Whamcloud - gitweb
tools/e2fsprogs.git
6 months agodebian: add support for DEB_BUILD_OPTIONS=parallel=N master next
Theodore Ts'o [Tue, 30 Apr 2024 01:08:19 +0000 (21:08 -0400)]
debian: add support for DEB_BUILD_OPTIONS=parallel=N

This speeds up package builds using "make -jN" and "make -jN check".

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 months agodebian: don't build with libarchive on mips64el
Theodore Ts'o [Mon, 29 Apr 2024 20:31:14 +0000 (16:31 -0400)]
debian: don't build with libarchive on mips64el

The libarchive functionality in "mke2fs -d foo.tar" is breaking the
regression test[1].  Since this is working everywhere _except_
mips64el, as a short-term workaround disable libarchive support on
this platform until it can be fixed.

[1] https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1070042

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 months agodebian: don't try to install e2scrub on Hurd
Theodore Ts'o [Mon, 29 Apr 2024 18:13:47 +0000 (14:13 -0400)]
debian: don't try to install e2scrub on Hurd

The e2scrub scripts rely on systemd, which isn't present on non-Linux
systems, so they aren't built.  So we need to skip trying to run
dh_installsystemd since it will fail on the Hurd build since the
requisite files aren't being built.

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 months agoconfigure: add --without-libarchive option
Theodore Ts'o [Mon, 29 Apr 2024 05:23:29 +0000 (01:23 -0400)]
configure: add --without-libarchive option

Teach configure the --without-libarchive option, which forcibly
disables use of the libarchive library.

The option --with-libarchive=direct will disable the use of dlopen,
and will link mke2fs with -larchive directly.  This doesn't work when
building mke2f.static, since -larchive has a large number of
depedencies, and even "pkgconf --libs --static libarchive" doesn't
provide all of the appropriate library dependencies.  :-(

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 months agoresize2fs: fix last bg's free clusters calculation on 64-bit file systems
Theodore Ts'o [Mon, 29 Apr 2024 03:26:19 +0000 (23:26 -0400)]
resize2fs: fix last bg's free clusters calculation on 64-bit file systems

Fixes-Coverity-bug: 1596645
Fixes: d43fb24ca0db ("resize2fs: fix r_bigalloc_big_expand test failure")
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 months agoRemove duplicated word in release notes
Theodore Ts'o [Sun, 28 Apr 2024 16:34:42 +0000 (12:34 -0400)]
Remove duplicated word in release notes

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 months agodebian: add a note in debian/changelog regarding features being re-enabled v1.47.1-rc1
Theodore Ts'o [Sun, 28 Apr 2024 03:06:09 +0000 (23:06 -0400)]
debian: add a note in debian/changelog regarding features being re-enabled

The metadata_csum_seed and orphan_file features were disabled before
Debian Bookworm was released, but now that it's released, we are now
re-enabling those features for Debian testing and the next version of
Debian stable (trixie).

Also, remove some spurious whitespace.

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 months agoUpdate release notes, etc., for the 1.47.1-rc1 release
Theodore Ts'o [Sat, 27 Apr 2024 04:38:54 +0000 (00:38 -0400)]
Update release notes, etc., for the 1.47.1-rc1 release

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 months agoresize2fs: fix r_bigalloc_big_expand test failure
Theodore Ts'o [Sun, 28 Apr 2024 01:04:33 +0000 (21:04 -0400)]
resize2fs: fix r_bigalloc_big_expand test failure

Manually count the number free clusters in the last block group since
it might not be a multiple of 8, and using ext2fs_bitcount() might not
work if bitmap isn't properly padding out.

In addition, when setting up the block bitmap for the resized file
system, resize2fs was setting up the "real end" of the bitmap in units
of blocks instead of clusters.

We didn't notice this problem earlier because of a test failure which
caused the test to be skipped.

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 months agotests: add better debugging for failures when running resize2fs tests
Theodore Ts'o [Sun, 28 Apr 2024 00:02:05 +0000 (20:02 -0400)]
tests: add better debugging for failures when running resize2fs tests

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 months agotests: fix tests that were always being skipped
Theodore Ts'o [Sat, 27 Apr 2024 17:35:09 +0000 (13:35 -0400)]
tests: fix tests that were always being skipped

A broken OS check was causing a few tests that were supposed to be
skipped on MacOS, Hurd, and FreeBSD systems to be always skipped.

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 months agotests: fix more expected output files
Theodore Ts'o [Sat, 27 Apr 2024 17:33:39 +0000 (13:33 -0400)]
tests: fix more expected output files

Fixes: 54765493af7d ("libe2p: remove tabs from "Inode size" and "Journal device" in `tune2fs -l` output")
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 months agoconfig: update config.{guess,sub}
Theodore Ts'o [Sat, 27 Apr 2024 04:37:13 +0000 (00:37 -0400)]
config: update config.{guess,sub}

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 months agoUpdate Makefile dependencies
Theodore Ts'o [Sat, 27 Apr 2024 04:32:33 +0000 (00:32 -0400)]
Update Makefile dependencies

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 months agoe2fsck.8: minor man page fixes
Theodore Ts'o [Fri, 26 Apr 2024 04:36:31 +0000 (00:36 -0400)]
e2fsck.8: minor man page fixes

Addresses-Debian-Bug: #1038286
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 months agoPrevent i_dtime from being mistaken for an inode number post-2038 wraparound
Theodore Ts'o [Fri, 26 Apr 2024 04:13:03 +0000 (00:13 -0400)]
Prevent i_dtime from being mistaken for an inode number post-2038 wraparound

We explicitly decided not to reserve space for a 64-bit dtime, since
it's never displayed or exposed to userspace.  The dtime field is used
a linked list for the ophan list, and for forensic purposes when
trying to determine when an inode was deleted.  So right after the
2038 epoch, a deleted inode might end up with a dtime which is zero or
smaller than the number of inodes, which will result in e2fsck
reporting a potential problems.  So when we set the dtime, make sure
that the dtime won't be mistaken for an inode number.

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 months agolibextr2fs: handle short reads/writes while creating the qcow file
Theodore Ts'o [Thu, 25 Apr 2024 21:52:05 +0000 (17:52 -0400)]
libextr2fs: handle short reads/writes while creating the qcow file

This issue was flagged by Coverity, although its analysis was
incorrect.  This isn't actually a memory overrun / security issue, but
rather a functional correctness issue since POSIX allows reads and
writes to be partially completed, and in those cases qcow2_copy_data()
could result in a corrutped qcow2 file.

Addresses-Coverity-Bug: 1531830
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 months agodebian: fix accidental editing error in libext2fs2t664.symbols
Theodore Ts'o [Thu, 25 Apr 2024 17:36:36 +0000 (13:36 -0400)]
debian: fix accidental editing error in libext2fs2t664.symbols

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 months agoconfigure: Use FORTIFY_SOURCE=3 when hardening is enabled
Theodore Ts'o [Thu, 25 Apr 2024 17:23:55 +0000 (13:23 -0400)]
configure: Use FORTIFY_SOURCE=3 when hardening is enabled

FORTIFY_SOURCE=3 provides much more robust checks for buffer overruns
and other memory bugs[1].  It requires gcc 12 and glibc 2.34 which
should be available on most modern distributions (which are the ones
that use --enable-hardening).

[1] https://developers.redhat.com/articles/2022/09/17/gccs-new-fortification-level

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 months agofsck: fix memory leak on an error exit
Theodore Ts'o [Thu, 25 Apr 2024 17:22:15 +0000 (13:22 -0400)]
fsck: fix memory leak on an error exit

This reduces noise from a static analyzer.

https://github.com/tytso/e2fsprogs/issues/160

Signed-off-by: Theodore Ts'o <tytso@mit.
6 months agolibext2fs: add new getenv.c file
Theodore Ts'o [Thu, 25 Apr 2024 16:41:48 +0000 (12:41 -0400)]
libext2fs: add new getenv.c file

Fixes: eefbea0da810 ("libext2fs: use a safe_getenv() function everywhere")
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 months agotests: fix expect scripts after removing tabs from tune2fs -l output
Theodore Ts'o [Thu, 25 Apr 2024 16:39:42 +0000 (12:39 -0400)]
tests: fix expect scripts after removing tabs from tune2fs -l output

Fixes: 54765493af7d ("libe2p: remove tabs from "Inode size" and "Journal device" in `tune2fs -l` output")
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 months agoMerge branch 'issue-168' of https://github.com/chestnykh/e2fsprogs into next
Theodore Ts'o [Thu, 25 Apr 2024 16:10:09 +0000 (12:10 -0400)]
Merge branch 'issue-168' of https://github.com/chestnykh/e2fsprogs into next

6 months agoMerge branch 'fix-windows-64-bit' of https://github.com/steffen-kiess/e2fsprogs into...
Theodore Ts'o [Thu, 25 Apr 2024 16:06:28 +0000 (12:06 -0400)]
Merge branch 'fix-windows-64-bit' of https://github.com/steffen-kiess/e2fsprogs into next

6 months agoMerge branch 'tune2fs-remove-tabs' of https://github.com/richardfearn/e2fsprogs into...
Theodore Ts'o [Thu, 25 Apr 2024 16:04:34 +0000 (12:04 -0400)]
Merge branch 'tune2fs-remove-tabs' of https://github.com/richardfearn/e2fsprogs into next

6 months agoMerge https://github.com/steven676/e2fsprogs into next
Theodore Ts'o [Thu, 25 Apr 2024 15:57:34 +0000 (11:57 -0400)]
Merge https://github.com/steven676/e2fsprogs into next

6 months agomke2fs: implement timestamp clamping if SOURCE_DATE_EPOCH is set
Theodore Ts'o [Thu, 25 Apr 2024 15:38:32 +0000 (11:38 -0400)]
mke2fs: implement timestamp clamping if SOURCE_DATE_EPOCH is set

When copying files to the newly created file system using "mke2fs -d",
and there are timestamps greater than what is specified by
SOURCE_DATE_EPOCH, clamp the timestamp to the SOURCE_DATE_EPOCH
timestamp.

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 months agolibext2fs: add support for the SOURCE_DATE_EPOCH environment variable
Theodore Ts'o [Thu, 25 Apr 2024 14:42:09 +0000 (10:42 -0400)]
libext2fs: add support for the SOURCE_DATE_EPOCH environment variable

Add SOURCE_DATE_EPOCH support as documented in [1].

[1] https://reproducible-builds.org/specs/source-date-epoch

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 months agolibext2fs: use a safe_getenv() function everywhere
Theodore Ts'o [Thu, 25 Apr 2024 14:19:08 +0000 (10:19 -0400)]
libext2fs: use a safe_getenv() function everywhere

Hoist safe_getenv() from test_io.c and unix_io.c to a globally
exported ext2fs_safe_getenv() and use it instead of getenv() in
libext2fs.  This provides a bit more safety if e2fsprogs programs are
used in setuid contexts.

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 months agopo: update e2fsprogs.pot in preparations for v1.47.1-rc1 release
Theodore Ts'o [Wed, 24 Apr 2024 17:29:55 +0000 (13:29 -0400)]
po: update e2fsprogs.pot in preparations for v1.47.1-rc1 release

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 months agopo: add Romainian language from the Translation Project
Theodore Ts'o [Wed, 24 Apr 2024 17:22:02 +0000 (13:22 -0400)]
po: add Romainian language from the Translation Project

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 months agopo: update ms.po (from translationproject.org)
Sharuzzaman Ahmat Raslan [Wed, 24 Apr 2024 17:17:09 +0000 (13:17 -0400)]
po: update ms.po (from translationproject.org)

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 months agodebian: update libext2fs2t64.symbols with shared library additions
Theodore Ts'o [Wed, 24 Apr 2024 17:15:12 +0000 (13:15 -0400)]
debian: update libext2fs2t64.symbols with shared library additions

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 months agolibss: fix function delcaration in the test_ss regression test
Theodore Ts'o [Wed, 24 Apr 2024 04:13:02 +0000 (00:13 -0400)]
libss: fix function delcaration in the test_ss regression test

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 months agoFix various compiler -Wall warnings
Theodore Ts'o [Wed, 24 Apr 2024 04:04:59 +0000 (00:04 -0400)]
Fix various compiler -Wall warnings

Fixes: a12302fa683e ("e2fsck: make sure get_backup_sb() works ...")
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 months agoe2fsck, tune2fs: fix post-2038 support for s_lastcheck
Theodore Ts'o [Wed, 24 Apr 2024 03:18:28 +0000 (23:18 -0400)]
e2fsck, tune2fs: fix post-2038 support for s_lastcheck

This changes were missed in commit ca8bc9240a00 ("Add post-2038
timestamp support to e2fsprogs").

Addresses-Coverity-Bug: 1531832
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 months agoFix coverity false positives introduced by the post-2038 changes
Theodore Ts'o [Wed, 24 Apr 2024 02:13:25 +0000 (22:13 -0400)]
Fix coverity false positives introduced by the post-2038 changes

Commit ca8bc9240a00 ("Add post-2038 timestamp support...") did things
like casting a 64-bit unsigned integer into a signed 32-bit integer
deliberately; but Coverity thinks this is a bug.  So mask off the bits
to make it clear this was deliberate.

Addresses-Coverity-Bug: 1596519
Addresses-Coverity-Bug: 1596515
Addresses-Coverity-Bug: 1596514
Addresses-Coverity-Bug: 1596513
Addresses-Coverity-Bug: 1596511
Addresses-Coverity-Bug: 1596509
Addresses-Coverity-Bug: 1596508
Addresses-Coverity-Bug: 1596504
Addresses-Coverity-Bug: 1596502
Addresses-Coverity-Bug: 1596501
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 months agoe2fsck: make sure get_backup_sb() works when ctx is NULL
Theodore Ts'o [Wed, 24 Apr 2024 01:37:03 +0000 (21:37 -0400)]
e2fsck: make sure get_backup_sb() works when ctx is NULL

The print_e2fsck_message() function can call get_backup_sb() with the
ctx variable set to NULL.  In that case, we can't dereference
ctx->filesystem_name; instead, we can get the size of the file system
from the ext2fs_block_count(fs->super).

Addresses-Coverity-Bug: 1596517
Addresses-Coverity-Bug: 1596505
Fixes: b53ce7848c2e ("e2fsck: don't try backup superblocks beyond...")
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 months agoAlign function prototypes for libss's request handler function
Theodore Ts'o [Tue, 23 Apr 2024 21:11:26 +0000 (17:11 -0400)]
Align function prototypes for libss's request handler function

Clang 17's Undefined Behaviour Sanitizer will throw run-time warnings
if a function pointer is dereferenced with a different function
signature than one in the pointer --- even if the difference is a
missing const qualifier.  To fix regression test failures, change
declarations of argv to use ss_argv_t instead of an inconsistently
open-coded type.

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 months agoUpdate version tag to 1.47.1-rc1 for test builds
Theodore Ts'o [Tue, 23 Apr 2024 15:55:43 +0000 (11:55 -0400)]
Update version tag to 1.47.1-rc1 for test builds

Also add Debian dependencies for libarchive-dev and change the
dependency from libfuse-dev to libfuse3-dev.

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 months agocreate_inode: fix gcc -Wall warnings
Theodore Ts'o [Tue, 23 Apr 2024 05:07:40 +0000 (01:07 -0400)]
create_inode: fix gcc -Wall warnings

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 months agomke2fs: use the correct shared library version for libarchive on FreeBSD
Theodore Ts'o [Tue, 23 Apr 2024 05:00:56 +0000 (01:00 -0400)]
mke2fs: use the correct shared library version for libarchive on FreeBSD

Adjust for the fact that Linux uses libarchive.so.13, while freeBSD
uses libarchive.so.7.

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 months agotests: fix problems in the m_rootgnutar test
Theodore Ts'o [Tue, 23 Apr 2024 02:51:57 +0000 (22:51 -0400)]
tests: fix problems in the m_rootgnutar test

The mkgnutar.pl file only works if the developer had a specific
username and uid.  In addition, if it is used, the round-trip from tar
to an ext4 file system and back to tar isn't properly tested.  So only
use mkgnutar.pl if the system doesn't have GNU TAR.

In addition, make sure all of the temp files created by the test are
deleted when the test is completed.

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 months agotests: stat -c %Y is not portable, replace with perl stat in m_rootgnutar
Johannes Schauer Marin Rodrigues [Sun, 21 Apr 2024 07:04:34 +0000 (09:04 +0200)]
tests: stat -c %Y is not portable, replace with perl stat in m_rootgnutar

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 months agolibsupport: fix sort_r.h to work on FreeBSD 14
Theodore Ts'o [Sun, 21 Apr 2024 05:07:14 +0000 (01:07 -0400)]
libsupport: fix sort_r.h to work on FreeBSD 14

FreeBSD 14 has changed the definition of qsort_r to align it with the
POSIX, but it did this with a #define.  So when sort_r.h tries to
provide a function prototype, surround the function name with
parenthesis so it doesn't get expanded by FreeBSD's #define.

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 months agoMerge branch 'support-fuse3' of https://github.com/DrDaveD/e2fsprogs into next
Theodore Ts'o [Sun, 21 Apr 2024 05:03:35 +0000 (01:03 -0400)]
Merge branch 'support-fuse3' of https://github.com/DrDaveD/e2fsprogs into next

6 months agoMerge remote-tracking branch 'josch/libarchive' into josch-libarchive
Theodore Ts'o [Thu, 18 Apr 2024 19:02:49 +0000 (15:02 -0400)]
Merge remote-tracking branch 'josch/libarchive' into josch-libarchive

6 months agodebugfs: fix printing post-2038 inode timestamps
Theodore Ts'o [Thu, 18 Apr 2024 18:16:55 +0000 (14:16 -0400)]
debugfs: fix printing post-2038 inode timestamps

Debugfs's stat command called ext2fs_inode_xtime_get() with a struct
inode * instead of a struct large_inode *.  As a result, printing
inode timestamps will be incorrect if the time value is larger than
2**32.

Fixes: ca8bc9240a00 ("Add post-2038 timestamp support to e2fsprogs")
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 months agomisc: update mke2fs's man page regarding the default inode size
Pascal Hambourg [Wed, 17 Apr 2024 11:48:22 +0000 (13:48 +0200)]
misc: update mke2fs's man page regarding the default inode size

Since a23b50cd ("mke2fs: warn about missing y2038 support when
formatting fresh ext4 fs"), the default inode size is 256 bytes
for all filesystems, including small and floppy, except for the
Hurd since it currently only supports 128-byte inodes.

Signed-off-by: Pascal Hambourg <pascal@plouf.fr.eu.org>
Reviewed-by: Andreas Dilger <adilger@dilger.ca>
Link: https://lore.kernel.org/r/E1rx4t4-00073d-1e@zenith
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 months agodebugfs: fix set_field's handling of timestamps
Theodore Ts'o [Thu, 18 Apr 2024 14:04:27 +0000 (10:04 -0400)]
debugfs: fix set_field's handling of timestamps

How timestamps are encoded in inodes and superblocks are different.
Unfortunately, commit ca8bc9240a00 which added post-2038 timestamps
was (a) overwriting adjacent superblock fields and/or attempting
unaligned writes to a 8-bit field from a 32-bit pointer, and (b) using
the incorrect encoding for timestamps stored in inodes.  Fix both of
these issues, which were found thanks to UBSAN.

Fixes: ca8bc9240a00 ("Add post-2038 timestamp support to e2fsprogs")
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 months agomke2fs: the -d option can now handle tarball input
Johannes Schauer Marin Rodrigues [Wed, 20 Jul 2022 04:37:51 +0000 (06:37 +0200)]
mke2fs: the -d option can now handle tarball input

If archive.h is available during compilation, enable mke2fs to read a
tarball as input. Since libarchive.so.13 is opened with dlopen,
libarchive is not a hard library dependency of the resulting binary.

In comparison with feeding a directory tree to mke2fs via -d this has
the following advantages:

 - no superuser privileges, nor fakeroot, nor unshared user namespaces
   are needed to create filesystems with arbitrary ownership information
   and special files like device nodes which otherwise require being root

 - by reading a tarball from standard input, no temporary files need to
   be written out first as mke2fs can be used as part of a shell pipeline
   which reduces disk usage and makes the conversion independent of the
   underlying file system

A round-trip from tarball to ext4 to tarball yields bit-by-bit identical
results

Signed-off-by: Johannes Schauer Marin Rodrigues <josch@mister-muffin.de>
6 months agoci.yml: upload *.failed test failure artifacts
Theodore Ts'o [Thu, 18 Apr 2024 04:15:54 +0000 (00:15 -0400)]
ci.yml: upload *.failed test failure artifacts

Also upgrade to v4 of the upload-artifact and checkout actions.

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 months agoFix 32-bit build and test failures
Theodore Ts'o [Thu, 18 Apr 2024 03:47:02 +0000 (23:47 -0400)]
Fix 32-bit build and test failures

Commit ca8bc9240a00 ("Add post-2038 timestamp support to e2fsprogs")
was never built or tested on a 32-bit.  It introduced some build
problems when time_t is a 32-bit integer, and it exposed some test
bugs.  Fix them.

Fixes: ca8bc9240a00 ("Add post-2038 timestamp support to e2fsprogs")
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 months agoe2fsck: don't try backup superblocks beyond the size of the device
Theodore Ts'o [Wed, 17 Apr 2024 20:52:00 +0000 (16:52 -0400)]
e2fsck: don't try backup superblocks beyond the size of the device

Commit f7ef5f3e356d ("e2fsck: check all sparse_super backups") tries
to limit the number of block groups to search for backup superblocks
based on ctx->num_blocks.  Unfortunately, get_backup_sb() gets called
before ctx->num_blocks is set, so we try all block groups up to 2**32
- 1.  Not only does this waste time trying to read from blocks that
don't exist, it triggers the UBSAN checker when multiplying a very
large number by the block size.

Fix this by using ext2fs_get_Device_size(), and if that isn't
available, arbitrarily cap things so that we search block groups up to
128.

Fixes: f7ef5f3e356d ("e2fsck: check all sparse_super backups")
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 months agodebugfs: fix clang warnings
Theodore Ts'o [Wed, 17 Apr 2024 17:58:49 +0000 (13:58 -0400)]
debugfs: fix clang warnings

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 months agoext2fs: fix -Walloc-size
Sam James [Tue, 7 Nov 2023 23:31:20 +0000 (23:31 +0000)]
ext2fs: fix -Walloc-size

GCC 14 introduces a new -Walloc-size included in -Wextra which gives:
```
lib/ext2fs/hashmap.c:37:36: warning: allocation of insufficient size â€˜1’ for type â€˜struct ext2fs_hashmap’ with size â€˜20’ [-Walloc-size]
```

The calloc prototype is:
```
void *calloc(size_t nmemb, size_t size);
```

So, just swap the number of members and size arguments to match the prototype, as
we're initialising 1 struct of size `sizeof(...)`. GCC then sees we're not
doing anything wrong.

Signed-off-by: Sam James <sam@gentoo.org>
Link: https://lore.kernel.org/r/20231107233122.2013191-1-sam@gentoo.org
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 months agoe4crypt: fix spurious "Success" error message
Jakub Wilk [Wed, 27 Dec 2023 08:08:05 +0000 (09:08 +0100)]
e4crypt: fix spurious "Success" error message

Before:

    # e4crypt set_policy 0000000000000000 /dev/null
    /dev/null is not a directory
    /dev/null: Success

After:

    # e4crypt set_policy 0000000000000000 /dev/null
    /dev/null: Not a directory

Signed-off-by: Jakub Wilk <jwilk@jwilk.net>
Link: https://lore.kernel.org/r/20231227080805.6801-1-jwilk@jwilk.net
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 months agodebugfs: fix infinite loop while dumping the journal
Wenchao Hao [Fri, 17 Nov 2023 10:23:15 +0000 (18:23 +0800)]
debugfs: fix infinite loop while dumping the journal

There are 2 scenarios which would trigger infinite loop:

1. None log is recorded, then dumplog with "-n", for example:
   debugfs -R "logdump -O -n 10" /dev/xxx
   while /dev/xxx has no valid log recorded.
2. The log area is full and cycle write is triggered, then dumplog with
   debugfs -R "logdump -aOS" /dev/xxx

This patch add a new flag "wrapped_flag" to mark if logdump has
reached to tail of logarea set in macro WRAP().

If wrapped_flag is true, and we comes to first_transaction_blocknr
again, just break the logdump loop.

[ Renamed reverse_flag to wrapped_flag to make it clearer what it is. -- TYT ]

Signed-off-by: Wenchao Hao <haowenchao2@huawei.com>
Link: https://lore.kernel.org/r/20231117102315.2431846-1-haowenchao2@huawei.com
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 months agoresize2fs: avoid constantly flushing while moving blocks
Anssi Hannula [Tue, 7 Nov 2023 09:46:53 +0000 (11:46 +0200)]
resize2fs: avoid constantly flushing while moving blocks

resize2fs block_mover() flushes data after each extent and, curiously,
only if progress indicator is enabled, every inode_blocks_per_group
blocks.

This significantly affects performance, e.g. on a tested large
filesystem on top of MD-RAID6+LVM+dm-crypt these flush calls reduce the
operation rate from approx. 500MB/s to 5MB/s, causing extremely long
shrinking times for large size deltas (70TB in my case).

Since this step performs just plain data copying and does not e.g. save
any progress/checkpoint information or similar metadata, it seems like
this flushing is of very limited usefulness, especially when considering
the (in some cases) 100x performance impact.

Remove the mid-operation flushes and only flush after all blocks have
been moved.

Signed-off-by: Anssi Hannula <anssi.hannula@iki.fi>
Link: https://lore.kernel.org/r/20231107094920.4056281-1-anssi.hannula@iki.fi
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 months agoMerge branch 'maint' into next
Theodore Ts'o [Tue, 16 Apr 2024 16:50:46 +0000 (12:50 -0400)]
Merge branch 'maint' into next

6 months agotests: new test to check quota after a bad inode deallocation
Luis Henriques (SUSE) [Fri, 5 Apr 2024 14:24:05 +0000 (15:24 +0100)]
tests: new test to check quota after a bad inode deallocation

This new test validates e2fsck by verifying that quota is updated after a bad
inode is deallocated.  It mimics fstest ext4/019 by including a filesystem image
where a symbolic link was created to an existing file, using a long symlink
name.  This symbolic link was then wiped with:

  # debugfs -w -R 'zap -f /testlink 0' f_testnew/image

Signed-off-by: Luis Henriques (SUSE) <luis.henriques@linux.dev>
Reviewed-by: Andreas Dilger <adilger@dilger.ca>
Link: https://lore.kernel.org/r/20240405142405.12312-5-luis.henriques@linux.dev
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 months agotests: new test to check quota after directory optimization
Luis Henriques (SUSE) [Fri, 5 Apr 2024 14:24:04 +0000 (15:24 +0100)]
tests: new test to check quota after directory optimization

This new test validates e2fsck by verifying that quota data is updated after a
directory optimization is performed.  This issue was initially found by fstest
ext4/014, and this test was based on it.  It includes a filesystem image where
the lost+found directory is unlinked after a new link to it is created:

  # debugfs -w -R "ln lost+found foo" f_testnew/image
  # debugfs -w -R "unlink lost+found" f_testnew/image

Signed-off-by: Luis Henriques (SUSE) <luis.henriques@linux.dev>
Link: https://lore.kernel.org/r/20240405142405.12312-4-luis.henriques@linux.dev
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 months agoe2fsck: update quota when deallocating a bad inode
Luis Henriques (SUSE) [Fri, 5 Apr 2024 14:24:03 +0000 (15:24 +0100)]
e2fsck: update quota when deallocating a bad inode

If a bad inode is found it will be deallocated.  However, if the filesystem has
quota enabled, the quota information isn't being updated accordingly.  This
issue was detected by running fstest ext4/019.

This patch fixes the issue by decreasing the inode count from the
quota and, if blocks are also being released, also subtract them as well.

While there, and as suggested by Andreas Dilger, the deallocate_inode()
function documentation is also updated by this patch to make it clear what
that function really does.

Signed-off-by: Luis Henriques (SUSE) <luis.henriques@linux.dev>
Link: https://lore.kernel.org/r/20240405142405.12312-3-luis.henriques@linux.dev
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 months agoe2fsck: update quota accounting after directory optimization
Luis Henriques (SUSE) [Fri, 5 Apr 2024 14:24:02 +0000 (15:24 +0100)]
e2fsck: update quota accounting after directory optimization

In "Pass 3A: Optimizing directories", a directory may have it's size reduced.
If that happens and quota is enabled in the filesystem, the quota information
will be incorrect because it doesn't take the rehash into account.  This issue
was detected by running fstest ext4/014.

This patch simply updates the quota data accordingly, after the directory is
written and it's size has been updated.

Link: https://bugzilla.kernel.org/show_bug.cgi?id=218626
Signed-off-by: Luis Henriques (SUSE) <luis.henriques@linux.dev>
Reviewed-by: Andreas Dilger <adilger@dilger.ca>
Link: https://lore.kernel.org/r/20240405142405.12312-2-luis.henriques@linux.dev
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 months agoe2fsprogs: misc/mke2fs.8.in: Correct valid cluster-size values
Srivathsa Dara [Wed, 3 Apr 2024 04:30:37 +0000 (04:30 +0000)]
e2fsprogs: misc/mke2fs.8.in: Correct valid cluster-size values

According to the mke2fs man page, the supported cluster-size values
for an ext4 filesystem are 2048 to 256M bytes. However, this is not
the case.

When mkfs is run to create a filesystem with following specifications:
* 1k blocksize and cluster-size greater than 32M
* 2k blocksize and cluster-size greater than 64M
* 4k blocksize and cluster-size greater than 128M
mkfs fails with "Invalid argument passed to ext2 library while trying
to create journal" error. In general, when the cluster-size to blocksize
ratio is greater than 32k, mkfs fails with this error.

Went through the code and found out that the function
`ext2fs_new_range()` is the source of this error. This is because when
the cluster-size to blocksize ratio exceeds 32k, the length argument
to the function `ext2fs_new_range()` results in 0. Hence, the error.

This patch corrects the valid cluster-size values.

Reviewed-by: Darrick J. Wong <djwong@kernel.org>
Link: https://lore.kernel.org/r/20240403043037.3992724-1-srivathsa.d.dara@oracle.com
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 months agolib/ext2fs: llseek: simplify linux section
Mike Gilbert [Tue, 7 Nov 2023 23:33:22 +0000 (23:33 +0000)]
lib/ext2fs: llseek: simplify linux section

On 32-bit musl systems, off_t is always 8 bytes regardless of
_FILE_OFFSET_BITS. The previous code did not cover this case.

The previous #ifdef logic was rather confusing, so I reworked it into a
more understandable form.

Bug: https://bugs.gentoo.org/908892
Signed-off-by: Mike Gilbert <floppym@gentoo.org>
Closes: https://github.com/tytso/e2fsprogs/pull/150
Signed-off-by: Sam James <sam@gentoo.org>
Link: https://lore.kernel.org/r/20231107233323.2013334-2-sam@gentoo.org
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 months agoconfigure.ac: call AC_SYS_LARGEFILE before checking the size of off_t
Mike Gilbert [Tue, 7 Nov 2023 23:33:21 +0000 (23:33 +0000)]
configure.ac: call AC_SYS_LARGEFILE before checking the size of off_t

Signed-off-by: Mike Gilbert <floppym@gentoo.org>
Signed-off-by: Sam James <sam@gentoo.org>
Link: https://lore.kernel.org/r/20231107233323.2013334-1-sam@gentoo.org
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 months agoconfigure: update configure so it is generated using autoconf 2.71
Theodore Ts'o [Thu, 4 Apr 2024 14:59:54 +0000 (10:59 -0400)]
configure: update configure so it is generated using autoconf 2.71

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 months agomke2fs: do not set the BLOCK_UNINIT on groups has GDT
Li Dongyang [Mon, 25 Sep 2023 06:08:01 +0000 (16:08 +1000)]
mke2fs: do not set the BLOCK_UNINIT on groups has GDT

This patch prepares the expansion of GDT blocks beyond a
single group, by make mke2fs to not set BLOCK_UNINIT on
groups with GDT blocks, block/inode bitmaps, or inode table
blocks allocated.

Otherwise, we still rely on kernel side to initialize the
block bitmap if the groups has BLOCK_UNINIT set, and the
kernel doesn't know a group could have GDT blocks allocated,
so it would make an bad block bitmap.

As a result, expect output of several tests needs to be changed,
especially if the test uses dumpe2fs to print the group summary.

Signed-off-by: Li Dongyang <dongyangli@ddn.com>
Reviewed-by: Andreas Dilger <adilger@dilger.ca>
Link: https://lore.kernel.org/r/20230925060801.1397581-2-dongyangli@ddn.com
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 months agomke2fs: set free blocks accurately for groups has GDT
Li Dongyang [Mon, 25 Sep 2023 06:08:00 +0000 (16:08 +1000)]
mke2fs: set free blocks accurately for groups has GDT

This patch is part of the preparation required to allow
GDT blocks expand beyond a single group,
it introduces 2 new interfaces:
- ext2fs_count_used_blocks(), to return the blocks used
in the bitmap range.
- ext2fs_reserve_super_and_bgd2() to return blocks used by
superblock/GDT blocks for every group, by looking up blocks used.

Signed-off-by: Li Dongyang <dongyangli@ddn.com>
Reviewed-by: Andreas Dilger <adilger@dilger.ca>
Link: https://lore.kernel.org/r/20230925060801.1397581-1-dongyangli@ddn.com
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 months agoe2fsck: check all sparse_super backups
Andreas Dilger [Mon, 4 Sep 2023 04:57:42 +0000 (14:57 +1000)]
e2fsck: check all sparse_super backups

Teach e2fsck to look for backup super blocks in the "sparse_super"
groups, by checking group #1 first and then powers of 3^n, 5^n,
and 7^n, up to the limit of available block groups.

Export ext2fs_list_backups() function to efficiently iterate groups
for backup sb/GDT instead of checking every group.  Ensure that the
group counters do not try to overflow the 2^32-1 group limit, and
try to limit scanning to the size of the block device (if available).

Signed-off-by: Li Dongyang <dongyangli@ddn.com>
Signed-off-by: Andreas Dilger <adilger@whamcloud.com>
Link: https://lore.kernel.org/r/20230904045742.827584-1-dongyangli@ddn.com
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 months agomke2fs: batch zeroing inode table
Li Dongyang [Mon, 4 Sep 2023 04:58:06 +0000 (14:58 +1000)]
mke2fs: batch zeroing inode table

For flex_bg enabled fs, we could merge the
inode table blocks into a contiguous range,
this improves mke2fs time on large devices
when lazy_itable_init is disabled.

On a 977TB device, unpatched mke2fs was running
for 449m10s before getting terminated manually.
strace shows huge number of fallocate, given the
offset from fallocate it has done 41% of the inode
tables, the estimated time needed would be 1082m.

unpatched  patched
real 449m10.954s 4m20.531s
user 0m18.217s 0m16.147s
sys 0m20.311s 0m8.944s

Signed-off-by: Li Dongyang <dongyangli@ddn.com>
Link: https://lore.kernel.org/r/20230904045806.827621-1-dongyangli@ddn.com
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
6 months agolibext2fs: always refuse to open a file system with a zero s_desc_size maint
Theodore Ts'o [Wed, 3 Apr 2024 21:30:37 +0000 (17:30 -0400)]
libext2fs: always refuse to open a file system with a zero s_desc_size

Commit 42c11edd0863 ("ext2fs_open[2](), return an error if s_desc_size
is too large") added a check for an insanely large s_desc_size to
prevent some failures triggered by fuzz testing.  However, it would
allow e2fsck to fall back to recover the file system by using the
backup superblocks by having e2fsck pass the flag
EXT2_FLAG_IGNORE_SB_ERRORS.  But by allowing an s_desc_Size of zero,
it's possible that e2fsck will die with a division of zero error.
With this fix, e2fsck will now print an error message and exit
instead.

https://github.com/tytso/e2fsprogs/issues/183

Fixes: 42c11edd0863 ("ext2fs_open[2](), return an error if s_desc_size is too large")
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
7 months agoAdd post-2038 timestamp support to e2fsprogs
Andreas Dilger [Wed, 27 Sep 2023 05:40:16 +0000 (23:40 -0600)]
Add post-2038 timestamp support to e2fsprogs

The ext4 kernel code implemented support for s_mtime_hi,
s_wtime_hi, and related timestamp fields to avoid timestamp
overflow in 2038, but similar handling is not in e2fsprogs.

Add helper macros for the superblock _hi timestamp fields
ext2fs_super_tstamp_get() and ext2fs_super_tstamp_set().

Add helper macro for inode _extra timestamp fields
ext2fs_inode_xtime_get() and ext2fs_inode_xtime_set().

Add helper macro ext2fs_actual_inode_size() to avoid open
coding the i_extra_isize check in multiple places.

Remove inode_time_to_string() since this is unused once callers
change to time_to_string(ext2fs_inode_xtime_get()) directly.

Fix inode_includes() macro to properly wrap "inode" parameter,
and rename to ext2fs_inode_includes() to avoid potential name
clashes.  Use this to check inode field inclusion in debugfs
instead of bare constants for inode field offsets.

Use these interfaces to access timestamps in debugfs, e2fsck,
libext2fs, fuse2fs, tune2fs, and e2undo.

Signed-off-by: Andreas Dilger <adilger@dilger.ca>
Link: https://lore.kernel.org/r/20230927054016.16645-1-adilger@dilger.ca
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
7 months agolibext2fs: fix ext2fs_get_device_size2() return value on Windows
Eric Biggers [Wed, 1 Mar 2023 03:45:18 +0000 (19:45 -0800)]
libext2fs: fix ext2fs_get_device_size2() return value on Windows

Creating a file system on Windows without a pre-existing file stopped
working because the Windows version of ext2fs_get_device_size2() doesn't
return ENOENT if the file doesn't exist.  Fix this.

Fixes: 53464654bd33 ("mke2fs: fix creating a file system image w/o a pre-existing file")
Signed-off-by: Eric Biggers <ebiggers@google.com>
Link: https://lore.kernel.org/r/20230301034518.373859-1-ebiggers@kernel.org
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
7 months agodebian: drop "package-supports-alternative-init-but-no-init.d-script" override
Theodore Ts'o [Sun, 31 Mar 2024 03:55:44 +0000 (23:55 -0400)]
debian: drop "package-supports-alternative-init-but-no-init.d-script" override

The Lintian tag package-supports-alternative-init-but-no-init.d-script
has been removed, as it's obsolete.

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
7 months agodebian: acknowledge NMU'ed changes to 1.47.0-2.4
Theodore Ts'o [Sat, 30 Mar 2024 23:14:36 +0000 (19:14 -0400)]
debian: acknowledge NMU'ed changes to 1.47.0-2.4

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
7 months agoe2scrub: skip filesystems that don't have journals
Darrick J. Wong [Wed, 10 Jan 2024 05:58:09 +0000 (21:58 -0800)]
e2scrub: skip filesystems that don't have journals

Brian J. Murrell reported that e2scrub reports failures with one of his
filesystems.  From the email discussion after he supplied a metadump:

AHA!  This is an ext2 filesystem, since it doesn't have the
"has_journal" or "extents" features turned on:

# e2image -r /tmp/disk.qcow2 /dev/sda
# dumpe2fs /dev/sda -h
dumpe2fs 1.47.1~WIP-2023-12-27 (27-Dec-2023)
Filesystem volume name:   <none>
Last mounted on:          /opt
Filesystem UUID:          2c70368a-0d54-4805-8620-fda19466d819
Filesystem magic number:  0xEF53
Filesystem revision #:    1 (dynamic)
Filesystem features:      ext_attr resize_inode dir_index filetype sparse_super large_file
Filesystem flags:         signed_directory_hash
Default mount options:    user_xattr acl
Filesystem state:         not clean with errors

(Note: Filesystem state == "clean" means that EXT2_VALID_FS is set in
the superblock s_state field; "not clean with errors" means that the
flag is not set.)

I bet the "journal only" preen doesn't actually reset the filesystem
state either:

# e2fsck -E journal_only -p  /dev/sda
# dumpe2fs /dev/sda -h | grep state
dumpe2fs 1.47.1~WIP-2023-12-27 (27-Dec-2023)
Filesystem state:         not clean with errors

Nope.

So now I know what happened -- when mounting an ext* filesystem that
doesn't have a journal, the driver clears EXT2_VALID_FS from the primary
superblock.  This forces the system to run e2fsck after a crash, because
that's what you have to do for unjournalled filesystems.

The "e2fsck -E journal_only -p" call in e2scrub only replays the
journal.  Since there is no journal, it exits almost immediately.
That's the intended behavior, but then it means that the "e2fsck -fy"
call immediately after sees that the superblock doesn't have
EXT2_VALID_FS set, sets it, and makes e2fsck return 1.

So that's why you're getting the e2scrub failures.

Contrast this to what you get when the filesystem has a journal:

# dumpe2fs -h /dev/sdb
dumpe2fs 1.47.0 (5-Feb-2023)
Filesystem volume name:   <none>
Last mounted on:          <not available>
Filesystem UUID:          e18b8b57-a75e-4316-87ce-6a08969476c3
Filesystem magic number:  0xEF53
Filesystem revision #:    1 (dynamic)
Filesystem features:      has_journal ext_attr resize_inode dir_index filetype needs_recovery sparse_super large_file
Filesystem flags:         signed_directory_hash
Default mount options:    user_xattr acl
Filesystem state:         clean

Filesystems with journals retain their EXT4_VALID_FS state when they're
mounted.

Hmm.  What e2scrub should do about unjournalled filesystems is a thorny
question.  My initial thought is that it should skip them, because a
mounted unjournalled filesystem cannot by definition be kept consistent.
Therefore, teach e2scrub_all to avoid them and e2scrub to fail them at
the onset.

Restricting the scope of e2scrub sucks, but in the meantime at least it
means that your filesystem isn't massively corrupt.  Thanks for the
metadump, it was very useful for root cause analysis.

Reported-by: "Brian J. Murrell" <brian@interlinx.bc.ca>
Signed-off-by: Darrick J. Wong <djwong@kernel.org>
Link: https://lore.kernel.org/r/20240110055809.GD722946@frogsfrogsfrogs
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
7 months agodebian: don't restart e2scrub_all when upgrading package
Darrick J. Wong [Wed, 10 Jan 2024 05:57:24 +0000 (21:57 -0800)]
debian: don't restart e2scrub_all when upgrading package

When installing or upgrading the e2fsprogs package, only start the
e2scrub_all timer and the reaping service.  Don't restart e2scrub_all
itself, because that will kill any scrubs in progress, which will
trigger the failure reporting.

Signed-off-by: Darrick J. Wong <djwong@kernel.org>
Link: https://lore.kernel.org/r/20240110055724.GC722946@frogsfrogsfrogs
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
7 months agoe2scrub_fail: move executable script to /usr/libexec
Darrick J. Wong [Sun, 31 Dec 2023 20:39:03 +0000 (12:39 -0800)]
e2scrub_fail: move executable script to /usr/libexec

Per FHS 3.0, non-PATH executable binaries are supposed to live under
/usr/libexec, not /usr/lib.  e2scrub_fail is an executable script, so
move it to libexec in case some distro some day tries to mount /usr/lib
as noexec or something.  Also, there's no reason why these scripts need
to be put under an arch-dependent path.

Cc: Neal Gompa <neal@gompa.dev>
Link: https://refspecs.linuxfoundation.org/FHS_3.0/fhs/ch04s07.html
Signed-off-by: Darrick J. Wong <djwong@kernel.org>
Reviewed-by: Neal Gompa <neal@gompa.dev>
Link: https://lore.kernel.org/r/20231231203903.GC36164@frogsfrogsfrogs
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
7 months agoMerge branch 'e2scrub-fixes' of https://git.kernel.org/pub/scm/linux/kernel/git/djwon...
Theodore Ts'o [Thu, 28 Mar 2024 18:39:24 +0000 (14:39 -0400)]
Merge branch 'e2scrub-fixes' of https://git./linux/kernel/git/djwong/e2fsprogs into next

7 months agoMerge branch 'maint' into next
Theodore Ts'o [Thu, 28 Mar 2024 17:51:24 +0000 (13:51 -0400)]
Merge branch 'maint' into next

7 months agoe2fsck: fix various -Wall nits picked up by clang
Theodore Ts'o [Thu, 28 Mar 2024 17:46:44 +0000 (13:46 -0400)]
e2fsck: fix various -Wall nits picked up by clang

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
7 months agoblkid: fix -Wunused-but-set-variable warning in blkid_read_cache()
Theodore Ts'o [Thu, 28 Mar 2024 17:33:04 +0000 (13:33 -0400)]
blkid: fix -Wunused-but-set-variable warning in blkid_read_cache()

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
8 months agotune2fs: check whether filesystem is in use for I_flag and Q_flag test
Zhiqiang Liu [Mon, 20 Mar 2023 05:04:34 +0000 (13:04 +0800)]
tune2fs: check whether filesystem is in use for I_flag and Q_flag test

For changing inode size (-I) and setting quota fearture (-Q), tune2fs
only check whether the filesystem is umounted. Considering mount
namepspaces, the filesystem is umounted, however it already be left
in other mount namespace.
So we add one check whether the filesystem is not in use with using
EXT2_MF_BUSY flag, which can indicate the device is already opened
with O_EXCL, as suggested by Ted.

Reported-by: Baokun Li <libaokun1@huawei.com>
Signed-off-by: Zhiqiang Liu <liuzhiqiang26@huawei.com>
Signed-off-by: zhanchengbin <zhanchengbin1@huawei.com>
Link: https://lore.kernel.org/r/28455341-ca26-d203-8b54-792bae002251@huawei.com
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
8 months agoext2fs: make sure we have at least EXT2_FIRST_INO + 1 inodes
Li Dongyang [Thu, 20 Jul 2023 12:50:12 +0000 (22:50 +1000)]
ext2fs: make sure we have at least EXT2_FIRST_INO + 1 inodes

When creating a small fs with 100 1k blocks, mke2fs fails with:

Creating filesystem with 100 1k blocks and 8 inodes

Allocating group tables: done
Writing inode tables: done
ext2fs_mkdir: Could not allocate inode in ext2 filesystem while creating /lost+found

Increase s_inodes_per_group with a step of 8 to make
sure we have at least EXT2_FIRST_INO + 1 inodes.

Change-Id: Ib885735641dfa0ed9c6f6a4a1f9afec291673126
Signed-off-by: Li Dongyang <dongyangli@ddn.com>
Reviewed-by: Andreas Dilger <adilger@dilger.ca>
Link: https://lore.kernel.org/r/20230720125012.641504-1-dongyangli@ddn.com
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
8 months agoe2image: correct group descriptors size in ext2fs_image_super_read()
Emoly Liu [Fri, 14 Jul 2023 00:59:58 +0000 (10:59 +1000)]
e2image: correct group descriptors size in ext2fs_image_super_read()

In function ext2fs_image_super_read(), the size of block group
descriptors should be (fs->blocksize * fs->desc_blocks), but not
(fs->blocksize * fs->group_desc_count).

Signed-off-by: Emoly Liu <emoly@whamcloud.com>
Reviewed-by: Andreas Dilger <adilger@dilger.ca>
Link: https://lore.kernel.org/r/20230714005958.442487-1-dongyangli@ddn.com
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
9 months agodebugfs: dx_hash: honor the unsigned hash flag if a file system is opened
Theodore Ts'o [Tue, 16 Jan 2024 02:59:49 +0000 (21:59 -0500)]
debugfs: dx_hash: honor the unsigned hash flag if a file system is opened

If we are using the hash seed and hash version from an open file
systenm, then we should also use the unsigned version of the hash
algorithm if the superblock as the unsigned hash flag set.

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
9 months agodebugfs: teach the dx_hash command the -v option
Theodore Ts'o [Tue, 16 Jan 2024 02:49:29 +0000 (21:49 -0500)]
debugfs: teach the dx_hash command the -v option

Add an option for dx_hash to print more details about the hash
algorithm and hash seed to calculate the directory hash value.

Signed-off-by: Theodore Ts'o <tytso@mit.edu>
10 months agoadd libfuse3 support to fuse2fs
Dave Dykstra [Wed, 20 Dec 2023 21:19:20 +0000 (15:19 -0600)]
add libfuse3 support to fuse2fs

10 months agoe2fsprogs: don't allow udisks to automount ext4 filesystems with no prompt
Darrick J. Wong [Thu, 24 Aug 2023 22:26:31 +0000 (15:26 -0700)]
e2fsprogs: don't allow udisks to automount ext4 filesystems with no prompt

The unending stream of syzbot bug reports and overwrought filing of CVEs
for corner case handling (i.e. things that distract from actual user
complaints) in ext4 has generated all sorts of of overheated rhetoric
about how every bug is a Serious Security Issue(tm) because anyone can
craft a malicious filesystem on a USB stick, insert the stick into a
victim machine, and mount will trigger a bug in the kernel driver that
leads to some compromise or DoS or something.

I thought that nobody would be foolish enough to automount an ext4
filesystem.  What a fool I was!  It turns out that udisks can be told
that it's okay to automount things, and then GNOME will do exactly that.
Including mounting mangled ext4 filesystems!

<delete angry rant about poor decisionmaking and armchair fs developers
blasting us on X while not actually doing any of the work>

Turn off /this/ idiocy by adding a udev rule to tell udisks not to
automount ext4 filesystems.

This will not stop a logged in user from unwittingly inserting a
malicious storage device and pressing [mount] and getting breached.
This is not a substitute for a thorough audit of all codebases.  This is
not a substitute for lklfuse.  This does not solve the general problem
of in-kernel fs drivers being a huge attack surface.  I just want a
vacation from the sh*tstorm of bad ideas and threat models that I never
agreed to support.

Signed-off-by: Darrick J. Wong <djwong@kernel.org>
10 months agoe2scrub: fix pathname escaping across all service definitions
Darrick J. Wong [Fri, 17 Mar 2023 18:19:11 +0000 (11:19 -0700)]
e2scrub: fix pathname escaping across all service definitions

systemd services provide an "instance name" that can be associated with
a particular invocation of a service.  This allows service users to
invoke multiple copies of a service, each with a unique string.  For
e2scrub, we pass the mountpoint of the filesystem as the instance name.
However, systemd services aren't supposed to have slashes in them, so
we're supposed to escape them.

The canonical escaping scheme for pathnames is defined by the
systemd-escape --path command.  Unfortunately, we've been adding our own
opinionated sauce for years, to work around the fact that --path didn't
quite work right in systemd before January 2017.  The special sauce is
incorrect, and we no longer care about systemd of 7 years past.

Clean up this mess by following the systemd escaping scheme throughout
the service units.  Now we can use the '%f' specifier in them, which
makes things a lot less complicated.

Signed-off-by: Darrick J. Wong <djwong@kernel.org>
10 months agoMerge branch 'maint' into next
Theodore Ts'o [Thu, 7 Dec 2023 16:02:53 +0000 (11:02 -0500)]
Merge branch 'maint' into next

10 months agodebugfs: Use the hash_version from superblock if a file system is opened
Srivathsa Dara [Thu, 24 Aug 2023 06:56:34 +0000 (06:56 +0000)]
debugfs: Use the hash_version from superblock if a file system is opened

The debugfs program's dx_hash command computes the hash for the given
filename, taking the hash_seed and hash_version (i.e hash algorithm)
as arguments.  So the user has to refer to the superblock to get these
values used by the filesystem.  So if debugfs has an opened file
system, use those values from the current file system.

[ Fixed patch to avoid crashing when a file system is not opened. --TYT ]

Signed-off-by: Srivathsa Dara <srivathsa.d.dara@oracle.com>
Link: https://lore.kernel.org/r/20230824065634.2662858-1-srivathsa.d.dara@oracle.com
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
11 months agotune2fs: fall back to old get/set fs label on error
Li Dongyang [Sat, 20 May 2023 10:43:29 +0000 (20:43 +1000)]
tune2fs: fall back to old get/set fs label on error

If we fail to get/open the mount point for get/set
fs label ioctl, just fall back to old method and
silence the error messages.

Fixes: f85b4526f ("tune2fs: implement support for set/get label iocts")
Signed-off-by: Li Dongyang <dongyangli@ddn.com>
Link: https://lore.kernel.org/r/20230520104329.2402182-1-dongyangli@ddn.com
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
11 months agoext2fs: don't retry discard/zeroout repeatedly
Andreas Dilger [Wed, 10 May 2023 05:18:49 +0000 (23:18 -0600)]
ext2fs: don't retry discard/zeroout repeatedly

Call safe_getenv(UNIX_IO_NOZEROOUT) once when the device is
opened and set CHANNEL_FLAG_NOZEROOUT if present instead of
getting uid/euid/getenv every time unix_zeroout() is called.

For unix_discard() and unix_zeroout() don't continue to call
them if the block device doesn't support these operations.

Signed-off-by: Andreas Dilger <adilger@dilger.ca>
Link: https://lore.kernel.org/r/1683695929-26972-1-git-send-email-adilger@dilger.ca
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
11 months agotune2fs/fuse2fs/debugfs: save error information during journal replay
Baokun Li [Fri, 17 Feb 2023 10:09:22 +0000 (18:09 +0800)]
tune2fs/fuse2fs/debugfs: save error information during journal replay

Saving error information during journal replay, as in the kernel,
prevents information loss from making problems difficult to locate.
We save these error information until someone uses e2fsck to check
for and fix possible errors.

Signed-off-by: Baokun Li <libaokun1@huawei.com>
Reviewed-by: zhanchengbin <zhanchengbin1@huawei.com>
Reviewed-by: Jan Kara <jack@suse.cz>
Link: https://lore.kernel.org/r/20230217100922.588961-3-libaokun1@huawei.com
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
11 months agoe2fsck: save EXT2_ERROR_FS flag during journal replay
Baokun Li [Fri, 17 Feb 2023 10:09:21 +0000 (18:09 +0800)]
e2fsck: save EXT2_ERROR_FS flag during journal replay

When repairing a file system with s_errno missing from the journal
superblock but the file system superblock contains the ERROR_FS flag,
the ERROR_FS flag on the file system image is overwritten after the
journal replay, followed by a reload of the file system data from disk
and the ERROR_FS flag in memory is overwritten. Also s_errno is not set
and the ERROR_FS flag is not reset. Therefore, when checked later, no
forced check is performed, which makes it possible to have some errors
hidden in the disk image, which may make it read-only when using the
file system. So we save the ERROR_FS flag to the superblock after the
journal replay, instead of just relying on the jsb->s_errno to do this.

Signed-off-by: Baokun Li <libaokun1@huawei.com>
Reviewed-by: zhanchengbin <zhanchengbin1@huawei.com>
Reviewed-by: Jan Kara <jack@suse.cz>
Link: https://lore.kernel.org/r/20230217100922.588961-2-libaokun1@huawei.com
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
11 months agobuild: split version and release in configure
Andreas Dilger [Wed, 10 May 2023 04:57:57 +0000 (22:57 -0600)]
build: split version and release in configure

Update configure.ac to separate Version from Release if there is
a '-' in version.h::E2FSPROGS_VERSION (e.g. "1.46.6-rc1").
Otherwise, the '-' in the version can make RPM building unhappy.

Simplify the generation of E2FSPROGS_VERESION, E2FSPROGS_DATE and
E2FSPROGS_DAY to avoid multiple grep/awk/sed/tr stages.

Signed-off-by: Andreas Dilger <adilger@dilger.ca>
Link: https://lore.kernel.org/r/1683694677-9366-1-git-send-email-adilger@dilger.ca
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
11 months agomke2fs: Add root_perms extended mke2fs option.
Dmitry Chestnykh [Sat, 25 Nov 2023 11:25:55 +0000 (14:25 +0300)]
mke2fs: Add root_perms extended mke2fs option.

This options allows user to specify custom root dir
permissions at FS creation time. If no perms are specified
then the root dir permissions would be set to default.

Signed-off-by: Dmitriy Chestnykh <dm.chestnykh@gmail.com>