| Age | Commit message (Collapse) | Author |
|---|
|
Add spinlock implementations, because there are some spinlocks
(eg. c->cnt_lock, c->buds_lock) used in UBIFS linux kernel libs.
The spinlock is implemented based on pthread mutex.
This is a preparation for replacing implementation of UBIFS utils with
linux kernel libs.
Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Add bit operations implementations, because there are some bit operations
(eg. __set_bit, test_bit) used in UBIFS linux kernel libs.
This is a preparation for replacing implementation of UBIFS utils with
linux kernel libs.
Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Add atomic implementations, because there are some atomic operations
(eg. atomic_long_xxx) used in UBIFS linux kernel libs.
This is a preparation for replacing implementation of UBIFS utils with
linux kernel libs.
Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Add linux kernel memory allocation implementations, because there are many
memory allocations(eg. kmalloc, kzalloc) used in UBIFS linux kernel libs.
This is a preparation for replacing implementation of UBIFS utils with
linux kernel libs.
Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Add linux kernel error conversion definitions, because there are
many error type conversions(eg. PTR_ERR, ERR_PTR) used in UBIFS
linux kernel libs.
This is a preparation for replacing implementation of UBIFS utils with
linux kernel libs.
Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Add linux type definitions, because there are many types
(eg. u8/u16/u64) used in UBIFS linux kernel libs. Besides
move type conversions (eg. cpu_to_le16, cpu_to_le32, etc.)
into type definitions header file.
This is a preparation for replacing implementation of UBIFS utils with
linux kernel libs.
Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Add compiler attributes implementations, such as __packed, __unused,
__const, etc., which could be used in linux kernel libs. Besides, change
some existing attributes into linux kernel style.
This is a preparation for replacing implementation of UBIFS utils with
linux kernel libs.
Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Import UBIFS libs from linux kernel. Next patches will replace ubifs
related source code with implementation of linux kernel, which makes
userspace implementation be same with linux kernel, then fsck.ubifs
can resuse the code.
Notice: lpt.c is modified with [1] applied. ubifs.h and orphan.c are
modified with [2] applied, journal.c is modified with [3] reverted(
because fsck runs in a single thread, so waitqueue is not needed to
be implemented in userspace.).
[1] https://lore.kernel.org/linux-mtd/20231228014112.2836317-13-chengzhihao1@huawei.com/
[2] https://lore.kernel.org/linux-mtd/20240410073751.2522830-1-chengzhihao1@huawei.com/
[3] https://lore.kernel.org/linux-mtd/20240122063103.359501-1-chengzhihao1@huawei.com/
Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
new source file
Move UBI opening/closing/volume_check_empty functions into common/super.c.
These functions will be used in fsck.
Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Embed new members 'dev_fd' and 'libubi' into ubifs_info structure, so
that global variable 'ubi', 'out_fd' and 'out_ubi' could be removed
from mkfs.ubifs.c. Besides, add parameter in check_volume_empty().
Next patch will extract UBI opening/closing/check_volume_empty functions
into a new source file, these functions will be used in fsck.
Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Embed new member 'dev_name' into 'ubifs_info' structure, then global
variable 'output' can be removed from mkfs.ubifs.c. Next patches will
import UBIFS libs from linux kernel, which could print messages that
contain device information, so this patch can distinguish different
devices according to messages.
Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Embed new member 'debug_level' into 'ubifs_info' structure, then global
variable 'debug_level' can be removed from mkfs.ubifs.c. Next patches
will import UBIFS libs from linux kernel, which could print messages
with different levels, then 'debug_level' can be used to control which
level messages should be printed.
Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Functions 'err_msg' and 'sys_err_msg' are almost same with 'errmsg' and
'sys_errmsg', since 'errmsg' and 'sys_errmsg' can print programe name,
so replace error message printing functions (ubifs-utils) with common
lib functions(include/common.h).
Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
PROGRAM_NAME is defined as a const string "mkfs.ubifs", which won't be
suitable for fsck.ubifs. Add 'program_name' member in ubifs_info
structure, define PROGRAM_NAME as ubifs_info.program_name. Then, error
messages will display right program name if fsck.ubifs is supported.
Besides, add 'program_type' member in ubifs_info structure to identify
which current program type is, without comparing program name.
Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Header file mkfs.ubifs.h is included in other modules(eg. compr.c, lpt.c,
fscrypt.h, sign.c), decouple it out of other modules.
There are two parts in mkfs.ubifs.h:
1. common functions, for example dbg_msg, err_msg and write_leb, move
these functions into common/defs.h and common/ubifs.h.
2. devtable related definations, move them into a new header file
common/devtable.h.
Splitting common functions from mkfs.ubifs.h is also a preparation for
importing libubifs(from linux kernel) to replace current UBIFS libs.
Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Split common source files into common dir from mkfs.ubifs, this is a
preparation for importing libubifs(from linux kernel) to replace
current UBIFS libs.
Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
The 'output' is allocated in get_options(), don't forget to free it
in error paths, move 'output' freeing out of close_target(), which
simplifies the logic of close_target().
Fixes: 36ec51948e0ec ("Add mkfs.ubifs")
Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Closing 'out_fd' is missed in handling paths in open_target(), fix it
by adding closing operations before returning.
Fixes: a48340c335dab ("mkfs.ubifs: use libubi to format UBI volume")
Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
The libubi could be opened in get_options(), don't forget to close it
in error handling paths in main(). Also close libubi in error handling
paths in open_ubi(). To implement that, extract libubi_close() into a
new helper function close_ubi().
Besides, invoke crypto_cleanup() in error handling paths in main().
Fixes: a48340c335dab ("mkfs.ubifs: use libubi to format UBI volume")
Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
The size of directory should be the total length of encrypted entry name,
otherwise it could trigger errors while checking filesystem:
dbg_check_filesystem [ubifs]: directory inode 89 size is 352, but
calculated size is 400
Fixes: 4c55918dd747d ("Implement filename encryption")
Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
The type of xattr entry should be regular file, otherwise xattr entry
and xattr inode have inconsistent types.
Fixes: 50044efbd6e713 ("mkfs.ubifs: Add extended attribute support")
Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Variable 'cipher_name' is defined on stack without initialization, when
an user invokes mkfs with '--key' and without '-C', 'cipher_name' is a
random value, which could cause init_fscrypt_context() failed to find a
valid cipher.
Fix it by initializing 'cipher_name' as NULL when it is declared.
Fixes: cc4c5e295f546 ("mkfs.ubifs: Enable support for building without crypto")
Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Direct writing is not allowd on an UBI volume, unless the volume is set
with direct_write property. The open_target sets direct_write property,
don't forget to clear direct_write property for UBI volume when closing
target.
Fixes: a48340c335dab ("mkfs.ubifs: use libubi to format UBI volume")
Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
This one is a bit trickier than adding WITH_ZLIB ifdefs. Some parts
of the code assume that zlib is always present and have complicated
fallback behavior. Particularly the "favor_lzo" compression method
that uses either zlib or lzo, whichever produces the better result.
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Don't use super pedantic parsing of the argument and work with the
generated variable instead of assigning it to our own and set it
to "check" if not value is assigned. Then search for a dependency
if the with variable is anything other than "no" and fail if it
was set to "yes".
In addition, the WITHOUT_xxx defines are replaced with WITH_xxx defines.
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
mkfs.uibfs can add Selinux xattrs from a labeling file using
libselinux to parse it. The commit that added this feature simply
introduced a separate function, inode_add_selinux_xattr, which is
called instead of inode_add_xattr. If no --selinux argument is
specified for mkfs.ubifs, this is a no-op.
The problem is, that this breaks xattr scanning for any build with
Selinux enabled. The Selinux version is always called and it does
not scan for xattrs on the filesystem, or dispatch to the original.
This commit fixes the xattr scanning behavior. We unconditionally call
both functions (they each have no-op implementations if the feature
is missing) and in the regular xattr scanning code, we skip selinux
attributes, if the --selinux option was given.
Fixes: f1feccec5ad8 ("mkfs.ubifs: Implement selinux labelling support")
Reviewed-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: David Oberhollenzer <goliath@infraroot.at>
|
|
Below failure happens when mkfs.ubifs --selinux=FILE ...
"Error: bad file context FILE 1"
"No such file or directory (error 2)"
It is fixed by this change.
Signed-off-by: Zijun Hu <quic_zijuhu@quicinc.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Running mkfs.ubifs which was build without crypto triggered the
following assertion:
mkfs.ubifs: ubifs-utils/mkfs.ubifs/fscrypt.h:166:
inherit_fscrypt_context: Assertion `0' failed.
A previous commit-cc4c5e295f54 ("mkfs.ubifs: Enable support for building
without crypto") added a check for an existing fscrypt context before calling
functions inherit_fscrypt_context() and free_fscrypt_context(),
however did not properly do this for each call to these functions.
Fixes: cc4c5e295f54 ("mkfs.ubifs: Enable support for building without crypto")
Signed-off-by: Henri Roosen <henri.roosen@ginzinger.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Throughout the Automake files, there is a consistent pattern somewhat
like this:
FOO_BINS = ....
sbin_PROGRAMS += $(FOO_BINS)
This commit all such patterns whenever the variable is not used anywhere
else and appends to the target directly.
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
This commit removes the C header files from the EXTRA_DIST variables
and instead assigns them to the SOURCE variable of the respective
components they belong to.
This takes care of having them distributed in the release tar ball and
helps with dependency tracking a little.
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
This abstracts away attaching of the right ubi and then selecting the right
ubi device and volume to mount.
As described in the comment at the top this allows to mount ubifs volumes
directly from /etc/fstab without having to use hardcoded numbers (which
depend on mount order and so are unreliable) and extra magic to care for
attaching.
Signed-off-by: Uwe Kleine-König <u.kleine-koenig@pengutronix.de>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Especially for the pkcs11 engine, a configuration is required
because the provider has to be configured.
Its not clear why OPENSSL_no_config() is called.
Remove OPENSSL_no_config() and call OPENSSL_config(NULL)
instead.
Signed-off-by: Torben Hohn <torben.hohn@linutronix.de>
Signed-off-by: Bastian Germann <bage@linutronix.de>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
In v2.1.0, SELinux support was introduced. It never compiled with ubifs
because it uses the old add_xattr signature that also changed in v2.1.0
with a1bd316e23("mkfs.ubifs: Implement fscrypto context store as xattr").
Add the ubifs_ino_node and name to the call and remove the nm that is
contructed in the new function version.
Signed-off-by: Bastian Germann <bastiangermann@fishpost.de>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Signed-off-by: Bastian Germann <bastiangermann@fishpost.de>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
The sign.h header added by the authentication patch set was omitted
from the automake file and thus not added to the distribution tarball.
The resulting tarballs were unable to be compiled.
Fixes: a739b59 ("mkfs.ubifs: Add authentication support")
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
First, there is no option named of X509_OPTION. It was presumably
changed during development to AUTH_CERT_OPTION. This commit fixes
the name in the !WITH_CRYPTO branch.
Similarly, '}' got moved into the WITH_CRYPTO branch, but not into
else branch, resulting in tons of errors if fscrypt is disabled.
This commit pulls it back out of both branches.
Fixes: a739b59e ("mkfs.ubifs: Add authentication support")
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
For some command line flags, the argument string is copied. Simply
writing over the buffer leads to a resource leak if the same flag
is specified on the command line more than once.
This patch adds a free() call to the old buffer before overwriting
it with the new copy.
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
The existing code sets 'err' to -1 and breaks the readdir loop, but
the error state is never read. This patch modifies the readdir loop
to actualy jump to the error handling branch if readdir fails.
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
What originally cought my attention was that gen_essiv_salt has a
size_t return type and error paths that return -1 on failure.
Further investigation revealed that the error value is never checked
for. The encrypt_block function doesn't use the return value in any
way and simply continues onward.
Furthermore, the gen_essiv_salt function has an error case that emits
an error message but returns success state.
This patch modifes gen_essiv_salt to return an error status in all
error branches, changes the return type to ssize_t and adds a check
to encrypt_block if gen_essiv_salt fails.
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
This adds support for authenticated UBIFS images. In authenticated
images all UBIFS nodes are hashed as described in the UBIFS
authentication whitepaper. Additionally the superblock node contains a
hash of the master node and itself is cryptographically signed in a node
following the superblock node. The signature is in PKCS #7 CMS format.
To generate an authenticated image these options are necessary:
--hash-algo=NAME hash algorithm to use for signed images
(Valid options include sha1, sha256, sha512)
--auth-key=FILE filename or PKCS #11 uri containing the authentication key
for signing
--auth-cert=FILE Authentication certificate filename for signing. Unused
when certificate is provided via PKCS #11
Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
"favor_lzo" uses "lzo" unless the space savings when using "zlib" are
big. The current wording got this wrong.
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Fix a trivial typo to make sure that zstd.h is included only if
zstd is not disabled.
Signed-off-by: Martin Kaiser <martin@kaiser.cx>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Support for ZSTD compression has been added recently through the ZSTD
library, which is famously known for its incredibly well designed and
stable API.
This patch removes usage of ZSTD_CLEVEL_DEFAULT, which isn't exposed
in older versions of the ZSTD library, and replaces it with with the
constant parameter 0. According to the documentation this should then
use a reasonable default (which is defined internally).
Other possible approachs include defining ZSTD_CLEVEL_DEFAULT to 3
(the value it _currently_ has) if it isn't defined. This patch chooses
the approach of passing 0 since this seems to be encouraged by the
existing documentation.
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
I added ZSTD support to mkfs.ubifs and compared the ZSTD results with
zlib/lzo and the available ZSTD compression levels. The results are in
the following table:
Comp image MiB time image2 MiB time
none 271 0m 0,723s 223 0m 0,589s
lzo 164 0m13,705s 116 0m11,636s
zlib 150 0m 7,654s 103 0m 6,347s
favor-lzo 158 0m21,137s 110 0m17,764s
zstd-01 154 0m 1,607s 106 0m 1,429s
zstd-02 153 0m 1,704s 105 0m 1,479s
zstd-03* 152 0m 1,888s 104 0m 1,668s
zstd-04 151 0m 2,741s 103 0m 2,391s
zstd-05 150 0m 3,257s 102 0m 2,916s
zstd-06 150 0m 3,735s 102 0m 3,356s
zstd-07 150 0m 4,066s 102 0m 3,705s
zstd-08 152 0m 1,857s 104 0m 1,644s
zstd-09 152 0m 1,855s 104 0m 1,639s
zstd-10 150 0m 6,654s 102 0m 6,195s
zstd-11 150 0m10,027s 102 0m 9,130s
zstd-12 149 0m14,724s 101 0m13,415s
zstd-13 148 0m18,232s 100 0m16,719s
zstd-14 148 0m20,859s 100 0m19,554s
zstd-15 148 0m25,033s 100 0m23,186s
zstd-16 148 0m38,837s 100 0m36,543s
zstd-17 148 0m46,051s 100 0m43,120s
zstd-18 148 0m49,157s 100 0m45,807s
zstd-19 148 0m49,421s 100 0m45,951s
zstd-20 148 0m51,271s 100 0m48,030s
zstd-21 148 0m51,015s 100 0m48,676s
zstd-22 148 0m52,575s 100 0m50,013s
The UBIFS image was created via
mkfs.ubifs -x $Comp -m 512 -e 128KiB -c 2200 -r $image $out
I used "debootstrap sid" to create a basic RFS and the results are in
the `image' column. The image2 column denotes the results for the same
image but with .deb files removed.
The time column contains the output of the run time of the command.
ZSTD's compression level three is currently default. Based on the
compression results (for the default level) it outperforms LZO in
run time and compression and is almost as good as ZLIB in terms of
compression but quicker.
The higher compression levels make almost no difference in compression
but take a lot of time.
The compression level used is the default offered by ZSTD. It does not
make sense the higher levels.
Signed-off-by: Sebastian Andrzej Siewior <sebastian@breakpoint.cc>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Commit a767dd30 added a check to add_inode that bails when trying to
store extra data in anything other than a symlink. The symlink
encryption support added by that commit relies on the assumption.
Unfortionately it was overlooked that device special files also store
the device number as additional data in the inode. The check added in
commit a767dd30 broke support for device files in mkfs.ubifs.
This commit adds a quick and dirty fix, moving the check into the
fscrypt branch, breaking only the fscrypt version but restoring old
functionality for unencrypted file systems.
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
