diff --git a/fs/jffs2/readinode.c b/fs/jffs2/readinode.c
Linux-MTD Mailing List
linux-mtd at lists.infradead.org
Sat Jun 17 19:59:02 EDT 2006
Commit: 3877f0b6c9f54d43e55e532404a935b90393b635
Parent: 21c8db9eff95260e543535dfc6f27164c4c0c0ff
commit 3877f0b6c9f54d43e55e532404a935b90393b635
Author: David Woodhouse <dwmw2 at infradead.org>
AuthorDate: Sun Jun 18 00:05:26 2006 +0100
Commit: David Woodhouse <dwmw2 at infradead.org>
CommitDate: Sun Jun 18 00:05:26 2006 +0100
[JFFS2] Don't trust node headers before the CRC is checked.
Especially when summary code is used, we can have in-memory data
structures referencing certain nodes without them actually being readable
on the flash. Discard the nodes gracefully in that case, rather than
triggering a BUG().
Signed-off-by: David Woodhouse <dwmw2 at infradead.org>
---
fs/jffs2/readinode.c | 62 +++++++++++++++++++++++++++-----------------------
1 files changed, 34 insertions(+), 28 deletions(-)
diff --git a/fs/jffs2/readinode.c b/fs/jffs2/readinode.c
index e1acce8..5351b34 100644
--- a/fs/jffs2/readinode.c
+++ b/fs/jffs2/readinode.c
@@ -343,7 +343,7 @@ free_out:
* Helper function for jffs2_get_inode_nodes().
* It is called every time an unknown node is found.
*
- * Returns: 0 on succes;
+ * Returns: 0 on success;
* 1 if the node should be marked obsolete;
* negative error code on failure.
*/
@@ -354,37 +354,30 @@ static inline int read_unknown(struct jf
un->nodetype = cpu_to_je16(JFFS2_NODE_ACCURATE | je16_to_cpu(un->nodetype));
- if (crc32(0, un, sizeof(struct jffs2_unknown_node) - 4) != je32_to_cpu(un->hdr_crc)) {
- /* Hmmm. This should have been caught at scan time. */
- JFFS2_NOTICE("node header CRC failed at %#08x. But it must have been OK earlier.\n", ref_offset(ref));
- jffs2_dbg_dump_node(c, ref_offset(ref));
- return 1;
- } else {
- switch(je16_to_cpu(un->nodetype) & JFFS2_COMPAT_MASK) {
+ switch(je16_to_cpu(un->nodetype) & JFFS2_COMPAT_MASK) {
- case JFFS2_FEATURE_INCOMPAT:
- JFFS2_ERROR("unknown INCOMPAT nodetype %#04X at %#08x\n",
- je16_to_cpu(un->nodetype), ref_offset(ref));
- /* EEP */
- BUG();
- break;
+ case JFFS2_FEATURE_INCOMPAT:
+ JFFS2_ERROR("unknown INCOMPAT nodetype %#04X at %#08x\n",
+ je16_to_cpu(un->nodetype), ref_offset(ref));
+ /* EEP */
+ BUG();
+ break;
- case JFFS2_FEATURE_ROCOMPAT:
- JFFS2_ERROR("unknown ROCOMPAT nodetype %#04X at %#08x\n",
- je16_to_cpu(un->nodetype), ref_offset(ref));
- BUG_ON(!(c->flags & JFFS2_SB_FLAG_RO));
- break;
+ case JFFS2_FEATURE_ROCOMPAT:
+ JFFS2_ERROR("unknown ROCOMPAT nodetype %#04X at %#08x\n",
+ je16_to_cpu(un->nodetype), ref_offset(ref));
+ BUG_ON(!(c->flags & JFFS2_SB_FLAG_RO));
+ break;
- case JFFS2_FEATURE_RWCOMPAT_COPY:
- JFFS2_NOTICE("unknown RWCOMPAT_COPY nodetype %#04X at %#08x\n",
- je16_to_cpu(un->nodetype), ref_offset(ref));
- break;
+ case JFFS2_FEATURE_RWCOMPAT_COPY:
+ JFFS2_NOTICE("unknown RWCOMPAT_COPY nodetype %#04X at %#08x\n",
+ je16_to_cpu(un->nodetype), ref_offset(ref));
+ break;
- case JFFS2_FEATURE_RWCOMPAT_DELETE:
- JFFS2_NOTICE("unknown RWCOMPAT_DELETE nodetype %#04X at %#08x\n",
- je16_to_cpu(un->nodetype), ref_offset(ref));
- return 1;
- }
+ case JFFS2_FEATURE_RWCOMPAT_DELETE:
+ JFFS2_NOTICE("unknown RWCOMPAT_DELETE nodetype %#04X at %#08x\n",
+ je16_to_cpu(un->nodetype), ref_offset(ref));
+ return 1;
}
return 0;
@@ -549,6 +542,18 @@ static int jffs2_get_inode_nodes(struct
node = (union jffs2_node_union *)bufstart;
+ /* No need to mask in the valid bit; it shouldn't be invalid */
+ if (je32_to_cpu(node->u.hdr_crc) != crc32(0, node, sizeof(node->u)-4)) {
+ JFFS2_NOTICE("Node header CRC failed at %#08x. {%04x,%04x,%08x,%08x}\n",
+ ref_offset(ref), je16_to_cpu(node->u.magic),
+ je16_to_cpu(node->u.nodetype),
+ je32_to_cpu(node->u.totlen),
+ je32_to_cpu(node->u.hdr_crc));
+ jffs2_dbg_dump_node(c, ref_offset(ref));
+ jffs2_mark_node_obsolete(c, ref);
+ goto cont;
+ }
+
switch (je16_to_cpu(node->u.nodetype)) {
case JFFS2_NODETYPE_DIRENT:
@@ -606,6 +611,7 @@ static int jffs2_get_inode_nodes(struct
goto free_out;
}
+ cont:
spin_lock(&c->erase_completion_lock);
}
More information about the linux-mtd-cvs
mailing list