Safety guard in the U-Boot filesystem glue code, because these functions
are called from different parts of the codebase. For generic filesystem
handling this should have been checked in blk_get_device_part_str()
already. Commands from cmd/ubifs.c should also check this before
calling those functions, but you never know?!
Signed-off-by: Alexander Dahl <ada@thorsis.com>
Global superblock pointer 'ubifs_sb' and volume pointer 'ubi' of type
struct ubi_volume_desc in private member sb->s_fs_info of type struct
ubifs_info, can be allocated and freed at runtime, and allocated and
freed again, depending which console or script commands are run. In
some cases ubifs_sb is even tested to determine if the filesystem is
mounted. Reset those pointers to NULL after free to clearly mark them
as not valid. This avoids potential double free on invalid pointers.
(The ubifs_sb pointer was already reset, but that statement was moved
now to directly after the free() to make it easier to understand.)
Signed-off-by: Alexander Dahl <ada@thorsis.com>
When mounting ubifs e.g. through command 'ubifsmount' one global static
superblock 'ubifs_sb' is used _and_ the requested volume is opened (like
in Linux). The pointer returned by 'ubifs_open_volume()' is stored in
that superblock struct and freed later on cmd 'ubifsumount' or another
call to 'ubifsmount' with a different volume, through ubifs_umount() and
ubi_close_volume().
In ubifs_ls(), ubifs_exists(), ubifs_size(), and ubifs_read() the volume
was opened again, which is technically no problem with regard to
refcounting, but here the still valid pointer in sb was overwritten,
leading to a memory leak. Even worse, when using one of those
functions and calling ubifsumount later, ubi_close_volume() was called
again but now on an already freed pointer, leading to a double free.
This actually crashed with different invalid memory accesses on a board
using the old distro boot and a rather long script handling RAUC
updates.
Example:
> ubi part UBI
> ubifsmount ubi0:boot
> test -e ubi ubi0:boot /boot.scr.uimg
> ubifsumount
The ubifs specific commands 'ubifsls' and 'ubifsload' check for a
mounted volume by themselves, for the generic fs variants 'ls', 'load',
(and 'size', and 'test -e') this is covered by special ubifs handling in
fs_set_blk_dev() and deeper down blk_get_device_part_str() then. So for
ubifs_ls(), ubifs_exists(), ubifs_size(), and ubifs_read() we can be
sure the volume is opened and the necessary struct pointer in sb is
valid, so it is not needed to open volume again.
Fixes: 9eefe2a2b37 ("UBIFS: Implement read-only UBIFS support in U-Boot")
Fixes: 29cc5bcadfc ("ubifs: Add functions for generic fs use")
Signed-off-by: Alexander Dahl <ada@thorsis.com>
ZSTD can be a better tradeoff between NAND IO operations and decompression
speed giving a better boot time.
Signed-off-by: Piotr Wojtaszczyk <piotr.wojtaszczyk@timesys.com>
Reviewed-by: Heiko Schocher <hs@denx.de>
As part of bringing the master branch back in to next, we need to allow
for all of these changes to exist here.
Reported-by: Jonas Karlman <jonas@kwiboo.se>
Signed-off-by: Tom Rini <trini@konsulko.com>
When bringing in the series 'arm: dts: am62-beagleplay: Fix Beagleplay
Ethernet"' I failed to notice that b4 noticed it was based on next and
so took that as the base commit and merged that part of next to master.
This reverts commit c8ffd1356d42223cbb8c86280a083cc3c93e6426, reversing
changes made to 2ee6f3a5f7550de3599faef9704e166e5dcace35.
Reported-by: Jonas Karlman <jonas@kwiboo.se>
Signed-off-by: Tom Rini <trini@konsulko.com>
The last user of the NEEDS_MANUAL_RELOC has been removed in commit
26af162ac8f8 ("arch: m68k: Implement relocation")
Remove now unused NEEDS_MANUAL_RELOC code.
Signed-off-by: Marek Vasut <marek.vasut+renesas@mailbox.org>
The ubifsload command is truncating any address above 4GiB as it casts
this address to an u32, instead of using an unsigned long which most of
the other load commands do. Change this to an unsigned long to allow
loading into high memory for boards which use these areas.
Fixes the following error:
=> ubifsload 0x2100000000 /boot/Image.lzma
Loading file '/boot/Image.lzma' to addr 0x00000000...
Unhandled exception: Store/AMO access fault
Signed-off-by: Ben Dooks <ben.dooks@sifive.com>
Signed-off-by: Ben Dooks <ben.dooks@codethink.co.uk>
Commit b1a14f8a1c2e ("UBIFS: Change ubifsload to not read beyond the
requested size") added optimization to do not read more bytes than it is
really needed. But this commit introduced incorrect handling of the hole at
the end of file. This logic cause U-Boot to crash or lockup when trying to
read from the ubifs filesystem.
When read_block() call returns -ENOENT error (not an error, but the hole)
then dn-> structure is not filled and contain garbage. So using of dn->size
for memcpy() argument cause that U-Boot tries to copy unspecified amount of
bytes from possible unmapped memory. Which randomly cause lockup of P2020
CPU.
Fix this issue by copying UBIFS_BLOCK_SIZE bytes from read buffer when
dn->size is not available. UBIFS_BLOCK_SIZE is the size of the buffer
itself and read_block() fills buffer by zeros when it returns -ENOENT.
This patch fixes ubifsload on P2020.
Fixes: b1a14f8a1c2e ("UBIFS: Change ubifsload to not read beyond the requested size")
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Stefan Roese <sr@denx.de>
Move this out of the common header and include it only where needed. In
a number of cases this requires adding "struct udevice;" to avoid adding
another large header or in other cases replacing / adding missing header
files that had been pulled in, very indirectly. Finally, we have a few
cases where we did not need to include <asm/global_data.h> at all, so
remove that include.
Signed-off-by: Simon Glass <sjg@chromium.org>
Signed-off-by: Tom Rini <trini@konsulko.com>
We should not be using typedefs and these make it harder to use
forward declarations (to reduce header file inclusions). Drop the typedef.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present dm/device.h includes the linux-compatible features. This
requires including linux/compat.h which in turn includes a lot of headers.
One of these is malloc.h which we thus end up including in every file in
U-Boot. Apart from the inefficiency of this, it is problematic for sandbox
which needs to use the system malloc() in some files.
Move the compatibility features into a separate header file.
Signed-off-by: Simon Glass <sjg@chromium.org>
At present devres.h is included in all files that include dm.h but few
make use of it. Also this pulls in linux/compat which adds several more
headers. Drop the automatic inclusion and require files to include devres
themselves. This provides a good indication of which files use devres.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Anatolij Gustschin <agust@denx.de>
linux_compat.c is the best place for kmemdup(), which is currenly used
only in ubifs.c, but will also be used when other kernel files
(in my case, lib/crypto/x509_cert_parser.c and pkcs7_parser.c) will be
imported. So just move it.
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Move env_set_hex() over to the new header file along with env_set_addr()
which uses it.
Signed-off-by: Simon Glass <sjg@chromium.org>
Acked-by: Joe Hershberger <joe.hershberger@ni.com>
As part of the effort to remove things from common.h, create a new header
for the gzip functions. Move the function declarations to it and add
missing documentation.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Simon Goldschmidt <simon.k.r.goldschmidt@gmail.com>
Add local size_t variable to crypto_comp_decompress as intermediate
storage for destination length to avoid memory corruption and incorrect
results on 64 bit targets.
This is what linux does for the various lz compression implementations.
Signed-off-by: Paul Davey <paul.davey@alliedtelesis.co.nz>
Cc: Heiko Schocher <hs@denx.de>
Tested-by: Heiko Schocher <hs@denx.de>
This patch solves assert failed displayed in the console during a boot.
The root cause is that the ubifs_inode is not already allocated when
ubifs_printdir and ubifs_finddir functions are called.
Trace showing the issue:
feed 'boot.scr.uimg', ino 94, new f_pos 0x17b40ece
dent->ch.sqnum '7132', creat_sqnum 3886945402880
UBIFS assert failed in ubifs_finddir at 436
INODE ALLOCATION: creat_sqnum '7129'
Found U-Boot script /boot.scr.uimg
Signed-off-by: Christophe Kerello <christophe.kerello@st.com>
Signed-off-by: Patrice Chotard <patrice.chotard@st.com>
When U-Boot started using SPDX tags we were among the early adopters and
there weren't a lot of other examples to borrow from. So we picked the
area of the file that usually had a full license text and replaced it
with an appropriate SPDX-License-Identifier: entry. Since then, the
Linux Kernel has adopted SPDX tags and they place it as the very first
line in a file (except where shebangs are used, then it's second line)
and with slightly different comment styles than us.
In part due to community overlap, in part due to better tag visibility
and in part for other minor reasons, switch over to that style.
This commit changes all instances where we have a single declared
license in the tag as both the before and after are identical in tag
contents. There's also a few places where I found we did not have a tag
and have introduced one.
Signed-off-by: Tom Rini <trini@konsulko.com>
We are now using an env_ prefix for environment functions. Rename these
commonly used functions, for consistency. Also add function comments in
common.h.
Suggested-by: Wolfgang Denk <wd@denx.de>
Signed-off-by: Simon Glass <sjg@chromium.org>
This patch fixes the below warning by typecasting it properly
fs/ubifs/ubifs.c: In function 'ubifs_load':
fs/ubifs/ubifs.c:942:29: warning: cast to pointer from integer
of different size [-Wint-to-pointer-cast]
err = ubifs_read(filename, (void *)addr, 0, size, &actread);
Signed-off-by: Siva Durga Prasad Paladugu <sivadur@xilinx.com>
Signed-off-by: Michal Simek <michal.simek@xilinx.com>
Reviewed-by: Heiko Schocher <hs@denx.de>
Rename this function to blk_get_device_part_str(). This is a better name
because it makes it clear that the function returns a block device and
parses a string.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Tested-by: Stephen Warren <swarren@nvidia.com>
Use 'struct' instead of a typdef. Also since 'struct block_dev_desc' is long
and causes 80-column violations, rename it to struct blk_desc.
Signed-off-by: Simon Glass <sjg@chromium.org>
Reviewed-by: Bin Meng <bmeng.cn@gmail.com>
Tested-by: Stephen Warren <swarren@nvidia.com>
In a number of places we had wordings of the GPL (or LGPL in a few
cases) license text that were split in such a way that it wasn't caught
previously. Convert all of these to the correct SPDX-License-Identifier
tag.
Signed-off-by: Tom Rini <trini@konsulko.com>
sync with linux v4.2
commit 64291f7db5bd8150a74ad2036f1037e6a0428df2
Author: Linus Torvalds <torvalds@linux-foundation.org>
Date: Sun Aug 30 11:34:09 2015 -0700
Linux 4.2
This update is needed, as it turned out, that fastmap
was in experimental/broken state in kernel v3.15, which
was the last base for U-Boot.
Signed-off-by: Heiko Schocher <hs@denx.de>
Tested-by: Ezequiel Garcia <ezequiel@vanguardiasur.com.ar>
Implement the necessary functions for implementing generic fs support
for ubifs.
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Reviewed-by: Heiko Schocher <hs@denx.de>
Modify the ubifs u-boot wrapper function prototypes for generic fs use,
and give them their own header file.
This is a preparation patch for adding ubifs support to the generic fs
code from fs/fs.c.
Signed-off-by: Hans de Goede <hdegoede@redhat.com>
Reviewed-by: Heiko Schocher <hs@denx.de>
At present malloc.h is included everywhere since it recently was added to
common.h in this commit:
4519668 mtd/nand/ubi: assortment of alignment fixes
This seems wasteful and unnecessary. We have been trying to trim down
common.h and put separate functions into separate header files and that
change goes in the opposite direction.
Move malloc_cache_aligned() to a new header so that this can be avoided.
The header would perhaps be better named as alignmem.h but it needs to be
included after common.h and people might be confused by this. With the name
memalign.h it fits nicely after malloc() in most cases.
Signed-off-by: Simon Glass <sjg@chromium.org>
Acked-by: Marcel Ziswiler <marcel.ziswiler@toradex.com>
Various U-Boot adoptions/extensions to MTD/NAND/UBI did not take buffer
alignment into account which led to failures of the following form:
ERROR: v7_dcache_inval_range - start address is not aligned - 0x1f7f0108
ERROR: v7_dcache_inval_range - stop address is not aligned - 0x1f7f1108
Signed-off-by: Marcel Ziswiler <marcel.ziswiler@toradex.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
Acked-by: Scott Wood <scottwood@freescale.com>
[trini: Add __UBOOT__ hunk to lib/zlib/zutil.c due to malloc.h in common.h]
Signed-off-by: Tom Rini <trini@konsulko.com>
This commit is a preperation for a subsequent UBIFS commit
which needs atomic_long operations.
Therefor "include/asm-generic/atomic-long.h" is imported
from 1860e37 Linux 3.15
Signed-off-by: Anton Habegger <anton.habegger@gmail.com>
U-Boot has imported various source files from other projects,
mostly Linux.
Something like
#ifdef __UBOOT__
[ modification for U-Boot ]
#else
[ original code ]
#endif
is an often used strategy for clarification of adjusted parts,
that is, easier re-sync in future.
Instead of defining __UBOOT__ in each source file,
passing it from the top Makefile would be easier.
Signed-off-by: Masahiro Yamada <yamada.m@jp.panasonic.com>
Acked-by: Marek Vasut <marex@denx.de>
Acked-by: Heiko Schocher <hs@denx.de>
resync ubi subsystem with linux:
commit 455c6fdbd219161bd09b1165f11699d6d73de11c
Author: Linus Torvalds <torvalds@linux-foundation.org>
Date: Sun Mar 30 20:40:15 2014 -0700
Linux 3.14
A nice side effect of this, is we introduce UBI Fastmap support
to U-Boot.
Signed-off-by: Heiko Schocher <hs@denx.de>
Signed-off-by: Tom Rini <trini@ti.com>
Cc: Marek Vasut <marex@denx.de>
Cc: Sergey Lapin <slapin@ossfans.org>
Cc: Scott Wood <scottwood@freescale.com>
Cc: Joerg Krause <jkrause@posteo.de>
Using ZLIB compression with UBIFS fails if last data node is not a size of
UBIFS_BLOCK_SIZE (4096 bytes).
Easiest way to test this is trying to read a file smaller than 4k:
=> ubifsload 41000000 /etc/fstab
Loading file '/etc/fstab' to addr 0x41000000 with size 704 (0x000002c0)...
UBIFS error (pid 0): read_block: bad data node (block 0, inode 2506)
UBIFS error (pid 0): do_readpage: cannot read page 0 of inode 2506, error -22
Error reading file '/etc/fstab'
/etc/fstab not found!
exit not allowed from main input shell.
=>
With this patch:
=> ubifsload 41000000 /etc/fstab
Loading file '/etc/fstab' to addr 0x41000000 with size 704 (0x000002c0)...
Done
=>
Signed-off-by: Veli-Pekka Peltola <veli-pekka.peltola@bluegiga.com>
Cc: kmpark@infradead.org
Tested-by: Andreas Bießmann <andreas.devel@googlemail.com>
Signed-off-by: Stefan Roese <sr@denx.de>
Commit 46d7274 "UBIFS: Change ubifsload to set the filesize variable"
introduced the follwing compiler warning:
ubifs.c: In function 'ubifs_load':
ubifs.c:742: warning: format '%lX' expects type 'long unsigned int', but argument 3 has type 'u32'
Signed-off-by: Wolfgang Denk <wd@denx.de>
Cc: Bastian Ruppert <Bastian.Ruppert@Sewerin.de>
This is the same behaviour like tftp or fatload command.
Signed-off-by: Bastian Ruppert <Bastian.Ruppert@Sewerin.de>
CC: kmpark@infradead.org
Acked-by: Detlev Zundel <dzu@denx.de>
Free private_data member element before freeing file structure.
This was causing malloc to crash. Also remove unnecessary variable
assigments as file structure gets free'd as well.
Signed-off-by: Rod Boyce <uboot@teamboyce.co.uk>
Signed-off-by: Wolfgang Denk <wd@denx.de>
Cc: Stefan Roese <sr@denx.de>
Signed-off-by: Stefan Roese <sr@denx.de>
The link_name variable is declared inside the if block and it is used
outside it through the name pointer.
Signed-off-by: Ricardo Ribalda Delgado <ricardo.ribalda@gmail.com>
Signed-off-by: Stefan Roese <sr@denx.de>
Until now ubifsload pads the destination with 0 up to a multiple of
UBIFS_BLOCK_SIZE (4KiB) while reading a file to memory. This patch
changes this behaviour to only read to the requested length. This
is either the file length or the length/size provided as parameter
to the ubifsload command.
Signed-off-by: Stefan Roese <sr@denx.de>
By now, the majority of architectures have working relocation
support, so the few remaining architectures have become exceptions.
To make this more obvious, we make working relocation now the default
case, and flag the remaining cases with CONFIG_NEEDS_MANUAL_RELOC.
Signed-off-by: Wolfgang Denk <wd@denx.de>
Tested-by: Heiko Schocher <hs@denx.de>
Tested-by: Reinhard Meyer <u-boot@emk-elektronik.de>
There is more and more usage of printing 64bit values,
so enable this feature generally, and delete the
CONFIG_SYS_64BIT_VSPRINTF and CONFIG_SYS_64BIT_STRTOUL
defines.
Signed-off-by: Heiko Schocher <hs@denx.de>
Add #ifdefs where necessary to not perform relocation fixups. This
allows boards/architectures which support relocation to trim a decent
chunk of code.
Note that this patch doesn't add #ifdefs to architecture-specific code
which does not support relocation.
Signed-off-by: Peter Tyser <ptyser@xes-inc.com>
