summaryrefslogtreecommitdiff
path: root/fs/ubifs/ubifs-media.h
AgeCommit message (Collapse)AuthorFilesLines
2019-07-08ubifs: Add support for zstd compression.Michele Dionisio1-0/+2
zstd shows a good compression rate and is faster than lzo, also on slow ARM cores. Cc: Sebastian Andrzej Siewior <sebastian@breakpoint.cc> Signed-off-by: Michele Dionisio <michele.dionisio@gmail.com> [rw: rewrote commit message] Signed-off-by: Richard Weinberger <richard@nod.at>
2019-07-08ubifs: support offline signed imagesSascha Hauer1-1/+27
HMACs can only be generated on the system the UBIFS image is running on. To support offline signed images we add a PKCS#7 signature to the UBIFS image which can be created by mkfs.ubifs. Both the master node and the superblock need to be authenticated, during normal runtime both are protected with HMACs. For offline signature support however only a single signature is desired. We add a signature covering the superblock node directly behind it. To protect the master node a hash of the master node is added to the superblock which is used when the master node doesn't contain a HMAC. Transition to a read/write filesystem is also supported. During transition first the master node is rewritten with a HMAC (implicitly, it is written anyway as the FS is marked dirty). Afterwards the superblock is rewritten with a HMAC. Once after the image has been mounted read/write it is HMAC only, the signature is no longer required or even present on the filesystem. In an offline signed image the master node is authenticated by the superblock. In a transition to r/w we have to make sure that the master node is rewritten before the superblock node. In this case the master node gets a HMAC and its authenticity no longer depends on the superblock node. There are some cases in which the current code first writes the superblock node though, so with this patch writing of the superblock node is delayed until the master node is written. Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de> Signed-off-by: Richard Weinberger <richard@nod.at>
2019-06-05treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 336Thomas Gleixner1-13/+1
Based on 1 normalized pattern(s): this program is free software you can redistribute it and or modify it under the terms of the gnu general public license version 2 as published by the free software foundation this program is distributed in the hope that it will be useful but without any warranty without even the implied warranty of merchantability or fitness for a particular purpose see the gnu general public license for more details you should have received a copy of the gnu general public license along with this program if not write to the free software foundation inc 51 franklin st fifth floor boston ma 02110 1301 usa extracted by the scancode license scanner the SPDX license identifier GPL-2.0-only has been chosen to replace the boilerplate/reference in 246 file(s). Signed-off-by: Thomas Gleixner <tglx@linutronix.de> Reviewed-by: Alexios Zavras <alexios.zavras@intel.com> Reviewed-by: Allison Randal <allison@lohutok.net> Cc: linux-spdx@vger.kernel.org Link: https://lkml.kernel.org/r/20190530000436.674189849@linutronix.de Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2018-10-23ubifs: Format changes for authentication supportSascha Hauer1-3/+43
This patch adds the changes to the on disk format needed for authentication support. We'll add: * a HMAC covering super block node * a HMAC covering the master node * a hash over the root index node to the master node * a hash over the LPT to the master node * a flag to the filesystem flag indicating the filesystem is authenticated * an authentication node necessary to authenticate the nodes written to the journal heads while they are written. * a HMAC of a well known message to the super block node to be able to check if the correct key is provided And finally, not visible in this patch, nevertheless explained here: * hashes over the referenced child nodes in each branch of a index node Signed-off-by: Sascha Hauer <s.hauer@pengutronix.de> Signed-off-by: Richard Weinberger <richard@nod.at>
2016-12-13ubifs: Raise write version to 5Richard Weinberger1-1/+3
Starting with version 5 the following properties change: - UBIFS_FLG_DOUBLE_HASH is mandatory - UBIFS_FLG_ENCRYPTION is optional but depdens on UBIFS_FLG_DOUBLE_HASH - Filesystems with unknown super block flags will be rejected, this allows us in future to add new features without raising the UBIFS write version. Signed-off-by: Richard Weinberger <richard@nod.at>
2016-12-13ubifs: Implement UBIFS_FLG_ENCRYPTIONRichard Weinberger1-0/+2
This feature flag indicates that the filesystem contains encrypted files. Signed-off-by: Richard Weinberger <richard@nod.at>
2016-12-13ubifs: Implement UBIFS_FLG_DOUBLE_HASHRichard Weinberger1-0/+3
This feature flag indicates that all directory entry nodes have a 32bit cookie set and therefore UBIFS is allowed to perform lookups by hash. Signed-off-by: Richard Weinberger <richard@nod.at>
2016-12-13ubifs: Add full hash lookup supportRichard Weinberger1-2/+3
UBIFS stores a 32bit hash of every file, for traditional lookups by name this scheme is fine since UBIFS can first try to find the file by the hash of the filename and upon collisions it can walk through all entries with the same hash and do a string compare. When filesnames are encrypted fscrypto will ask the filesystem for a unique cookie, based on this cookie the filesystem has to be able to locate the target file again. With 32bit hashes this is impossible because the chance for collisions is very high. Do deal with that we store a 32bit cookie directly in the UBIFS directory entry node such that we get a 64bit cookie (32bit from filename hash and the dent cookie). For a lookup by hash UBIFS finds the entry by the first 32bit and then compares the dent cookie. If it does not match, it has to do a linear search of the whole directory and compares all dent cookies until the correct entry is found. Signed-off-by: Richard Weinberger <richard@nod.at>
2016-12-13ubifs: Introduce new data node field, compr_sizeRichard Weinberger1-4/+2
When data of a data node is compressed and encrypted we need to store the size of the compressed data because before encryption we may have to add padding bytes. For the new field we consume the last two padding bytes in struct ubifs_data_node. Two bytes are fine because the data length is at most 4096. Signed-off-by: Richard Weinberger <richard@nod.at>
2016-12-13ubifs: Add skeleton for fscryptoRichard Weinberger1-0/+2
This is the first building block to provide file level encryption on UBIFS. Signed-off-by: Richard Weinberger <richard@nod.at>
2016-12-13ubifs: Define UBIFS crypto context xattrRichard Weinberger1-0/+7
Like ext4 UBIFS will store the crypto context in a xattr attribute. Signed-off-by: Richard Weinberger <richard@nod.at>
2011-05-16UBIFS: add a superblock flag for free space fix-upMatthew L. Creech1-0/+2
The 'space_fixup' flag can be set in the superblock of a new filesystem by mkfs.ubifs to indicate that any eraseblocks with free space remaining should be fixed-up the first time it's mounted (after which the flag is un-set). This means that the UBIFS image has been flashed by a "dumb" flasher and the free space has been actually programmed (writing all 0xFFs), so this free space cannot be used. UBIFS fixes the free space up by re-writing the contents of all LEBs with free space using the atomic LEB change UBI operation. Artem: improved commit message, add some more commentaries to the code. Signed-off-by: Matthew L. Creech <mlcreech@gmail.com> Signed-off-by: Artem Bityutskiy <Artem.Bityutskiy@nokia.com>
2011-05-13UBIFS: use __packed instead of __attribute__((packed))Artem Bityutskiy1-14/+14
There was an attempt to standartize various "__attribute__" and other macros in order to have potentially portable and more consistent code, see commit 82ddcb040570411fc2d421d96b3e69711c670328. Note, that commit refers Rober Love's blog post, but the URL is broken, the valid URL is: http://blog.rlove.org/2005/10/with-little-help-from-your-compiler.html Moreover, nowadays checkpatch.pl warns about using __attribute__((packed)): "WARNING: __packed is preferred over __attribute__((packed))" It is not a big deal for UBIFS to use __packed, so let's do it. Signed-off-by: Artem Bityutskiy <Artem.Bityutskiy@nokia.com>
2009-09-15UBIFS: define journal head numbers in ubifs-media.hArtem Bityutskiy1-0/+7
The journal head names and numbers are part of the UBIFS format, so they should be in the ubifs-media.h. Signed-off-by: Artem Bityutskiy <Artem.Bityutskiy@nokia.com>
2009-03-26UBIFS: add R/O compatibilityArtem Bityutskiy1-3/+27
Now UBIFS is supported by u-boot. If we ever decide to change the media format, then people will have to upgrade their u-boots to mount new format images. However, very often it is possible to preserve R/O forward-compatibility, even though the write forward-compatibility is not preserved. This patch introduces a new super-block field which stores the R/O compatibility version. Signed-off-by: Artem Bityutskiy <Artem.Bityutskiy@nokia.com> Acked-by: Adrian Hunter <Adrian.Hunter@nokia.com>
2008-12-03UBIFS: slight compression optimizationArtem Bityutskiy1-0/+7
If data does not compress, it is better to leave it uncompressed because we'll read it faster then. So do not compress data if we save less than 64 bytes. Signed-off-by: Artem Bityutskiy <Artem.Bityutskiy@nokia.com>
2008-09-30UBIFS: ensure data read beyond i_size is zeroed out correctlyAdrian Hunter1-1/+0
Signed-off-by: Adrian Hunter <ext-adrian.hunter@nokia.com>
2008-09-05UBIFS: make minimum fanout 3Artem Bityutskiy1-1/+1
UBIFS does not really work correctly when fanout is 2, because of the way we manage the indexing tree. It may just become a list and UBIFS screws up. Signed-off-by: Artem Bityutskiy <Artem.Bityutskiy@nokia.com>
2008-08-13UBIFS: reserve more space for indexArtem Bityutskiy1-2/+2
At the moment UBIFS reserves twice old index size space for the index. But this is not enough in some cases, because if the indexing node are very fragmented and there are many small gaps, while the dirty index has big znodes - in-the-gaps method would fail. Thus, reserve trise as more, in which case we are guaranteed that we can commit in any case. Signed-off-by: Artem Bityutskiy <Artem.Bityutskiy@nokia.com>
2008-07-15UBIFS: add new flash file systemArtem Bityutskiy1-0/+745
This is a new flash file system. See http://www.linux-mtd.infradead.org/doc/ubifs.html Signed-off-by: Artem Bityutskiy <Artem.Bityutskiy@nokia.com> Signed-off-by: Adrian Hunter <ext-adrian.hunter@nokia.com>