Revision bba719b5004234e55737e7074b81b337210c511d authored by Jie Liu on 01 January 2014, 11:28:03 UTC, committed by Ben Myers on 10 January 2014, 18:38:41 UTC
With CRC check is enabled, if trying to set an attributes value just
equal to the maximum size of XATTR_SIZE_MAX would cause the v3 remote
attr write verification procedure failure, which would yield the back
trace like below:
<snip>
XFS (sda7): Internal error xfs_attr3_rmt_write_verify at line 191 of file fs/xfs/xfs_attr_remote.c
<snip>
Call Trace:
[<ffffffff816f0042>] dump_stack+0x45/0x56
[<ffffffffa0d99c8b>] xfs_error_report+0x3b/0x40 [xfs]
[<ffffffffa0d96edd>] ? _xfs_buf_ioapply+0x6d/0x390 [xfs]
[<ffffffffa0d99ce5>] xfs_corruption_error+0x55/0x80 [xfs]
[<ffffffffa0dbef6b>] xfs_attr3_rmt_write_verify+0x14b/0x1a0 [xfs]
[<ffffffffa0d96edd>] ? _xfs_buf_ioapply+0x6d/0x390 [xfs]
[<ffffffffa0d97315>] ? xfs_bdstrat_cb+0x55/0xb0 [xfs]
[<ffffffffa0d96edd>] _xfs_buf_ioapply+0x6d/0x390 [xfs]
[<ffffffff81184cda>] ? vm_map_ram+0x31a/0x460
[<ffffffff81097230>] ? wake_up_state+0x20/0x20
[<ffffffffa0d97315>] ? xfs_bdstrat_cb+0x55/0xb0 [xfs]
[<ffffffffa0d9726b>] xfs_buf_iorequest+0x6b/0xc0 [xfs]
[<ffffffffa0d97315>] xfs_bdstrat_cb+0x55/0xb0 [xfs]
[<ffffffffa0d97906>] xfs_bwrite+0x46/0x80 [xfs]
[<ffffffffa0dbfa94>] xfs_attr_rmtval_set+0x334/0x490 [xfs]
[<ffffffffa0db84aa>] xfs_attr_leaf_addname+0x24a/0x410 [xfs]
[<ffffffffa0db8893>] xfs_attr_set_int+0x223/0x470 [xfs]
[<ffffffffa0db8b76>] xfs_attr_set+0x96/0xb0 [xfs]
[<ffffffffa0db13b2>] xfs_xattr_set+0x42/0x70 [xfs]
[<ffffffff811df9b2>] generic_setxattr+0x62/0x80
[<ffffffff811e0213>] __vfs_setxattr_noperm+0x63/0x1b0
[<ffffffff81307afe>] ? evm_inode_setxattr+0xe/0x10
[<ffffffff811e0415>] vfs_setxattr+0xb5/0xc0
[<ffffffff811e054e>] setxattr+0x12e/0x1c0
[<ffffffff811c6e82>] ? final_putname+0x22/0x50
[<ffffffff811c708b>] ? putname+0x2b/0x40
[<ffffffff811cc4bf>] ? user_path_at_empty+0x5f/0x90
[<ffffffff811bdfd9>] ? __sb_start_write+0x49/0xe0
[<ffffffff81168589>] ? vm_mmap_pgoff+0x99/0xc0
[<ffffffff811e07df>] SyS_setxattr+0x8f/0xe0
[<ffffffff81700c2d>] system_call_fastpath+0x1a/0x1f
Tests:
setfattr -n user.longxattr -v `perl -e 'print "A"x65536'` testfile
This patch fix it to check the remote EA size is greater than the
XATTR_SIZE_MAX rather than more than or equal to it, because it's
valid if the specified EA value size is equal to the limitation as
per VFS setxattr interface.
Signed-off-by: Jie Liu <jeff.liu@oracle.com>
Reviewed-by: Mark Tinguely <tinguely@sgi.com>
Signed-off-by: Ben Myers <bpm@sgi.com>
(cherry picked from commit 85dd0707f0cad26d60f2dc574d17a5ab948d10f7)
1 parent ac8809f
ihex2fw.c
/*
* Parser/loader for IHEX formatted data.
*
* Copyright © 2008 David Woodhouse <dwmw2@infradead.org>
* Copyright © 2005 Jan Harkes <jaharkes@cs.cmu.edu>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License version 2 as
* published by the Free Software Foundation.
*/
#include <stdint.h>
#include <arpa/inet.h>
#include <stdio.h>
#include <errno.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <sys/mman.h>
#include <fcntl.h>
#include <string.h>
#include <unistd.h>
#include <stdlib.h>
#define _GNU_SOURCE
#include <getopt.h>
struct ihex_binrec {
struct ihex_binrec *next; /* not part of the real data structure */
uint32_t addr;
uint16_t len;
uint8_t data[];
};
/**
* nybble/hex are little helpers to parse hexadecimal numbers to a byte value
**/
static uint8_t nybble(const uint8_t n)
{
if (n >= '0' && n <= '9') return n - '0';
else if (n >= 'A' && n <= 'F') return n - ('A' - 10);
else if (n >= 'a' && n <= 'f') return n - ('a' - 10);
return 0;
}
static uint8_t hex(const uint8_t *data, uint8_t *crc)
{
uint8_t val = (nybble(data[0]) << 4) | nybble(data[1]);
*crc += val;
return val;
}
static int process_ihex(uint8_t *data, ssize_t size);
static void file_record(struct ihex_binrec *record);
static int output_records(int outfd);
static int sort_records = 0;
static int wide_records = 0;
static int include_jump = 0;
static int usage(void)
{
fprintf(stderr, "ihex2fw: Convert ihex files into binary "
"representation for use by Linux kernel\n");
fprintf(stderr, "usage: ihex2fw [<options>] <src.HEX> <dst.fw>\n");
fprintf(stderr, " -w: wide records (16-bit length)\n");
fprintf(stderr, " -s: sort records by address\n");
fprintf(stderr, " -j: include records for CS:IP/EIP address\n");
return 1;
}
int main(int argc, char **argv)
{
int infd, outfd;
struct stat st;
uint8_t *data;
int opt;
while ((opt = getopt(argc, argv, "wsj")) != -1) {
switch (opt) {
case 'w':
wide_records = 1;
break;
case 's':
sort_records = 1;
break;
case 'j':
include_jump = 1;
break;
return usage();
}
}
if (optind + 2 != argc)
return usage();
if (!strcmp(argv[optind], "-"))
infd = 0;
else
infd = open(argv[optind], O_RDONLY);
if (infd == -1) {
fprintf(stderr, "Failed to open source file: %s",
strerror(errno));
return usage();
}
if (fstat(infd, &st)) {
perror("stat");
return 1;
}
data = mmap(NULL, st.st_size, PROT_READ, MAP_SHARED, infd, 0);
if (data == MAP_FAILED) {
perror("mmap");
return 1;
}
if (!strcmp(argv[optind+1], "-"))
outfd = 1;
else
outfd = open(argv[optind+1], O_TRUNC|O_CREAT|O_WRONLY, 0644);
if (outfd == -1) {
fprintf(stderr, "Failed to open destination file: %s",
strerror(errno));
return usage();
}
if (process_ihex(data, st.st_size))
return 1;
return output_records(outfd);
}
static int process_ihex(uint8_t *data, ssize_t size)
{
struct ihex_binrec *record;
uint32_t offset = 0;
uint32_t data32;
uint8_t type, crc = 0, crcbyte = 0;
int i, j;
int line = 1;
int len;
i = 0;
next_record:
/* search for the start of record character */
while (i < size) {
if (data[i] == '\n') line++;
if (data[i++] == ':') break;
}
/* Minimum record length would be about 10 characters */
if (i + 10 > size) {
fprintf(stderr, "Can't find valid record at line %d\n", line);
return -EINVAL;
}
len = hex(data + i, &crc); i += 2;
if (wide_records) {
len <<= 8;
len += hex(data + i, &crc); i += 2;
}
record = malloc((sizeof (*record) + len + 3) & ~3);
if (!record) {
fprintf(stderr, "out of memory for records\n");
return -ENOMEM;
}
memset(record, 0, (sizeof(*record) + len + 3) & ~3);
record->len = len;
/* now check if we have enough data to read everything */
if (i + 8 + (record->len * 2) > size) {
fprintf(stderr, "Not enough data to read complete record at line %d\n",
line);
return -EINVAL;
}
record->addr = hex(data + i, &crc) << 8; i += 2;
record->addr |= hex(data + i, &crc); i += 2;
type = hex(data + i, &crc); i += 2;
for (j = 0; j < record->len; j++, i += 2)
record->data[j] = hex(data + i, &crc);
/* check CRC */
crcbyte = hex(data + i, &crc); i += 2;
if (crc != 0) {
fprintf(stderr, "CRC failure at line %d: got 0x%X, expected 0x%X\n",
line, crcbyte, (unsigned char)(crcbyte-crc));
return -EINVAL;
}
/* Done reading the record */
switch (type) {
case 0:
/* old style EOF record? */
if (!record->len)
break;
record->addr += offset;
file_record(record);
goto next_record;
case 1: /* End-Of-File Record */
if (record->addr || record->len) {
fprintf(stderr, "Bad EOF record (type 01) format at line %d",
line);
return -EINVAL;
}
break;
case 2: /* Extended Segment Address Record (HEX86) */
case 4: /* Extended Linear Address Record (HEX386) */
if (record->addr || record->len != 2) {
fprintf(stderr, "Bad HEX86/HEX386 record (type %02X) at line %d\n",
type, line);
return -EINVAL;
}
/* We shouldn't really be using the offset for HEX86 because
* the wraparound case is specified quite differently. */
offset = record->data[0] << 8 | record->data[1];
offset <<= (type == 2 ? 4 : 16);
goto next_record;
case 3: /* Start Segment Address Record */
case 5: /* Start Linear Address Record */
if (record->addr || record->len != 4) {
fprintf(stderr, "Bad Start Address record (type %02X) at line %d\n",
type, line);
return -EINVAL;
}
memcpy(&data32, &record->data[0], sizeof(data32));
data32 = htonl(data32);
memcpy(&record->data[0], &data32, sizeof(data32));
/* These records contain the CS/IP or EIP where execution
* starts. If requested output this as a record. */
if (include_jump)
file_record(record);
goto next_record;
default:
fprintf(stderr, "Unknown record (type %02X)\n", type);
return -EINVAL;
}
return 0;
}
static struct ihex_binrec *records;
static void file_record(struct ihex_binrec *record)
{
struct ihex_binrec **p = &records;
while ((*p) && (!sort_records || (*p)->addr < record->addr))
p = &((*p)->next);
record->next = *p;
*p = record;
}
static int output_records(int outfd)
{
unsigned char zeroes[6] = {0, 0, 0, 0, 0, 0};
struct ihex_binrec *p = records;
while (p) {
uint16_t writelen = (p->len + 9) & ~3;
p->addr = htonl(p->addr);
p->len = htons(p->len);
if (write(outfd, &p->addr, writelen) != writelen)
return 1;
p = p->next;
}
/* EOF record is zero length, since we don't bother to represent
the type field in the binary version */
if (write(outfd, zeroes, 6) != 6)
return 1;
return 0;
}
Computing file changes ...
