| Age | Commit message (Collapse) | Author |
|---|
|
Refactor the dirty flag handling a little bit so an inline
function is called instead of directly stuffing a value into
the variable.
This allows variable that holds the flag to be completely removed
if its not used i.e. CONFIG_FAT_WIRTE=n
Signed-off-by: Daniel Palmer <[email protected]>
|
|
The disk_read() and disk_write() functions of the FAT driver use the
blk_dread() and blk_dwrite() respectively. The blk_* APIs read and write
to the devices in terms of the device block size. However, the FAT
driver reads in terms of the device block size (from fat_set_blk_dev and
read_bootsectandvi) and sector size in the rest of the places.
This causes buffer overflows or partial reads when the FAT sector size
is not equal to device block size. Fix this by using blk_dread in
fat_set_blk_dev and read_bootsectandvi instead of disk_read. And update
disk_read/disk_write to handle FAT sector size and block size mismatch.
Tested on
blksz | FAT sector size
------+----------------
4096 | 4096
512 | 512
4096 | 512
512 | 4096
Signed-off-by: Varadarajan Narayanan <[email protected]>
|
|
We do not perform a check on the value of getsize in get_fatent to
ensure that it will fit within the allocated buffer. For safety sake,
add a check now and if the value exceeds FATBUFBLOCKS use that value
instead. While not currently actively exploitable, it was in the past so
adding this check is worthwhile.
This addresses CVE-2025-24857 and was originally reported by Harvey
Phillips of Amazon Element55.
Signed-off-by: Tom Rini <[email protected]>
|
|
This file references rtc functions and implicitly includes <rtc.h>
today. Add this explicitly.
Signed-off-by: Tom Rini <[email protected]>
|
|
It is confusing to have both "$(PHASE_)" and "$(XPL_)" be used in our
Makefiles as part of the macros to determine when to do something in our
Makefiles based on what phase of the build we are in. For consistency,
bring this down to a single macro and use "$(PHASE_)" only.
Signed-off-by: Tom Rini <[email protected]>
|
|
POSIX filesystem functions that create or remove directory entries contain
text along the lines of "[function] shall mark for update the last data
modification and last file status change timestamps of the parent
directory of each file." [1][2][3] The common theme is these timestamp
updates occur when a directory entry is added or removed. The
create_link() and delete_dentry_link() functions have been changed to
update the modification timestamp on the directory where the direntry
change occurs. This differs slightly from Linux in the case of rename(),
where Linux will not update `new_path`'s parent directory's timestamp if
it is replacing an existing file. (via `vfat_add_entry` [4])
The timestamps are not updated if the build configuration does not support
RTCs. This is an effort to minimize introducing erratic timestamps where
they would go from [current date] -> 2000-01-01 (error timestamp in the
FAT driver). I would assume an unchanged timestamp would be more valuable
than a default timestamp in these cases.
[1] https://pubs.opengroup.org/onlinepubs/9799919799/functions/rename.html
[2] https://pubs.opengroup.org/onlinepubs/9799919799/functions/unlink.html
[3] https://pubs.opengroup.org/onlinepubs/9799919799/functions/open.html
[4] https://elixir.bootlin.com/linux/v6.12.6/source/fs/fat/namei_vfat.c#L682
Signed-off-by: Gabriel Dalimonte <[email protected]>
|
|
The implementation roughly follows the POSIX specification for
rename() [1]. The ordering of operations attempting to minimize the chance
for data loss in unexpected circumstances.
The 'mv' command was implemented as a front end for the rename operation
as that is what most users are likely familiar with in terms of behavior.
The 'FAT_RENAME' Kconfig option was added to prevent code size increase on
size-oriented builds like SPL.
[1] https://pubs.opengroup.org/onlinepubs/9799919799/functions/rename.html
Signed-off-by: Gabriel Dalimonte <[email protected]>
|
|
The create_link() code was previously duplicated in two existing functions.
The two functions will be used in a future commit to achieve renaming.
Signed-off-by: Gabriel Dalimonte <[email protected]>
|
|
Use XPL_ as the symbol to indicate an SPL build. This means that SPL_ is
no-longer set.
Signed-off-by: Simon Glass <[email protected]>
|
|
As part of bringing the master branch back in to next, we need to allow
for all of these changes to exist here.
Reported-by: Jonas Karlman <[email protected]>
Signed-off-by: Tom Rini <[email protected]>
|
|
When bringing in the series 'arm: dts: am62-beagleplay: Fix Beagleplay
Ethernet"' I failed to notice that b4 noticed it was based on next and
so took that as the base commit and merged that part of next to master.
This reverts commit c8ffd1356d42223cbb8c86280a083cc3c93e6426, reversing
changes made to 2ee6f3a5f7550de3599faef9704e166e5dcace35.
Reported-by: Jonas Karlman <[email protected]>
Signed-off-by: Tom Rini <[email protected]>
|
|
Remove <common.h> from all "fs/" files and when needed add
missing include files directly.
Signed-off-by: Tom Rini <[email protected]>
|
|
The FAT specification requires that the change date is set.
If a DM RTC device exists, set the creation and change date to the current
date when updating the directory entry. Otherwise use the date 2020-01-01.
Signed-off-by: Heinrich Schuchardt <[email protected]>
|
|
The month is stored in 5 - 8. We need to shift it by 5 bits.
Cf. Microsoft FAT Specification, 2005-08-30
Fixes: 13c11c665320 ("fs: fat: add file attributes to struct fs_dirent")
Signed-off-by: Heinrich Schuchardt <[email protected]>
Reviewed-by: Alexander Dahl <[email protected]>
Reviewed-by: Ilias Apalodimas <[email protected]>
|
|
The performed checks are similar to the checks performed by the Linux
kernel in the function fat_read_bpb() in the file fs/fat/inode.c.
Signed-off-by: Christian Taedcke <[email protected]>
|
|
This simplifies the code a little bit.
Signed-off-by: Christian Taedcke <[email protected]>
|
|
This fixes an issue where the FAT type (FAT12, FAT16) is not
correctly detected, e.g. when the BPB field BS_FilSysType contains the
valid value "FAT ".
According to the FAT spec the field BS_FilSysType has only
informational character and does not determine the FAT type.
The logic of this code is based on the linux kernel implementation
from the file fs/fat/inode.c function fat_fill_super().
For details about FAT see http://elm-chan.org/docs/fat_e.html
Signed-off-by: Christian Taedcke <[email protected]>
|
|
This reduces code duplications.
Signed-off-by: Christian Taedcke <[email protected]>
|
|
This field is only present when a CONFIG is set. To avoid annoying #ifdefs
in the source code, add accessors. Update all code to use it.
Note that the accessor is optional. It can be omitted if it is known that
the option is enabled.
Signed-off-by: Simon Glass <[email protected]>
|
|
The product of two 32 bit integers is a 32 bit integer. Hence
clustcount * bytesperclust may overflow on > 4 GiB devices.
Change the type of clustcount.
Fixes: cb8af8af5ba0 ("fs: fat: support write with non-zero offset")
Signed-off-by: Heinrich Schuchardt <[email protected]>
|
|
The FAT file systems uses character '\xe5' to mark a deleted directory
entry. If a file name starts with this character, it is substituted by
'\x05' in the directory entry.
While (signed char)'\xe5' is a negative number 0xe5 is a positive integer
number. We therefore have define a constant DELETED_MARK which matches the
signedness of the characters in the directory entry.
Correct a comparison where we used the constant 0xe5 with the wrong sign.
Use the constant aRING instead of 0x05 like in the rest of the code.
Reported-by: Dan Carpenter <[email protected]>
Fixes: 57b745e2387a ("fs: fat: call set_name() only once")
Fixes: 28cef9ca2e86 ("fs: fat: create correct short names")
Signed-off-by: Heinrich Schuchardt <[email protected]>
Reviewed-by: Simon Glass <[email protected]>
|
|
To save a few bytes, replace Error with ** and try to use the same string
for multiple messages where possible.
Signed-off-by: Simon Glass <[email protected]>
Reviewed-by: Bin Meng <[email protected]>
|
|
Do not mangle lower or mixed case filenames which fit into the upper
case 8.3 short filename. This ensures FAT standard compatible short
filenames (SFN) to support systems without long filename (LFN) support
like boot roms (ex. SFN BOOT.BIN instead of BOOT~1.BIN for LFN
boot.bin).
Signed-off-by: Stefan Herbrechtsmeier <[email protected]>
|
|
Sometimes it is useful to log things related to filesystems. Add a new
category and place it at the top of one of the FAT files.
Signed-off-by: Simon Glass <[email protected]>
|
|
UEFI applications call file system functions to determine if a file exists.
The return codes are evaluated to show appropriate messages.
U-Boot's file system layer should not interfere with the output.
Rename file_fat_read_at() to fat_read_file() adjusting the parameter
sequence and names and eliminate the old wrapper function.
Signed-off-by: Heinrich Schuchardt <[email protected]>
Reviewed-by: Tom Rini <[email protected]>
Reviewed-by: Ilias Apalodimas <[email protected]>
|
|
Use the word 'uclass' instead of 'if_type' to complete the conversion.
Signed-off-by: Simon Glass <[email protected]>
|
|
At present we use HAVE_BLOCK_DEVICE to indicate when block devices are
available.
This is a very strange option, since it partially duplicates the BLK
option used by driver model. It also covers both U-Boot proper and SPL,
even though one might have block devices and another not.
As a first step towards correcting this, create a new inline function
called blk_enabled() which indicates if block devices are available.
This cannot be used in Makefiles, or #if clauses, but can be used in C
code.
A function is useful because we cannot use CONFIG_IS_ENABLED(BLK) to
decide if block devices are needed, since we must consider the legacy
block interface, enabled by HAVE_BLOCK_DEVICE
Update a few places where it can be used and drop some unnecessary #if
checks around some functions in disk/part.c - rely on the compiler's
dead-code elimination instead.
Signed-off-by: Simon Glass <[email protected]>
|
|
Sphinx expects Return: and not @return to indicate a return value.
find . -name '*.c' -exec \
sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \;
find . -name '*.h' -exec \
sed -i 's/^\(\s\)\*\(\s*\)@return\(\s\)/\1*\2Return:\3/' {} \;
Signed-off-by: Heinrich Schuchardt <[email protected]>
|
|
This patch optimizes the commit mentioned below by avoiding running
a set of commands which are useless in the case when
size < mydata->sect_size and sect_count would be 0.
Fixes: 5b3ddb17ba ("fs/fat/fat.c: Do not perform zero block reads if there are no blocks left")
Signed-off-by: Ricardo Salveti <[email protected]>
Co-developed-by: Oleksandr Suvorov <[email protected]>
Signed-off-by: Oleksandr Suvorov <[email protected]>
|
|
When reading a directory in the UEFI file system we have to return file
attributes and timestamps. Copy this data to the directory entry structure.
Signed-off-by: Heinrich Schuchardt <[email protected]>
|
|
Up to now file_fat_detectfs() did not detect some interface types like
EFI, HOST, VIRTIO.
Avoid duplicate code by calling blk_get_if_type_name().
The interface type now will be shown in lower case to match all other use
cases.
Signed-off-by: Heinrich Schuchardt <[email protected]>
Reviewed-by: Simon Glass <[email protected]>
|
|
The FAT32 File System Specification [1] requires leading and trailing
spaces as well as trailing periods of long names to be ignored.
[1]
Microsoft Extensible Firmware Initiative
FAT32 File System Specification
Version 1.03, December 6, 2000
Microsoft Corporation
https://www.win.tue.nl/~aeb/linux/fs/fat/fatgen103.pdf
Signed-off-by: Heinrich Schuchardt <[email protected]>
|
|
Directories or files called '.' or '..' cannot be created or written to
in any directory. Move the test to normalize_longname() to check this
early.
Signed-off-by: Heinrich Schuchardt <[email protected]>
|
|
This patch involves no functional change. It is just about code
readability.
Both in file_fat_write_at() and fat_mkdir() the incoming file or directory
path are split into two parts: the parent directory and the base name.
In file_fat_write_at() the value of the variable basename is assigned to
the filename parameter and afterwards the variable filename is used instead
of basename. It is more readable to use the variable basename and leave
filename unchanged.
In fat_mkdir() the base name variable is called directory. This is
confusing. Call it basename like in file_fat_write_at(). This allows to
rename parameter new_directory to directory in the implementation of
fat_mkdir() to match the function declaration.
Signed-off-by: Heinrich Schuchardt <[email protected]>
Reviewed-by: Simon Glass <[email protected]>
|
|
Do not assign a value to a variable if it is not used.
Signed-off-by: Heinrich Schuchardt <[email protected]>
|
|
When copying short name plus extension refer to the encapsulating structure
and not to the short name element.
Signed-off-by: Heinrich Schuchardt <[email protected]>
|
|
The short name and extension of FAT files are stored in adjacent fields of
the directory entry. For some operations like calculating a checksum or
copying both fields it is preferable to treat both as one structure.
Change the definition of the directory entry structure to include a
structure comprising the name and the extension field.
This resolves Coverity CID 316357, CID 316350, CID 316348.
Signed-off-by: Heinrich Schuchardt <[email protected]>
|
|
Provide function description for flush_dir().
Move all error messages for flush_dir() from the callers to the function.
Move mapping of errors to -EIO to the function.
Always check return value of flush_dir() (Coverity CID 316362).
In fat_unlink() return -EIO if flush_dirty_fat_buffer() fails.
Signed-off-by: Heinrich Schuchardt <[email protected]>
|
|
The FAT file system does not have a UUID but a 4 byte volume ID.
Let the fsuuid command show it in XXXX-XXXX format.
Signed-off-by: Heinrich Schuchardt <[email protected]>
|
|
The FAT filesystem implementation uses several marcros referring to a magic
variable name mydata which renders the code less readable. Eliminate one of
them which is only used for a debug() statement.
Use log_debug() instead of debug().
Signed-off-by: Heinrich Schuchardt <[email protected]>
Reviewed-by: Simon Glass <[email protected]>
|
|
Long file names are stored in multiple directory entries. When deleting a
file we must delete all of them.
Signed-off-by: Heinrich Schuchardt <[email protected]>
|
|
A long name is split over multiple directory entries. When deleting a file
with a long name we need the first directory entry to be able to delete the
whole chain.
Add the necessary fields to the FAT iterator:
* cluster of first directory entry
* address of first directory entry
* remaining entries in cluster
Signed-off-by: Heinrich Schuchardt <[email protected]>
|
|
When deleting a directory entry 0xe5 is written to name[0].
We have a constant for this value and should use it consistently.
Signed-off-by: Heinrich Schuchardt <[email protected]>
|
|
Searching for a file is not a write operation. So it should not lead to the
allocation of a new cluster to the directory.
If we reuse deleted entries, we might not even use the new cluster and due
to not flushing it the directory could be corrupted.
Signed-off-by: Heinrich Schuchardt <[email protected]>
|
|
When creating new directory entries try to reuse entries marked as deleted.
In fill_dir_slot() do not allocate new clusters as this has already been
done in fat_find_empty_dentries().
Signed-off-by: Heinrich Schuchardt <[email protected]>
|
|
Provide a function to find a series of empty directory entries.
The current directory is scanned for deleted entries.
Signed-off-by: Heinrich Schuchardt <[email protected]>
|
|
When handling long file names directory entries may be split over multiple
clusters. We must make sure that new clusters are zero filled on disk.
When allocating a new cluster for a directory flush it.
The flushing should be executed before updating the FAT. This way if
flushing fails, we still have a valid directory structure.
Signed-off-by: Heinrich Schuchardt <[email protected]>
|
|
When iterating over a child directory we set itr->start_clust.
Do the same when over the root directory.
When looking for deleted directory entries or existing short names we will
have to iterate over directories a second and third time. With this patch
we do not need any special logic for the root directory.
Signed-off-by: Heinrich Schuchardt <[email protected]>
|
|
For reusing deleted directory entries we have to adjust the function called
to step to the next directory entry.
This patch alone is not enough to actually reuse deleted directory entries
as the fill_dir_slot() is still called with first never used directory
entry.
Signed-off-by: Heinrich Schuchardt <[email protected]>
|
|
File names must be unique within their directory. So before assigning a
short name we must check that it is unique.
Signed-off-by: Heinrich Schuchardt <[email protected]>
|
