git.openwrt.org Git - project/fstools.git/log

libfstools: fit: improve fit_volume_find string handling

While string are hardcoded and it's impossible to overflow it, make the
string handling more secure to mute Coverity Scan report by using
strncpy and adding a define for the max size of the DEVPATHSTR.

Fix Coverity Scan CID 1586643: Security best practices violations
(STRING_OVERFLOW).

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>

libfstools: force mkfs when formatting overlay

As the rootfs_overlay volume is dynamically allocated on platforms
which allow for that, the start of the volume can end up being at the
location of previously stored data. This can happen when writing an SD
card image to an SD card previously used for something else.
sysupgrade should always wipe preexisting data, but I haven't checked
if all platform implementations actually always do so). As mkfs is
cautious not to accidentally overwrite existing data, this can result
in the system to hang on boot, waiting for confirmation on the serial
console:

mount_root: overlay filesystem in /dev/fitrw has not been formatted yet
/dev/fitrw contains `ISO-8859 text, with very long lines (65536), with
no line terminators' data
Proceed anyway? (y,N)

Use the FORCE option (-F for mkfs.ext4, -f for mkfs.f2fs) to make sure
the volume is always formatted irrespective of its previous content.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

mount_root: fix compilation error for wrong condition

While reworking this to new implementation, a broken and old commit
slipped in by mistake.

Fix compilation error for wrong condition.

mount_root.c: In function 'main':
mount_root.c:131:23: error: expected expression before '||' token
  131 |         if (argc < 2) || (!strcmp(argv[1], "start"))
      |                       ^~
mount_root.c: At top level:
mount_root.c:31:1: error: 'start' defined but not used [-Werror=unused-function]
   31 | start(int argc, char *argv[3])
      | ^~~~~
cc1: all warnings being treated as errors

Fixes: 1a5695925ecf ("mount_root: add support for passing args to mount_root start")
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>

mount_root: permit to pass mount options for rootfs mount

Introduce an additional arg on calling mount_root start to pass
additional mount options on filesystem mount.

On example is F2FS filesystem mounted with compress_algorithm option
enabled to compress files as they are written to reduce flash wear.

Example usage: (assuming a F2FS filesystem)

mount_root start "compress_algorithm=zstd"

This is currently limited to rootfs mount and is not currently supported
to pass option to rootfs_data mount. (overlay scenario)

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>

mount_root: add support for passing args to mount_root start

It may be useful to pass args to mount_root start call. One usecase
might be pass additional configuration to enable special option on
mounting rootfs. Change main logic and permit additional args when start
is used.

No functional change intended as the default behaviour is saved by
continuing to call start if no args are provided.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>

libfstools: partname: raise priority to 25

Make sure partname has precedence over UBI and MTD.
We already got ways to prevent partname for matching partitions if
needed, however, we would need them as well for UBI and MTD to prevent
use of UBI rootfs_data despite having started from MMC on boards
having both (such as the BPi-R3).

Reported-by: Rui Salvaterra <rsalvaterra@gmail.com>
Signed-off-by: Daniel Golle <daniel@makrotopia.org>

libfstools: add uImage.FIT fitblk driver

The upcoming 'fitblk' block driver exposing the filesystem sub-image(s)
of a uImage.FIT storage on a block device as /dev/fit%u.
In case of the block device being a fixed-sized partition, the remaining
space (for rootfs_data) is mapped to /dev/fitrw.
Recognize both devices and assign the highest priority to the new driver.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

block: recognize /dev/fit* block devices

Prepare for /dev/fit* block devices of the upcoming uImage.FIT
sub-image block driver which are going to be used as rootfs (fit0) as
well as rootfs_data (fitrw) in some cases.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

libfstools: query drivers by priority

Instead of individual hacks meant to prioritize the storage backend
drivers, register them with an optional priotity. If set, the higher
priority driver should be considered be considered first.

Prioritize UBI and MTD over the bulk of block device drivers
(partname, rootdisk) which allows removing previous hacks having the
same effect.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

block: support skipping uuid check

Add a mean to avoid the uuid check by checking for the presence
of /etc/.extroot-default in the overlay.

Signed-off-by: Luca Barbato <lu_zero@gentoo.org>

block: consider currently mounted root device first

First look for the currently mounted root device and then fallback to
looking for rootfs.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>

block: try to find the root device on both / and /rom

Sometimes / is already overlay mounted, assume /rom contains the real
rootfs.

Signed-off-by: Luca Barbato <lu_zero@gentoo.org>

block: support extroot on already mounted overlay

Try to find extroot configuration on already mounted overlay

Signed-off-by: Luca Barbato <lu_zero@gentoo.org>

libblkid-tiny: add exfat superblock support

exFAT became very popular over last years and also well supported with
Linux kernel driver and macOS support. It's commonly used for USB
drivers. Port a simple support for it from util-linux / libblkid.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>

libfstools: use class interface to iterate over ubi devices

Instead of relying on /sys/devices/virtual/ubi/* better use
/sys/class/ubi/* which makes things more straight forward.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

partname: Correct fstools_partname_fallback_scan comparison

Commit 1ea5855e980c ("partname: Introduce fstools_partname_fallback_scan
option") had two problems:

1. The strcmp() aborted when the param *matched* 1; we wanted the
   inverse
2. It was too aggressive about skipping the fallback behavior. For
   devices that had no root= parameter, they would always attempt the
   fallback scan.

Fix both of those.

Fixes: 1ea5855e980c ("partname: Introduce fstools_partname_fallback_scan option")
Signed-off-by: Brian Norris <computersforpeace@gmail.com>
[ add extra spacing between function ]
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>

partname: Introduce fstools_partname_fallback_scan option

Some device may contains a GPT partition named rootfs_data that may
not be suitable.
To save from regression with old implementation that doesn't use
fstools_ignore_partname to explicitly say that that parname scan
should be ignored, make explicit that scanning each partition should
be done by providing fstools_partname_fallback_scan=1 and skip partname
scan in every other case.

Fixes: e9b59f063bb3 ("partname: Ignore root=PARTUUID...")
Tested-by: Dirk Buchwalder <buchwalder@posteo.de>
Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>

partname: Ignore root=PARTUUID...

We're assuming all root= arguments are /dev/ paths, but many targets
utilize root=PARTUUID=<xxx> strategies. At least allow them to fall back
to scanning all block devices.

Signed-off-by: Brian Norris <computersforpeace@gmail.com>

block: try multiple NTFS filesystem implementations

NTFS filesystem is supported by multiple implementations. Try mounting
it using all known drivers. Trying just "ntfs" string was limiting
fstools to compatibility with the read-only upstream Linux driver.

This fixes:
daemon.err block: No "mount.ntfs" utility available
daemon.err block: mounting /dev/sda1 (ntfs) as /mnt/sda1 failed (25) - Not a tty

Above errors were appearing even with ntfs3 upstrea kernel driver or
ntfs-3g (user-space) installed.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>

libfstools: skip JFFS2 padding on block devices

Images also used on devices with NOR flash may come with JFFS2 deadc0de
marking and padding up to the largest NOR erase size.
Skip that padding and take it into account when extracting sysupgrade
backup from mmc/block partition.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

block: Do not include linux/fs.h any more

glibc 2.36 changed the definition of enum fsconfig_command in
sys/mount.h. This definition collides with the same definition from
linux/fs.h now. Remove the include of linux/fs.h. This compiles still
with musl too.

musl and glibc provide the defines linux/fs.h was included for in
sys/mount.h since some years.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

libfstools: Rename move_mount() function to ovl_move_mount() for glibc 2.36

glibc in version 2.36 defines an own function named move_mount() in some
header. The definition from glibc collides with our definition, just
rename the function in fstools.

Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>

libfstools: handle gzip return value in block_volume_format

Fix the following compilation warning:
libfstools/common.c: In function 'block_volume_format':
libfstools/common.c:120:17: error: ignoring return value of 'system' declared with attribute 'warn_unused_result' [-Werror=unused-result]
120 | system(str);
| ^~~~~~~~~~~

Correctly handle return value from gzip and print an error on such case.

Signed-off-by: Christian Marangi <ansuelsmth@gmail.com>

Revert "fstools: remove SELinux restorecon hack"

Now that procd only relables the filesystem in case of the system
beging started with initramfs we will again need to take care of
labeling newly created /overlay.

This reverts commit 9e11b3723ce30b9b8c94ad7d15072a10cf13c0b4.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

fstools: remove SELinux restorecon hack

Now that procd takes care of it properly we no longer need this hack.
Remove it to safe some space also on non-SELinux systems.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

block: don't probe mtdblock on NAND (with legacy exceptions)

Recent kernels started to spill warnings on the log if a userspace
process open()s an mtdblock device backed by NAND flash:

mtdblock: MTD device 'foo' is NAND, please consider using UBI block devices instead.

The warning itself is legitimate -- one really shouldn't be using
mtdblock on NAND.
Hence make fstools skip probing mtdblock devices if their underlaying
mtd device is of type 'nand'. As we don't want to break boards actually
using JFFS2 and squashfs directly on NAND, still probe the mtdblock
device in case the mtd device name is 'rootfs' or 'rootfs_data'.
This will then also trigger the kernel warning as it should.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

blockd: restore device_move semantics

Before commit 4963db4 block device were only removed and re-added in
case of device_move() returning a non-zero value. Commit 4963db4 then
(supposedly) accidentally inverted that logic and also (probably to
work-around the problems resulting from the now inverted logic) limited
this behavior to autofs mounts, leaving the autofs codepath in a semi-
broken state.
Restore the original semantics as of before commit 4963db4 to fully
restore functionality for autofs mounts.

Fixes: 4963db4 ("blockd: use uloop_process for calling /sbin/hotplug-call mount")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>

libfstools: mtd: improve error handling

Use -1 to mark invalid file descriptors as 0 can theoretically be a
valid open file descriptor.
Do not ignore lseek() return value and check if an error has occured.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

libfstools: avoid segfault in find_mount_point

If block is NULL, find_mount_point will segfault when comparing it
against the device name found in /proc/self/mountinfo. Avoid this by
checking if block is NULL.

Signed-off-by: Stijn Tintel <stijn@linux-ipv6.be>

libfstools: use variable for overlay mount-point

This avoids duplicating path over and over.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>

libfstools: get rid of "extroot_prefix" global variable

Replace it with mount_extroot() argument. It's cleaner than a global
var.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>

Update / fix extroot comments

Comment in start() was invalid as mount_extroot() doesn't handle any
mounting internally. It was a misunderstanding coming from block.c
function called just the same.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>

libfstools: check for overlay mounting errors

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>

fstools: fix a couple of minor code problems

Improve error handling and fix a resource leak inside an error path.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

libfstools: use uevent instead of relying on custom kernel patch

Detect partition name based on 'uevent' instead of relying in custom
kernel patch exposing 'name' in sysfs directly.
This will allow to drop the custom patch again.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

libfstools: make sure file is closed on error

Coverity CID: 1330286 Resource leak
Signed-off-by: Daniel Golle <daniel@makrotopia.org>

blockd: include missing libubox/utils.h

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

libfstools: handle open() return value properly in F2FS check

Coverity CID: 1490101 Argument cannot be negative

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

block: fix two resources leaks discovered by Coverity

Coverity CID: 1412456 Resource leak
Coverity CID: 1412458 Resource leak

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

ubi: fix resource leak in legacy codepath

I'm not even sure we are even using this 'ubi' tool anywhere.
Fix the resource leak reported by Coverity anyway.

Coverity CID: 1330289 Resource leak
Coverity CID: 1330290 Resource leak
Coverity CID: 1330291 Resource leak

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

libubi: fix several issues discovered by Coverity

Coverity CID: 1329896 Out-of-bounds access
Coverity CID: 1330127 Resource leak
Coverity CID: 1330173 Resource leak
Coverity CID: 1330472 Wrong size argument

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

blockd: fix resource leak discovered by coverity scan

Fixes Coverity CID 1463265

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

blockd: also report target in notifications

Useful to start/stop services triggered by mountpoints.
See procd.sh procd_add_mount_trigger to make use of that.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

libblkid-tiny: install header file to include dir

Hence libblkid-tiny is a shared lib, it makes sense to install it's
header to the system incldue/ dir for other applications to use it.

Signed-off-by: Daniel Danzberger <daniel@dd-wrt.com>

libblkid-tiny: fix invalid open syscall return check

open() returns -1 on error, not 0 (stdin).

Signed-off-by: Daniel Danzberger <daniel@dd-wrt.com>

blockd: make most calls to 'block' asynchronous

Don't wait for calls to 'block' to complete unless it's for an
autofs event (which cannot be handled async).
Use uloop for 'mount.ready' notificaion when startup has completed
to avoid blocking in waitpid() while the 'block' process is calling
back via ubus.
This greatly reduces the amount of time blockd needs on boot.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

blockd: send mount.ready when startup has completed

Emmit mount.ready notification when 'block autofs start' has completed.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

block: don't add non-ubifs ubi devices

As they require ubiblock to be mounted, just skip ubi devices in case
they don't contain a ubifs.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

block: support umount device basename

blockd calls the umount action with the basename of the device rather
than the full path.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

blockd: fix length of timeout int passed to ioctl

AUTOFS_IOC_SETTIMEOUT expects a pointer to an 'unsigned long' which
will result in out-of-bounds access when passing a pointer to an 'int'.
Change type of timeout to 'unsigned long'.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

block: allow remove hotplug event to arrive at blockd

As the hotplug event fires after the device has been removed, it will
never be found by _cache_load(). Hence the 'remove' event needs to
propagate in all cases and we only need to populate the cache in case
of 'add' events.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

block: use /dev/dm-* instead of /dev/mapper/*

This avoids a lot of problems as hotplug events also arrive for the
/dev/dm-* names.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

Revert "blockd: detect mountpoint of /dev/mapper/*"

This reverts commit 4d4dcfb33c5d9fa31c9916e106bee309ec7b4b01.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

Revert "block: resolve /dev/mapper/* name for /dev/dm-0 when hotplugging"

Turns out using the device nodes /dev/mapper/* turns out to be a bad
idea to begin with. Will use /dev/dm-* instead.

This reverts commit 2f42515977adef7c026eb380ed2423c533cf8f3d.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

blockd: create mountpoint parent folder if needed

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

blockd: move to its own POSIX process group

Not to be confused with cgroups, there are also POSIX process groups.
They do matter when it comes to autofs, as all requests coming from the
process group of the automounter itself will be ignored.
Hence, if blockd runs in the same process group as init and all
services, requests from services will be ignored.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

blockd: fix trigger name

Make it 'mount.add' instead of just 'add' which is more obvious when
used with procd_add_raw_trigger.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

blockd: also send ubus notification on mount hotplug

Also sending a ubus notification on mount hotplug provides a useful
shortcut for procd service triggers.
As the /etc/hotplug.d/mount API for now doesn't have any users and also
makes it hard to aggregate hotplug calls, we should consider removing it
in favor of only using triggers on the block notifications in future.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

block: resolve /dev/mapper/* name for /dev/dm-0 when hotplugging

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

blockd: detect mountpoint of /dev/mapper/*

If a device cannot be found in /dev, also try /dev/mapper.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

blockd: add missing #define _GNU_SOURCE

asprintf requires _GNU_SOURCE to be defined. Set it.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

block: allow autofs and umount commands also on MTD/UBI

As devices with large NAND flash are becoming more common, users may
use that resource for additional (UBI) volumes. To support that in
fstools, allow autofs and umount also on MTD/UBI devices.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

block: match device path instead of assuming /dev/%s

Block devices created by device mapper are in /dev/mapper/ folder,
hence the assumption of the 'block' tool expecting /dev/%s being the
path of a device doesn't hold true.
Match device path from cache instead.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

libblkid-tiny: fix buffer overflow

Copying device name into a fixed-length buffer is problematic as
the name can be longer than the buffer, resulting in subsequent fields
getting corrupted and potentially even worse things.
Drop strcpy of device name and use of the copied value as it is known
anyway.

Before this fix:
/dev/mapper/owrt--volumes--e093cc66-rw_test: UUID="c66-rw_test" LABEL="test" VERSION="1.14" TYPE="f2fs"

After this fix:
/dev/mapper/owrt--volumes--e093cc66-rw_test: UUID="5eda3e52-3427-493a-a6d6-ffdb5a5836fd" LABEL="test" VERSION="1.14" TYPE="f2fs"

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

blockd: use allocated strings instead of fixed buffers

device names can be pretty long when using LVM2, mount targets are
user defined and can potentially also be of PATH_MAX length.
Replace static buffers with dynamically allocated strings to avoid
buffer overflow with too long device names or mount targets.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

block: use dynamically allocated target string

Dynamically allocate string buffer for target mountpoint if needed in
order to avoid the static buffer overflowing for long (device mapper)
paths.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

fstools: block: fix segfault on mount with no target

When a UCI fstab mount config doesn't contain a target option,
a 'block mount' call segfaults when comparing a mount's target (NULL)
to a found mount point returned by find_mount_point()

Signed-off-by: Daniel Danzberger <daniel@dd-wrt.com>
Acked-by: Paul Spooren <mail@aparcar.org>

overlay: fix syncronizing typo

So it's now correct `synchronizing`.

Signed-off-by: Petr Štetiar <ynezz@true.cz>

partname: allow skipping existing 'rootfs_data' partition

Apparently some devices with eMMC (e.g. ZyXEL NBG6817) got an exsiting
GPT partition called 'rootfs_data'. This partition is then selected
as rootfs_data eventhough it may not be suitable for that (too small)
or serve another purpose (ie. used by vendor firmware).
To avoid this, check if the kernel cmdline contains a variable
fstools_ignore_partname=1 and if so, skip partname detection of volumes
alltogether.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

libfstools: remove superflus include

Turns out C header file <stropts.h> is unneeded after all.
Remove it.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

libfstools: fix build with glibc

stropts.h which is unavailable under glibc (and not needed
when building against glibc). Include it only if not building
against glibc.

Reported by: @DazzyWalkman
Signed-off-by: Daniel Golle <daniel@makrotopia.org>

libfstools: partname: several fixes

partname driver didn't allow mount_root to identify the filesystem
and hence the overlay filesystem state remained PENDING which lead
to overlay being cleared again at every reboot.
Fix that by setting v->blk early and, while at it, eliminate unneeded
strdup's by storing the full device paths in a union allowing accessing
the full path or the device name only.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

fstools: add partname volume driver

Add driver to handle block devices with (GPT) partition table which
can include a partition name.
If 'root=' is set on the kernel cmdline, only search for partitions
on the same device.
Among with other changes (ptgen, image*.mk, base-files, ...) this
allows for a much more straight forward storage model on block based
devices.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

jffs2reset: support fristboot on unmounted UBI overlay

To erase the overlay partitions on systems using UBIFS overlay,
instead of writing the jffs2-marker, truncating the UBI volume to 0
has the desired effect.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

block: replace local mkdir_p implementation

Drop local mkdir_p implementation in favour of using the
implementation now added to libubox.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

mount: restorecon: guard against execl() errors

In the current implementation, in case of execl("/sbin/restorecon")
failing, the child process will also return and that will lead to
even more disasterous effects.
Though it seems unlikely that execl() would fail given that the file
exists, simply catch that case by exiting in case execl() returns.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

jffs2-reset: allow doing a factory reset and passing a sysupgrade.tgz

Signed-off-by: John Crispin <john@phrozen.org>

mount: apply SELinux labels before overlayfs mount

Use restorecon to apply SELinux labels if applicable.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

overlay: use precompiler macros for reoccuring path names

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

mount: fix log format string and indentation

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

mount: remove support for legacy overlayfs before v2.3

overlayfs has been in mainline since Linux v3.18 (OpenWrt CC 15.05).
Remove support for pre-mainline overlayfs.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

fstoools: add define for GLOB_ONLYDIR

This was originally a patch for musl. It is not present in musl as it is a
GNU extension.

Place it here where it belongs.

Signed-off-by: Rosen Penev <rosenp@gmail.com>

Use autoclear for overlay loopback device

During a sysupgrade on a block-based device, the partition table might
get updated.

The partitions have to be completely unused by the time partx is
invoked, or it fails thus:
partx: /dev/mmcblk1: error deleting partition 3
partx: /dev/mmcblk1: error adding partition 3

That's cosmetic in some cases, but in others where the old root
partition overlaps with the new partition where the config is stored
during the reboot, it causes a sysugprade failure (resulting in the
backup being lost and a completely clean system image).

Although we carefully unmount the root and overlay file systems, the
problem is that the loopback device used for the overlay isn't being
torn down, and it still has a refcount on the root block partition (in
the above case, /dev/mmcblk1p3).

Installing losetup and adding 'losetup -D' to the switch_to_ramfs()
function makes it work nicely. But the better option that doesn't add a
new dependency is to use the autoclear flag when setting up the loop
device, so it goes away automatically when the overlay file system is
unmounted.

To make that work sanely, we have to *not* close the fd right after
configuring it — or it'll go away immediately. We could store the fd in
the volume struct and either add destructor method or close it after
performing the mount… but honestly it just seems simpler and saner to
"leak" the fd in the knowledge that it'll get closed when the process
exits in a few milliseconds anyway. We can revisit that if anyone
really feels strongly about it. Dissent is best expressed in 'diff -up'
form.

Signed-off-by: David Woodhouse <dwmw2@infradead.org>

blockd: fix segfault triggered by non-autofs mounts

Program received signal SIGSEGV, Segmentation fault.
main_autofs (argv=<optimized out>, argc=<optimized out>)
at fstools-2020-05-06-eec16e2f/block.c:1193
1193: if (!m->autofs && (mp = find_mount_point(pr->dev))) {

Fixes: 9ab936d ("block(d): always call hotplug.d "mount" scripts from blockd")
Signed-off-by: Daniel Golle <daniel@makrotopia.org>

blockd: add optional "device" parameter to "info" ubus method

It allows getting info about specified device.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>

block(d): always call hotplug.d "mount" scripts from blockd

This resolves problem on boot with "mount" scripts being called too
early to get blockd info. With this change "mount" scripts won't get
called until blockd starts. On startup it requests all devices info and
calls relevant scripts.

This fixes samba36-hotplug package hotplug.d script.

One downside of this change is handling "mount" evens on block restart
or crash. On restart "add" actions will get executed for mounted /
available (autofs) devices. On crash no events will be generated.

Ref: http://lists.infradead.org/pipermail/openwrt-devel/2019-December/020886.html
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>

blockd: use uloop_process for calling /sbin/hotplug-call mount

As blockd uses uloop calling any script and using waitpid() can easily
result in a lock. It's enough for script to use /bin/ubus to cause that.

It's not an option to drop waitpid() as it's important to e.g. call
mount scripts with ACTION=remove before unmounting devices. So solving
this problem requires using uloop_process.

Unfortunately this means:
1. Using callbacks making code slightly more complex
2. Dropping that nice devices_update_cb()

With this change however hotplug.d "mount" scripts can safely call
"ubus".

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>

Truncate FAT filesystem label until 1st occurance of a blank (0x20)

According to spec the FAT filesystem label is not terminated by a
\0-byte but instead has a fixed length where the name is padded by
blanks.
Before libblkid-tiny just passed the always 11 bytes long blank padded
string through, however it makes matching for a filesystem label
inconsistent with other filesystems, which use a \0-terminated string.

Before: "foobar "
After : "foobar"

Signed-off-by: Mirko Vogt <mirko-openwrt@nanl.de>

block: always use st_dev (device ID) of / when looking for root

Use this method even if UBIFS extroot support is enabled. This is needed
on x86 systems (using F2FS for overlay) as they may still come with F2FS
enabled.

Ref: https://bugs.openwrt.org/index.php?do=details&task_id=2231
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>

block: simplify check_extroot() a bit

Avoid too big code indent.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>

block: add some basic extroot documentation

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>

Revert "block: support hierarchical mount/umount"

This reverts commit fb0700f0fdfc4bec220203d31df87be2b4ccc467.

Switching to AVL tree allows sorting devices by selected parameter
(mount path) but does not implement a real hierarchical layout. That
would require a tree with parent nodes being parent devices / mount
paths.

Cc: Yousong Zhou <yszhou4tech@gmail.com>
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>

Revert "block: mount_action: handle mount/umount deps"

This reverts commit 32c3126b2f0464106d74317336b6aef1d7d5f82f.

Internally stored list of devices is implemented using struct vlist_tree
and keeps devices sorted by their mount target paths. This DOESN'T mean
that all preceding entires of a given device are its parent devices.
Making such an assumption and mounting all preceding devices results in
unwanted mounts in most cases.

For example having devices like:
/dev/sda1 (mount target: /mnt/foo1)
/dev/sda2 (mount target: /mnt/foo2)
/dev/sdb1 (mount target: /mnt/bar1)
/dev/sdb2 (mount target: /mnt/bar2)
will result in devices vlist_tree having entries sorted like:
/dev/sdb1 (bar1), /dev/sdb2 (bar2), /dev/sda1 (foo1), /dev/sda2 (foo2)

Using autofs and accessing /mnt/foo2 would result in mounting all 4
partitions and spinning unneeded /dev/sdb.

Cc: Yousong Zhou <yszhou4tech@gmail.com>
Signed-off-by: Rafał Miłecki <rafal@milecki.pl>

libfstools/mtd: attempt to read from OOB data if empty space is found

When using jffs2 on NAND flash, it stores its magic in the OOB data on
newly erased blocks. This change fixes identifying the filesystem type.

Signed-off-by: Felix Fietkau <nbd@nbd.name>

blockd: remove symlink linkpath file if it's a dir or link

Files like that can remain from using non-autofs mounting and can cause
mounting errors after switching to autofs:
blockd: failed to symlink /mnt/sda1->/tmp/run/blockd/sda1

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>

block: remove mount target file if it's a link

Links like that can remain from using autofs and can cause mounting
errors after switching to non-autofs:

block: mounting /dev/sda1 (vfat) as /mnt/sda1 failed (2) - No such file or directory

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>

blockd: report "target" path as "mount" for autofs available mounts

Devices handled with autofs should be seen as available even if
currently unmounted. Mounting is handled on demand and transparently for
users.

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>

blockd: print symlink error code and string message

It may help understanding failure reason, e.g.:
blockd: failed to symlink /mnt/sda1->/tmp/run/blockd/sda1 (17) - File exists

Signed-off-by: Rafał Miłecki <rafal@milecki.pl>

Revert "fstools: Add support to read-only MTD partitions (eg. recovery images)"

This reverts commit f5c7c1813f52e6d7b59ecfb2f9f95e69b05b1980 which needs
more work and testing as it broke at least jffs2 overlays at least on
ath79 platform, marking them as read-only, thus unusable:

jffs2_build_filesystem(): erasing all blocks after the end marker...
jffs2: Erase at 0x009e0000 failed immediately: -EROFS. Is the sector locked?

Ref: http://lists.infradead.org/pipermail/openwrt-devel/2020-January/021344.html
Reported-by: Steve Brown <sbrown@ewol.com>
Signed-off-by: Petr Štetiar <ynezz@true.cz>

fstools: Add support to read-only MTD partitions (eg. recovery images)

This patch enables fstools to open read-only MTD partitions, which in
turn also enables OpenWrt to boot from read-only partitions.

The use of read-only partitions is of special importance for WiFi-only
devices, where a protected read-only recovery image can be used in case
something goes wrong with the main firmware (eg. user gets locked out
due to bad settings, flash of an unbootable dev firmware, etc).

Signed-off-by: Bruno Pena <brunompena@gmail.com>