrypt is disabled. This commit pulls it back out of both branches. Fixes: a739b59e ("mkfs.ubifs: Add authentication support") Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-11-10mkfs.ubifs: propperly cleanup in ALL interpret_table_entry error pathsDavid Oberhollenzer
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-11-10mkfs.ubifs: don't leak temporary buffersDavid Oberhollenzer
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-11-10mkfs.ubifs: don't leak hastable iteratorsDavid Oberhollenzer
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-11-10mkfs.ubifs: free derived fscrypt context in add_directory error pathsDavid Oberhollenzer
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-11-10mkfs.ubifs: don't leak copied command line argumentsDavid Oberhollenzer
For some command line flags, the argument string is copied. Simply writing over the buffer leads to a resource leak if the same flag is specified on the command line more than once. This patch adds a free() call to the old buffer before overwriting it with the new copy. Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-11-10mkfs.ubifs: close file descriptor in add_file error pathDavid Oberhollenzer
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-11-10mkfs.ubifs: abort add_directory if readdir failsDavid Oberhollenzer
The existing code sets 'err' to -1 and breaks the readdir loop, but the error state is never read. This patch modifies the readdir loop to actualy jump to the error handling branch if readdir fails. Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-11-10mkfs.ubifs: fscrypt: bail from encrypt_block if gen_essiv_salt failsDavid Oberhollenzer
What originally cought my attention was that gen_essiv_salt has a size_t return type and error paths that return -1 on failure. Further investigation revealed that the error value is never checked for. The encrypt_block function doesn't use the return value in any way and simply continues onward. Furthermore, the gen_essiv_salt function has an error case that emits an error message but returns success state. This patch modifes gen_essiv_salt to return an error status in all error branches, changes the return type to ssize_t and adds a check to encrypt_block if gen_essiv_salt fails. Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-08-19mkfs.ubifs: Add authentication supportSascha Hauer
This adds support for authenticated UBIFS images. In authenticated images all UBIFS nodes are hashed as described in the UBIFS authentication whitepaper. Additionally the superblock node contains a hash of the master node and itself is cryptographically signed in a node following the superblock node. The signature is in PKCS #7 CMS format. To generate an authenticated image these options are necessary: --hash-algo=NAME hash algorithm to use for signed images (Valid options include sha1, sha256, sha512) --auth-key=FILE filename or PKCS #11 uri containing the authentication key for signing --auth-cert=FILE Authentication certificate filename for signing. Unused when certificate is provided via PKCS #11 Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-07-18mkfs.ubifs: fix description of favor_lzoUwe Kleine-König
"favor_lzo" uses "lzo" unless the space savings when using "zlib" are big. The current wording got this wrong. Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-07-16mkfs.ubifs: fix compilation without ZSTDMartin Kaiser
Fix a trivial typo to make sure that zstd.h is included only if zstd is not disabled. Signed-off-by: Martin Kaiser <martin@kaiser.cx> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-07-09mkfs.ubifs: remove ZSTD_CLEVEL_DEFAULT for backwards compatibillityDavid Oberhollenzer
Support for ZSTD compression has been added recently through the ZSTD library, which is famously known for its incredibly well designed and stable API. This patch removes usage of ZSTD_CLEVEL_DEFAULT, which isn't exposed in older versions of the ZSTD library, and replaces it with with the constant parameter 0. According to the documentation this should then use a reasonable default (which is defined internally). Other possible approachs include defining ZSTD_CLEVEL_DEFAULT to 3 (the value it _currently_ has) if it isn't defined. This patch chooses the approach of passing 0 since this seems to be encouraged by the existing documentation. Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-06-01mkfs.ubifs: Add ZSTD compressionSebastian Andrzej Siewior
I added ZSTD support to mkfs.ubifs and compared the ZSTD results with zlib/lzo and the available ZSTD compression levels. The results are in the following table: Comp image MiB time image2 MiB time none 271 0m 0,723s 223 0m 0,589s lzo 164 0m13,705s 116 0m11,636s zlib 150 0m 7,654s 103 0m 6,347s favor-lzo 158 0m21,137s 110 0m17,764s zstd-01 154 0m 1,607s 106 0m 1,429s zstd-02 153 0m 1,704s 105 0m 1,479s zstd-03* 152 0m 1,888s 104 0m 1,668s zstd-04 151 0m 2,741s 103 0m 2,391s zstd-05 150 0m 3,257s 102 0m 2,916s zstd-06 150 0m 3,735s 102 0m 3,356s zstd-07 150 0m 4,066s 102 0m 3,705s zstd-08 152 0m 1,857s 104 0m 1,644s zstd-09 152 0m 1,855s 104 0m 1,639s zstd-10 150 0m 6,654s 102 0m 6,195s zstd-11 150 0m10,027s 102 0m 9,130s zstd-12 149 0m14,724s 101 0m13,415s zstd-13 148 0m18,232s 100 0m16,719s zstd-14 148 0m20,859s 100 0m19,554s zstd-15 148 0m25,033s 100 0m23,186s zstd-16 148 0m38,837s 100 0m36,543s zstd-17 148 0m46,051s 100 0m43,120s zstd-18 148 0m49,157s 100 0m45,807s zstd-19 148 0m49,421s 100 0m45,951s zstd-20 148 0m51,271s 100 0m48,030s zstd-21 148 0m51,015s 100 0m48,676s zstd-22 148 0m52,575s 100 0m50,013s The UBIFS image was created via mkfs.ubifs -x $Comp -m 512 -e 128KiB -c 2200 -r $image $out I used "debootstrap sid" to create a basic RFS and the results are in the `image' column. The image2 column denotes the results for the same image but with .deb files removed. The time column contains the output of the run time of the command. ZSTD's compression level three is currently default. Based on the compression results (for the default level) it outperforms LZO in run time and compression and is almost as good as ZLIB in terms of compression but quicker. The higher compression levels make almost no difference in compression but take a lot of time. The compression level used is the default offered by ZSTD. It does not make sense the higher levels. Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-04-03mkfs.ubifs: fix regression when trying to store device special filesDavid Oberhollenzer
Commit a767dd30 added a check to add_inode that bails when trying to store extra data in anything other than a symlink. The symlink encryption support added by that commit relies on the assumption. Unfortionately it was overlooked that device special files also store the device number as additional data in the inode. The check added in commit a767dd30 broke support for device files in mkfs.ubifs. This commit adds a quick and dirty fix, moving the check into the fscrypt branch, breaking only the fscrypt version but restoring old functionality for unencrypted file systems. Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-03-29mkfs.ubifs: fix build without opensslBaruch Siach
Exclude openssl headers when WITH_CRYPTO is not defined. Fixes this build failure: In file included from ubifs-utils/mkfs.ubifs/mkfs.ubifs.c:25:0: ubifs-utils/mkfs.ubifs/mkfs.ubifs.h:49:10: fatal error: openssl/rand.h: No such file or directory #include <openssl/rand.h> ^~~~~~~~~~~~~~~~ Signed-off-by: Baruch Siach <baruch@tkos.co.il> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2019-02-11mtd-utils: fixes double free in mkfs.ubifsYufen Yu
In inode_add_xattr(), it malloc a buffer for name, and then passes the bufffer ptr to add_xattr(). The ptr will be used to create a new idx_entry in add_to_index(). However, inode_add_xattr() will free the buffer before return. which can cause double free in write_index(): free(idx_ptr[i]->name) *** Error in `./mkfs.ubifs': double free or corruption (fasttop): 0x0000000000aae220 *** ======= Backtrace: ========= /lib64/libc.so.6(+0x7cbac)[0x7f4881ff5bac] /lib64/libc.so.6(+0x87a59)[0x7f4882000a59] /lib64/libc.so.6(cfree+0x16e)[0x7f48820063be] ./mkfs.ubifs[0x402fbf] /lib64/libc.so.6(__libc_start_main+0xea)[0x7f4881f9988a] ./mkfs.ubifs[0x40356a] Signed-off-by: Yufen Yu <yuyufen@huawei.com> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2018-12-17mkfs.ubifs: fix default cipher in help outputDavid Gstir
AES-256-XTS is the default since dd0d9c623e22 ("mkfs.ubifs: Use AES-256-XTS as default"), we want that to be correctly reflected in the help output as well. Signed-off-by: David Gstir <david@sigma-star.at> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2018-11-09mkfs.ubifs: Don't compress by default if filesystem is encryptedRichard Weinberger
Encryption and compression are not friends. Enable compression in encryption mode only if the user explicitly sets a compressor. Signed-off-by: Richard Weinberger <richard@nod.at> Tested-by: Heiko Schocher <hsdenx.de> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2018-11-09mkfs.ubifs: Store compr_size in correct endianness.Richard Weinberger
compr_size has to be in LE16. Signed-off-by: Richard Weinberger <richard@nod.at> Tested-by: Heiko Schocher <hsdenx.de> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2018-11-09mkfs.ubifs: Fix IV selectionRichard Weinberger
We need to check for AES being in 128-cbc mode and not 256-cbc. fscrypt supports only 128-cbc and 256-xts so far. Signed-off-by: Richard Weinberger <richard@nod.at> Tested-by: Heiko Schocher <hsdenx.de> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2018-11-01mkfs.ubifs: Use AES-256-XTS as defaultRichard Weinberger
AES-128-CBC should only being used when 256-XTS is too slow on low end hardware. Signed-off-by: Richard Weinberger <richard@nod.at> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2018-11-01mkfs.ubifs: Print key descriptor only when generatedRichard Weinberger
Signed-off-by: Richard Weinberger <richard@nod.at> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2018-11-01mkfs.ubifs: Enable support for building without cryptoRichard Weinberger
Signed-off-by: Richard Weinberger <richard@nod.at> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2018-11-01mkfs.ubifs: Move RAND_poll to crypto.cRichard Weinberger
Signed-off-by: Richard Weinberger <richard@nod.at> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2018-11-01mkfs.ubifs: More fscryptctl compatibilityRichard Weinberger
fscryptctl reads up to FS_MAX_KEY_SIZE bytes from the source key to compute the descriptor. Signed-off-by: Richard Weinberger <richard@nod.at> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2018-11-01mkfs.ubifs: Fix key descriptor printingRichard Weinberger
normsg() sucks. Signed-off-by: Richard Weinberger <richard@nod.at> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2018-11-01mkfs.ubifs: Compute encryption key descriptor automaticallyRichard Weinberger
...if none is given. To be compatible with fscryptctl. Signed-off-by: Richard Weinberger <richard@nod.at> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2018-11-01mkfs.ubifs: Fixup AES-XTS modeRichard Weinberger
In XTS mode we don't need ESSIV, just use the block number as tweak. Also apply EVP_EncryptFinal(). Signed-off-by: Richard Weinberger <richard@nod.at> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2018-11-01mkfs.ubifs: Use correct sizes for keys and hash lengthsRichard Weinberger
This works currently by chance since the sizes match, but that might change with different cipher setups. Signed-off-by: Richard Weinberger <richard@nod.at> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2018-11-01mkfs.ubifs: Enable Cipher selectionRichard Weinberger
No longer hard code AES-128-CBC, we support AES-256-XTS too. Signed-off-by: Richard Weinberger <richard@nod.at> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2018-11-01mkfs.ubifs: Correctly use iv lengths in aes-cts modeRichard Weinberger
The key length can be very long, for example in xts mode. So we have to use the right sizes for block and iv lengths. Signed-off-by: Richard Weinberger <richard@nod.at> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2018-11-01mkfs.ubifs: Accept 0x prefix for key descriptorDavid Oberhollenzer
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at> Signed-off-by: Richard Weinberger <richard@nod.at>
2018-11-01mkfs.ubifs: Check length of master keyDavid Oberhollenzer
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at> Signed-off-by: Richard Weinberger <richard@nod.at>
2018-11-01mkfs.ubifs: Cleanup over-long linesDavid Oberhollenzer
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at> Signed-off-by: Richard Weinberger <richard@nod.at>
2018-11-01mkfs.ubifs: Move fscrypt definitions and functions out of mkfs.ubifs.cDavid Oberhollenzer
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at> Signed-off-by: Richard Weinberger <richard@nod.at>
2018-11-01mkfs.ubifs: Remove cipher implementations from public headerDavid Oberhollenzer
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at> Signed-off-by: Richard Weinberger <richard@nod.at>
2018-11-01mkfs.ubifs: Initial support for encryption command linesDavid Oberhollenzer
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at> Signed-off-by: Richard Weinberger <richard@nod.at>
2018-11-01mkfs.ubifs: Specify padding policy via command lineDavid Oberhollenzer
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at> Signed-off-by: Richard Weinberger <richard@nod.at>
2018-11-01mkfs.ubifs: Get key descriptor from command line and master key from fileDavid Oberhollenzer
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at> Signed-off-by: Richard Weinberger <richard@nod.at>
2018-11-01mkfs.ubifs: Make encryption dependend on (not-yet-existant) command line optionsDavid Oberhollenzer
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at> Signed-off-by: Richard Weinberger <richard@nod.at>
2018-11-01mkfs.ubifs: Replace constant values with parameters in init_fscrypt_contextDavid Oberhollenzer
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at> Signed-off-by: Richard Weinberger <richard@nod.at>
2018-11-01mkfs.ubifs: Cleanup add_dent_node, user path encryption helperDavid Oberhollenzer
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at> Signed-off-by: Richard Weinberger <richard@nod.at>
2018-11-01mkfs.ubifs: Seperate path encryption from symlink encryption helperDavid Oberhollenzer
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at> Signed-off-by: Richard Weinberger <richard@nod.at>
2018-11-01mkfs.ubifs: Free all index entry namesRichard Weinberger
...and make valgrind memcheck happy Signed-off-by: Richard Weinberger <richard@nod.at> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2018-11-01mkfs.ubifs: Make sure we catch nodes that should or should not have nameRichard Weinberger
Signed-off-by: Richard Weinberger <richard@nod.at> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2018-11-01mkfs.ubifs: Move symlink data encryption to helper functionDavid Oberhollenzer
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at> Signed-off-by: Richard Weinberger <richard@nod.at>
2018-11-01mkfs.ubifs: Implement file contents encryptionRichard Weinberger
Signed-off-by: Richard Weinberger <richard@nod.at> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2018-11-01mkfs.ubifs: Add encrypted symlink supportRichard Weinberger
Signed-off-by: Richard Weinberger <richard@nod.at> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
2018-11-01mkfs.ubifs: Pass source/dest key len to key derive functionRichard Weinberger
fscrypto is using the max key lenth (64), so we cannot use the AES-128-ECB len. Signed-off-by: Richard Weinberger <richard@nod.at> Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>