git://git.whamcloud.com - tools/e2fsprogs.git/log

resize2fs: use Direct I/O when reading the superblock for online resizes

If the file system is mounted, the superblock can be changing while
resize2fs is trying to read the superblock, resulting in checksum
failures. One way of avoiding this problem is read the superblock
using Direct I/O, since the kernel makes sure that what gets written
to disk is self-consistent.

Suggested-by: Krister Johansen <kjlx@templeofstupid.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

tests: add test for handling an invalid symlink in an inline directory

Add a test for the commit "e2fsck: fix handling of a invalid symlink
in an inline_data directory"

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

e2fsck: fix handling of a invalid symlink in an inline_data directory

If there is an inline directory that contains a directory entry to an
invalid symlink, and that invalid symlink is the portion of the inline
directory stored in an xattr portion of the inode, this can result in
a buffer overrun.

When check_dir_block() is handling the in-xattr portion of the inline
directory, it sets the buf pointer to the beginning of that part of
the inline directory. This results in the scratch buffer passed to
e2fsck_process_bad_inode() to incorrect, resulting in a buffer overrun
if e2fsck_pass1_check_symlink() needs to read the symlink target (when
the symlink is too long to fit in the i_blocks[] space).

This commit fixes this by using the original cd->buf instead of buf,
since it can get modified when handling inline directories.

Fixes: 0ac4b3973f31 ("e2fsck: inspect inline dir data as two directory blocks")
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

libsupport: fix function prototype for quota_write_inode()

Commit 2d2d799c7261 ("Clean up codes for adding new quota type")
changed the second paramter of quota_write_inode() from taking a
single quota type to taking a logical OR of (1 << quota_types).

The one thing this commit didn't change was the function prototype for
quota_write_inode() in the header file from an enum to an unsigned
int. Most C compilers don't seem to mind, and omission is mostly
harmless. However, mingw64 does issue a warning which gets promoted
to an error.

Fixes: 2d2d799c7261 ("Clean up codes for adding new quota type")
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

ci.yml: test cross-compiling for Android

Add jobs that cross-compile e2fsprogs for Android using the Android NDK.
These use the autotools-based build system, so they're a bit different
from the actual Android builds, but they should still be useful.

Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

e2freefrag: don't use linux/fsmap.h when fsmap_sizeof() is missing

Work around an issue with the Android NDK where its copy of
linux/fsmap.h is missing the inline functions fsmap_sizeof() and
fsmap_advance(). This was causing an error when building e2fsprogs
using the Android NDK, using the autotools-based build system.

Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

e2fsck: avoid -Wtautological-constant-out-of-range-compare warnings

Fix two compiler warnings on 32-bit platforms that have mallinfo() but
not mallinfo2(). These showed up when building e2fsprogs for armv7a or
i686 Android using the Android NDK, targeting Android API level 32 or
lower and using the autotools-based build system.

Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

blkidP.h: add missing extern "C" declaration

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

tests: add test for "e2fsck: fix bad htree checksums in preen mode"

Add a test for commit bbe08adac044 ("e2fsck: fix bad htree checksums
in preen mode").

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

e2fsck: restructure code to reduce indentation level in check_dir_block()

No functional changes; just move things around so we can avoid
indenting the code quite so much.

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

e2fsck: fix bad htree checksums in preen mode

We attempt to fix directories which have a bad/corrupted htree index
node by completely rebuilding the directory htree nodes.  Since this
is a very safe thing to do and has no risk of losing directory
entries, we've enabled this for preen mode.  Unfortunately, subsequent
index nodes look like empty directory entries that fill the entire
block --- without a checksum at the end of the directory.  So these
nodes will be treated as a completely corrupted directory block, and
this will *not* be fixed while in preen mode.

So add code to treat an empty directory entry which covers the entire
block as valid if the directory is already on the list of inodes to be
rebuilt.

Addresses-Gooogle-Bug: 178607853
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

ci.yml: store the config.h files as workflow artifacts

Store the config.h file for each platform as a workflow artifact, so
that it will be possible to download them and compare them to
util/android_config.h.

Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

tests: fix r_move_itable_realloc to run on Linux

The check for the various unsupported OSes incorrectly checked if
the string "FreeBSD" was true, which it always was. Fix this.

Update the expect file as commit v1.46.4-17-g4ea80d031c7e did to
adjust the total number of blocks requested during resize.

Change-Id: I272dbec67ab30bac6413eb4cba0e3ab00183b893
Fixes: 5a3ea3905f ("tests: force test file systems to be built for Linux OS")
Signed-off-by: Andreas Dilger <adilger@dilger.ca>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

tests: fix u_direct_io to work with older losetup

Older losetup does not have --sector-size, but this isn't really
needed for the test to work. Instead specify the filesystem block
size directly to mke2fs, so that it works on all distros instead
of being skipped.

Change-Id: I5a0c82a9efdefd1b48f4d4288998c7725c9ae71e
Signed-off-by: Andreas Dilger <adilger@dilger.ca>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

lib/ext2fs: fix unbalanced mutex unlock for BOUNCE_MTX in unix_io

f_crashdisk test failed with UNIX_IO_FORCE_BOUNCE=yes due to unbalanced
mutex unlock in below path.

This patch fixes it.

Signed-off-by: Ritesh Harjani (IBM) <ritesh.list@gmail.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

Fix date in the release notes for v1.46.6

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

Update e2fsprogs.lsm for 1.46.6 release

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

debian: remove package-specific copyright notices

These are causing a large number of Lintian warnings
"file-without-copyright-information".

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

Update release notes, etc., for the 1.46.6 release

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

config: update config.{guess,sub}

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

po: update zh_CN.po (from translationproject.org)

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

po: update uk.po (from translationproject.org)

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

po: update sv.po (from translationproject.org)

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

po: update sr.po (from translationproject.org)

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

po: update pl.po (from translationproject.org)

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

po: update nl.po (from translationproject.org)

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

po: update ms.po (from translationproject.org)

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

po: update fr.po (from translationproject.org)

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

po: update es.po (from translationproject.org)

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

po: update de.po (from translationproject.org)

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

po: update cs.po (from translationproject.org)

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

badblocks: fix operation with large-ish block sizes and/or counts

test_rw() and test_nd() need to allocate two or three times the product
of the block size and the block counts. This can overflow the signed int
type of block_size and result in allocate_buffer() being called with a
value smaller than intended. Once that buffer is written to, badblocks
segfaults.

Since allocate_buffer() accepts a size_t, change the input validation to
use SIZE_MAX and cast accordingly when calculating the argument.

Fixing the segfault allows larger values to be passed to read() and
write(); these need to be cast to size_t as well in order to avoid a
signed integer overflow causing failure, in which case badblocks would
fall back to testing a single block at once.

Before:
$ misc/badblocks -w -b 4096 -c 524288 -e 1 -s -v /tmp/testfile.bin
Checking for bad blocks in read-write mode
From block 0 to 524287
Segmentation fault

$ misc/badblocks -n -b 4096 -c 524288 -e 1 -s -v /tmp/testfile.bin
Checking for bad blocks in non-destructive read-write mode
From block 0 to 524287
Checking for bad blocks (non-destructive read-write test)
Segmentation fault

After:
$ misc/badblocks -w -b 4096 -c 524288 -e 1 -s -v /tmp/testfile.bin
Checking for bad blocks in read-write mode
From block 0 to 524287
Testing with pattern 0xaa: done
Reading and comparing: done
Testing with pattern 0x55: done
Reading and comparing: done
Testing with pattern 0xff: done
Reading and comparing: done
Testing with pattern 0x00: done
Reading and comparing: done
Pass completed, 0 bad blocks found. (0/0/0 errors)

$ misc/badblocks -n -b 4096 -c 524288 -e 1 -s -v /tmp/testfile.bin
Checking for bad blocks in non-destructive read-write mode
From block 0 to 524287
Checking for bad blocks (non-destructive read-write test)
Testing with random pattern: done
Pass completed, 0 bad blocks found. (0/0/0 errors)

Signed-off-by: Corey Hickey <bugfood-c@fatooh.org>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

badblocks: separate and improve error messages for blocks_at_once

Since the conditional checks the product of block_size and
blocks_at_once, reporting that the problem is solely with
blocks_at_once is misleading.

Also change the error to use the name of the parameter listed in the
manual rather than the variable name.

Since blocks_at_once is unsigned, change the test to == rather than <=.

Before:
$ misc/badblocks -w -b 16777216 -c 524288 -e 1 -s -v /tmp/testfile.bin
misc/badblocks: Invalid blocks_at_once: 524288

After:
$ misc/badblocks -w -b 16777216 -c 524288 -e 1 -s -v /tmp/testfile.bin
misc/badblocks: For block size 16777216, blocks_at_once too large: 524288

$ misc/badblocks -w -b 16777216 -c 0 -e 1 -s -v /tmp/testfile.bin
misc/badblocks: Invalid number of blocks: 0

Signed-off-by: Corey Hickey <bugfood-c@fatooh.org>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

badblocks: fix mis-printed error from block size check

block_size is parsed as an unsigned int from parse_uint(), so retain it
as such until _after_ it has been constrained to a size within INT_MAX.

Lower level code still requires this to be an int, so cast to int for
anything below main().

Before:
$ misc/badblocks -w -b 4294967295 -c 1 /tmp/testfile.bin
misc/badblocks: Invalid block size: -1

After:
$ misc/badblocks -w -b 4294967295 -c 1 /tmp/testfile.bin
misc/badblocks: Invalid block size: 4294967295

Signed-off-by: Corey Hickey <bugfood-c@fatooh.org>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

badblocks: print a more explanatory message when a parameter is too large

Before:
$ misc/badblocks -w -b 4294967296 -c 1 /tmp/testfile.bin
misc/badblocks: invalid block size - 4294967296

After:
$ misc/badblocks -w -b 4294967296 -c 1 /tmp/testfile.bin
misc/badblocks: block size too large - 4294967296

The original error is retained for invalid arguments, e.g.:
$ misc/badblocks -w -b foo -c 1 /tmp/testfile.bin
misc/badblocks: invalid block size - foo

Signed-off-by: Corey Hickey <bugfood-c@fatooh.org>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

fuse2fs: support "fuse2fs -o offset=<bytes>"

This works the same way that mount -o offset=<bytes> works, and can be
used to mount particular partitions from a whole disk image.

Signed-off-by: Matt Stark <msta@google.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

ext2fs: Use 64bit lseek when _FILE_OFFSET_BITS is 64

Use lseek() with 64bit off_t when _FILE_OFFSET_BITS is 64
this fixes build with musl where there is no _llseek but lseek
is using off_t which is 64bit on musl

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

Add option to enable/disable largefile support

fallocate can be used to have 64bit off_t provided its compiled with
_FILE_OFFSET_BITS=64 which will be added automatically when
--enable-largefile is used.

[ Run autoreconf to update configure and config.h.in -- TYT ]

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

libext2fs: reject opening a file system where the blocks per group < 8

A file system where the superblock claims that the blocks per group is
less than 8 is invalid, so let's reject it at ext2fs_open() time.

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

Update Makefile dependencies

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

libext2fs: unix_io: fix_potential error path deadlock in flush_cached_blocks()

We can't call the error handler while holding the CACHE_MUTEX (see
previous commit, "libext2fs: unix_io: fix_potential error path
deadlock in reuse_cache()" for details), so first try to write out all
of the dirty blocks in the cache, and then for those where we had
errors, then call the error handler.

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

libext2fs: unix_io: fix potential error path deadlock in reuse_cache()

This was reported by [1] but the fix was incorrect. The issue is that
when unix_io was made thread-safe, it was necessary that to add a
CACHE_MUTEX to protect multiple threads from potentially colliding
with the very simple writeback cache used by the unix_io I/O manager.
The original I/O manager was purposefully kept simple, used a
fixed-size cache; accordingly, the locking used also kept simple, and
used a single global mutex.

[1] https://lore.kernel.org/r/310fb77f-dfed-1196-c4ee-30d5138ee5a2@huawei.com

The problem was that if an application (such as e2fsck) registers a
write error handler, that handler would be called with the CACHE_MUTEX
still held, and if that application tried to do any I/O --- for
example, closing the file system using ext2fs_close() and then exiting
--- the application would deadlock.

We should perhaps fix this either by deciding that the simple Unix I/O
cache doesn't actually buy much beyond some system call overhead, or
by putting in a full-fledged buffer I/O cache system which uses a much
larger cache with allocated memory, fine-grained locking and Direct
I/O to prevent double cache at the kernel and userspace level.
However, for now, fix the problem by waiting until after we have
released the CACHE_MUTEX before calling the write handler. This is
good enough given how e2fsck's ehandler.c use case, and in practice no
one else really uses the error handler in any case.

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

libext2fs: unix_io: add flag which suppresses calling the write error handler

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

AOSP: Android: run bpfmt on all bp files

Ran the following command:

bpfmt -w $(find . -name Android.bp)

Change-Id: Ia08c8d481199dfa917dbed2dc218df167f101ce5
From AOSP commit: 30fa5b9af82695711cc1bf749fbb0cd18afa008a

AOSP: Android: consolidate warning suppressions

For warnings not supported by upstream e2fsprogs, it's a waste of time
to suppress them only in specific places, as they can show up anywhere
in future releases of e2fsprogs. Let's consolidate all these warning
suppressions into the top-level Android.bp for e2fsprogs.

Change-Id: Icebc03289dae920cb1b673e605c48f7f2b517625
From AOSP commit: d08d59557a34c6362e3660e7e35bc118591dbbfa

AOSP: Android: stop suppressing warnings from macOS build

This is no longer needed.

Change-Id: Ie6a1c098a2e5b9db42c9a239ddfbf682cbd3bad2
From AOSP commit: 890e23673b7496bbf400e6bb5fd555bbb3c4b88f

AOSP: Android: stop suppressing warnings controlled by -Wall

Upstream fully supports -Wall now.

Change-Id: Ida895a1c5dfdf168bc6f50049680b2d2bfbb2942
From AOSP commit: 0ef947d1d4890b3fd4509bc1f3c98bb0f0a525f5

AOSP: Android: consolidate addition of include/mingw/

To match what the autotools-based build system does now, always add
include/mingw/ to the include path on Windows. I don't think this makes
a real difference anywhere, but this is much simpler.

Change-Id: I92fdaf3e58029dfca3187af928d943270b2a2109
From AOSP commit: c9aa74eac41f8feeabb2321383161c7cf92cb49b

AOSP: Android: add a new upstream source file

Change-Id: Iafeccde9acca678e665b49a4cdb42ac0672e2a84
From AOSP commit: f22381d07818ff7e55e89698a1daf23ba2357d69

AOSP: lib/support: don't assume qsort_r() is always available on Linux

Since commit 4e5f24ae4267 ("Use an autoconf test to detect for a BSD- or
GNU-style qsort_r function"), e2fsck fails to build for Android because
lib/support/sort_r.h assumes that qsort_r() is always available on
"Linux", but in fact it's not supported by Android's libc.

Rename _SORT_R_LINUX to _SORT_R_GNU to clarify that it's really the
glibc convention for qsort_r(), not the "Linux" convention per se, and
make sort_r.h stop setting it automatically when __linux__ is defined.

Note: this change does *not* prevent glibc's qsort_r() from being used
when e2fsprogs is built using the autotools-based build system, as
'configure' checks for qsort_r() too. This change just affects the
fallback behavior for when qsort_r() was not already detected.

Fixes: 4e5f24ae4267 ("Use an autoconf test to detect for a BSD- or GNU-style qsort_r function")
Signed-off-by: Eric Biggers <ebiggers@google.com>
Link: https://lore.kernel.org/r/20230130215829.863455-1-ebiggers@kernel.org
Change-Id: I4ed2fd6aef5a0d62960988d29e35acd337bb7d02
From AOSP commit: 9f289d0add4f12fa2e4b21754141363a2759d152

AOSP: Stop explicitly specifying -fno-strict-aliasing

The upstream build system for e2fsprogs doesn't use
-fno-strict-aliasing, so update the Android.bp files to match.

Note: Android's build system currently uses -fno-strict-aliasing by
default anyway, so this change doesn't actually enable strict aliasing.
But that's a bit besides the point. The point is that this project
doesn't need anything special, so we don't need to do anything special.

Change-Id: Ifa637058fd95fdc2b6994a8b801b238e929c1f13
From AOSP commit: c30a15e5d615748d4824dec26f1bda1a86be979c

AOSP: mke2fs: stop suppressing warnings for Windows build

The warning this was intended to suppress was already fixed by
upstream commit 108f3021a6b6 ("mke2fs: use ext2fs_get_device_size2() on
all platforms").

Test: mmm external/e2fsprogs
Change-Id: I12de1b58e839658568c2f7cd30f1c2a227fe15f2
From AOSP commit: 7c581e836497595d0748953eb2b533777d9f4fd4

AOSP: e2fsdroid: stop disabling address sanitization

Address sanitization was disabled in e2fsdroid over 5 years ago, due to
a bug in libext2fs. However, that bug has long since been fixed by
upstream commit 689b7be2da01 ("libext2fs: avoid dereferencing beyond
allocated memory in xattr code"). So it should be fine to re-enable
address sanitization now.

Bug: 68387795
Change-Id: I89a7a1ec1a45d0a2ed76d2e5938dbc127eb267a6
From AOSP commit: c3b223fedcb94e5763c48b93a4445289d13a5eb0

AOSP: Update lib/ext2fs/Android.bp for upstream change

Compile windows_io.c on Windows, and unix_io.c everywhere else.

Change-Id: Ieab0b9ad5a9f7c275153e0f90553761693967762
Signed-off-by: Eric Biggers <ebiggers@google.com>
From AOSP commit: 0c82cec0d1aa70c993b5231a2c2244eb5175e638

AOSP: mke2fs.microdroid: Allow non-APEX version of libs

Microdroid uses mke2fs to format encryptedstore partition. This happens
in parallel to apex activation by apexd. Hence, sometime, mke2fs would
fail if some linker libraries are not available.

Create a target (mke2fs.microdroid) with bootstrap: true

Bug: 238179332
Test: Build succeeds & atest MicrodroidTests#encryptedStorageAvailable
Change-Id: I1aa493bfc188bb78e21efe98423f4a79215f7d95
From AOSP commit: 54818f635e4249db903dd17fca22ae11b3c0f3a0

AOSP: Create blkid_static

static_apexer_tools depends on deapexer which depends on blkid. So we
need a static version of blkid.

BUG: b/257933023
TEST: local build of blkid_static
Change-Id: I191840a21df1c10f4371acbe8067f39f148f28b8
From AOSP commit: 2aa5b65667e71bc278117caffa46c331d75d2803

AOSP: Make blkid host_supported

We need blkid in deapexer to get the filesystem type of the payload
image. However, blkid will not be installed to host out dir unless we
make it host_supported which is what this change is about.

BUG: b/255963179, b/240288941
TEST: m deapexer; then check out/host/linux-x86/bin
Change-Id: I46c1e18b9dbdbeb41c7dfe4e26496004d1b2b3de
From AOSP commit: f12ebffc345741380d9a30ddac528a9b995657cd

e4defrag: avoid potential buffer overflow caused by very long file names

Addresses-Coverity-Bug: 1520603
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

debian: make the copyright file machine readable

Debian introduced a machine-readable copyright file a while ago.
Convert the general copyright file and the package-specific ones,
splitting the info that belongs to the package-specific ones.
Drop debian/e2fsck-static.copyright because that does not have a
file set that is very distinct from the general source; it would
just replicate parts of it.

This change adds some missing licenses that have to be documented
according to Debian Policy §12.5 as well as the copyright info for
many files.

Signed-off-by: Viraj Shah <viraj.shah@linutronix.de>
Signed-off-by: Bastian Germann <bage@linutronix.de>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

dict: Add modifification note required by license

The Kazlib license says:

"Permission is also granted to adapt this software to produce
derivative works, as long as the modified versions carry this copyright
notice and additional notices stating that the work has been modified."

Add the missing notice stating that the work has been modified.

Signed-off-by: Bastian Germann <bage@linutronix.de>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

ci.yml: use actions/checkout@v3 to switch to using Node 16

This suppresses deprecation warnings from github saying that Node 12
has been deprecated and actions to migrate to using Node 16.

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

lib/uuid: remove unneeded Windows UUID workaround

Some .c files in lib/uuid/ contain the following:

#ifdef _WIN32
#define _WIN32_WINNT 0x0500
#include <windows.h>
#define UUID MYUUID
#endif

This seems to have been intended to allow the use of a local "UUID" type
without colliding with "UUID" in the Windows API. However, this is
unnecessary because there's no local "UUID" type -- there's only uuid_t.

None of these .c files need the include of windows.h, either.

Finally, the unconditional definition of _WIN32_WINNT causes a compiler
warning when the user defines _WIN32_WINNT themself.

Since this code is unnecessary and is causing problems, just remove it.

Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

lib/ext2fs: don't warn about lack of getmntent on Windows

It is expected that Windows doesn't have getmntent(), so don't warn
about it.

Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

ci.yml: ensure -Werror really gets used in all cases

-Werror wasn't actually being used when building the libraries, as the
libraries use CFLAGS_STLIB instead of CFLAGS.

Use CFLAGS_WARN, which gets included in both.

Note: -Werror can't just be passed to 'configure' like the other flags
are, as it interferes with some of the configure checks.

Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

Change the xattr entry hash to use an unsighed char by default

Starting in Linux 6.2, char is forced to always unsigned when
compiling the kernel, even on those platforms (such as x86) where char
was traditionally signed.  This exposed a bug in ext4, where when
calculating the extended attribute entry hash, we used a char value
from the extended attribute name.  This resulted with the entry hash,
which is stored on-disk, to variable depending on whether the plaform
used a signed or unsigned char.

Fortunately, the xattr names tend to be ASCII characters with the 8th
bit zero, so it wasn't noticed two decades (this bugs dates back to
the introduction of extended attribute support to ext2 in 2.5.46).
However, when this change was made in v6.2-rc1, the inconsistency
between the extended attribute hash calculated by e2fsprogs (which was
still using a signed char on x86) was different from an x86 kernel,
and this triggered a test failure in generic/454.

This was fixed in kernel commit f3bbac32475b (" ext4: deal with legacy
signed xattr name hash values"), where Linus decreed that it wasn't
worth it to fix this the same way we had addressed has used by the
dir_index feature.  Instead, starting in the 6.2 kernel, ext4 will
accept both the hash calculated using signed and unsigned chars, but
set the entry hash using the unsigned char.  This commit makes
e2fsprogs follow suit.

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

debugfs: print the extended attribute's e_hash field

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

tests: clean up test names

Remove trailing newlines and downcase the starting word in the names

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

e2fsck: double cast a pointer to suppress a bogus compiler warning in kfree()

The C standard is wrong[1] with respect to the function signature of
free(), while the kernel's kfree() is correct.  Unfortunately, this
leads to compiler warnings.

Sayeth Dennis Ritchie: "Noalias must go.  This is non-negotiable"[2].
Noalias went.  The confusion around const, alas, still remains.

[1] https://yarchive.net/comp/const.html
[2] https://www.lysator.liu.se/c/dmr-on-noalias.html

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

e2fsck: use ext2_ino_t instead of ino_t

The ino_t type is defined by the system header files, and may be
anything from an unsigned int, unsigned long, or an unsigned long
long. So where we are referring to an ext2/ext3/ext4 inode number, we
should use ext2_ino_t to avoid this ambiguity, especially when passing
an inode number to a printf-style function.

This was detected via a compiler warning on MacOS, but it's
potentially a real bug, since it can cause an error message to print a
garbled inode number.

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

Add a configuration file for GitHub Actions

Add a workflow file for GitHub Actions, with jobs that build and test
e2fsprogs on various platforms with various options.

The workflow is configured to run on pushes only, since e2fsprogs does
not use GitHub pull requests.

This will work on any e2fsprogs fork on Github that has GitHub Actions
enabled. For example, the results for the testing I've been doing are
at https://github.com/ebiggers/e2fsprogs/actions.

Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

resize2fs: remove unused variable from adjust_superblock()

In adjust_superblock(), the 'group_block' variable is declared and set,
but it is never actually used.  Remove it.

This addresses the following compiler warning with clang -Wall:

        blk64_t         group_block;
                        ^

resize2fs.c:1119:11: warning: variable 'group_block' set but not used [-Wunused-but-set-variable]
Reviewed-by: Lukas Czerner <lczerner@redhat.com>
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

misc/util.c: enable MinGW alarm() when building for Windows

To compile for Windows, this file needs MinGW's implementation of
alarm().  To expose that definition, some macros must be defined before
including the system headers.  This was done in Android.bp, but it was
not done in the autotools-based build system.  Define these macros in
the source file itself so that all build systems work.

Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

misc/mke2fs: fix a -Wunused-variable warning in PRS()

This showed up when building for Windows.

Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

misc/mke2fs: fix Windows build

unix_io_manager is no longer available on Windows. windows_io_manager
must be used instead.

Fixes: 86b6db9f5a43 ("libext2fs: code adaptation to use the Windows IO manager")
Cc: Paulo Antonio Alvarez <pauloaalvarez@gmail.com>
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

misc/mk_hugefiles: simplify get_partition_start()

search_sysfs_block() is causing -Wformat-truncation warnings.  These
could be fixed by checking the return value of snprintf(), instead of
doing buggy checks like 'strlen(p_de->d_name) > SYSFS_PATH_LEN -
strlen(path) - 32', which has an integer underflow bug.

However, the only purpose of search_sysfs_block() is to find the sysfs
directory for a block device by device number.  That can trivially be
done using /sys/dev/block/$major:$minor.  So just do that instead.  Also
make get_partition_start() explicitly Linux-only, as it has never worked
anywhere else.

Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

misc/fuse2fs: avoid error-prone strncpy() pattern

'strncpy(dst, src, strlen(src))' is usually wrong, as it doesn't copy
the null terminator. For this reason, it causes a -Wstringop-truncation
warning with gcc 8 and later.

The code happens to be correct anyway, since the destination buffer is
zero-initialized. But to avoid relying on this, let's just copy the
terminating null.

Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

misc/e4defrag: fix -Wstringop-truncation warnings

Fix two -Wstringop-truncation warnings in is_ext4() by simplifying how
how mnt_type is handled and by using the correct bound for mnt_fsname.

Fix a -Wstringop-truncation warning in main() by replacing the fragile
pattern 'strncpy(dst, src, strnlen(src, N))', which doesn't
null-terminate the destination string, with a standard string copy. (It
happened to work anyway because dst happens to be zero-initialized.)

These warnings showed up when building with -Wall with gcc 8 or later.

Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

misc/create_inode: simplify logic in scandir()

The control flow in scandir() (only used on Windows) confuses gcc into
thinking that *name_list is not always set on success, which causes a
-Wmaybe-uninitialized warning in __populate_fs(). As far as I can tell
it's a false positive; however, avoid it by cleanly separating the
success and failure cases in scandir().

Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

misc/create_inode: fix -Wunused-variable warnings in __populate_fs()

These showed up when building for Windows.

Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

e2fsck: use real functions for kernel slab functions

The macros that e2fsck uses to implement kmalloc et al. use only some of
their arguments, so unlike standard function calls, they can cause
compiler warnings like:

./../e2fsck/revoke.c:141:8: warning: variable 'gfp_mask' set but not used [-Wunused-but-set-variable]

Fix this by providing a proper definition for each function, making sure
to match the function prototypes used in the kernel.

Remove the kmem_cache_t typedef, as it doesn't exist in the kernel.

Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

lib/uuid: remove conflicting Windows implementation of gettimeofday()

When building libuuid for Windows with MinGW with the default settings,
there is a build error in lib/uuid/gen_uuid.c because the explicit
definition of gettimeofday() conflicts with MinGW's declaration of
gettimeofday(). gen_uuid.c apparently expects USE_MINGW to be defined
to avoid that, but the build system doesn't actually do that.

Since native Windows builds of e2fsprogs are currently only supported
via MinGW anyway (in particular, Visual Studio is not supported), let's
fix this by just removing our own definition of gettimeofday().

Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

lib/support: clean up definition of flags_array

Add braces to address the following compiler warning with gcc -Wall:

print_fs_flags.c:24:42: warning: missing braces around initializer [-Wmissing-braces]
24 | static struct flags_name flags_array[] = {
| ^

Also add 'const', and add an explicit NULL in the last entry.

Reviewed-by: Lukas Czerner <lczerner@redhat.com>
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

lib/support: remove unused label in get_devname()

Address the following compiler warning with gcc -Wall:

devname.c: In function ‘get_devname’:
devname.c:61:1: warning: label ‘out_strdup’ defined but not used [-Wunused-label]
61 | out_strdup:
| ^~~~~~~~~~

Reviewed-by: Lukas Czerner <lczerner@redhat.com>
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

lib/ss: fix 'make install' by creating man1dir

'make install' does not work because libss tries to install a man page
without creating the directory first. Fix this.

Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

lib/{ext2fs,support}: fix 32-bit Windows build

_WIN32 is the standard macro to detect (native) Windows, regardless of
32-bit or 64-bit.  _WIN64 is for 64-bit Windows only.  Use _WIN32 where
_WIN64 was incorrectly being used.

This fixes several 32-bit Windows build errors, for example this one:

plausible.c: In function ‘print_ext2_info’:
plausible.c:109:31: error: ‘unix_io_manager’ undeclared (first use in this function); did you mean ‘undo_io_manager’?
  109 |                               unix_io_manager,
      |                               ^~~~~~~~~~~~~~~
      |                               undo_io_manager

Fixes: 86b6db9f5a43 ("libext2fs: code adaptation to use the Windows IO manager")
Cc: Paulo Antonio Alvarez <pauloaalvarez@gmail.com>
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

lib/ext2fs: fix a -Wpointer-sign warning in ext2fs_mmp_start()

This showed up when building for Windows.

Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

lib/ext2fs: fix two compiler warnings in windows_io.c

init_private_data() triggers a -Wstringop-truncation warning, due to a
real bug. Fix it.

windows_open() has a -Wunused-variable warning because some
macOS-specific code was copied there for no reason. Remove it.

Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

lib/ext2fs: fix a printf format specifier in file_test()

size_t should be matched by %zu, not %lu. This fixes a -Wformat warning
when building for 32-bit x86.

Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

lib/ext2fs: consistently use #ifdefs in ext2fs_print_bmap_statistics()

Since the 'now' variable is only used to calculate 'inuse', and 'inuse'
is only used when defined(ENABLE_BMAP_STATS_OPS), it makes sense to
guard the declaration and initialization of 'now' and 'inuse' by the
same condition, just like the '*_perc' variables in the same function.

This addresses the following compiler warning with clang -Wall:

double inuse;
^

gen_bitmap64.c:187:9: warning: variable 'inuse' set but not used [-Wunused-but-set-variable]
Reviewed-by: Lukas Czerner <lczerner@redhat.com>
Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

lib/ext2fs: remove 32-bit x86 bitops assembly

The EXT2FS_ADDR() macro is causing -Warray-bounds warnings because it
(sort of) dereferences past the end of the input array.  It's not a
"real" dereference, since the result is passed as a memory operand to
inline asm.  But in the C language sense, it is a dereference.

Instead of trying to fix this code, let's consider that libext2fs *only*
implements the bit operations in assembly for 32-bit x86, which is
rarely used anymore.  The fact that compilers have also improved, and no
one has implemented these for another architecture, even x86_64,
suggests it's not useful either.  So, let's just remove this outdated
code, which was maybe useful in the 90s, but now just causes problems.

Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

lib/et: fix "unused variable" warnings when !HAVE_FCNTL

In init_debug(), avoid -Wunused-variable and -Wunused-but-set-variable
warnings when HAVE_FCNTL is not defined by only declaring 'fd' and
'flags' when HAVE_FCNTL is defined. This affected Windows builds.

Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

lib/{e2p,ss}: remove manual declarations of errno

As per 'man 3 errno':

    On some ancient systems, <errno.h> was not present or did not
    declare errno, so that it was necessary to declare errno manually
    (i.e., extern int errno).   **Do not do this**.  It long ago ceased
    to be necessary, and it will cause problems with modern versions of
    the C library.

One of the platforms it causes a problem on is Windows:

    In file included from fgetversion.c:28:
    fgetversion.c: In function ‘fgetversion’:
    fgetversion.c:68:20: warning: ‘_errno’ redeclared without dllimport attribute: previous dllimport ignored [-Wattributes]
       68 |         extern int errno;
          |                    ^~~~~

Just remove these obsolete manual declarations of errno.

Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

lib/e2p: fix a -Wunused-variable warning in getflags()

This affected Windows builds.

Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

lib/blkid: suppress -Wstringop-truncation warning in blkid_strndup()

Unfortunately, gcc gets confused by blkid_strndup() and incorrectly
thinks the destination string is not being null-terminated. This is
part of -Wstringop-truncation, enabled automatically by -Wall in gcc 8
and later. Let's just suppress this warning here.

Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

lib/blkid: suppress -Wunused-result warning in blkid_flush_cache()

When _FORTIFY_SOURCE is defined, glibc annotates link() with the
warn_unused_result function attribute.  With gcc, that makes
'(void) link()' cause a -Wunused-result warning, despite the explicit
cast to void.  That's annoying, since the use case in lib/blkid/save.c
is legitimate (opportunistic backup).  So let's suppress this warning.

Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

lib/blkid: fix -Wunused-variable warning in blkid_get_dev_size()

This showed up when building for Windows. It's hard to conditionally
define this variable, so use the 'unused' attribute.

Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

lib/blkid: fix unaligned access to hfs_mdb

With -Wall, gcc warns:

      ./probe.c:1209:42: error: taking address of packed member of
               'struct hfs_mdb' may result in an unaligned pointer value

This seems to be a real unaligned memory access bug, as the offset of
the 64-bit value from the start of the buffer is 116, which is not a
multiple of 8.  Fix it by using memcpy().

Do the same for hfsplus to fix the same warning, though in that case the
offset is a multiple of 8 so it was defined behavior.

Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

lib/blkid: remove 32-bit x86 byteswap assembly

libblkid contains 32-bit x86 assembly language implementations of 16-bit
and 32-bit byteswaps. However, modern compilers can easily generate the
bswap instruction automatically from the corresponding C expression.
And no one ever bothered to add assembly for x86_64 or other
architectures, anyway. So let's just remove this outdated code, which
was maybe useful in the 90s, but is no longer useful.

Signed-off-by: Eric Biggers <ebiggers@google.com>
Reviewed-by: Andreas Dilger <adilger@dilger.ca>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

lib, misc: eliminate dependency on Winsock

Currently Windows builds of e2fsprogs rely on the Windows Socket API
(Winsock) to provide htonl() and ntohl(). For this to actually work,
though, HAVE_WINSOCK_H needs to be defined, and the binaries need to be
linked to -lws2_32. The Android.bp files do this; however, the
autotools-based build system does not.

Since htonl() and ntohl() are trivial, let's instead just add a file
include/mingw/arpa/inet.h with definitions for these.

Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

config/install-sh: update to latest version

The version of install-sh in the source tree is extremely old and
doesn't work when passed multiple path arguments, which breaks
'make install' on macOS.

Therefore, delete this file and run 'autoreconf -i' to update it to the
latest version.

Signed-off-by: Eric Biggers <ebiggers@google.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>