Add an explanation of exactly what ext2fs_super_and_bgd_loc() and
ext2fs_reserve_super_and_bgd_loc() do, and more importantly, exactly
what they return. Note that most callers should *not* rely on the
return value since it's rarely useful, especially once the flex_bg
feature is enabled and inode table and allocation bitmap blocks may
not be in the block group.
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
Now that e2fsck tries to backup the primary superblock to the backups
when the feature sets ar different, it's important when tune2fs writes
out a changed superblock, that we filter out the
EXT3_FEATURE_INCOMPAT_RECOVER feature to the backup superblocks, since
it will be removed from the primary superblock either when the
filesystem is mounted uncleanly or when journal is replayed.
Addresses-Debian-Bug: #454926
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
This addresses a potential security vulnerability where an untrusted
filesystem can be corrupted in such a way that a program using
libext2fs will allocate a buffer which is far too small. This can
lead to either a crash or potentially a heap-based buffer overflow
crash. No known exploits exist, but main concern is where an
untrusted user who possesses privileged access in a guest Xen
environment could corrupt a filesystem which is then accessed by the
pygrub program, running as root in the dom0 host environment, thus
allowing the untrusted user to gain privileged access in the host OS.
Thanks to the McAfee AVERT Research group for reporting this issue.
Addresses CVE-2007-5497.
Signed-off-by: Rafal Wojtczuk <rafal_wojtczuk@mcafee.com>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
Add macros to support variable-length group descriptors for ext4.
Signed-off-by: Valerie Clement <valerie.clement@bull.net>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
Use ext2fs_group_first_block() instead of the open-coded equivalent in
ext2fs_super_and_bgd_loc() and ext2fs_descriptor_block_loc().
Signed-off-by: Valerie Clement <valerie.clement@bull.net>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
Fix a bug when writing an external journal device on an big
endian machine (such as a S/390), where when the number of
block groups is zero, we never end up writing out the
primary superblock at all.
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
If fs->now is non-zero, use that as the time instead of the system
time when setting various filesystem fields (last modified time, last
write time, etc.)
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
res_gdt.c (list_backups), closefs.c (ext2fs_bg_has_super),
ext2fs.h: Move ext2fs_list_backups() to res_gdt.c, and
ext2fs_bg_has_super() back to closefs.c. There's no
reason for the new file, since list_backups() isn't being
used by any other functions, and can be made static, and
all users of the ext2fs filesystem will have to call
ext2fs_close() anyway.
written last, and only after other I/O has been flushed to
disk. Thanks to Junfeng Yang from the Stanford
Metacompilation group for pointing a potential ordering
constraint problem if we don't write things out in the
right order.
the superblock and block group descriptors into two functions:
ext2fs_reserve_super_and_bgd, found in lib/ext2fs/alloc_sb.c, and
ext2fs_super_and_bgd_lock, found in lib/ext2fs/close.c.
Change e2fsck/pass1.c (mark_table_blocks), lib/ext2fs/closefs.c
(ext2fs_flush), lib/ext2fs/initialize.c (ext2fs_initialize),
and misc/dumpe2fs.c (list_desc) to use these functions.
e2fsck/ChangeLog
pass1.c (mark_table_blocks): Use the new function
ext2fs_reserve_super_and_bgd to calculate the blocks to be
reserved.
lib/ext2fs/ChangeLog
closefs.c (ext2fs_super_and_bgd_loc): New function which
centralizes the calculation of the superblock and block
group descriptors.
(ext2fs_flush): Use ext2fs_super_and_bgd_lock to figure
out where to write the superblock and block group
descriptors.
alloc_sb.c (ext2fs_reserve_super_and_bgd): New function which
reserves space in the block bitmap using
ext2fs_super_and_bgd_loc.
initialize.c (ext2fs_initialize): Use
ext2fs_reserve_super_and_bgd to initialize the block bitmap.
misc/ChangeLog
dumpe2fs.c (list_desc): Use ext2fs_super_and_bgd_loc to
determine the locations of the superblock and block group
descriptors.
unconditional ext2_flush() call. Also made ext2_flush() more
efficient when the superblock is modified after the filesystem has
been flushed, and make it clear the superblock dirty flag
after doing the superblock/block group descriptor flush.
Makefile.in: Add message.c and swapfs.c to the list of source files to
build the make depend.
swapfs.c, unix.c: Only support the -s and -S options to e2fsck if
ENABLE_SWAPFS is defined.
Many files:
ext2fs.h, bitops.h, block.c, bmap.c, closefs.c, dirblock.c, inode.c,
native.c, openfs.c, rw_bitmaps.c, swapfs.c: Only include the
byte-swapping logic if ENABLE_SWAPFS is turned on or if we're on a
big-endian machine.
initialize.c (ext2fs_initialize):Use WORDS_BIGENDIAN directly to set
EXT2_FLAG_SWAP_BYTES, instead of using ext2fs_native_flag.
native.c (ext2fs_native_flag): Use WORDS_BIGENDIAN provided by
autoconf to determine whether or not return EXT2_FLAG_SWAP_BYTES.
ismounted.c: add ext2fs_check_mount_point() function, which will
optionally return the mount point of a device if mounted
ChangeLog, closefs.c, ext2fs.h:
ext2fs.h, closefs.c (ext2fs_flush): Add new flag,
EXT2_FLAG_SUPER_ONLY, which the close routines to only update the
superblock, and not the group descriptors.
ext2fs.h: Remove definition of ext2fs_sb. Note: this may break source
(but not binary) compatibility of some users of the ext2 library.
They should just simply do a global search and replace of struct
ext2fs_sb with struct ext2_super_block, and use their own private copy
of ext2_fs.h if they aren't already.
closefs.c, initialize.c, link.c, newdir.c, openfs.c, swapfs.c: Replace
use of ext2fs_sb with ext2_super_block.
ChangeLog, main.c:
main.c (main): Replace use of struct ext2fs_sb with struct ext2_super_block.
ext2_io.h (io_channel_write_byte): Add new interface to allow callers
to write specific byte ranges. This is an optional interface, which
not all IO channels may implement.
unix_io.c (unix_write_byte): test_io.c (test_write_byte): Add
implementation of the write_byte function.
closefs.c (write_primary_superblock, ext2fs_flush): Add a new function
which writes the primary superblock. If the IO channel supports
writing raw bytes directly, only fields which were modified are
written to the disk. This makes it safe(r) to use utilities like
tune2fs on a mounted filesystem.
freefs.c (ext2fs_free): Free the original superblock if it is available.
openfs.c (ext2fs_open): Store a copy of the original superblock when
opening it.
ext2fs.h: Add a field to store the original superblock in the ext2
context structure.
closefs.c (ext2fs_flush): Update the s_block_group_nr field as
appropriate for all of the block group copies, so that it's clear
where the beginning of the filesystem is on the disk. (For when the
partition table gets scrod.)
ext2fs.h: Change the name of the feature from
EXT2_FEATURE_INCOMPAT_DIRNAME_SIZE to EXT2_FEATURE_INCOMPAT_FILESIZE
(to match with the kernel).
inode.c (ext2fs_open_inode_scan): Initialize the group variables
so that we don't need to call get_next_blockgroup() the first
time around. Saves a bit of time, and prevents us from
needing to assign -1 to current_group (which is an unsigned
value).
icount.c (insert_icount_el): Cast the estimated number of inodes
from a float to an ino_t.
alloc.c, alloc_tables.c, badlbocks.c, bb_compat.c, bb_inode.c,
bitmaps.c, bitops.c, block.c, bmap.c, bmove.c, brel_ma.c,
check_desc.c, closefs.c, cmp_bitmaps.c, dblist.c,
dblist_dir.c, dir_iterate.c, dirblock.c, dupfs.c, expanddir.c,
ext2fs.h, fileio.c, freefs.c, get_pathname.c, getsize.c,
icount.c, initialize.c, inline.c, inode.c, irel_ma.c,
ismounted.c, link.c, lookup.c, mkdir.c, namei.c, native.c,
newdir.c, openfs.c, read_bb.c, read_bb_file.c, rs_bitmap.c,
rw_bitmaps.c, swapfs.c, test_io.c, tst_badblocks.c,
tst_getsize.c, tst_iscan.c, unix_io.c, unlink.c, valid_blk.c,
version.c: If EXT2_FLAT_INCLUDES is defined, then assume all
of the ext2-specific header files are in a flat directory.
block.c, bmove.c, dirblock.c, fileio.c: Explicitly cast
all assignments from void * to be compatible with C++.
closefs.c (ext2fs_flush): Add a call to io_channel_flush() to
make sure the contents of the disk are flushed to disk.
dblist.c (ext2fs_add_dir_block): Change new to be new_entry to
avoid C++ namespace clash.
bitmaps.c (ext2fs_copy_bitmap): Change new to be new_map to
avoid C++ namespace clash.
ext2fs.h, bb_inode.c, block.c, bmove.c, brel.h, brel_ma.c,
irel.h, irel_ma.c, dblist.c, dblist_dir.c, dir_iterate.c,
ext2fsP.h, expanddir.c, get_pathname.c, inode.c, link.c,
unlink.c: Change private to be priv_data (to avoid C++
namespace clash)
dblist.c (ext2fs_get_num_dirs): Make ext2fs_get_num_dirs more paranoid
about validating the directory counts from the block group
information.
all files: Don't include stdlib.h anymore; include it in ext2_fs.h,
since that file requires stdlib.h
ChangeLog, Makefile.in, dirinfo.c:
dirinfo.c (e2fsck_add_dir_info): Use ext2fs_get_num_dirs instead of
e2fsck_get_num_dirs, which has been removed.
Makefile.in (PROGS): Remove @EXTRA_PROGS@, since we don't want to
compile and install flushb.
ChangeLog, configure.in:
Remove @EXTRA_PROGS@, since we aren't using it in 2fsck/Makefile.in anymore
ChangeLog, Makefile.in:
Install debugfs in /sbin, instead of /usr/sbin.
libext2fs.texinfo:
Update version string to be 1.12
Makefile.in:
Fix bug in find script which made the exclusion list, where a '-' was
missing from an -name option.
Added definition of ext2fs_get_mem, ext2fs_free_mem, and
ext2fs_resize_mem in ext2fs.h, and changed all library routines to use
these wrapper functions.
alloc.c (ext2fs_alloc_block): New function which allocates a
block and updates the filesystem accounting records
appropriately.
ext2_err.et.in: Added new error codes: EXT2_NO_MEMORY,
EXT2_INVALID_ARGUMENT, EXT2_BLOCK_ALLOC_FAIL, EXT2_INODE_ALLOC_FAIL,
EXT2_NOT_DIRECTORY
Change various library files to use these functions instead of EINVAL,
ENOENT, etc.
ChangeLog, pass1.c, pass3.c:
pass3.c (get_lost_and_found): Check error return of
EXT2_FILE_NOT_FOUND instead of ENOTDIR
pass1.c (pass1_check_directory): Return EXT2_NO_DIRECTORY instead of
ENOTDIR
expect.icount:
Change expected error string to be "Invalid argument passed to ext2 library"
instead of just "Invalid argument"
dosio.c: New file to do DOS/BIOS disk accesses.
namei.c (open_namei): Make pathlen be of type size_t.
llseek.c: Always #include stdlib.h since it's need to define
size_t.
io.h: Use errcode_t for magic numbers.
icount.c (get_icount_el), dupfs.c (ext2fs_dup_handle), dblist.c
(dir_block_cmp): Use size_t where appropriate.
read_bb.c (ext2fs_read_bb_inode), cmp_bitmaps.c
(ext2fs_compare_inode_bitmap): Use blk_t, ino_t and size_t
where appropriate.
closefs.c (ext2fs_flush): Use dgrp_t instead of int where
appropriate.
openfs.c (ext2fs_open), check_desc.c (ext2fs_check_desc): Use blk_t
instead of int where appropriate.
rw_bitmaps.c (read_bitmaps), irel_ma.c, inode.c (ext2fs_write_inode),
initialize.c (ext2fs_initialize): brel_ma.c: Fix to make be
16-bit safe.
link.c (ext2fs_link), unlink.c (ext2fs_unlink), lookup.c (lookup_proc),
ismounted.c (ext2fs_check_if_mounted), block.c (xlate_func):
Add #pragma argsused for Turbo C.
block.c (ext2fs_block_iterate2): Use retval which is a errcode_t type.
bitmaps.c (make_bitmap): Use size_t instead of int where appropriate.
bb_inode.c (set_bad_block_proc): Add #pragma argsused for Turbo C.
alloc.c (ext2fs_new_inode): Use ino_t instead of int for the group number.
get_pathname.c: Use ino_t instead of int where appropriate.
ext2fs.h: Make the magic structure element be errcode_t instead of int.
alloc.c alloc_tables.c badblocks.c bb_compat.c bb_inode.c
bitmaps.c block.c bmove.c brel_ma.c check_desc.c closefs.c
cmp_bitmaps.c dblist.c dblist_dir.c dir_iterate.c dirblock.c
dupfs.c expanddir.c freefs.c get_pathname.c icount.c
initialize.c inline.c inode.c irel_ma.c link.c llseek.c
lookup.c mkdir.c namei.c newdir.c read_bb.c read_bb_file.c
rs_bitmap.c rw_bitmaps.c swapfs.c test_io.c tst_badblocks.c
tst_iscan.c unix_io.c unlink.c valid_blk.c version.c: Add an
#ifdef for HAVE_UNISTD_H