Eric Biggers [Sat, 21 Jan 2023 20:32:23 +0000 (12:32 -0800)]
misc/mk_hugefiles: simplify get_partition_start()
search_sysfs_block() is causing -Wformat-truncation warnings. These
could be fixed by checking the return value of snprintf(), instead of
doing buggy checks like 'strlen(p_de->d_name) > SYSFS_PATH_LEN -
strlen(path) - 32', which has an integer underflow bug.
However, the only purpose of search_sysfs_block() is to find the sysfs
directory for a block device by device number. That can trivially be
done using /sys/dev/block/$major:$minor. So just do that instead. Also
make get_partition_start() explicitly Linux-only, as it has never worked
anywhere else.
Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Eric Biggers [Sat, 21 Jan 2023 20:32:22 +0000 (12:32 -0800)]
misc/fuse2fs: avoid error-prone strncpy() pattern
'strncpy(dst, src, strlen(src))' is usually wrong, as it doesn't copy
the null terminator. For this reason, it causes a -Wstringop-truncation
warning with gcc 8 and later.
The code happens to be correct anyway, since the destination buffer is
zero-initialized. But to avoid relying on this, let's just copy the
terminating null.
Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Eric Biggers [Sat, 21 Jan 2023 20:32:21 +0000 (12:32 -0800)]
misc/e4defrag: fix -Wstringop-truncation warnings
Fix two -Wstringop-truncation warnings in is_ext4() by simplifying how
how mnt_type is handled and by using the correct bound for mnt_fsname.
Fix a -Wstringop-truncation warning in main() by replacing the fragile
pattern 'strncpy(dst, src, strnlen(src, N))', which doesn't
null-terminate the destination string, with a standard string copy. (It
happened to work anyway because dst happens to be zero-initialized.)
These warnings showed up when building with -Wall with gcc 8 or later.
Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Eric Biggers [Sat, 21 Jan 2023 20:32:20 +0000 (12:32 -0800)]
misc/create_inode: simplify logic in scandir()
The control flow in scandir() (only used on Windows) confuses gcc into
thinking that *name_list is not always set on success, which causes a
-Wmaybe-uninitialized warning in __populate_fs(). As far as I can tell
it's a false positive; however, avoid it by cleanly separating the
success and failure cases in scandir().
Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Eric Biggers [Sat, 21 Jan 2023 20:32:18 +0000 (12:32 -0800)]
e2fsck: use real functions for kernel slab functions
The macros that e2fsck uses to implement kmalloc et al. use only some of
their arguments, so unlike standard function calls, they can cause
compiler warnings like:
./../e2fsck/revoke.c:141:8: warning: variable 'gfp_mask' set but not used [-Wunused-but-set-variable]
Fix this by providing a proper definition for each function, making sure
to match the function prototypes used in the kernel.
Remove the kmem_cache_t typedef, as it doesn't exist in the kernel.
Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Eric Biggers [Sat, 21 Jan 2023 20:32:17 +0000 (12:32 -0800)]
lib/uuid: remove conflicting Windows implementation of gettimeofday()
When building libuuid for Windows with MinGW with the default settings,
there is a build error in lib/uuid/gen_uuid.c because the explicit
definition of gettimeofday() conflicts with MinGW's declaration of
gettimeofday(). gen_uuid.c apparently expects USE_MINGW to be defined
to avoid that, but the build system doesn't actually do that.
Since native Windows builds of e2fsprogs are currently only supported
via MinGW anyway (in particular, Visual Studio is not supported), let's
fix this by just removing our own definition of gettimeofday().
Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Eric Biggers [Sat, 21 Jan 2023 20:32:13 +0000 (12:32 -0800)]
lib/{ext2fs,support}: fix 32-bit Windows build
_WIN32 is the standard macro to detect (native) Windows, regardless of
32-bit or 64-bit. _WIN64 is for 64-bit Windows only. Use _WIN32 where
_WIN64 was incorrectly being used.
This fixes several 32-bit Windows build errors, for example this one:
plausible.c: In function ‘print_ext2_info’:
plausible.c:109:31: error: ‘unix_io_manager’ undeclared (first use in this function); did you mean ‘undo_io_manager’?
109 | unix_io_manager,
| ^~~~~~~~~~~~~~~
| undo_io_manager
Fixes: 86b6db9f5a43 ("libext2fs: code adaptation to use the Windows IO manager") Cc: Paulo Antonio Alvarez <pauloaalvarez@gmail.com> Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Eric Biggers [Sat, 21 Jan 2023 20:32:08 +0000 (12:32 -0800)]
lib/ext2fs: consistently use #ifdefs in ext2fs_print_bmap_statistics()
Since the 'now' variable is only used to calculate 'inuse', and 'inuse'
is only used when defined(ENABLE_BMAP_STATS_OPS), it makes sense to
guard the declaration and initialization of 'now' and 'inuse' by the
same condition, just like the '*_perc' variables in the same function.
This addresses the following compiler warning with clang -Wall:
double inuse;
^
gen_bitmap64.c:187:9: warning: variable 'inuse' set but not used [-Wunused-but-set-variable] Reviewed-by: Lukas Czerner <lczerner@redhat.com> Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Eric Biggers [Sat, 21 Jan 2023 20:32:07 +0000 (12:32 -0800)]
lib/ext2fs: remove 32-bit x86 bitops assembly
The EXT2FS_ADDR() macro is causing -Warray-bounds warnings because it
(sort of) dereferences past the end of the input array. It's not a
"real" dereference, since the result is passed as a memory operand to
inline asm. But in the C language sense, it is a dereference.
Instead of trying to fix this code, let's consider that libext2fs *only*
implements the bit operations in assembly for 32-bit x86, which is
rarely used anymore. The fact that compilers have also improved, and no
one has implemented these for another architecture, even x86_64,
suggests it's not useful either. So, let's just remove this outdated
code, which was maybe useful in the 90s, but now just causes problems.
Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Eric Biggers [Sat, 21 Jan 2023 20:32:06 +0000 (12:32 -0800)]
lib/et: fix "unused variable" warnings when !HAVE_FCNTL
In init_debug(), avoid -Wunused-variable and -Wunused-but-set-variable
warnings when HAVE_FCNTL is not defined by only declaring 'fd' and
'flags' when HAVE_FCNTL is defined. This affected Windows builds.
Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Eric Biggers [Sat, 21 Jan 2023 20:32:05 +0000 (12:32 -0800)]
lib/{e2p,ss}: remove manual declarations of errno
As per 'man 3 errno':
On some ancient systems, <errno.h> was not present or did not
declare errno, so that it was necessary to declare errno manually
(i.e., extern int errno). **Do not do this**. It long ago ceased
to be necessary, and it will cause problems with modern versions of
the C library.
One of the platforms it causes a problem on is Windows:
In file included from fgetversion.c:28:
fgetversion.c: In function ‘fgetversion’:
fgetversion.c:68:20: warning: ‘_errno’ redeclared without dllimport attribute: previous dllimport ignored [-Wattributes]
68 | extern int errno;
| ^~~~~
Just remove these obsolete manual declarations of errno.
Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Eric Biggers [Sat, 21 Jan 2023 20:32:03 +0000 (12:32 -0800)]
lib/blkid: suppress -Wstringop-truncation warning in blkid_strndup()
Unfortunately, gcc gets confused by blkid_strndup() and incorrectly
thinks the destination string is not being null-terminated. This is
part of -Wstringop-truncation, enabled automatically by -Wall in gcc 8
and later. Let's just suppress this warning here.
Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Eric Biggers [Sat, 21 Jan 2023 20:32:02 +0000 (12:32 -0800)]
lib/blkid: suppress -Wunused-result warning in blkid_flush_cache()
When _FORTIFY_SOURCE is defined, glibc annotates link() with the
warn_unused_result function attribute. With gcc, that makes
'(void) link()' cause a -Wunused-result warning, despite the explicit
cast to void. That's annoying, since the use case in lib/blkid/save.c
is legitimate (opportunistic backup). So let's suppress this warning.
Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Eric Biggers [Sat, 21 Jan 2023 20:32:00 +0000 (12:32 -0800)]
lib/blkid: fix unaligned access to hfs_mdb
With -Wall, gcc warns:
./probe.c:1209:42: error: taking address of packed member of
'struct hfs_mdb' may result in an unaligned pointer value
This seems to be a real unaligned memory access bug, as the offset of
the 64-bit value from the start of the buffer is 116, which is not a
multiple of 8. Fix it by using memcpy().
Do the same for hfsplus to fix the same warning, though in that case the
offset is a multiple of 8 so it was defined behavior.
Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Eric Biggers [Sat, 21 Jan 2023 20:31:59 +0000 (12:31 -0800)]
lib/blkid: remove 32-bit x86 byteswap assembly
libblkid contains 32-bit x86 assembly language implementations of 16-bit
and 32-bit byteswaps. However, modern compilers can easily generate the
bswap instruction automatically from the corresponding C expression.
And no one ever bothered to add assembly for x86_64 or other
architectures, anyway. So let's just remove this outdated code, which
was maybe useful in the 90s, but is no longer useful.
Signed-off-by: Eric Biggers <ebiggers@google.com> Reviewed-by: Andreas Dilger <adilger@dilger.ca> Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Eric Biggers [Sat, 21 Jan 2023 20:31:58 +0000 (12:31 -0800)]
lib, misc: eliminate dependency on Winsock
Currently Windows builds of e2fsprogs rely on the Windows Socket API
(Winsock) to provide htonl() and ntohl(). For this to actually work,
though, HAVE_WINSOCK_H needs to be defined, and the binaries need to be
linked to -lws2_32. The Android.bp files do this; however, the
autotools-based build system does not.
Since htonl() and ntohl() are trivial, let's instead just add a file
include/mingw/arpa/inet.h with definitions for these.
Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Eric Biggers [Sat, 21 Jan 2023 20:31:57 +0000 (12:31 -0800)]
config/install-sh: update to latest version
The version of install-sh in the source tree is extremely old and
doesn't work when passed multiple path arguments, which breaks
'make install' on macOS.
Therefore, delete this file and run 'autoreconf -i' to update it to the
latest version.
Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Since the include/mingw/ directory needs to be on the include path when
building for Windows with MinGW, add it to INCLUDES automatically, and
AC_DEFINE the corresponding HAVE_*_H constants.
Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Eric Biggers [Sat, 21 Jan 2023 20:31:53 +0000 (12:31 -0800)]
configure.ac: only use Windows I/O manager on native Windows
Cygwin and MSYS2 are UNIX-compatible platforms on top of Windows, so
they should use the UNIX I/O manager, not the Windows I/O manager.
(Note that "cygwin" was misspelled as "cigwin", so the code did not have
the intended effect anyway.)
Fixes: d1d44c146a5e ("ext2fs: compile the io implementation according to os") Signed-off-by: Eric Biggers <ebiggers@google.com> Signed-off-by: Theodore Ts'o <tytso@mit.edu>
lihaoxiang (F) [Tue, 29 Nov 2022 07:02:39 +0000 (15:02 +0800)]
mmp: fix wrong comparison in ext2fs_mmp_stop
In our knowledge, ext2fs_mmp_stop use to process the rest of work
when mmp will finish. Critically, it must check if the mmp block is
not changed. But there exist an error in comparing the mmp and mmp_cmp.
Look to ext2fs_mmp_read, the assignment of mmp_cmp retrieve from the
superblock of disk and it copy to mmp_buf if mmp_buf is not none
and not equal to mmp_cmp in the meanwhile. However, ext2fs_mmp_stop
pass the no NULL pointer fs->mmp_buf which has possed the mmp info to
ext2fs_mmp_read. Consequently, ext2fs_mmp_read override fs->mmp_buf
by fs->mmp_cmp so that loss the meaning of comparing themselves
after that and worse yet, couldn't judge whether the struct of mmp
has changed.
In fact, we only need to modify the parameter to NULL pointer for
solving this problem.
lihaoxiang (F) [Tue, 15 Nov 2022 08:29:55 +0000 (16:29 +0800)]
debugfs: fix repeated output problem with `logdump -O -n <num_trans>`
Previously, patch 6e4cc3d5eeb2dfaa055e652b5390beaa6c3d05da introduces
the function of printing the specified number of logs. But there exists
a shortage when n is larger than the total number of logs, it dumped the
duplicated records circulately.
For example, the disk sda only has three records, but using instruction logdump
-On5, it would output the result as follow:
----------------------------------------------------------------------
Journal starts at block 1, transaction 6
Found expected sequence 6, type 1 (descriptor block) at block 1
Found expected sequence 6, type 2 (commit block) at block 4
No magic number at block 5: end of journal.
Found sequence 2 (not 7) at block 7: end of journal.
Found expected sequence 2, type 2 (commit block) at block 7
Found sequence 3 (not 8) at block 8: end of journal.
Found expected sequence 3, type 1 (descriptor block) at block 8
Found sequence 3 (not 8) at block 15: end of journal.
Found expected sequence 3, type 2 (commit block) at block 15
Found sequence 6 (not 9) at block 1: end of journal. <---------begin loop
Found expected sequence 6, type 1 (descriptor block) at block 1
Found sequence 6 (not 9) at block 4: end of journal.
Found expected sequence 6, type 2 (commit block) at block 4
Found sequence 2 (not 10) at block 7: end of journal.
Found expected sequence 2, type 2 (commit block) at block 7
logdump: short read (read 0, expected 1024) while reading journal
In this commit, we solve the problem above by exiting dumping if the
blocknr had already encountered, displayed the total number of logs
that the disk only possessed.
Li Dongyang [Mon, 19 Dec 2022 13:05:44 +0000 (00:05 +1100)]
e2fsck: optimize clone_file on large devices
When cloning multiply-claimed blocks for an inode,
clone_file() uses ext2fs_block_iterate3() to iterate
every block calling clone_file_block().
clone_file_block() calls check_if_fs_cluster(), even
the block is not on the block_dup_map, which could take
a long time on a large device.
Only check if it's metadata block when we need to clone
it.
Test block_metadata_map in check_if_fs_block()
and check_if_fs_cluster(), so we don't need to go over
each bg every time. The metadata blocks are already
marked in the bitmap.
Before this patch on a 500TB device with 3 files having
3 multiply-claimed blocks between them, pass1b is stuck
for more than 48 hours without progressing,
before e2fsck was terminated.
After this patch pass1b could finish in 180 seconds.
Signed-off-by: Li Dongyang <dongyangli@ddn.com> Reviewed-by: Andreas Dilger <adilger@dilger.ca> Signed-off-by: Theodore Ts'o <tytso@mit.edu>
lihaoxiang (F) [Tue, 29 Nov 2022 06:58:12 +0000 (14:58 +0800)]
tune2fs: check return value of ext2fs_mmp_update2 in rewrite_metadata_checksums
Tune2fs hasn't consider about the result of executing ext2fs_mmp_update2
when it try to rewrite_metadata_checksums. If the ext2fs_mmp_update2
failed, multi-mount protection couldn't guard there has the only node
(i.e. this program) accessing this device in the meantime.
We solve this problem to verify the return value of ext2fs_mmp_update2.
It terminate rewrite_metadata_checksums and exit immediately if the
wrong error code returned.
Currently this function was not correctly comparing against the right
length of the bitmap. Also when we compare bitarray v/s rbtree bitmap
the value returned by ext2fs_test_generic_bmap() could be different in
these two implementations. Hence only check against boolean value.
zhanchengbin [Mon, 10 Oct 2022 08:56:58 +0000 (16:56 +0800)]
misc/fsck.c: Processes may kill other processes.
I find a error in misc/fsck.c, if run the fsck -N command, processes
don't execute, just show what would be done. However, the pid whose
value is -1 is added to the instance_list list in the execute
function,if the kill_all function is called later, kill(-1, signum)
is executed, Signals are sent to all processes except the number one
process and itself. Other processes will be killed if they use the
default signal processing function.
Signed-off-by: zhanchengbin <zhanchengbin1@huawei.com> Signed-off-by: Lukas Czerner <lczerner@redhat.com> Reviewed-by: Zhiqiang Liu <liuzhiqiang26@huawei.com> Reviewed-by: Darrick J. Wong <djwong@kernel.org> Reviewed-by: Lukas Czerner <lczerner@redhat.com> Signed-off-by: Theodore Ts'o <tytso@mit.edu>
zhanchengbin [Tue, 4 Jan 2022 14:23:52 +0000 (22:23 +0800)]
libext2fs: add extra checks to ext2fs_check_mount_point()
A pseudo-filesystem, such as tmpfs, can have anything at all in its
mnt_fsname entry. Normally, it is just "tmpfs", like this:
tmpfs /tmp tmpfs rw,relatime,inode64 0 0
^^^^^
but in a pathological or malicious case, a system administrator can
specify a block device as its mnt_fsname which is the same as some
other block device. For example:
In this case, ext2fs_check_mount_point() may erroneously return that
the mountpoint for the file system on /dev/loop0 is mounted on
/tmp/test-tmpfs, instead of the correct /tmp/test-mnt. This causes
problems for resize2fs, since in order to do an online resize, it
needs to open the directory where the file system is mounted, and
trigger the online resize ioctl. If it opens the incorrect directory,
then resize2fs will fail.
So we need to add some additional checking to make sure that
directory's st_dev matches the block device's st_rdev field.
An example shell script which reproduces the problem fixed by this
commit is as follows:
Li Jinlin [Fri, 16 Sep 2022 07:42:23 +0000 (15:42 +0800)]
tune2fs: exit directly when fs freed in ext2fs_run_ext3_journal
In ext2fs_run_ext3_journal(), fs will be freed and reallocated.
However, the reallocation by ext2fs_open() may fail in some cases ---
for example, when the device becomes offline. To avoid a segfault,
exit if fs is NULL.
[ Simplified the patch by by simply exiting if fs is NULL -TYT ]
Signed-off-by: Li Jinlin <lijinlin3@huawei.com> Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Use an autoconf test to detect for a BSD- or GNU-style qsort_r function
BSD is planning on changing their qsort_r() implementation to align
with the POSIX/GNU-style qsort_r() function signature. So use an
autoconf test to determine which qsort_r() a system has.
Jürg Billeter [Thu, 18 Aug 2022 16:31:32 +0000 (18:31 +0200)]
create_inode: do not fail if filesystem doesn't support xattr
As `set_inode_xattr()` doesn't fail if the `llistxattr()` function is
not available, it seems inconsistent to let `set_inode_xattr()` fail if
`llistxattr()` fails with `ENOTSUP`, indicating that the filesystem
doesn't support extended attributes.
Alessio Balsini [Wed, 18 May 2022 17:09:16 +0000 (18:09 +0100)]
AOSP: e2fsdroid: static import of libbase
Fix a wrong mixed shared/static library inclusion that has been unveiled
by a recent clang upgrade to clang-r450784e: the linker couldn't find
the requested object reference and caused the tool to crash.
libsnapshot_fuzzer_test was luckily catching this misbehaviour as it was
crashing as well when trying to format a loop device as ext4.
Colin Cross [Tue, 17 Aug 2021 00:17:03 +0000 (17:17 -0700)]
AOSP: Fix e2fsdroid build with musl
The e2fsdroid build fails with musl because config.h is not included
before ext2fs.h, which causes HAVE_SYS_TYPES_H not to be defined
resulting in a missing definition for dev_t.
Include config.h at the top of each .c file, and remove extra
config.h include from perms.h.
Zhiqiang Liu [Mon, 5 Sep 2022 15:40:01 +0000 (23:40 +0800)]
tune2fs: tune2fs_main() should return rc when some error, occurs
If some error occurs, tune2fs_main() will go to closefs tag for
releasing resource, and it should return correct value (rc) instead
of 0 when ext2fs_close_free(&fs) successes.
Zhiqiang Liu [Mon, 5 Sep 2022 11:16:03 +0000 (19:16 +0800)]
tune2fs: fix tune2fs segfault when ext2fs_run_ext3_journal() fails
When ext2fs_run_ext3_journal() fails, tune2fs cmd will occur one
segfault problem as follows.
(gdb) bt
#0 0x00007fdadad69917 in ext2fs_mmp_stop (fs=0x0) at mmp.c:405
#1 0x0000558fa5a9365a in main (argc=<optimized out>, argv=<optimized out>) at tune2fs.c:3440
misc/tune2fs.c:
main()
-> ext2fs_open2(&fs)
-> ext2fs_mmp_start
......
-> retval = ext2fs_run_ext3_journal(&fs)
-> if (retval)
// if ext2fs_run_ext3_journal fails, close and free fs.
-> ext2fs_close_free(&fs)
-> rc = 1
-> goto closefs
......
closefs:
-> if (rc)
-> ext2fs_mmp_stop(fs) // fs has been set to NULL, boom!!
-> (ext2fs_close_free(&fs) ? 1 : 0); // close and free fs
In main() of tune2fs cmd, if ext2fs_run_ext3_journal() fails,
we should set rc=1 and goto closefs tag, in which will release fs
resource.
Fix: a2292f8a5108 ("tune2fs: reset MMP state on error exit") Signed-off-by: Zhiqiang Liu <liuzhiqiang26@huawei.com> Signed-off-by: zhanchengbin <zhanchengbin1@huawei.com> Signed-off-by: Theodore Ts'o <tytso@mit.edu>
tests: filter out the checksum seed output from dumpe2fs
The checksum seed is randomly set (normally set from the UUID) so it
will vary from run to run. So if it is present, we want to filter out
from a test log file.
mke2fs: disable CSUM_SEED if the METADATA_CSUM feature is disabled by the user
If the CSUM_SEED feature is enabled by default, and the user disables
metadata_csum, then also disable CSUM_SEED, since a file system with
csum_seed but not metadata_csum is not valid.
Theodore Ts'o [Wed, 31 Aug 2022 11:07:14 +0000 (07:07 -0400)]
mke2fs.conf: enable the metadata_csum_seed and orphan_file features by default
The orphan_file feature is a compat feature which is first supported
in the Linux kernel in 5.15.
The metadata_csum_seed feature is an incompat feature which is first
supported in the Linux kernel starting in the 4.4 kernel and e2fsprogs
1.43.
Note: In order for grub to be able to accept a file system with
metadata_csum_seed, it must have commit 7fd5feff97c4 ("fs/ext2: Ignore
checksum seed incompat feature"). This commit landed in July 2021,
which just missed the Grub 2.06 release in June 2021. Grub 2.11 was
slated for "H1'2022" but unfortunately it has not yet been released as
of this writing.
Marius Vollmer [Wed, 24 Aug 2022 11:38:48 +0000 (14:38 +0300)]
mmp: don't use O_RDWR in ext2fs_mmp_read
It doesn't seem to be necessary since ext2fs_mmp_write doesn't write
via mmp_fd, and opening the block device with O_RDWR will trigger
udev.
Triggering udev is bad because it leads to an infinite loop when
running dumpe2fs in response to a udev event.
[ Rebased onto the maint branch, and added O_RDONLY flag. From the
open(2) man page: "The argument flags must include one of the
following access modes: O_RDONLY, O_WRONLY, or O_RDWR." -- TYT ]
Jeremy Bongio [Tue, 16 Aug 2022 20:52:14 +0000 (13:52 -0700)]
tune2fs: Add support for get/set UUID ioctls.
When mounted, there is a race condition between changing the filesystem
UUID and changing other aspects of the filesystem, like mounting, resizing,
changing features, etc. Using these ioctls to get/set the UUID ensures the
filesystem is not being resized.
Signed-off-by: Jeremy Bongio <bongiojp@gmail.com> Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Theodore Ts'o [Thu, 18 Aug 2022 21:24:17 +0000 (17:24 -0400)]
Update shared library flags used for Apple/Darwin
As submitted by Carlos Cabrera:
We need to set the `-install_name` flag so that library consumers
can find the linked libraries when installed outside the default
dyld search path. This is the case, for example, when installed
using the Homebrew package manager on Apple Silicon.
I've removed the `-flat_namespace` flag because this flag is
effectively deprecated, and can cause issues when using `dlopen`
[1]. We also need to change `-undefined warning` to `-undefined
dynamic_lookup`, since the former flag is not supported without
`-flat_namespace`. Using `-undefined dynamic_lookup` instructs the
dynamic loader to resolve undefined symbols at run/load-time.
These are the flags used by Libtool on the newest versions of
macOS, and we've applied similar patches to many other packages at
Homebrew without any issues.
Theodore Ts'o [Sun, 14 Aug 2022 03:32:42 +0000 (23:32 -0400)]
libext2fs: return an error when byte swapping a corrupted dirblock block
Except for e2fsck (where we want to expose the corrupted directory
entries to e2fsck mostly so that the e2fsck output stays the same on
big-endian machines compared to little-endian machines, so we don't
break our regression tests), if the directory block is corrupted, and
ext2fs_dirent_swab_in[2](), trips across this, return an error. This
will make sure that naive users of libextfs will not try to handle a
corrupted directory block. This prevents potential buffer overruns in
the byte swapping code paths.
This commit does not cause any functional change on little-endian
systems.
Theodore Ts'o [Sat, 13 Aug 2022 20:39:17 +0000 (16:39 -0400)]
libext2fs: avoid looping forever in e2image when superblock is invalid
If the number of blocks or inodes per block group is not a multiple of
8 (which are invalid values) ext2fs_image_bitmap{read,write} can loop
forever. These file systems should be not be allowed to be opened
(without EXT2_FLAG_IGNORE_SB_ERRORS) but for the fact that a long time
ago, Android devices used a buggy (but BSD-licensed, which was what
was important to the early Android founders) program for creating file
systems which would create these invalid file systems. E2fsck
couldn't actually correctly repair these file systems, but adding a
check to enforce this (in e2fsprogs and in the kernel) would have
broken some of these devices, so support for these bogus file system
was in a grey area for many years.
We will be tightening this up soon, but for now, we'll apply this
quick fix so attempts to use e2image won't hang forever. (Not that
Android ever shipped e2image in those days, of course...)
The current version's debugfs possessed the function
logdump. Executing with option -O could output the log history. But
when it occurred the block which had no magic number in it's header,
the program would exit.
Sometimes we were locating problems, needed for more transactions that
had replayed instead of the latest batch of transactions and we
weren't hope to display all the history in the meanwhile. So we
introduced the option -n used for controlling the print of history
transactions. Specially, this parameter was depending on the option
-O otherwise it couldn't work.
So in this modification, we used logdump with -O -n <num_trans>. The
-n options causes logdump to continue past a block with a missing
magic nuber. Instead, it will terminate only when the entire log has
been printed or after <num_trans> transactions.
Casefold can be safely disabled if there are no directories with +F
attribute ( EXT4_CASEFOLD_FL ). This checks all inodes for that flag and in
case there isn't any, it disables casefold FS feature. When FS has
directories with +F attributes, user could convert these directories,
probably by mounting FS and executing some script or by doing it
manually. Afterwards, it would be possible to disable casefold FS flag
via tune2fs.
Lukas Czerner [Fri, 12 Aug 2022 13:01:22 +0000 (15:01 +0200)]
e2fsprogs: fix device name parsing to resolve names containing '='
Currently in varisous e2fsprogs tools, most notably tune2fs and e2fsck
we will get the device name by passing the user provided string into
blkid_get_devname(). This library function however is primarily intended
for parsing "NAME=value" tokens. It will return the device matching the
specified token, NULL if nothing is found, or copy of the string if it's
not in "NAME=value" format.
However in case where we're passing in a file name that contains an
equal sign blkid_get_devname() will treat it as a token and will attempt
to find the device with the match. Likely finding nothing.
Fix it by checking existence of the file first and then attempt to call
blkid_get_devname(). In case of a collision, notify the user and
automatically prefer the one returned by blkid_get_devname(). Otherwise
return either the existing file, or NULL.
We do it this way to avoid some existing file in working directory (for
example LABEL=volume-name) masking an actual device containing the
matchin LABEL. User can specify full, or relative path (e.g.
./LABEL=volume-name) to make sure the file is used instead.
Theodore Ts'o [Fri, 12 Aug 2022 02:16:41 +0000 (22:16 -0400)]
e2fsck: when mutating file name make sure its length never exceeds 255
E2fsck will attempt to mutate filenames to ensure uniqueness if
necessary. If there are two unique filenames that are 254 or 255
characters in length and do not contain the '~' character, the
mutate_name() function would create a filename which is 256 bytes
long, which is not a legal filename in Linux. Adjust the mutate_name
function to avoid this possibility.
Neither of these two warnings can actually happen (other limits will
be hit first), but widening the integer to a 64-bit unsigned integer
is an cheap and effective way to silence the Coverity warnings.
Theodore Ts'o [Thu, 11 Aug 2022 22:37:26 +0000 (18:37 -0400)]
resize2fs: use ext2fs_get_arrayzero() instead of ext2fs_get_array() + memset()
The use of ext2fs_get_arrayzero() to replace using ext2fs_get_array()
+ memset() does not result in any functional change, but it (a) is
slightly more efficient, and (b) makes it easier for Coverity to avoid
signalling a false positive.
Andreas Dilger [Fri, 5 Aug 2022 21:28:54 +0000 (15:28 -0600)]
misc: use ext2_ino_t instead of ino_t
Some of the new fastcommit and casefold changes used the system
"ino_t" instead of "ext2_ino_t" for handling filesystem inodes.
This causes printf warnings if the system "ino_t" is of a different
size. Use the library "ext2_ino_t" for consistency.
Signed-off-by: Andreas Dilger <adilger@whamcloud.com> Reviewed-by: Gabriel Krisman Bertazi <krisman@collabora.com> Signed-off-by: Theodore Ts'o <tytso@mit.edu>
zhanchengbin [Thu, 4 Aug 2022 10:33:39 +0000 (18:33 +0800)]
tune2fs: do not change j_tail_sequence in journal superblock
The function recover_ext3_journal() in debugfs/journal.c, if the log
replay is over, the j_tail_sequence in journal superblock is not
changed to the value of the last transaction sequence. This will
cause subsequent log commitids to count from the commitid in last
time. After tune2fs -e, the log commitid is counted from the commitid
in last time, if the log ID of the current operation overlaps with
that of the last operation, this will cause logs that were previously
replayed by tune2fs to be replayed here.