[PATCHv2] mkfs.ubifs: do not override root inode permissions
Artem Bityutskiy
dedekind1 at gmail.com
Wed Sep 8 04:18:48 EDT 2010
From: Artem Bityutskiy <Artem.Bityutskiy at nokia.com>
When mkfs.ubifs is used with -r dir, it does not make the root UBIFS
inode uid/gid/permissions to be equivalent to dir's permissions, but
it makes root inode permissions to be equivalent to uid = git = 0
(root) and permissions = u+rwx go+rx.
Unfortunately, we cannot simply fix this bug, because mkfs.ubifs is
already used in production. Thus, we have introduce --squash-rino-perm
option which is the default and it preserves the old mkfs.ubifs
behavior. We also introduce --nosquash-rino-perm option which fixes
mkfs.ubifs behavior. If none of these options is used, we print a
warning. The plan is to make everyone use one of these options, then
make --nosquash-rino-perm to be the default and remove the warning,
and then eventually deprecate and remove both options.
Signed-off-by: Artem Bityutskiy <Artem.Bityutskiy at nokia.com>
---
mkfs.ubifs/mkfs.ubifs.c | 87 ++++++++++++++++++++++++++++++++++------------
1 files changed, 64 insertions(+), 23 deletions(-)
diff --git a/mkfs.ubifs/mkfs.ubifs.c b/mkfs.ubifs/mkfs.ubifs.c
index 9f2a226..eeb5e42 100644
--- a/mkfs.ubifs/mkfs.ubifs.c
+++ b/mkfs.ubifs/mkfs.ubifs.c
@@ -23,7 +23,7 @@
#include "mkfs.ubifs.h"
#include <crc32.h>
-#define PROGRAM_VERSION "1.3"
+#define PROGRAM_VERSION "1.4"
/* Size (prime number) of hash table for link counting */
#define HASH_TABLE_SIZE 10099
@@ -109,6 +109,7 @@ static char *output;
static int out_fd;
static int out_ubi;
static int squash_owner;
+static int squash_rino_perm = -1;
/* The 'head' (position) which nodes are written */
static int head_lnum;
@@ -134,25 +135,27 @@ static unsigned long long creat_sqnum;
static const char *optstring = "d:r:m:o:D:h?vVe:c:g:f:P:k:x:X:j:R:l:j:U";
static const struct option longopts[] = {
- {"root", 1, NULL, 'r'},
- {"min-io-size", 1, NULL, 'm'},
- {"leb-size", 1, NULL, 'e'},
- {"max-leb-cnt", 1, NULL, 'c'},
- {"output", 1, NULL, 'o'},
- {"devtable", 1, NULL, 'D'},
- {"help", 0, NULL, 'h'},
- {"verbose", 0, NULL, 'v'},
- {"version", 0, NULL, 'V'},
- {"debug-level", 1, NULL, 'g'},
- {"jrn-size", 1, NULL, 'j'},
- {"reserved", 1, NULL, 'R'},
- {"compr", 1, NULL, 'x'},
- {"favor-percent", 1, NULL, 'X'},
- {"fanout", 1, NULL, 'f'},
- {"keyhash", 1, NULL, 'k'},
- {"log-lebs", 1, NULL, 'l'},
- {"orph-lebs", 1, NULL, 'p'},
- {"squash-uids" , 0, NULL, 'U'},
+ {"root", 1, NULL, 'r'},
+ {"min-io-size", 1, NULL, 'm'},
+ {"leb-size", 1, NULL, 'e'},
+ {"max-leb-cnt", 1, NULL, 'c'},
+ {"output", 1, NULL, 'o'},
+ {"devtable", 1, NULL, 'D'},
+ {"help", 0, NULL, 'h'},
+ {"verbose", 0, NULL, 'v'},
+ {"version", 0, NULL, 'V'},
+ {"debug-level", 1, NULL, 'g'},
+ {"jrn-size", 1, NULL, 'j'},
+ {"reserved", 1, NULL, 'R'},
+ {"compr", 1, NULL, 'x'},
+ {"favor-percent", 1, NULL, 'X'},
+ {"fanout", 1, NULL, 'f'},
+ {"keyhash", 1, NULL, 'k'},
+ {"log-lebs", 1, NULL, 'l'},
+ {"orph-lebs", 1, NULL, 'p'},
+ {"squash-uids" , 0, NULL, 'U'},
+ {"squash-rino-perm", 0, NULL, 'Q'},
+ {"nosquash-rino-perm", 0, NULL, 'q'},
{NULL, 0, NULL, 0}
};
@@ -190,6 +193,12 @@ static const char *helptext =
"-V, --version display version information\n"
"-g, --debug=LEVEL display debug information (0 - none, 1 - statistics,\n"
" 2 - files, 3 - more details)\n"
+"-Q, --squash-rino-perm ignore permissions of the FS image directory (the one\n"
+" specified with --root) and make the UBIFS root inode\n"
+" permissions to be {uid=gid=root, u+rwx,go+rx}; this is\n"
+" see also the default so far, see explanations below\n"
+"-q, --nosquash-rino-perm for the UBIFS root inode use permissions of the FS\n"
+" image directory (the one specified with --root)\n"
"-h, --help display this help text\n\n"
"Note, SIZE is specified in bytes, but it may also be specified in Kilobytes,\n"
"Megabytes, and Gigabytes if a KiB, MiB, or GiB suffix is used.\n\n"
@@ -201,7 +210,19 @@ static const char *helptext =
"or more percent better than \"lzo\", mkfs.ubifs chooses \"lzo\", otherwise it chooses\n"
"\"zlib\". The \"--favor-percent\" may specify arbitrary threshold instead of the\n"
"default 20%.\n\n"
-"The -R parameter specifies amount of bytes reserved for the super-user.\n";
+"The -R parameter specifies amount of bytes reserved for the super-user.\n\n"
+"Some clarifications about --squash-rino-perm and --nosquash-rino-perm options.\n"
+"Originally, mkfs.ubifs did not have them, and it always set permissions for the UBIFS\n"
+"root inode to be {uid=gid=root, u+rwx,go+rx}. This was a bug which was found too\n"
+"late, when mkfs.ubifs had already been used in production. To fix this bug, 2 new\n"
+"options were introduced: --squash-rino-perm which preserves the old behavior and\n"
+"--nosquash-rino-perm which makes mkfs.ubifs use the right permissions for the root\n"
+"inode. For now --squash-rino-perm is the default, and if neither --squash-rino-perm\n"
+"nor --nosquash-rino-perm are used, mkfs.ubifs prints a warning. The further plan is:\n"
+" o keep the warning for few releases to make sure users start using one of the\n"
+" options\n"
+" o make --nosquash-rino-perm to be the default, and remove the warning\n"
+" o eventually deprecate both options\n";
/**
* make_path - make a path name from a directory and a name.
@@ -643,6 +664,12 @@ static int get_options(int argc, char**argv)
case 'U':
squash_owner = 1;
break;
+ case 'Q':
+ squash_rino_perm = 1;
+ break;
+ case 'q':
+ squash_rino_perm = 0;
+ break;
}
}
@@ -671,6 +698,10 @@ static int get_options(int argc, char**argv)
return err_msg("Maximum count of LEBs was not specified "
"(use -h for help)");
+ if (squash_rino_perm != -1 && root)
+ return err_msg("--squash-rino-perm and nosquash-rino-perm options"
+ "can be used only with the --root option");
+
if (c->max_bud_bytes == -1) {
int lebs;
@@ -1630,18 +1661,28 @@ static int add_multi_linked_files(void)
static int write_data(void)
{
int err;
+ mode_t mode = S_IFDIR | S_IRWXU | S_IRGRP | S_IXGRP | S_IROTH | S_IXOTH;
if (root) {
err = stat(root, &root_st);
if (err)
return sys_err_msg("bad root file-system directory '%s'",
root);
+ if (squash_rino_perm == -1) {
+ printf("WARNING: setting root UBIFS inode UID=GID=0 (root) and permissions "
+ "to u+rwx,go+rx; use --squash-rino-perm or --nosquash-rino-perm "
+ "to suppress this warning");
+ squash_rino_perm = 1;
+ }
+ if (squash_rino_perm) {
+ root_st.st_uid = root_st.st_gid = 0;
+ root_st.st_mode = mode;
+ }
} else {
root_st.st_mtime = time(NULL);
root_st.st_atime = root_st.st_ctime = root_st.st_mtime;
+ root_st.st_mode = mode;
}
- root_st.st_uid = root_st.st_gid = 0;
- root_st.st_mode = S_IFDIR | S_IRWXU | S_IRGRP | S_IXGRP | S_IROTH | S_IXOTH;
head_flags = 0;
err = add_directory(root, UBIFS_ROOT_INO, &root_st, !root);
--
1.7.1.1
More information about the linux-mtd
mailing list