Whamcloud - gitweb
tools/e2fsprogs.git
2 weeks agoMerge branch 'maint' into next master
Theodore Ts'o [Tue, 13 Sep 2022 15:01:10 +0000 (11:01 -0400)]
Merge branch 'maint' into next

2 weeks agoAOSP: e2fsdroid: static import of libbase maint
Alessio Balsini [Wed, 18 May 2022 17:09:16 +0000 (18:09 +0100)]
AOSP: e2fsdroid: static import of libbase

Fix a wrong mixed shared/static library inclusion that has been unveiled
by a recent clang upgrade to clang-r450784e: the linker couldn't find
the requested object reference and caused the tool to crash.
libsnapshot_fuzzer_test was luckily catching this misbehaviour as it was
crashing as well when trying to format a loop device as ext4.

Bug: 230851331
Test: m && atest libsnapshot_fuzzer_test
Signed-off-by: Alessio Balsini <balsini@google.com>
Change-Id: I20b7b1d66920eb8f767e49311f913564f14ee30e
Fix AOSP commit: 83239ca87da0bbdb088be7f0d048472e837899c2

2 weeks agoAOSP: Moved contents of clang_cflags into cflags
Alix [Thu, 21 Apr 2022 02:57:03 +0000 (02:57 +0000)]
AOSP: Moved contents of clang_cflags into cflags

Test: Treehugger
Bug: 226636335
Change-Id: If46f7b11aadcb29e33e36b67c56078ce5fa17b94
Fix AOSP commit: 19f3f24750096491b74d1f990adb617f3a5bba40

2 weeks agoAOSP: Fix e2fsdroid build with musl
Colin Cross [Tue, 17 Aug 2021 00:17:03 +0000 (17:17 -0700)]
AOSP: Fix e2fsdroid build with musl

The e2fsdroid build fails with musl because config.h is not included
before ext2fs.h, which causes HAVE_SYS_TYPES_H not to be defined
resulting in a missing definition for dev_t.

Include config.h at the top of each .c file, and remove extra
config.h include from perms.h.

Bug: 190084016
Test: m USE_HOST_MUSL=true fastboot
Change-Id: I95b3fff3f10ba85c00ec049811dd6b5d412e5dd2
From AOSP commit: 09c63d5edd35e3ca8366be0d92aad922d8895ac1

2 weeks agoAOSP: Add vendor available for libext2_blkid library
Tristan Muntsinger [Fri, 13 Aug 2021 00:40:56 +0000 (00:40 +0000)]
AOSP: Add vendor available for libext2_blkid library

This is to support the cuttlefish f2fs/ext4
userdata filesystem.

Bug: 142424832
Test: local build
Change-Id: I7acb772e77d9250805e5a8a7e68f136deda7c5cb
From AOSP commit: 5df70145b418f84a2d0570e106fd055dbc9d0038

2 weeks agolibext2fs: in ext2fs_open[2](), return an error if s_first_meta_bg is too big
Theodore Ts'o [Tue, 13 Sep 2022 11:59:52 +0000 (07:59 -0400)]
libext2fs: in ext2fs_open[2](), return an error if s_first_meta_bg is too big

These checks will be skipped for e2fsck when it uses the flag
EXT2_FLAG_IGNORE_SB_ERRORS.

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
2 weeks agodebian: add release notes for 1.46.5-2 to the debian changelog
Theodore Ts'o [Tue, 13 Sep 2022 06:42:56 +0000 (02:42 -0400)]
debian: add release notes for 1.46.5-2 to the debian changelog

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
2 weeks agoUpdate release notes, etc. for the 1.46.6-rc1 release
Theodore Ts'o [Mon, 12 Sep 2022 12:31:53 +0000 (08:31 -0400)]
Update release notes, etc. for the 1.46.6-rc1 release

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
2 weeks agomisc fix the chattr's man page regarding the -x flag
Theodore Ts'o [Mon, 12 Sep 2022 12:08:27 +0000 (08:08 -0400)]
misc fix the chattr's man page regarding the -x flag

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
2 weeks agotune2fs: tune2fs_main() should return rc when some error, occurs
Zhiqiang Liu [Mon, 5 Sep 2022 15:40:01 +0000 (23:40 +0800)]
tune2fs: tune2fs_main() should return rc when some error, occurs

If some error occurs, tune2fs_main() will go to closefs tag for
releasing resource, and it should return correct value (rc) instead
of 0 when ext2fs_close_free(&fs) successes.

Signed-off-by: Zhiqiang Liu <liuzhiqiang26@huawei.com>
Reviewed-by: Artem Blagodarenko <artem.blagodarenko@gmail.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
2 weeks agotune2fs: fix tune2fs segfault when ext2fs_run_ext3_journal() fails
Zhiqiang Liu [Mon, 5 Sep 2022 11:16:03 +0000 (19:16 +0800)]
tune2fs: fix tune2fs segfault when ext2fs_run_ext3_journal() fails

When ext2fs_run_ext3_journal() fails, tune2fs cmd will occur one
segfault problem as follows.
(gdb) bt
#0  0x00007fdadad69917 in ext2fs_mmp_stop (fs=0x0) at mmp.c:405
#1  0x0000558fa5a9365a in main (argc=<optimized out>, argv=<optimized out>) at tune2fs.c:3440

misc/tune2fs.c:
main()
  -> ext2fs_open2(&fs)
    -> ext2fs_mmp_start
  ......
  -> retval = ext2fs_run_ext3_journal(&fs)
  -> if (retval)
    // if ext2fs_run_ext3_journal fails, close and free fs.
    -> ext2fs_close_free(&fs)
    -> rc = 1
    -> goto closefs
  ......
closefs:
  -> if (rc)
    -> ext2fs_mmp_stop(fs)     // fs has been set to NULL, boom!!
  -> (ext2fs_close_free(&fs) ? 1 : 0); // close and free fs

In main() of tune2fs cmd, if ext2fs_run_ext3_journal() fails,
we should set rc=1 and goto closefs tag, in which will release fs
resource.

Fix: a2292f8a5108 ("tune2fs: reset MMP state on error exit")
Signed-off-by: Zhiqiang Liu <liuzhiqiang26@huawei.com>
Signed-off-by: zhanchengbin <zhanchengbin1@huawei.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
3 weeks agotests: filter out the checksum seed output from dumpe2fs
Theodore Ts'o [Thu, 1 Sep 2022 22:29:17 +0000 (18:29 -0400)]
tests: filter out the checksum seed output from dumpe2fs

The checksum seed is randomly set (normally set from the UUID) so it
will vary from run to run.  So if it is present, we want to filter out
from a test log file.

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
3 weeks agomke2fs: disable CSUM_SEED if the METADATA_CSUM feature is disabled by the user
Theodore Ts'o [Thu, 1 Sep 2022 22:27:25 +0000 (18:27 -0400)]
mke2fs: disable CSUM_SEED if the METADATA_CSUM feature is disabled by the user

If the CSUM_SEED feature is enabled by default, and the user disables
metadata_csum, then also disable CSUM_SEED, since a file system with
csum_seed but not metadata_csum is not valid.

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
3 weeks agomke2fs: disable orphan_file if the fs is too small to support a journal
Theodore Ts'o [Thu, 1 Sep 2022 19:15:33 +0000 (15:15 -0400)]
mke2fs: disable orphan_file if the fs is too small to support a journal

Otherwise, e2fsck will complain that resulting file system has the
orphan_file feature set without the journal being enabled.

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
3 weeks agoFix typo in defeult /etc/mke2fs.conf file
Theodore Ts'o [Thu, 1 Sep 2022 17:34:23 +0000 (13:34 -0400)]
Fix typo in defeult /etc/mke2fs.conf file

Fixes: fe341d59ee96 ("mke2fs.conf: enable the metadata_csum_seed and...")

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
4 weeks agoMerge branch 'maint' into next
Theodore Ts'o [Thu, 1 Sep 2022 16:05:11 +0000 (12:05 -0400)]
Merge branch 'maint' into next

4 weeks agopo: update the binary gmo files
Theodore Ts'o [Thu, 1 Sep 2022 15:55:54 +0000 (11:55 -0400)]
po: update the binary gmo files

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
4 weeks agopo: add Friulian lagnuage
Theodore Ts'o [Thu, 1 Sep 2022 15:55:17 +0000 (11:55 -0400)]
po: add Friulian lagnuage

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
4 weeks agoconfig: update config.{guess,sub}
Theodore Ts'o [Thu, 1 Sep 2022 15:41:14 +0000 (11:41 -0400)]
config: update config.{guess,sub}

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
4 weeks agoUpdate makefile dependencies
Theodore Ts'o [Thu, 1 Sep 2022 14:59:29 +0000 (10:59 -0400)]
Update makefile dependencies

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
4 weeks agoStart bumping version numbers in preparation for 1.46.6 release
Theodore Ts'o [Thu, 1 Sep 2022 14:56:20 +0000 (10:56 -0400)]
Start bumping version numbers in preparation for 1.46.6 release

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
4 weeks agopo: update zh_CN.po (from translationproject.org)
Wenbin Lv [Thu, 1 Sep 2022 14:54:11 +0000 (10:54 -0400)]
po: update zh_CN.po (from translationproject.org)

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
4 weeks agopo: update ms.po (from translationproject.org)
Sharuzzaman Ahmat Raslan [Thu, 1 Sep 2022 14:54:11 +0000 (10:54 -0400)]
po: update ms.po (from translationproject.org)

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
4 weeks agomisc: fix test for unavailable mountpoint in tune2fs
Theodore Ts'o [Wed, 31 Aug 2022 21:01:21 +0000 (17:01 -0400)]
misc: fix test for unavailable mountpoint in tune2fs

Addresses-Coverity-Bug: 1510127
Fixes: a83e199da0ca ("tune2fs: Add support for get/set UUID ioctls")
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
4 weeks agotests/fuzz: add missing targets to the Makefile in in tests/fuzz
Theodore Ts'o [Wed, 31 Aug 2022 19:45:27 +0000 (15:45 -0400)]
tests/fuzz: add missing targets to the Makefile in in tests/fuzz

This fixes failures when running "make install" or "make destclean"
from the top level directory.

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
4 weeks agomke2fs.conf: enable the metadata_csum_seed and orphan_file features by default
Theodore Ts'o [Wed, 31 Aug 2022 11:07:14 +0000 (07:07 -0400)]
mke2fs.conf: enable the metadata_csum_seed and orphan_file features by default

The orphan_file feature is a compat feature which is first supported
in the Linux kernel in 5.15.

The metadata_csum_seed feature is an incompat feature which is first
supported in the Linux kernel starting in the 4.4 kernel and e2fsprogs
1.43.

Note: In order for grub to be able to accept a file system with
metadata_csum_seed, it must have commit 7fd5feff97c4 ("fs/ext2: Ignore
checksum seed incompat feature").  This commit landed in July 2021,
which just missed the Grub 2.06 release in June 2021.  Grub 2.11 was
slated for "H1'2022" but unfortunately it has not yet been released as
of this writing.

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
5 weeks agoMerge branch 'maint' into next
Theodore Ts'o [Wed, 24 Aug 2022 20:53:50 +0000 (16:53 -0400)]
Merge branch 'maint' into next

5 weeks agommp: don't use O_RDWR in ext2fs_mmp_read
Marius Vollmer [Wed, 24 Aug 2022 11:38:48 +0000 (14:38 +0300)]
mmp: don't use O_RDWR in ext2fs_mmp_read

It doesn't seem to be necessary since ext2fs_mmp_write doesn't write
via mmp_fd, and opening the block device with O_RDWR will trigger
udev.

Triggering udev is bad because it leads to an infinite loop when
running dumpe2fs in response to a udev event.

[ Rebased onto the maint branch, and added O_RDONLY flag.  From the
  open(2) man page: "The argument flags must include one of the
  following access modes: O_RDONLY, O_WRONLY, or O_RDWR." -- TYT ]

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
5 weeks agotune2fs: Add support for get/set UUID ioctls.
Jeremy Bongio [Tue, 16 Aug 2022 20:52:14 +0000 (13:52 -0700)]
tune2fs: Add support for get/set UUID ioctls.

When mounted, there is a race condition between changing the filesystem
UUID and changing other aspects of the filesystem, like mounting, resizing,
changing features, etc. Using these ioctls to get/set the UUID ensures the
filesystem is not being resized.

Signed-off-by: Jeremy Bongio <bongiojp@gmail.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
5 weeks agoUpdate shared library flags used for Apple/Darwin
Theodore Ts'o [Thu, 18 Aug 2022 21:24:17 +0000 (17:24 -0400)]
Update shared library flags used for Apple/Darwin

As submitted by Carlos Cabrera:

    We need to set the `-install_name` flag so that library consumers
    can find the linked libraries when installed outside the default
    dyld search path. This is the case, for example, when installed
    using the Homebrew package manager on Apple Silicon.

    I've removed the `-flat_namespace` flag because this flag is
    effectively deprecated, and can cause issues when using `dlopen`
    [1]. We also need to change `-undefined warning` to `-undefined
    dynamic_lookup`, since the former flag is not supported without
    `-flat_namespace`. Using `-undefined dynamic_lookup` instructs the
    dynamic loader to resolve undefined symbols at run/load-time.

    These are the flags used by Libtool on the newest versions of
    macOS, and we've applied similar patches to many other packages at
    Homebrew without any issues.

    [1] https://developer.apple.com/forums/thread/689991

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 weeks agoMerge branch 'maint' into next
Theodore Ts'o [Sun, 14 Aug 2022 03:50:46 +0000 (23:50 -0400)]
Merge branch 'maint' into next

6 weeks agoe2image: checking the retval for the last update_refcount() is unnecessary
Theodore Ts'o [Sun, 14 Aug 2022 03:46:06 +0000 (23:46 -0400)]
e2image: checking the retval for the last update_refcount() is unnecessary

Addresses-Coverity-Bug: 709478
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 weeks agolibext2fs: return an error when byte swapping a corrupted dirblock block
Theodore Ts'o [Sun, 14 Aug 2022 03:32:42 +0000 (23:32 -0400)]
libext2fs: return an error when byte swapping a corrupted dirblock block

Except for e2fsck (where we want to expose the corrupted directory
entries to e2fsck mostly so that the e2fsck output stays the same on
big-endian machines compared to little-endian machines, so we don't
break our regression tests), if the directory block is corrupted, and
ext2fs_dirent_swab_in[2](), trips across this, return an error.  This
will make sure that naive users of libextfs will not try to handle a
corrupted directory block.  This prevents potential buffer overruns in
the byte swapping code paths.

This commit does not cause any functional change on little-endian
systems.

Addresses-Coverity-Bug: 1433408
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 weeks agoe2fsck: remove unneeded automatic variable program_name
Theodore Ts'o [Sun, 14 Aug 2022 02:35:03 +0000 (22:35 -0400)]
e2fsck: remove unneeded automatic variable program_name

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 weeks agolibext2fs: avoid looping forever in e2image when superblock is invalid
Theodore Ts'o [Sat, 13 Aug 2022 20:39:17 +0000 (16:39 -0400)]
libext2fs: avoid looping forever in e2image when superblock is invalid

If the number of blocks or inodes per block group is not a multiple of
8 (which are invalid values) ext2fs_image_bitmap{read,write} can loop
forever.  These file systems should be not be allowed to be opened
(without EXT2_FLAG_IGNORE_SB_ERRORS) but for the fact that a long time
ago, Android devices used a buggy (but BSD-licensed, which was what
was important to the early Android founders) program for creating file
systems which would create these invalid file systems.  E2fsck
couldn't actually correctly repair these file systems, but adding a
check to enforce this (in e2fsprogs and in the kernel) would have
broken some of these devices, so support for these bogus file system
was in a grey area for many years.

We will be tightening this up soon, but for now, we'll apply this
quick fix so attempts to use e2image won't hang forever.  (Not that
Android ever shipped e2image in those days, of course...)

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 weeks agodebugfs: teach logdump the -n <num_trans> option
lihaoxiang (F) [Thu, 14 Jul 2022 01:32:48 +0000 (09:32 +0800)]
debugfs: teach logdump the -n <num_trans> option

The current version's debugfs possessed the function
logdump. Executing with option -O could output the log history. But
when it occurred the block which had no magic number in it's header,
the program would exit.

Sometimes we were locating problems, needed for more transactions that
had replayed instead of the latest batch of transactions and we
weren't hope to display all the history in the meanwhile. So we
introduced the option -n used for controlling the print of history
transactions.  Specially, this parameter was depending on the option
-O otherwise it couldn't work.

So in this modification, we used logdump with -O -n <num_trans>.  The
-n options causes logdump to continue past a block with a missing
magic nuber.  Instead, it will terminate only when the entire log has
been printed or after <num_trans> transactions.

Link: https://lore.kernel.org/r/608df030-593f-8c69-cb65-632a34729d23@huawei.com
Signed-off-by: lihaoxiang <lihaoxiang9@huawei.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 weeks agotune2fs: allow disabling casefold feature
Slava Bacherikov [Fri, 8 Jul 2022 12:26:58 +0000 (15:26 +0300)]
tune2fs: allow disabling casefold feature

Casefold can be safely disabled if there are no directories with +F
attribute ( EXT4_CASEFOLD_FL ). This checks all inodes for that flag and in
case there isn't any, it disables casefold FS feature. When FS has
directories with +F attributes, user could convert these directories,
probably by mounting FS and executing some script or by doing it
manually. Afterwards, it would be possible to disable casefold FS flag
via tune2fs.

Link: https://lore.kernel.org/r/20220708122658.17907-1-slava@bacher09.org
Signed-off-by: Slava Bacherikov <slava@bacher09.org>
Reviewed-by: Gabriel Krisman Bertazi <krisman@collabora.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 weeks agoMerge branch 'maint' into next
Theodore Ts'o [Sat, 13 Aug 2022 02:34:57 +0000 (22:34 -0400)]
Merge branch 'maint' into next

6 weeks agoe2fsprogs: fix device name parsing to resolve names containing '='
Lukas Czerner [Fri, 12 Aug 2022 13:01:22 +0000 (15:01 +0200)]
e2fsprogs: fix device name parsing to resolve names containing '='

Currently in varisous e2fsprogs tools, most notably tune2fs and e2fsck
we will get the device name by passing the user provided string into
blkid_get_devname(). This library function however is primarily intended
for parsing "NAME=value" tokens. It will return the device matching the
specified token, NULL if nothing is found, or copy of the string if it's
not in "NAME=value" format.

However in case where we're passing in a file name that contains an
equal sign blkid_get_devname() will treat it as a token and will attempt
to find the device with the match. Likely finding nothing.

Fix it by checking existence of the file first and then attempt to call
blkid_get_devname(). In case of a collision, notify the user and
automatically prefer the one returned by blkid_get_devname(). Otherwise
return either the existing file, or NULL.

We do it this way to avoid some existing file in working directory (for
example LABEL=volume-name) masking an actual device containing the
matchin LABEL. User can specify full, or relative path (e.g.
./LABEL=volume-name) to make sure the file is used instead.

Link: https://lore.kernel.org/r/20220812130122.69468-1-lczerner@redhat.com
Signed-off-by: Lukas Czerner <lczerner@redhat.com>
Reported-by: Daniel Ng <danielng@google.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 weeks agoe2fsck: validate i_extra_size in ext4_fc_handle_inode
Theodore Ts'o [Fri, 12 Aug 2022 19:48:04 +0000 (15:48 -0400)]
e2fsck: validate i_extra_size in ext4_fc_handle_inode

Addresses-Coverity-Bug: 1500765
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 weeks agodebugfs: make blocksize be unsigned in logdump.c
Theodore Ts'o [Fri, 12 Aug 2022 19:15:14 +0000 (15:15 -0400)]
debugfs: make blocksize be unsigned in logdump.c

Blocksize can never be negative, and this makes the use of signed vs
unsigned variables for offsets be consistent.

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 weeks agolibext2fs: avoid NULL dereference if the root file system isn't in /etc/mtab
Theodore Ts'o [Fri, 12 Aug 2022 04:08:16 +0000 (00:08 -0400)]
libext2fs: avoid NULL dereference if the root file system isn't in /etc/mtab

Addresses-Coverity-Bug: 1497609
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 weeks agoMerge branch 'maint' into next
Theodore Ts'o [Fri, 12 Aug 2022 03:51:03 +0000 (23:51 -0400)]
Merge branch 'maint' into next

6 weeks agoAvoid potential NULL dereference when argv[0]
Theodore Ts'o [Fri, 12 Aug 2022 03:45:21 +0000 (23:45 -0400)]
Avoid potential NULL dereference when argv[0]

Addresses-Coverity-Bug: 1500772
Addresses-Coverity-Bug: 1500769
Addresses-Coverity-Bug: 1500767
Addresses-Coverity-Bug: 1500758
Addresses-Coverity-Bug: 1500756
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 weeks agoe2fsck: mark that we don't care about the return value of e2fsck_lookup()
Theodore Ts'o [Fri, 12 Aug 2022 03:14:33 +0000 (23:14 -0400)]
e2fsck: mark that we don't care about the return value of e2fsck_lookup()

We only print the parent directory to help provide context to the
user, but it's possible that a corrupted directory doesn't have a '..'
link.

Addresses-Coverity-Bug: 1507762
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 weeks agoe2fsck: streamline problem latch handling
Theodore Ts'o [Fri, 12 Aug 2022 03:01:42 +0000 (23:01 -0400)]
e2fsck: streamline problem latch handling

No functional changes, but streamline the logic, and avoid a coverity
warning.

Addresses-Coverity-Bug: 1507763
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 weeks agoe2fsck: when mutating file name make sure its length never exceeds 255
Theodore Ts'o [Fri, 12 Aug 2022 02:16:41 +0000 (22:16 -0400)]
e2fsck: when mutating file name make sure its length never exceeds 255

E2fsck will attempt to mutate filenames to ensure uniqueness if
necessary.  If there are two unique filenames that are 254 or 255
characters in length and do not contain the '~' character, the
mutate_name() function would create a filename which is 256 bytes
long, which is not a legal filename in Linux.  Adjust the mutate_name
function to avoid this possibility.

Addresses-Coverity-Bug: 1500768
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 weeks agoFix Coverity unintentional integer overflow warnings
Theodore Ts'o [Fri, 12 Aug 2022 02:03:08 +0000 (22:03 -0400)]
Fix Coverity unintentional integer overflow warnings

Neither of these two warnings can actually happen (other limits will
be hit first), but widening the integer to a 64-bit unsigned integer
is an cheap and effective way to silence the Coverity warnings.

Addresses-Coverity-Bug: 1500760
Addresses-Coverity-Bug: 1507886
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 weeks agoresize2fs: use ext2fs_get_arrayzero() instead of ext2fs_get_array() + memset()
Theodore Ts'o [Thu, 11 Aug 2022 22:37:26 +0000 (18:37 -0400)]
resize2fs: use ext2fs_get_arrayzero() instead of ext2fs_get_array() + memset()

The use of ext2fs_get_arrayzero() to replace using ext2fs_get_array()
+ memset() does not result in any functional change, but it (a) is
slightly more efficient, and (b) makes it easier for Coverity to avoid
signalling a false positive.

Addresses-Coverity-Bug: 1500763
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
7 weeks agomisc: use ext2_ino_t instead of ino_t
Andreas Dilger [Fri, 5 Aug 2022 21:28:54 +0000 (15:28 -0600)]
misc: use ext2_ino_t instead of ino_t

Some of the new fastcommit and casefold changes used the system
"ino_t" instead of "ext2_ino_t" for handling filesystem inodes.
This causes printf warnings if the system "ino_t" is of a different
size.  Use the library "ext2_ino_t" for consistency.

Signed-off-by: Andreas Dilger <adilger@whamcloud.com>
Reviewed-by: Gabriel Krisman Bertazi <krisman@collabora.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
7 weeks agoMerge branch 'maint' into next
Theodore Ts'o [Thu, 11 Aug 2022 17:00:13 +0000 (13:00 -0400)]
Merge branch 'maint' into next

7 weeks agotune2fs: do not change j_tail_sequence in journal superblock
zhanchengbin [Thu, 4 Aug 2022 10:33:39 +0000 (18:33 +0800)]
tune2fs: do not change j_tail_sequence in journal superblock

The function recover_ext3_journal() in debugfs/journal.c, if the log
replay is over, the j_tail_sequence in journal superblock is not
changed to the value of the last transaction sequence.  This will
cause subsequent log commitids to count from the commitid in last
time.  After tune2fs -e, the log commitid is counted from the commitid
in last time, if the log ID of the current operation overlaps with
that of the last operation, this will cause logs that were previously
replayed by tune2fs to be replayed here.

Signed-off-by: zhanchengbin <zhanchengbin1@huawei.com>
Signed-off-by: Zhiqiang Liu <liuzhiqiang26@huawei.com>
Signed-off-by: liangyun <liangyun2@huawei.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
7 weeks agodebugfs: allow <inode> for ncheck
Li Dongyang [Fri, 5 Aug 2022 21:52:21 +0000 (15:52 -0600)]
debugfs: allow <inode> for ncheck

If the ncheck argument is of the form "<ino>", allow it for ncheck
for consistency with other commands that accept an inode number.

Improve the error message, use "Invalid inode number" instead
of "Bad inode", which implies the inode content being bad.

Signed-off-by: Li Dongyang <dongyangli@ddn.com>
Reviewed-by: Andreas Dilger <adilger@dilger.ca>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
7 weeks agodebugfs: quiet debugfs 'catastrophic' message
Andreas Dilger [Fri, 5 Aug 2022 22:06:07 +0000 (16:06 -0600)]
debugfs: quiet debugfs 'catastrophic' message

When debugfs runs with "-c", it prints a scary-looking message:

    catastrophic mode - not reading inode or group bitmaps

that is often misunderstood by users to mean that there is something
wrong with the filesystem, when there is no problem at all.

Not reading the bitmaps is totally normal and expected behavior for
the "-c" option, which is used to significantly shorten the debugfs
command execution time by not reading metadata that isn't needed for
commands run against very large filesystems.

Since there is often confusion about what this message means, it
would be better to just avoid printing anything at all, since the
use of "-c" is expressly requesting this behavior, and there are
no messages printed out for other options.

Signed-off-by: Andreas Dilger <adilger@dilger.ca>
Reviewed-by: Dongyang Li <dongyang@ddn.com>
Change-Id: I59b26a601780544ab995aa4ca7ab0c2123c70118
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
7 weeks agoresize2fs: open device read-only when -P is passed
Michael Hudson-Doyle [Thu, 26 May 2022 01:08:28 +0000 (13:08 +1200)]
resize2fs: open device read-only when -P is passed

We ran into this because we noticed that resize2fs -P $device was
triggering udev events.

I added a very simple test that just checks resize2fs -P on a file
lacking the w bit succeeds.

Signed-off-by: Michael Hudson-Doyle <michael.hudson@ubuntu.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
7 weeks agotests: fix ACL-printing tests
Andreas Dilger [Tue, 1 Mar 2022 04:17:06 +0000 (21:17 -0700)]
tests: fix ACL-printing tests

Fix the ACL-printing tests to be more flexible for different systems.
If the MKFS_DIR is on tmpfs, it will not list "system.posix_acl*"
xattrs, so they will not be copied.  Create this on a real filesystem
or skip the test if that doesn't work.

Filter out the security.selinux xattr if it is printed, since this
depends on the selinux configuration of the host system.  However,
this also spills xattrs for "acl_dir/file" into an external xattr
block, and causes it to fail due to different block allocations.
Increase the filesystem inode size so that the allocation is the same
regardless of whether selinux is enabled or not.

Fixes: 67e6ae0a35 ("mke2fs: fix a importing a directory with an ACL")
Signed-off-by: Andreas Dilger <adilger@whamcloud.com>
Reviewed-by: Artem Blagodarenko <artem.blagodarenko@hpe.com>
Reviewed-by: Li Dongyang <dongyangli@ddn.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
7 weeks agoe2fsck: always probe filesystem blocksize with simple io_manager
Gabriel Krisman Bertazi [Mon, 25 Apr 2022 22:01:00 +0000 (18:01 -0400)]
e2fsck: always probe filesystem blocksize with simple io_manager

Combining superblock (-b) with undo file (-z) fails iff the block size
is not specified (-B) and is different from the first blocksize probed
in try_open_fs (1k).  The reason is as follows:

try_open_fs() will probe different blocksizes if none is provided on
the command line. It is done by opening and closing the filesystem
until it finds a blocksize that makes sense. This is fine for all
io_managers, but undo_io creates the undo file with that blocksize
during ext2fs_open.  Once try_open_fs realizes it had the wrong
blocksize and retries with a different blocksize, undo_io will read
the previously created file and think it's corrupt for this
filesystem.

Ideally, undo_io would know this is a probe and would fix the undo file.
It is not simple, though, because it would require undo_io to know the
file was just created by the probe code, since an undo file survives
through different fsck sessions.  We'd have to pass this information
around somehow.  This seems like a complex change to solve a corner
case.

Instead, this patch changes the blocksize probe to always use the
unix_io_manager. This way, we safely probe for the blocksize without
side effects.  Once the blocksize is known, we can safely reopen the
filesystem under the proper io_manager.

An easily reproducer for this issue (from Ted, adapted by me) is:

 mke2fs -b 4k -q -t ext4 /tmp/foo.img 2G
 e2fsck -b 32768 -z /tmp/undo /tmp/foo.img

Reported-by: Peter Urbanec <linux-ext4.vger.kernel.org@urbanec.net>
Signed-off-by: Gabriel Krisman Bertazi <krisman@collabora.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
7 weeks agoQuiet unused variable warnings
Andreas Dilger [Thu, 4 Aug 2022 17:18:32 +0000 (11:18 -0600)]
Quiet unused variable warnings

Quiet various compiler warnings about unreferenced or unset variables.

Signed-off-by: Andreas Dilger <adilger@dilger.ca>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
7 weeks agoresize2fs: trim resize to cluster boundary
Kiselev, Oleg [Sat, 14 May 2022 04:17:09 +0000 (04:17 +0000)]
resize2fs: trim resize to cluster boundary

This patch rounds down the size provided to resize2fs to the nearest
cluster boundary for bigalloc filesystems.  This is similar to the
trimming already done for page boundary alignment.  Aligning the size in
the user space provides the right value feedback from the resize2fs
command, which is a better user experience than trimming the size
in the kernel.

Signed-off-by: Oleg Kiselev <okiselev@amazon.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
7 weeks agoMerge branch 'maint' into next
Theodore Ts'o [Thu, 11 Aug 2022 03:46:16 +0000 (23:46 -0400)]
Merge branch 'maint' into next

7 weeks agoe2fsck: handle invalid percent expansions in the log filename
Theodore Ts'o [Thu, 11 Aug 2022 02:48:13 +0000 (22:48 -0400)]
e2fsck: handle invalid percent expansions in the log filename

Add a missing default: case when expanding percent expansions in the
log file specified in /etc/e2fsck.conf.

Addresses-Coverity-Bug: 1500757
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
7 weeks agolibext2fs: validate block # of the inode table in ext2fs_image_inode_write()
Theodore Ts'o [Thu, 11 Aug 2022 02:43:00 +0000 (22:43 -0400)]
libext2fs: validate block # of the inode table in ext2fs_image_inode_write()

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
7 weeks agoBuild the fuzzers from oss-fuzz
Theodore Ts'o [Sat, 6 Aug 2022 22:35:30 +0000 (18:35 -0400)]
Build the fuzzers from oss-fuzz

The fuzzers from oss-fuzz in projects/e2fsprogs/fuzz (as of commit
78ecd3f07fca with some slight modifications for better error
reporting) have been placed in the tests/fuzz directory and the
configure script now supports a new option --enable-fuzzing which will
build these fuzzers using clang's -fsanitize=fuzzer command line
option.

In general, some sanitizer such as --enable-addrsan or --enable-ubsan
(to enable ASAN or UBSAN, respectively) should be enabled alongside
--enable-fuzzing.

A typical configure command to build the fuzzers might be:

  configure CC=clang CXX=clang++ CFLAGS=-g --enable-fuzzing --enable-addrsan

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
7 weeks agolibext2fs: fix potential integer overflow in bitmap accessors
Theodore Ts'o [Tue, 9 Aug 2022 15:16:47 +0000 (11:16 -0400)]
libext2fs: fix potential integer overflow in bitmap accessors

bmap->cluster_bits has a maximum value of 19, but Coverity doesn't
know that.  To make it happy, and just in case there is a bug where
somehow the cluster size does get set to an invalid value and the rest
of the library doesn't check it, use 1ULL instead of 1 to avoid the
integer overflow.

Addresses-Coverity-Bug: 1500759
Addresses-Coverity-Bug: 1500764
Addresses-Coverity-Bug: 1500771
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
7 weeks agoe2fsck: fix potential fencepost error in e2fsck_should_rebuild_extents()
Theodore Ts'o [Tue, 9 Aug 2022 14:52:57 +0000 (10:52 -0400)]
e2fsck: fix potential fencepost error in e2fsck_should_rebuild_extents()

The ext2_extent_info.max_depth is zero-based (e.g., it is zero when
the entire extent tree fits in the inode).  Hence, if it is equal to
MAX_EXTENT_DEPTH_COUNT we should always rebuild the extent tree to
shorten it.

Also, for 1k block file systems, it's possible for the worst-case
extent tree in its most compact form to have a maximum depth of 6, not
5.  So set MAX_EXTENT_DEPTH_COUNT to 8 just to be sure we have plenty
of headroom.  (The kernel supports an extent depth up to 2**16, but
e2fsck only keeps statistics up to MAX_EXTENT_DEPTH_COUNT, and if it's
deeper than that, we know that it will be profitable to rebuild the
extent tree in any case.)

Addresses-Coverity-Bug: 1507761
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
7 weeks agolibext2fs: make sure the bitmap locations are valid when writing bitmaps
Theodore Ts'o [Tue, 9 Aug 2022 01:02:51 +0000 (21:02 -0400)]
libext2fs: make sure the bitmap locations are valid when writing bitmaps

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
7 weeks agolibext2fs: reject various bitmap and inode operations for journal_dev file systems
Theodore Ts'o [Tue, 9 Aug 2022 00:52:43 +0000 (20:52 -0400)]
libext2fs: reject various bitmap and inode operations for journal_dev file systems

The ext2fs_open() function will only allow journal_dev file systems to
be open if explicitly requested by programs using the
EXT2_FLAG_JOURNAL_DEV_OK flag.  Those programs will not try to call
functions that make no sense, such as ext2fs_read_inode(),
ext2fs_read_bitmaps(), etc.  Just to make things the library more
robust against buggy programs (or unrealistic fuzzers) add a check for
journal_dev file systems to various ext2fs library functions to return
a new error, EXT2_ET_EXTERNAL_JOURNAL_NOSUPP.

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
7 weeks agolibext2fs: in ext2fs_open[2](), return an error if s_desc_size is too large
Theodore Ts'o [Tue, 9 Aug 2022 00:17:40 +0000 (20:17 -0400)]
libext2fs: in ext2fs_open[2](), return an error if s_desc_size is too large

Previously, ext2fs_open() and ext2fs_open2() would return an error if
s_desc_size is too small.  Add a check so it will return an error if
s_desc_size is too large, as well.

These checks will be skipped for e2fsck when it uses the flag
EXT2_FLAG_IGNORE_SB_ERRORS.

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
7 weeks agoMerge branch 'maint' into next
Theodore Ts'o [Mon, 8 Aug 2022 01:31:18 +0000 (21:31 -0400)]
Merge branch 'maint' into next

7 weeks agoUpdate configure/configure.ac/aclocal.m4 to use autoconf 2.71
Theodore Ts'o [Sat, 6 Aug 2022 18:58:40 +0000 (14:58 -0400)]
Update configure/configure.ac/aclocal.m4 to use autoconf 2.71

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
7 weeks agoFix UBSAN if s_log_groups_per_flex is 31
Theodore Ts'o [Sun, 7 Aug 2022 23:47:25 +0000 (19:47 -0400)]
Fix UBSAN if s_log_groups_per_flex is 31

It is logal (albeit rare) for the number of block groups per flex_bg
to 2**31 (which effectively means to put all of the block groups into
a single flex_bg).  However, in that case "1 << 31" is undefined on
architectures with a 32-bit integer.  Fix this UBSAN complaint by
using "1U << 31" instead.

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
7 weeks agoMerge branch 'maint' into next
Theodore Ts'o [Sat, 6 Aug 2022 06:37:24 +0000 (02:37 -0400)]
Merge branch 'maint' into next

7 weeks agolibext2fs: teach ext2fs_open() to reject file systems with an invalid flex_bg size
Theodore Ts'o [Sat, 6 Aug 2022 06:21:49 +0000 (02:21 -0400)]
libext2fs: teach ext2fs_open() to reject file systems with an invalid flex_bg size

If s_log_groups_per_flex is greater than 31, it will result in an
UBSAN error, since it will result in an invalid shift exponent when
calculating the flex_bg size.  So reject such file systems when they
are opened.  (The mke2fs program will not allow the creation of such
file systems, so they can only occur due to corruption.)

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
7 weeks agolibext2fs: teach ext2fs_open() to reject file systems with an invalid cluster size
Theodore Ts'o [Sat, 6 Aug 2022 05:37:20 +0000 (01:37 -0400)]
libext2fs: teach ext2fs_open() to reject file systems with an invalid cluster size

If the cluster size is smaller than the block size, this can result in
a negative shift, which is undefined.  When such a file system is
opened, immediately return an error indicating that the file system is
corrupted.

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
7 weeks agoresize2fs: fix to respect the environment variable E2FSPROGS_FAKE_TIME
Theodore Ts'o [Thu, 4 Aug 2022 19:18:15 +0000 (15:18 -0400)]
resize2fs: fix to respect the environment variable E2FSPROGS_FAKE_TIME

When performing an off-line resize, if an inode's block map needs to
be updated, resize2fs will update the inode's ctime.  In addition, if
inode numbers need to be renumbered due to the file system shrinking
forcing the inode table to be shrunk, any directories which need to be
modified will have their ctime and mtime updated.

If the E2FSPROGS_FAkE_TIME environment variable is set, when the file
system is opened, fs->now will be set to this value, and resize2fs
needs to use it instead of calling time(0) to get their current time.

Addresses-Google-Bug: 230874381
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
3 months agolibext2fs: check for invalid blocks in ext2fs_punch_blocks()
Theodore Ts'o [Tue, 7 Jun 2022 03:48:37 +0000 (23:48 -0400)]
libext2fs: check for invalid blocks in ext2fs_punch_blocks()

If the extent tree has out-of-range physical block numbers, don't try
to release them.

Also add a similar check in ext2fs_block_alloc_stats2() to avoid a
NULL pointer dereference.

Reported-by: Nils Bars <nils.bars@rub.de>
Reported-by: Moritz Schlögel <moritz.schloegel@rub.de>
Reported-by: Nico Schiller <nico.schiller@rub.de>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
3 months agolibext2fs: check for cyclic loops in the extent tree
Theodore Ts'o [Tue, 7 Jun 2022 02:49:47 +0000 (22:49 -0400)]
libext2fs: check for cyclic loops in the extent tree

In the extent tree handling code in libext2fs, when we go move down
the extent tree, if a cyclic loop is detected, return an error.

Reported-by: Nils Bars <nils.bars@rub.de>
Reported-by: Moritz Schlögel <moritz.schloegel@rub.de>
Reported-by: Nico Schiller <nico.schiller@rub.de>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
3 months agoe2fsck: avoid out-of-bounds write for very deep extent trees
Theodore Ts'o [Tue, 7 Jun 2022 02:44:35 +0000 (22:44 -0400)]
e2fsck: avoid out-of-bounds write for very deep extent trees

The kernel doesn't support extent trees deeper than 5
(EXT4_MAX_EXTENT_DEPTH).  For this reason we only maintain the extent
tree statistics for 5 levels.  Avoid out-of-bounds writes and reads if
the extent tree is deeper than this.

We keep these statistics to determine whether we should rebuild the
extent tree.  If the extent tree is too deep, we don't need the
statistics because we should always rebuild the it.

Reported-by: Nils Bars <nils.bars@rub.de>
Reported-by: Moritz Schlögel <moritz.schloegel@rub.de>
Reported-by: Nico Schiller <nico.schiller@rub.de>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
3 months agoe2fsck: check for xattr value size integer wraparound
Theodore Ts'o [Mon, 6 Jun 2022 17:34:08 +0000 (13:34 -0400)]
e2fsck: check for xattr value size integer wraparound

When checking an extended attrbiute block for correctness, we check if
the starting offset plus the value size exceeds the end of the block.
However, we weren't checking if the size was too large, and if it is
so large that it triggers a wraparound when we added the starting
offset, we won't notice the problem.  Add the missing check.

Reported-by: Nils Bars <nils.bars@rub.de>
Reported-by: Moritz Schlögel <moritz.schloegel@rub.de>
Reported-by: Nico Schiller <nico.schiller@rub.de>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
3 months agolibext2fs: add check for too-short directory blocks
Theodore Ts'o [Mon, 6 Jun 2022 16:03:36 +0000 (12:03 -0400)]
libext2fs: add check for too-short directory blocks

If there is an inline data directory which is smaller than 8 bytes
(which should never happen but for corrupted or fuzzed file systems),
ext2fs_process_dir_block() will now abort EXT2_ET_DIR_CORRUPTED to
avoid an out-of-bounds read.

Reported-by: Nils Bars <nils.bars@rub.de>
Reported-by: Moritz Schlögel <moritz.schloegel@rub.de>
Reported-by: Nico Schiller <nico.schiller@rub.de>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
3 months agoe2fsck: fix potential out-of-bounds read in inc_ea_inode_refs()
Theodore Ts'o [Mon, 6 Jun 2022 15:39:23 +0000 (11:39 -0400)]
e2fsck: fix potential out-of-bounds read in inc_ea_inode_refs()

If there isn't enough space for a full extended attribute entry,
inc_ea_inode_refs() might end up reading beyond the allocated memory
buffer.

Reported-by: Nils Bars <nils.bars@rub.de>
Reported-by: Moritz Schlögel <moritz.schloegel@rub.de>
Reported-by: Nico Schiller <nico.schiller@rub.de>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
4 months agoe2fsck: sanity check the journal inode number
Theodore Ts'o [Mon, 30 May 2022 23:17:30 +0000 (19:17 -0400)]
e2fsck: sanity check the journal inode number

E2fsck replays the journal before sanity checking the full superblock.
So it's possible that the journal inode number is not valid relative
to the number of block groups.  So to avoid potentially an array
bounds overrun, sanity check this before trying to find the journal
inode.

Reported-by: Nils Bars <nils.bars@rub.de>
Reported-by: Moritz Schlögel <moritz.schloegel@rub.de>
Reported-by: Nico Schiller <nico.schiller@rub.de>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
4 months agolibsupport: avoid possible null dereference in quota_set_sb_inum()
zhanchengbin [Fri, 31 Dec 2021 07:42:17 +0000 (15:42 +0800)]
libsupport: avoid possible null dereference in quota_set_sb_inum()

If the quota type is invalid, quota_sb_inump will return NULL; this
should not cause the program to crash.

Link: https://lore.kernel.org/r/ee0b034c-71f3-63b7-a8de-d8e7760b9545@huawei.com
Signed-off-by: zhanchengbin <zhanchengbin1@huawei.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
4 months agolibext2fs: fix memory leak in error path while opening test_io manager
zhanchengbin [Fri, 31 Dec 2021 07:43:36 +0000 (15:43 +0800)]
libext2fs: fix memory leak in error path while opening test_io manager

Link: https://lore.kernel.org/r/d0632bbc-9713-38a9-c914-137b702f6ae1@huawei.com
Signed-off-by: zhanchengbin <zhanchengbin1@huawei.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
4 months agoe2fsck: avoid theoretical null dereference in end_problem_latch()
zhanchengbin [Fri, 31 Dec 2021 07:43:10 +0000 (15:43 +0800)]
e2fsck: avoid theoretical null dereference in end_problem_latch()

This should only happen if there is a programming bug, but better safe
than sorry.

Link: https://lore.kernel.org/r/9a9c6658-a8b3-794a-85df-c3bdf0470111@huawei.com
Signed-off-by: zhanchengbin <zhanchengbin1@huawei.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
4 months agodumpe2fs, resize2fs: avoid memory leak on error path
zhanchengbin [Fri, 31 Dec 2021 07:42:40 +0000 (15:42 +0800)]
dumpe2fs, resize2fs: avoid memory leak on error path

Link: https://lore.kernel.org/r/cbfd9852-bc89-1e83-f101-36fd29a0e70e@huawei.com
Signed-off-by: zhanchengbin <zhanchengbin1@huawei.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
4 months agoe2fsck: handle malloc() failure when computing the log file name
zhanchengbin [Fri, 31 Dec 2021 07:41:41 +0000 (15:41 +0800)]
e2fsck: handle malloc() failure when computing the log file name

Link: https://lore.kernel.org/r/6d2844c7-0fd2-e432-3c7e-bb8de8c8a186@huawei.com
Signed-off-by: zhanchengbin <zhanchengbin1@huawei.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
4 months agoe2fsck: no parent lookup in disconnected dir
Andreas Dilger [Mon, 13 Dec 2021 06:35:30 +0000 (23:35 -0700)]
e2fsck: no parent lookup in disconnected dir

Don't call into ext2fs_get_pathname() to do a name lookup for a
disconnected directory, since the directory block traversal in
pass1 has already scanned all of the leaf blocks and never finds
the entry, always printing "???".  If the name entry had been
found earlier, the directory would not be disconnected in pass3.

Instead, lookup ".." and print the parent name in the prompt, and
then do not search for the current directory name at all.  This
avoids a useless full directory scan for each disconnected entry,
which can potentially be slow if the parent directory is large.

Separate the recursively looped directory case to a new error code,
since it is a different problem that should use its own descriptive
text, and a proper pathname can be shown in this case.

Lustre-bug-Id: https://jira.whamcloud.com/browse/LU-15330
Change-Id: If17a92689f24f365ca1fbe5c837e7d5f383ebbe5
Signed-off-by: Andreas Dilger <adilger@whamcloud.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
4 months agoe2fsck: map PROMPT_* values to prompt messages
Andreas Dilger [Wed, 8 Dec 2021 07:51:12 +0000 (00:51 -0700)]
e2fsck: map PROMPT_* values to prompt messages

It isn't totally clear when searching the code for PROMPT_*
constants from problem codes where these messages come from.
Similarly, there isn't a direct mapping from the prompt string
to the constant.

Add comments that make this mapping more clear.

Signed-off-by: Andreas Dilger <adilger@dilger.ca>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
4 months agomisc: fix chattr usage message for project ID
Andreas Dilger [Wed, 1 Dec 2021 22:56:51 +0000 (15:56 -0700)]
misc: fix chattr usage message for project ID

Fix the "chattr -h" usage message to properly document that the
"-p" option takes a project argument, like "-v" takes a version.

Update the man page formatting to emphasize literal strings.

Signed-off-by: Andreas Dilger <adilger@dilger.ca>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
5 months agoUse mallinfo2 instead of mallinfo if available
Lukas Czerner [Thu, 17 Feb 2022 09:25:00 +0000 (10:25 +0100)]
Use mallinfo2 instead of mallinfo if available

mallinfo has been deprecated with GNU C library version 2.33 in favor of
mallinfo2 which works exactly the same as mallinfo but with larger field
widths. Use mallinfo2 if available.

Signed-off-by: Lukas Czerner <lczerner@redhat.com>
Reviewed-by: Andreas Dilger <adilger@dilger.ca>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
5 months agolibss: fix possible NULL pointer dereferece on allocation failure
Lukas Czerner [Thu, 17 Feb 2022 09:24:59 +0000 (10:24 +0100)]
libss: fix possible NULL pointer dereferece on allocation failure

Currently in ss_execute_command() we're missng a check to see if the
memory allocation was succesful. Fix it by checking the return from
malloc and returning ENOMEM if it had failed.

[ Removed addition of the SS_ET_ENOMEM entry to the the libss error
  table.  -TYT ]

Signed-off-by: Lukas Czerner <lczerner@redhat.com>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
5 months agoresize2fs: remove unused variable 'c'
Lukas Czerner [Thu, 17 Feb 2022 09:24:58 +0000 (10:24 +0100)]
resize2fs: remove unused variable 'c'

Signed-off-by: Lukas Czerner <lczerner@redhat.com>
Reviewed-by: Andreas Dilger <adilger@dilger.ca>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
5 months agolibext2fs: add sanity check to extent manipulation
Lukas Czerner [Thu, 21 Apr 2022 17:31:48 +0000 (19:31 +0200)]
libext2fs: add sanity check to extent manipulation

It is possible to have a corrupted extent tree in such a way that a leaf
node contains zero extents in it. Currently if that happens and we try
to traverse the tree we can end up accessing wrong data, or possibly
even uninitialized memory. Make sure we don't do that.

Additionally make sure that we have a sane number of bytes passed to
memmove() in ext2fs_extent_delete().

Note that e2fsck is currently unable to spot and fix such corruption in
pass1.

Signed-off-by: Lukas Czerner <lczerner@redhat.com>
Reported-by: Nils Bars <nils_bars@t-online.de>
Addresses: https://bugzilla.redhat.com/show_bug.cgi?id=2068113
Addresses: CVE-2022-1304
Addresses-Debian-Bug: #1010263
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
8 months agoMerge branch 'maint' into next
Theodore Ts'o [Thu, 13 Jan 2022 13:44:48 +0000 (08:44 -0500)]
Merge branch 'maint' into next

8 months agosetup-schroot: install the udev and systemd packages separately
Theodore Ts'o [Tue, 4 Jan 2022 05:02:22 +0000 (00:02 -0500)]
setup-schroot: install the udev and systemd packages separately

On non-Linux Debian ports (e.g., GNU/Hurd and GNU/kFreeBSD) the udev
and systemd packages don't exist.  So try to install them separately,
so they can fail on their own on those platforms.

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
8 months agotests: support older versions of timeout in r_corrupt_fs
Theodore Ts'o [Tue, 4 Jan 2022 03:45:37 +0000 (22:45 -0500)]
tests: support older versions of timeout in r_corrupt_fs

Older versions of the timeout program in coreutils don't support the
-v option.  (This is apparently still in use in the GNU/FreeBSD Debain
port since coreutils hasn't built successfully since Coreutils version
8.28.)

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
8 months agodebian: suppress the no-debian-changes lintian warning
Theodore Ts'o [Thu, 30 Dec 2021 15:43:49 +0000 (10:43 -0500)]
debian: suppress the no-debian-changes lintian warning

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
8 months agotune2fs: implement support for set/get label iocts
Lukas Czerner [Wed, 24 Nov 2021 13:45:42 +0000 (14:45 +0100)]
tune2fs: implement support for set/get label iocts

Implement support for FS_IOC_SETFSLABEL and FS_IOC_GETFSLABEL ioctls.
Try to use the ioctls if possible even before we open the file system
since we don't need it. Only fall back to the old method in the case the
file system is not mounted, is mounted read only in the set label case,
or the ioctls are not suppported by the kernel.

The new ioctls can also be supported by file system drivers other than
ext4. As a result tune2fs and e2label will work for those file systems
as well as long as the file system is mounted. Note that we still truncate
the label exceeds the supported lenghth on extN file system family, while
we keep the label intact for others.

Update tune2fs and e2label as well.

Signed-off-by: Lukas Czerner <lczerner@redhat.com>
Reviewed-by: Andreas Dilger <adilger@dilger.ca>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
8 months agoMerge branch 'maint' into next
Theodore Ts'o [Thu, 30 Dec 2021 15:59:52 +0000 (10:59 -0500)]
Merge branch 'maint' into next