summaryrefslogtreecommitdiff
path: root/fs/squashfs
AgeCommit message (Collapse)Author
2013-09-06Squashfs: add corruption check for type in squashfs_readdir()Phillip Lougher
We read the type field from disk. This value should be sanity checked for correctness to avoid an out of bounds access when reading the squashfs_filetype_table array. Signed-off-by: Phillip Lougher <phillip@squashfs.org.uk>
2013-09-06Squashfs: add corruption check in get_dir_index_using_offset()Phillip Lougher
We read the size (of the name) field from disk. This value should be sanity checked for correctness to avoid blindly reading huge amounts of unnecessary data from disk on corruption. Note, here we're not actually reading the name into a buffer, but skipping it, and so corruption doesn't cause buffer overflow, merely lots of unnecessary amounts of data to be read. Signed-off-by: Phillip Lougher <phillip@squashfs.org.uk>
2013-09-06Squashfs: fix corruption checks in squashfs_readdir()Phillip Lougher
The dir_count and size fields when read from disk are sanity checked for correctness. However, the sanity checks only check the values are not greater than expected. As dir_count and size were incorrectly defined as signed ints, this can lead to corrupted values appearing as negative which are not trapped. Signed-off-by: Phillip Lougher <phillip@squashfs.org.uk>
2013-09-06Squashfs: fix corruption checks in squashfs_lookup()Phillip Lougher
The dir_count and size fields when read from disk are sanity checked for correctness. However, the sanity checks only check the values are not greater than expected. As dir_count and size were incorrectly defined as signed ints, this can lead to corrupted values appearing as negative which are not trapped. Signed-off-by: Phillip Lougher <phillip@squashfs.org.uk>
2013-09-06Squashfs: fix corruption check in get_dir_index_using_name()Phillip Lougher
Patch "Squashfs: sanity check information from disk" from Dan Carpenter adds a missing check for corruption in the "size" field while reading the directory index from disk. It, however, sets err to -EINVAL, this value is not used later, and so setting it is completely redundant. So remove it. Errors in reading the index are deliberately non-fatal. If we get an error in reading the index we just return the part of the index we have managed to read - the index isn't essential, just quicker. Signed-off-by: Phillip Lougher <phillip@squashfs.org.uk>
2013-09-05Squashfs: Optimized uncompressed buffer loopManish Sharma
Merged the two for loops. We might get a little gain by overlapping wait_on_bh and the memcpy operations. Signed-off-by: Manish Sharma <manishrma@gmail.com> Signed-off-by: Phillip Lougher <phillip@squashfs.org.uk>
2013-08-29Squashfs: sanity check information from diskDan Carpenter
We read the size of the name from the disk, but a larger name than expected would cause memory corruption. Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com> Signed-off-by: Phillip Lougher <phillip@squashfs.org.uk>
2013-06-29[readdir] convert squashfsAl Viro
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2013-03-11fs: Limit sys_mount to only request filesystem modules. (Part 3)Eric W. Biederman
Somehow I failed to add the MODULE_ALIAS_FS for cifs, hostfs, hpfs, squashfs, and udf despite what I thought were my careful checks :( Add them now. Signed-off-by: "Eric W. Biederman" <ebiederm@xmission.com>
2013-02-22new helper: file_inode(file)Al Viro
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2012-10-02Merge branch 'for-linus' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs Pull vfs update from Al Viro: - big one - consolidation of descriptor-related logics; almost all of that is moved to fs/file.c (BTW, I'm seriously tempted to rename the result to fd.c. As it is, we have a situation when file_table.c is about handling of struct file and file.c is about handling of descriptor tables; the reasons are historical - file_table.c used to be about a static array of struct file we used to have way back). A lot of stray ends got cleaned up and converted to saner primitives, disgusting mess in android/binder.c is still disgusting, but at least doesn't poke so much in descriptor table guts anymore. A bunch of relatively minor races got fixed in process, plus an ext4 struct file leak. - related thing - fget_light() partially unuglified; see fdget() in there (and yes, it generates the code as good as we used to have). - also related - bits of Cyrill's procfs stuff that got entangled into that work; _not_ all of it, just the initial move to fs/proc/fd.c and switch of fdinfo to seq_file. - Alex's fs/coredump.c spiltoff - the same story, had been easier to take that commit than mess with conflicts. The rest is a separate pile, this was just a mechanical code movement. - a few misc patches all over the place. Not all for this cycle, there'll be more (and quite a few currently sit in akpm's tree)." Fix up trivial conflicts in the android binder driver, and some fairly simple conflicts due to two different changes to the sock_alloc_file() interface ("take descriptor handling from sock_alloc_file() to callers" vs "net: Providing protocol type via system.sockprotoname xattr of /proc/PID/fd entries" adding a dentry name to the socket) * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs: (72 commits) MAX_LFS_FILESIZE should be a loff_t compat: fs: Generic compat_sys_sendfile implementation fs: push rcu_barrier() from deactivate_locked_super() to filesystems btrfs: reada_extent doesn't need kref for refcount coredump: move core dump functionality into its own file coredump: prevent double-free on an error path in core dumper usb/gadget: fix misannotations fcntl: fix misannotations ceph: don't abuse d_delete() on failure exits hypfs: ->d_parent is never NULL or negative vfs: delete surplus inode NULL check switch simple cases of fget_light to fdget new helpers: fdget()/fdput() switch o2hb_region_dev_write() to fget_light() proc_map_files_readdir(): don't bother with grabbing files make get_file() return its argument vhost_set_vring(): turn pollstart/pollstop into bool switch prctl_set_mm_exe_file() to fget_light() switch xfs_find_handle() to fget_light() switch xfs_swapext() to fget_light() ...
2012-10-02fs: push rcu_barrier() from deactivate_locked_super() to filesystemsKirill A. Shutemov
There's no reason to call rcu_barrier() on every deactivate_locked_super(). We only need to make sure that all delayed rcu free inodes are flushed before we destroy related cache. Removing rcu_barrier() from deactivate_locked_super() affects some fast paths. E.g. on my machine exit_group() of a last process in IPC namespace takes 0.07538s. rcu_barrier() takes 0.05188s of that time. Signed-off-by: Kirill A. Shutemov <kirill.shutemov@linux.intel.com> Cc: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: Andrew Morton <akpm@linux-foundation.org> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2012-09-21userns: Convert squashfs to use kuid/kgid where appropriateEric W. Biederman
Cc: Phillip Lougher <phillip@squashfs.org.uk> Acked-by: Serge Hallyn <serge.hallyn@canonical.com> Signed-off-by: Eric W. Biederman <ebiederm@xmission.com>
2012-07-14stop passing nameidata to ->lookup()Al Viro
Just the flags; only NFS cares even about that, but there are legitimate uses for such argument. And getting rid of that completely would require splitting ->lookup() into a couple of methods (at least), so let's leave that alone for now... Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2012-03-28Merge tag 'squashfs-updates' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/pkl/squashfs-next Pull squashfs updates from Phillip Lougher: "Add an extra mount time sanity check, plus some code cleanups and bug fixes." * tag 'squashfs-updates' of git://git.kernel.org/pub/scm/linux/kernel/git/pkl/squashfs-next: Squashfs: add mount time sanity check for block_size and block_log match Squashfs: fix f_pos check in get_dir_index_using_offset Squashfs: get rid of obsolete definitions in header file Squashfs: remove redundant length initialisation in squashfs_lookup Squashfs: remove redundant length initialisation in squashfs_readdir Squashfs: update comment removing reference to zlib only Squashfs: use define instead of constant
2012-03-21Merge branch 'for-linus' of ↵Linus Torvalds
git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs Pull vfs pile 1 from Al Viro: "This is _not_ all; in particular, Miklos' and Jan's stuff is not there yet." * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/viro/vfs: (64 commits) ext4: initialization of ext4_li_mtx needs to be done earlier debugfs-related mode_t whack-a-mole hfsplus: add an ioctl to bless files hfsplus: change finder_info to u32 hfsplus: initialise userflags qnx4: new helper - try_extent() qnx4: get rid of qnx4_bread/qnx4_getblk take removal of PF_FORKNOEXEC to flush_old_exec() trim includes in inode.c um: uml_dup_mmap() relies on ->mmap_sem being held, but activate_mm() doesn't hold it um: embed ->stub_pages[] into mmu_context gadgetfs: list_for_each_safe() misuse ocfs2: fix leaks on failure exits in module_init ecryptfs: make register_filesystem() the last potential failure exit ntfs: forgets to unregister sysctls on register_filesystem() failure logfs: missing cleanup on register_filesystem() failure jfs: mising cleanup on register_filesystem() failure make configfs_pin_fs() return root dentry on success configfs: configfs_create_dir() has parent dentry in dentry->d_parent configfs: sanitize configfs_create() ...
2012-03-20switch open-coded instances of d_make_root() to new helperAl Viro
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2012-03-20squashfs: remove the second argument of k[un]map_atomic()Cong Wang
Signed-off-by: Cong Wang <amwang@redhat.com>
2012-03-10Squashfs: add mount time sanity check for block_size and block_log matchPhillip Lougher
Squashfs currently has a sanity check for block_size less than or equal to the maximum block_size (1 Mbyte). This catches some superblock corruption, but obviously with a block_size maximum of 1 Mbyte there's 7 correct values (4K, 8K, 16K, 32K, ... etc) and a lot of incorrect values which are not caught by this check. The Squashfs superblock, however, has both a block_size and a block_log (2^block_log == block_size). Checking that the block_size matches the block_log is a much more robust check. Corruption of the superblock is unlikely to produce values which match, and it also ensures the block_size is an exact power of two. Signed-off-by: Phillip Lougher <phillip@squashfs.org.uk>
2012-03-10Squashfs: fix f_pos check in get_dir_index_using_offsetPhillip Lougher
One off error in the f_pos check. If f_pos is 3 or less don't bother reading the index because we're at the start of the directory, and we obviously already know where that is on disk. This eliminates an unnecessary read. Signed-off-by: Phillip Lougher <phillip@squashfs.org.uk>
2012-03-10Squashfs: get rid of obsolete definitions in header filePhillip Lougher
Most of these were never used by the kernel code, but belong to the time when the header file was used by both the kernel code and the user space tools. Signed-off-by: Phillip Lougher <phillip@squashfs.org.uk>
2012-03-10Squashfs: remove redundant length initialisation in squashfs_lookupPhillip Lougher
Signed-off-by: Phillip Lougher <phillip@squashfs.org.uk>
2012-03-10Squashfs: remove redundant length initialisation in squashfs_readdirPhillip Lougher
Signed-off-by: Phillip Lougher <phillip@squashfs.org.uk>
2012-03-10Squashfs: update comment removing reference to zlib onlyPhillip Lougher
Comment was written when Squashfs only supported zlib compression. This comment is now misleading given Squashfs supports other compression algorithms. Signed-off-by: Phillip Lougher <phillip@squashfs.org.uk>
2012-03-10Squashfs: use define instead of constantAjeet Yadav
Its better to use defined name instead of constant Signed-off-by: Ajeet Yadav <ajeet.yadav.77@gmail.com> Signed-off-by: Phillip Lougher <phillip@squashfs.org.uk>
2012-01-13Merge git://git.kernel.org/pub/scm/linux/kernel/git/pkl/squashfs-nextLinus Torvalds
* git://git.kernel.org/pub/scm/linux/kernel/git/pkl/squashfs-next: Squashfs: fix i_blocks calculation with extended regular files Squashfs: fix mount time sanity check for corrupted superblock Squashfs: optimise squashfs_cache_get entry search Squashfs: Update documentation to include xattrs Squashfs: add missing block release on error condition
2012-01-03vfs: fix the stupidity with i_dentry in inode destructorsAl Viro
Seeing that just about every destructor got that INIT_LIST_HEAD() copied into it, there is no point whatsoever keeping this INIT_LIST_HEAD in inode_init_once(); the cost of taking it into inode_init_always() will be negligible for pipes and sockets and negative for everything else. Not to mention the removal of boilerplate code from ->destroy_inode() instances... Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2012-01-03Squashfs: fix i_blocks calculation with extended regular filesPhillip Lougher
The le64_to_cpu() forces the calculation to be unsigned, with the effect that it can underflow leading to an incorrect large value. This bug only triggers in rare(ish) circumstances, an empty file encoded as an extended regular file or a completely sparse file. Normally empty files are encoded as a regular file rather than as an extended regular file (and the regular file i_blocks calculation doesn't have this bug). To save space regular file inodes are optimised to encode the most commonly occurring files. Less common regular files are encoded using extended regular file inodes which contain extra information. Empty files with nlinks greater than 1, and or empty files with extended attributes are encoded using extended regular file inodes and they will hit this bug. Signed-off-by: Phillip Lougher <phillip@squashfs.org.uk>
2012-01-02Squashfs: fix mount time sanity check for corrupted superblockPhillip Lougher
A Squashfs filesystem containing nothing but an empty directory, although unusual and ultimately pointless, is still valid. The directory_table >= next_table sanity check rejects these filesystems as invalid because the directory_table is empty and equal to next_table. Signed-off-by: Phillip Lougher <phillip@squashfs.org.uk>
2011-12-30Squashfs: optimise squashfs_cache_get entry searchAjeet Yadav
squashfs_cache_get() iterates over all entries to search for block its looking for. Often get() / put() are called for same block. If we cache the current entry index, then we can optimise the subsequent *_get() calls. Signed-off-by: Ajeet Yadav <ajeet.yadav.77@gmail.com> Signed-off-by: Phillip Lougher <phillip@squashfs.org.uk>
2011-12-30Squashfs: add missing block release on error conditionPhillip Lougher
squashfs_read_metadata forgets to release the cache block if an error has occurred. Signed-off-by: Phillip Lougher <phillip@squashfs.org.uk>
2011-11-04Merge git://git.kernel.org/pub/scm/linux/kernel/git/pkl/squashfs-nextLinus Torvalds
* git://git.kernel.org/pub/scm/linux/kernel/git/pkl/squashfs-next: Squashfs: Add an option to set dev block size to 4K
2011-11-02Squashfs: Add an option to set dev block size to 4KPhillip Lougher
This commit adds an option to set the device block size used to 4K. By default Squashfs sets the device block size (sb_min_blocksize) to 1K or the smallest block size supported by the block device (if larger). This, because blocks are packed together and unaligned in Squashfs, should reduce latency. This, however, gives poor performance on MTD NAND devices where the optimal I/O size is 4K (even though the devices can support smaller block sizes). Using a 4K device block size may also improve overall I/O performance for some file access patterns (e.g. sequential accesses of files in filesystem order) on all media. Signed-off-by: Phillip Lougher <phillip@squashfs.org.uk>
2011-11-02filesystems: add set_nlink()Miklos Szeredi
Replace remaining direct i_nlink updates with a new set_nlink() updater function. Signed-off-by: Miklos Szeredi <mszeredi@suse.cz> Tested-by: Toshiyuki Okajima <toshi.okajima@jp.fujitsu.com> Signed-off-by: Christoph Hellwig <hch@lst.de>
2011-09-27doc: fix broken referencesPaul Bolle
There are numerous broken references to Documentation files (in other Documentation files, in comments, etc.). These broken references are caused by typo's in the references, and by renames or removals of the Documentation files. Some broken references are simply odd. Fix these broken references, sometimes by dropping the irrelevant text they were part of. Signed-off-by: Paul Bolle <pebolle@tiscali.nl> Signed-off-by: Jiri Kosina <jkosina@suse.cz>
2011-07-25Merge git://git.kernel.org/pub/scm/linux/kernel/git/pkl/squashfs-linusLinus Torvalds
* git://git.kernel.org/pub/scm/linux/kernel/git/pkl/squashfs-linus: Squashfs: Make ZLIB compression support optional Squashfs: Update documentation for XZ and add squashfs-tools devel tree
2011-07-22Squashfs: Make ZLIB compression support optionalPhillip Lougher
Squashfs now supports XZ and LZO compression in addition to ZLIB. As such it no longer makes sense to always include ZLIB support. In particular embedded systems may only use LZO or XZ compression, and the ability to exclude ZLIB support will reduce kernel size. Signed-off-by: Phillip Lougher <phillip@squashfs.org.uk>
2011-07-20make d_splice_alias(ERR_PTR(err), dentry) = ERR_PTR(err)Al Viro
... and simplify the living hell out of callers Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2011-07-20deuglify squashfs_lookup()Al Viro
d_splice_alias(NULL, dentry) is equivalent to d_add(dentry, NULL), NULL so no need for that if (inode) ... in there (or ERR_PTR(0), for that matter) Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
2011-05-29Merge git://git.kernel.org/pub/scm/linux/kernel/git/pkl/squashfs-linusLinus Torvalds
* git://git.kernel.org/pub/scm/linux/kernel/git/pkl/squashfs-linus: Squashfs: Fix sanity check patches on big-endian systems
2011-05-29Squashfs: Fix sanity check patches on big-endian systemsPhillip Lougher
le64 values should be swapped when accessing on big-endian systems. Signed-off-by: Phillip Lougher <phillip@lougher.demon.co.uk>
2011-05-26Merge git://git.kernel.org/pub/scm/linux/kernel/git/pkl/squashfs-linusLinus Torvalds
* git://git.kernel.org/pub/scm/linux/kernel/git/pkl/squashfs-linus: Squashfs: update email address Squashfs: add extra sanity checks at mount time Squashfs: add sanity checks to fragment reading at mount time Squashfs: add sanity checks to lookup table reading at mount time Squashfs: add sanity checks to id reading at mount time Squashfs: add sanity checks to xattr reading at mount time Squashfs: reverse order of filesystem table reading Squashfs: move table allocation into squashfs_read_table()
2011-05-26Squashfs: update email addressPhillip Lougher
My existing email address may stop working in a month or two, so update email to one that will continue working. Signed-off-by: Phillip Lougher <phillip@lougher.demon.co.uk>
2011-05-25Squashfs: add extra sanity checks at mount timePhillip Lougher
Add some extra sanity checks of the inode and directory structures. Signed-off-by: Phillip Lougher <phillip@lougher.demon.co.uk>
2011-05-25Squashfs: add sanity checks to fragment reading at mount timePhillip Lougher
Fsfuzzer generates corrupted filesystems which throw a warn_on in kmalloc. One of these is due to a corrupted superblock fragments field. Fix this by checking that the number of bytes to be read (and allocated) does not extend into the next filesystem structure. Also add a couple of other sanity checks of the mount-time fragment table structures. Signed-off-by: Phillip Lougher <phillip@lougher.demon.co.uk>
2011-05-25Squashfs: add sanity checks to lookup table reading at mount timePhillip Lougher
Fsfuzzer generates corrupted filesystems which throw a warn_on in kmalloc. One of these is due to a corrupted superblock inodes field. Fix this by checking that the number of bytes to be read (and allocated) does not extend into the next filesystem structure. Also add a couple of other sanity checks of the mount-time lookup table structures. Signed-off-by: Phillip Lougher <phillip@lougher.demon.co.uk>
2011-05-25Squashfs: add sanity checks to id reading at mount timePhillip Lougher
Fsfuzzer generates corrupted filesystems which throw a warn_on in kmalloc. One of these is due to a corrupted superblock no_ids field. Fix this by checking that the number of bytes to be read (and allocated) does not extend into the next filesystem structure. Also add a couple of other sanity checks of the mount-time id table structures. Signed-off-by: Phillip Lougher <phillip@lougher.demon.co.uk>
2011-05-25Squashfs: add sanity checks to xattr reading at mount timePhillip Lougher
These checks add sanity checking of the mount-time xattr structures. Signed-off-by: Phillip Lougher <phillip@lougher.demon.co.uk>
2011-05-25Squashfs: reverse order of filesystem table readingPhillip Lougher
Reverse order of table reading from mostly first to last in placement order, to last to first. This is to enable extra superblock sanity checks to be added in later patches. Signed-off-by: Phillip Lougher <phillip@lougher.demon.co.uk>
2011-05-25Squashfs: move table allocation into squashfs_read_table()Phillip Lougher
This eliminates a lot of duplicate code. Signed-off-by: Phillip Lougher <phillip@lougher.demon.co.uk>