git://git.whamcloud.com - tools/e2fsprogs.git/log

e2fsck: add -m option for multithread

-m option is added but no actual functionality is added. This
patch only adds the logic that when -m is specified, one of
-p/-y/-n options should be specified. And when -m is specified,
-C shouldn't be specified and the completion progress report won't
be triggered by sending SIGUSR1/SIGUSR2 signals. This simplifies
the implementation of multi-thread fsck in the future.

Completion progress support with multi-thread fsck will be added
back after multi-thread fsck implementation is finished. Right
now, disable it to simplify the implementation of multi-thread fsck.

E2fsprogs-commit: 842ae5f528f9797e4b2c739daa76884e4349e8f3

Change-Id: I428f4f3b10974b769100bf00169bdd7d8cf86deb
Signed-off-by: Li Xi <lixi@ddn.com>
Signed-off-by: Wang Shilong <wshilong@ddn.com>
Reviewed-by: Andreas Dilger <adilger@whamcloud.com>
Signed-off-by: Saranya Muruganandam <saranyamohan@google.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

LU-17310 tests: make m_assume_storage_prezeroed more robust

Don't assume that mke2fs is going to zero out an exact number
of blocks when run with/without "-E assume_storage_prezeroed",
since this depends on a number of different options that are
not specified in the test script.

Instead, check that the number of blocks zeroed in the image is
a small fraction (1/15th) of the number of blocks zeroed when
"-E assume_storage_prezeroed" is not given, which makes it more
robust when running in different environments. This varies from
1/16 in the original test to 1/91 in my local test environment.

Avoid "losetup --sector-size 4096", use "mke2fs -b 4096" instead.
Clean up the loop device before checking "stat" so that all
blocks are flushed to the backing storage before calling sync.
Only one loop device and test file is needed for the test.

Signed-off-by: Andreas Dilger <adilger@dilger.ca>
Change-Id: I98fc3f5334cb8e2dd754c5d4994f2ca582300c13
Reviewed-on: https://review.whamcloud.com/c/tools/e2fsprogs/+/53217
Tested-by: jenkins <devops@whamcloud.com>
Tested-by: Maloo <maloo@whamcloud.com>
Reviewed-by: Li Dongyang <dongyangli@ddn.com>

LU-14432 configure.ac: fix AC_PREREQ

AS_HELP_STRING was introduced in autoconf 2.58
requiring autoconf 2.69 is not necessary and it breaks
several builds in our Jenkins.

Change required autoconf to 2.59 just to be safe.

Change-Id: I30af873879866858d32b715ac4ce78d095e10f7d
Fixes: 8c9e2921 ("configure.ac: convert all help strings to use AS_HELP_STRING")
Signed-off-by: Li Dongyang <dongyangli@ddn.com>
Reviewed-on: https://review.whamcloud.com/41665
Reviewed-by: Andreas Dilger <adilger@whamcloud.com>
Reviewed-by: Wang Shilong <wshilong@whamcloud.com>
Tested-by: jenkins <devops@whamcloud.com>
Tested-by: Maloo <maloo@whamcloud.com>

Update release notes, etc., for the 1.47.2 release

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

config: update config.{guess,sub}

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

po: update the binary gmo files

Also relax the msgfmt checking to avoid using --check-format, since
e2fsck's problem string's %-interpolation allows the ordering of
block, inode, etc. numbers to be moved around in translations. (And
the recent update to the Spanish po file takes advantage of this
feature.)

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

debian: decrease priority of e2fsprogs from required to important

Addresses-Debian-Bug: #897277
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

po: update zh_CN.po (from translationproject.org)

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

po: update uk.po (from translationproject.org)

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

po: update sv.po (from translationproject.org)

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

po: update ro.po (from translationproject.org)

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

po: update pl.po (from translationproject.org)

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

po: update ms.po (from translationproject.org)

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

po: update fr.po (from translationproject.org)

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

po: update es.po (from translationproject.org)

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

po: update cs.po (from translationproject.org)

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

debian: sort the symbol list for libext2fs2t64

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

debian: disable salsa CI on non-debian branches

The Salsa CI attempts to do a package build, and the debian/patches
directory is generally not set up correctly for a successful source
build on non-debian branches. So skip them to avoid failed builds and
to avoid wasting CI bandwidth.

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

rezize2fs: fix memory leak when fixing up the orphan file inode

Fixes: ff4f46b4fdb2 ("resize2fs: rewrite the checksums in the orphan...")
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

libext2fs: fix compiler warning in ext2fs_orphan_file_block_csum_set()

Fixes: daf2d1c830d9 ("libext2fs: fix ext2fs_orphan_file_block_csum_set()")
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

debugfs: add a new command to list the orphan inodes

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

e2fsck: clear the orphan_file while processing it

Previously, we cleared the orphan file after pass 5. This was
unfortunate, because it means that the file system is left in a
corrupted state after running "e2fsck -E journal_only". By fixing
this, we can also remove a spurious "Orpan file... is not clean"
report from e2fsck.

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

tests: check updating the orphan file checksums during an offline resize

Check to make sure resize2fs correctly update the orphan file's
checksums if the orphan_file's blocks get moved.

This test checks the fix in commit ff4f46b4fdb2 ("resize2fs: rewrite
the checksums in the orphan file if necessary").

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

resize2fs: rewrite the checksums in the orphan file if necessary

The calculation of the metadata checksum located in each block of the
orphan file's inode includes the physical block number. So if any of
those blocks have been moved, the checksum needs to be updated.

Reported-by: Matthias Reichl <hias@horus.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

tests: fix m_rootgnutar expect script

Fixes: 62fe2f4df048 ("misc/mke2fs.c: suppress 'Creating regular file' message with -q")
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

libext2fs: fix ext2fs_orphan_file_block_csum_set()

The function ext2fs_orphan_file_block_csum_set() isn't used by
e2fsprogs, but it was embarassingly broken. Thanks to Darrick Wong
for pointing this out.

Fixes: 16534ff59444 ("e2fsck: fix big-endian support for orphan_file...")
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

debian: add a suggestion of libarchive13t64 to e2fsprogs

Addresses-Debian-Bug: #1089085
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

mke2fs: remove deprecated -r option from the usage message

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

dumpe2fs: add support for LABEL= and UUID= specifiers for the device

The e2mmpstatus man page claims that it will support LABEL= and UUID=
specifiers, and these days e2mmpstatus is implemented in terms of
dumpe2fs. So teach dumpe2fs to handle these specifiers so we can make
the e2mmpstatus man page be true.

https://github.com/tytso/e2fsprogs/issues/106

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

misc: fix potential memory leak in create_inode_libarchive.c

Fix a potential memory leak on an error path.

Also handle the case where strdup() fails, and remove a redundant
test.

Addresses-Coverity-Bug: 1636564
Addresses-Coverity-Bug: 1636565
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

Merge branch 'be_quiet' of https://github.com/josch/e2fsprogs into next

Fix portability for systems which don't have dlopen or libarchive

Fixes: ecfd4dd1217a ("Decouple --without-libarchive and HAVE_ARCHIVE_H")
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

fix portability problem with uselocale(), et. al.

misc/create_inode_libarchive.c uses uselocale(), newlocale(), et. al.
These functions are defined in POSIX.1-2017, which isn't available
everywhere --- including MacOS and Windows.

We don't actually need to use these functions, since mke2fs already
calls setlocale() to initialize to use the default locale. So there
was no reason to set and restore the locale to use exactly the default
locale.

Fixes: ecfd4dd1217a ("Decouple --without-libarchive and HAVE_ARCHIVE_H")
Fixes: 7e3a4f0a33e9 ("mke2fs: the -d option can now handle tarball input")
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

More release note updates for 1.47.2.

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

debian: fix fuseext2 transition to account for /usr-move

Addresses-Debian-Bug: #1088838
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

e2fsck: fix big-endian support for orphan_file file systems

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

mke2fs: allow specifying the revision 1 via "-r 1"

The fsarchiver program unconditionally passes -r 1 even though it's
effectively a no-op. To avoid commit 3fffe9dd6be5 breaking
fsarchiver, we'll silently allow the "-r 1" option instead of printing
an error and exiting.

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

Decouple --without-libarchive and HAVE_ARCHIVE_H

To aid bootstrapping, it would be useful to be able to build e2fsprogs
without archive.h as otherwise there is a build dependency loop with
libarchive. If archive.h is not present, add the missing forward
declarations (as opaque structs) and preprocessor definitions and
typedefs. Since this allows building e2fsprogs with libarchive support
even without the archive.h header present on the system, we cannot check
HAVE_ARCHIVE_H anymore to decide whether to build with libarchive
support or not. So if --without-libarchive is passed to ./configure,
CONFIG_DISABLE_LIBARCHIVE gets set and later checked to decide about
libarchive support.

Addresses-Debian-Bug: #1078693
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

debian: fix some typos in debian/changelog

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

Update release notes, etc., for the 1.47.2 release

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

mke2fs: accept gnu.translator xattrs in tar files fed to mke2fs -d

https://github.com/tytso/e2fsprogs/issues/192
https://github.com/tytso/e2fsprogs/pull/194

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

tests/fuzz: fix memory leak from repeatedly calling add_error_table()

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

debian: provide fuseext2 to replace src:fuse-umfuse-ext2

The fuse-umfuse-ext2 packaghas been abandoned by upstream, and a
follow-up fork at https://github.com/alperakcan/fuse-ext2 hasn't been
updated in five years. Both of these versions also warn against
mounting file systems read/write with fuse-ext2.

As proposed on debian-devel, let's replace fuse-umfuse-ext2 with a
compatibility shell script shipped with fuse2fs.

Link: https://lists.debian.org/debian-devel/2024/10/msg00231.html
Addresses-Debian-Bug: #1085590
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

libext2fs: fix -std=c23 build failure

gcc-15 switched to -std=c23 by default:

    https://gcc.gnu.org/git/?p=gcc.git;a=commitdiff;h=55e3bd376b2214e200fa76d12b67ff259b06c212

As a result `e2fsprogs` fails the build so only typedef int bool
for __STDC_VERSION__ <= 201710L (C17)

    ../../../lib/ext2fs/tdb.c:113:13: error: two or more data types in declaration specifiers
    ../../../lib/ext2fs/tdb.c:113:1: warning: useless type name in empty declaration
      113 | typedef int bool;
          | ^~~~~~~

https://github.com/tytso/e2fsprogs/issues/202

Signed-off-by: Rudi Heitbaum <rudi@heitbaum.com>
Link: https://lore.kernel.org/r/Z0B60JhdvT9bpSQ6@6f91903e89da
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

ext4.5, tune2fs.8: add documentation for the orphan_file feature

Add documentation for the orphan_file feature to the ext4(5) and
tune2fs(8) man pages.

Addresses-Debian-Bug: #1073062
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

badblocks: avoid an error when -n or -w is specified twice

Fix a bug where if the user specifies the -n or -w command-line option
twice, badblocks will issue a misleading (and incorrect) error
message.

Addresses-Debian-Bug: #1087341
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

debugfs: clean up groff warnings in the debugfs.8 man page

Addresses-Debian-Bug: #1086892
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

misc: clean up groff warnings in the e2image.8 man page

Addresses-Debian-Bug: #1082787
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

misc: clean up groff warnings in the ext4.5 man page

Addresses-Debian-Bug: #1072866
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

misc: clean up groff warnings in the mek2fs.8 man page

Addresses-Debian-Bug: #1087898
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

tune2fs: replace the -r option with -E revision=<fs-rev>

Revision 0 file systems are needed for compatibility with pre-1995
Linux kernels (older that version 1.2).  Other for testing and
computer science archoelogy, there are no valid reasons for using this
feature.  Revision 0 file systms do not support any file system
extensions beyond what was present in Linux 1.0 kernels, and only
support 128 byte inode sizes, which means that the file system will
only support file dates after the Unix epoch in 2038.

Users who use -r 0 are almost certainly doing so by mistake (for
example, perhaps they meant -m 0 but they typed -r 0 instead).  As a
result they get a very badly cripped file system that won't support
SELinux, post-2038 dates, on-line resizing, etc.  So remove the -r
option and replace it with the extended option "revision", to prevent
users from falling into this trap.

Addresses-Debian-Bug: #1086603
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

tune2fs: update revision 0 file systems before changing the inode size

Revsion 0 file systems only support the fixed 128 byte inode size. So
before changing the inode size via tune2fs -I, we must first update
the file system to revision 1.

Addresses-Debian-Bug: #1086603
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

misc: sort the extended and journal options in man pages for tune2fs/mke2fs

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

fuse2fs: fix fuse2fs --helpfull

https://github.com/tytso/e2fsprogs/issues/204

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

resize2fs: check number of group descriptors only if meta_bg is disabled

When meta_bg feature is enabled, the total number of group descriptors
is not really limiting the filesystem size. So there's no reason to
check it in that case. This allows resize2fs to resize filesystems past
256TB boundary similarly as the kernel can do it.

Signed-off-by: Jan Kara <jack@suse.cz>
Reviewed-by: Ojaswin Mujoo <ojaswin@linux.ibm.com>
Link: https://lore.kernel.org/r/20240925171926.11354-1-jack@suse.cz
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

tune2fs: only set the superblock as dirty if the default group is modified

Similar to commit 2eb3b20e80, it speeds up `tunefs -g` command when
the group argument is identical.

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
Link: https://lore.kernel.org/r/20240718175204.1590917-1-gwendal@chromium.org

tests: new test to check that the orphan file is cleaned up

This test verifies that e2fsck clears the orphan file if it is present.
The filesystem was created by simply creating a bunch of empty files and,
while those files were open by an application, delete some of them in
order to add them to the orphan file. After this, the filesystem is
simply powered off. An e2fsck will need to clear the orphaned inodes but
also to clean the orphan file.

Signed-off-by: Luis Henriques (SUSE) <luis.henriques@linux.dev>
Link: https://lore.kernel.org/r/20240611142704.14307-3-luis.henriques@linux.dev
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

e2fsck: don't skip checks if the orphan file is present in the filesystem

If the filesystem supports the orphan file feature and that file is present
then don't skip the filesystem checks as that file may need to be cleaned
up.

Signed-off-by: Luis Henriques (SUSE) <luis.henriques@linux.dev>
Link: https://lore.kernel.org/r/20240611142704.14307-2-luis.henriques@linux.dev
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

tests: write f_badjour_encrypted output to log

Write the mke2fs and debugfs output from f_badjour_encrypted/script
into a log file instead of stdout/stderr, so that it doesn't mess
up the "make check" output, and is available if this test ever fails.

[ Fixed missing definition of $LOG -- TYT ]

Fixes: b0cd09e5 ("e2fsck: don't allow journal to have encrypt flag")
Signed-off-by: Andreas Dilger <adilger@dilger.ca>
Link: https://lore.kernel.org/r/20240605200408.55221-1-adilger@dilger.ca
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

Fix implicit my_llseek declaration error when targeting musl libc

Signed-off-by: Henrik Lindström <henrik@lxm.se>
Link: https://lore.kernel.org/r/20240602120721.387561-1-henrik@lxm.se
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

fuse2fs: explicitly set _FILE_OFFSET_BITS again

In commit 3ab99d9b602, the build system was changed not to set
_FILE_OFFSET_BITS explicitly due to some weird error on mips64el.
Unfortunately, this breaks the aarch64 Debian build because libfuse
2.9.9 requires this value to be set explicitly. Restore this dumb
preprocessor symbol dependency with even more hackery as documented in
the commit.

Fixes: 3ab99d9b602 ("Remove explicit #define of _FILE_OFFSET_BITS")
Signed-off-by: Darrick J. Wong <djwong@kernel.org>
Link: https://lore.kernel.org/r/20240529181214.GA52969@frogsfrogsfrogs
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

configure: add SIZEOF_TIME_T to public_config.h

This has recently started being used by ext2fs.h. Other users of the
ext2fs.h header would always get the 32-bit versions of the
__encode_extra_time, __decode_extra_sec, and __sb_set_tstamp; and the
64-bit version of __sb_get_tstamp, due to the SIZEOF_TIME_T macro
being undefined and treated as zero.

Fixes: 5b599a32 ("Fix 32-bit build and test failures")
Signed-off-by: Alyssa Ross <hi@alyssa.is>
Link: https://lore.kernel.org/r/20240527074121.2767083-1-hi@alyssa.is
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

libext2fs: fix unused parameter warnings/errors

This fixes building dependent packages that use -Werror.

Signed-off-by: Alyssa Ross <hi@alyssa.is>
Link: https://lore.kernel.org/r/20240528131841.576999-1-hi@alyssa.is
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

debian: enable Salsa Continuous Integration testing

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

ext4.5: add preprocessor hint

This fixes a Lintian warning which is triggered by an arbtrary
MANROFFSEQ='' environment variable:

an.tmac:<standard input>:376: warning: tbl preprocessor failed, or it or soelim was not run; table(s) likely not rendered (TE macro called with TW register undefined)

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

Update release notes, etc., for the 1.47.1 release

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

Update makefile dependencies

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

AOSP: Use no_full_install: true instead of installable: false

So far, we have used `instalable: false` to avoid collision with the
other modules that are installed to the same path. A typical example was
<foo> and <foo>.microdroid. The latter is a modified version of the
former for the inclusion of the microdroid image. They however both have
the same instalation path (ex: system/bin) and stem (ex: foo) so that we
can reference them using the same path regardless of whether we are in
Android or microdroid.

However, the use of `installable: false` for the purpose is actually
incorrect, because `installable: false` also means, obviously, "this
module shouldn't be installed". The only reason this incorrect way has
worked is simply because packaging modules (ex: android_filesystem)
didn't respect the property when gathering the modules.

As packaging modules are now fixed to respect `installable: false`, we
need a correct way of avoiding the collision. `no_full_install: true` is
it.

If a module has this property set to true, it is never installed to the
full instal path like out/target/product/<partition>/... It can be
installed only via packaging modules.

Bug: 338160898
Test: m
Change-Id: Idb173a7e3528c96b23f857bb3bdf5f37e698c445
From AOSP commit: 21a895548df7de83ce1e2e146e1718e5f723af7f

AOSP: e2fsdroid: disable asan leak detection

borked and breaks asan build

Bugs: me
Test: build with SANITIZE_HOST=address
Change-Id: I9ae15ba328081c38e31c61834e80ce10765f9e30
From AOSP commit: eff2c071b546c3d2d3ea5eb89328babcc48e4bc2

AOSP: Make mke2fs/e2fsdroid available for vendor

vendor_init needs to execute these binaries when converting partitions
to EXT4.

Test: th
Bug: 293313353
Change-Id: I1fa49c1a0f802b3c36e96112ef262bae4d5d394a
From AOSP commit: 0b54b8227815d447b52de76bb419735b21608941

AOSP: Make badblocks host-only

It was being installed on some products when it shouldn't be.

Bug: 205632228
Test: m installclean && m with aosp/2773149
Change-Id: I7f4642ba6fa8d97f7711b6df57c4e3fd781b40fd
From AOSP commit: ecb8d2faa7411d9de228a3bd8b883ed2d5220188

AOSP: Compile libext2_blkid and libext2_uuid on Mac OS X for the Cuttlefish launcher

Test: m libext2_blkid libext2_uuid
Bug: 288342686
Change-Id: Ieaf2b73efe4b9e1ed0b52e12cf931d225cd8844d
From AOSP commit: 24d1f08c6c42a292cb49c0526d2a39e889c50683

AOSP: ext2simg: fix same_file() with symlinks

Fix same_file() to use stat() instead of lstat() when checking the
paths, so that symlinks are dereferenced. This is needed to be
consistent with how the paths are actually accessed later. Otherwise,
not all cases where the input and output file are the same are detected.

Also just use the stat() result to check whether the output file exists,
instead of using a separate call to access().

Fixes: db6f320912cf ("AOSP: android: add the ext2simg tool")
Change-Id: Ie36981f9dbc19494732f518488a75fb92c0f0343
Signed-off-by: Eric Biggers <ebiggers@google.com>
From AOSP commit: 08c122f12fc231029a74c24b969e337203c7b6e2

AOSP: ext2simg: fix error check of io_channel_read_blk64()

Check the return value of io_channel_read_blk64() correctly, considering
that it returns an errcode_t, which can be positive.

Fixes: db6f320912cf ("AOSP: android: add the ext2simg tool")
Change-Id: Iafc6c0169bc8ac79198f285da0246ff3b841ded8
Signed-off-by: Eric Biggers <ebiggers@google.com>
From AOSP commit: 60634ff32a0d8c0d7942c6e522a74a5051d4b6e9

AOSP: ext2simg: clean up integer types and check for too-large fs

libsparse assumes 32-bit block numbers. Also, ext2simg might read
nearly the entire filesystem into memory.

Therefore, make ext2simg use appropriate integer types, and explicitly
check for when the filesystem is too large or allocating memory failed.

Change-Id: Ic415d0e974dce2b4ff6e7fa9265f6e86d371a274
Signed-off-by: Eric Biggers <ebiggers@google.com>
From AOSP commit: 8fff11068c100be627745967992fb88759dea9c1

AOSP: ext2simg: clean up add_chunk()

Remove a level of indentation, check a bool in the normal way, and
simplify the linked list handling. No change in behavior.

Change-Id: I12589a254f155b1c40418458a666b87c7ef5c1cf
Signed-off-by: Eric Biggers <ebiggers@google.com>
From AOSP commit: 7d0f5c1aca332da22e4878f5825e0ffb5122f96b

AOSP: ext2simg: use a standard flexible array

Use a standard flexible array instead of a nonstandard zero-length
array. No change in behavior.

Change-Id: Ifdce24f5d6e2471634bb785527def3fe8fefc202
Signed-off-by: Eric Biggers <ebiggers@google.com>
From AOSP commit: c88ea796fbf7f4c79155196ec483681b3733bbff

AOSP: ext2simg: use bool where appropriate

For the values that get used as the 'bool' parameters of
sparse_file_write(), use 'bool' in ext2simg too. No change in behavior.

Change-Id: I05f7d6fd3027eb10231c035f9fdc8e946e2c4c90
Signed-off-by: Eric Biggers <ebiggers@google.com>
From AOSP commit: 2728c6e766976acbf442d3721f2d93960e13682e

AOSP: ext2simg: fix same_file() to check st_dev

File identity is determined by the combination of st_dev and st_ino, not
by st_ino alone.

This fixes a bug where ext2simg would needlessly make a copy of all the
data when the input and output files happened to have the same st_ino.

Fixes: db6f320912cf ("AOSP: android: add the ext2simg tool")
Change-Id: I94e4bf57d9f91b31e5438768805e9f10bec3411d
Signed-off-by: Eric Biggers <ebiggers@google.com>
From AOSP commit: 0749f83a2cf4c134a2403701ab78388500e53f76

AOSP: ext2simg: fix off-by-one errors causing corruption

The chunk_end parameter to add_chunk() is exclusive, but two callers
incorrectly treat it as inclusive: when the maximum chunk length of
'INT32_MAX - 12' bytes is reached, and when a chunk extends to the very
end of the filesystem.  The result is that the output simg file contains
zeroes for the last block of these chunks instead of the correct data.

A related bug is that the expanded size of the simg file is set to the
filesystem size (in blocks) minus s_first_data_block.  On filesystems
where s_first_data_block != 0, i.e. 1K blocksize filesystems without
bigalloc enabled, this truncates the last block of the filesystem.

Fix these bugs by (a) making add_chunk() take the chunk length and
passing the correct values, and (b) using the filesystem size properly.

Here is a reproducer that shows the last block of the filesystem being
truncated (bsize=1024) and being corrupted with zeroes (bsize=4096):

    for bsize in 1024 4096; do
        rm -f ext4.img
        mkfs.ext4 -b $bsize ext4.img 10000
        mkdir -p mnt
        sudo mount -t ext4 -o loop ext4.img mnt
        sudo cp /dev/urandom mnt/fill
        sudo umount mnt
        ext2simg ext4.img ext4.simg
        simg2img ext4.simg ext4.img.restored
        cmp ext4.img ext4.img.restored
    done

Fixes: db6f320912cf ("AOSP: android: add the ext2simg tool")
Reported-by: Clemens Lang <clemens.lang@bmw.de>
Change-Id: I3b64c4fbffa5821b431f29e99b36168617da7563
Signed-off-by: Eric Biggers <ebiggers@google.com>
From AOSP commit: 1e498908c6ac13b4d5ec0117f4ddcd577aac607e

AOSP: Mostly restore -Werror for macOS build

It turns out the "Can't use getmntent or getmntinfo" warning was the
only warning remaining in the macOS build via the Android build system.
So now that it's fixed, -Wno-error can be removed.

That being said, the upstream CI (GitHub Actions) currently uses
-Wno-error=deprecated-declarations for the macOS build, since it's still
needed for some files (which aren't built by the Android build system).

For now, let's just replace -Wno-error with
-Wno-error=deprecated-declarations to match what the upstream CI uses.

Change-Id: I77f6649b99432ef1d73a0c7e30bbb150c3111b27
From AOSP commit: 6ea38ded59fe970704612a31a3aea4ccaf923d6a

AOSP: Android: define HAVE_GETMNTINFO on macOS

macOS supports getmntinfo(), but not getmntent(). To match what the
'configure' script detects, define HAVE_GETMNTINFO to 1.

This prevents the following warning:

#warning "Can't use getmntent or getmntinfo to check for mounted filesystems!"

Bug: 267448785
Change-Id: I3131563fc317fa9fef7745937ec2c4b09a1d29b0
From AOSP commit: bb6d46cc9770f4f15a5e52122a16f762c1bb567a

AOSP: Revert "Android: stop suppressing warnings from macOS build"

Unfortunately, the macOS build is not tested either by presubmit or by
local builds. A macOS build *is* being tested in the upstream GitHub
Actions workflow now; however, that uses the autotools-based build
system, and there can be issues specific to the Android build system.

As a result, removing -Wno-error was not safe yet, and the macOS build
is currently broken in postsubmit. As there could be multiple issues,
let's restore -Wno-error until I've had a chance to fix the warnings.

Bug: 267448785
Change-Id: I305f73d1f8637477da3d57b6c93037a6e3d9e829
From AOSP commit: 0ed82a3f0a393605b56672704379f4fc1e53d281

Use ext2/ext3/ext4 instead of "second extended file system" in man pages

Addresses-Debian-Bug: #1041115
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

libext2fs: avoid using a C++ reserved identifier in rbtree.h

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

libext2fs: add ext2_types.h to qcow2.h

The qcow2.h header file uses types such __u32 which are defined in
ext2_types.h. So include it directly to avoid relying on users of the
qcow2.h header file to include right dependencies.

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

misc/mke2fs.c: suppress 'Creating regular file' message with -q

e2fsck: fix golden output of several tests

Some old tests of EA inodes were not in fact completely fixing the
filesystem (like they were leaving directories with EA_INODE_FL set or
EA inodes referenced from directory hierarchy). New e2fsck checks fix
these so golden output changes. Update it.

Signed-off-by: Jan Kara <jack@suse.cz>
Link: https://lore.kernel.org/r/20240506174132.12883-3-jack@suse.cz
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

e2fsck: add tests for EA inodes

Add tests exercising EA inodes and testing various types of corruption.

Signed-off-by: Jan Kara <jack@suse.cz>
Link: https://lore.kernel.org/r/20240506174132.12883-2-jack@suse.cz
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

e2fsck: add more checks for ea inode consistency

Currently checking of EA inodes was rather weak. Add several more
consistency checks.

1) Check that EA inode is a regular file.
2) Check that EA_INODE feature is set if the filesystem has EA inodes.
3) Make sure that no EA inode is referenced from directory hierarchy.

Signed-off-by: Jan Kara <jack@suse.cz>
Link: https://lore.kernel.org/r/20240506174132.12883-1-jack@suse.cz
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

e2fsck: fix acl block leak when process orphan list

There's a issue:
[]$~/e2fsprogs/e2fsck/e2fsck -f scsi-disk2.img
e2fsck 1.47.0 (5-Feb-2023)
scsi-disk2.img: recovering journal
Clearing orphaned inode 12 (uid=0, gid=0, mode=0140777, size=0)
Pass 1: Checking inodes, blocks, and sizes
Extended attribute block 4247 has reference count 3, should be 2.  Fix<y>? no
Pass 2: Checking directory structure
Pass 3: Checking directory connectivity
Pass 4: Checking reference counts
Pass 5: Checking group summary information
Free blocks count wrong (249189, counted=249188).
Fix<y>? no
Free inodes count wrong (65526, counted=65523).
Fix<y>? no

scsi-disk2.img: ***** FILE SYSTEM WAS MODIFIED *****

scsi-disk2.img: ********** WARNING: Filesystem still has errors **********

scsi-disk2.img: 10/65536 files (0.0% non-contiguous), 12955/262144 blocks

Above issue can reproduce as follows:
step1: socat UNIX-LISTEN:/home/test/mysocket.sock,mode=777,reuseaddr,fork EXEC:/home/test  &
step2: setfacl some xattr for mysocket.sock
step3: cp -a /home/test/mysocket.sock /home/test/sock1
       cp -a /home/test/mysocket.sock /home/test/sock2
step4: sync
step5: Power-off
step6: run e2fsck

As after commit 42475e281d22 add ext2fs_inode_has_valid_blocks() judgement in
release_inode_blocks() which means socket type file skip realse block include
ACL block. The kernel does not restrict the setting of extended attributes for
socket files. So this will lead to ACL block leak.
To solve above issue there's need to release ACL block for other kind of
special file.

Fixes: 42475e281d22 ("super.c (release_inode_blocks): Don't try to release the blocks if the orphaned inode is a device file, symlink, or some other kind of special file that doesn't have a block list.")
Signed-off-by: Ye Bin <yebin10@huawei.com>
Reviewed-by: Jan Kara <jack@suse.cz>
Link: https://lore.kernel.org/r/20240418063946.2802835-1-yebin10@huawei.com
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

configure: remove duplicated/unnecessary test for compiler fuzzing support

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

libext2fs: fix potential divide by zero bug caused by a lxcfs bug

If sysconf(_SC_NPROCESSORS_CONF) returns zero, this can cause a divide
by zero. Make ext2fs_rw_bitmaps() more robust defaulting to 4 threads
if _SC_NPROCESSORS_CONF returns an invalid value.

https://github.com/tytso/e2fsprogs/issues/114
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

e2image: fix typo which causes a compile failure on i386

Fixes: 80abfebc673b ("e2image: add support for post-2038 dates...")
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

debian: build-depend on pkgconf instead of pkg-config

The pkg-config package has been obsoleted by pkgconf.

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

libsupport: silence gcc -Wall complaints

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

e4defrag: use snprintf to assure that there can't be a buffer overflow

The size of msg_buffer is carefully calculated so it can never
overflow, but it triggers a Coverity warning. Use snprintf instead of
sprintf to silence the Coverity warning.

Addresses-Coverty-Bug: 1520603
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

libsupport: use explicit type widths instead of time_t

The in-memory data structures used time_t for the grace period (which
is a delta timestamp denominated in seconds), as well as the soft
limit expiration time (which is an actual time_t). Use an explicit
__u32 for the former, and the __u64 for the latter.

This silences a Coverity warning, but more importantly, using an
explicit __u64 for the expiration time means that running e2fsck on a
platform with a 32-bit time_t, and it needs to read and then modify a
quota structure, we won't lose the high 32-bits of the quota
expiration time.

Addresses-Coverity-Bug: 1531824
Signed-off-by: Theodore Ts'o <tytso@mit.edu>

e2image: add support for post-2038 dates in the e2image header

Signed-off-by: Theodore Ts'o <tytso@mit.edu>

Update release notes, etc., for the 1.47.1-rc2 release

Signed-off-by: Theodore Ts'o <tytso@mit.edu>