From 3a2699cfbe317f6e1b9c84d2f10ab7debb1c79dc Mon Sep 17 00:00:00 2001 From: David Disseldorp Date: Mon, 9 May 2022 18:29:20 -0700 Subject: gen_init_cpio: fix short read file handling When processing a "file" entry, gen_init_cpio attempts to allocate a buffer large enough to stage the entire contents of the source file. It then attempts to fill the buffer via a single read() call and subsequently writes out the entire buffer length, without checking that read() returned the full length, potentially writing uninitialized buffer memory. Fix this by breaking up file I/O into 64k chunks and only writing the length returned by the prior read() call. Link: https://lkml.kernel.org/r/20220404093429.27570-5-ddiss@suse.de Signed-off-by: David Disseldorp Reviewed-by: Martin Wilck Cc: Al Viro Cc: Christian Brauner Cc: Matthew Wilcox (Oracle) Signed-off-by: Andrew Morton --- usr/gen_init_cpio.c | 44 +++++++++++++++++++++++++------------------- 1 file changed, 25 insertions(+), 19 deletions(-) (limited to 'usr') diff --git a/usr/gen_init_cpio.c b/usr/gen_init_cpio.c index 0e2c8a5838b1..9a0f8c37273a 100644 --- a/usr/gen_init_cpio.c +++ b/usr/gen_init_cpio.c @@ -20,6 +20,7 @@ #define xstr(s) #s #define str(s) xstr(s) +#define MIN(a, b) ((a) < (b) ? (a) : (b)) static unsigned int offset; static unsigned int ino = 721; @@ -297,9 +298,8 @@ static int cpio_mkfile(const char *name, const char *location, unsigned int nlinks) { char s[256]; - char *filebuf = NULL; struct stat buf; - long size; + unsigned long size; int file = -1; int retval; int rc = -1; @@ -326,22 +326,17 @@ static int cpio_mkfile(const char *name, const char *location, buf.st_mtime = 0xffffffff; } - filebuf = malloc(buf.st_size); - if (!filebuf) { - fprintf (stderr, "out of memory\n"); - goto error; - } - - retval = read (file, filebuf, buf.st_size); - if (retval < 0) { - fprintf (stderr, "Can not read %s file\n", location); + if (buf.st_size > 0xffffffff) { + fprintf(stderr, "%s: Size exceeds maximum cpio file size\n", + location); goto error; } size = 0; for (i = 1; i <= nlinks; i++) { /* data goes on last link */ - if (i == nlinks) size = buf.st_size; + if (i == nlinks) + size = buf.st_size; if (name[0] == '/') name++; @@ -366,23 +361,34 @@ static int cpio_mkfile(const char *name, const char *location, push_string(name); push_pad(); - if (size) { - if (fwrite(filebuf, size, 1, stdout) != 1) { + while (size) { + unsigned char filebuf[65536]; + ssize_t this_read; + size_t this_size = MIN(size, sizeof(filebuf)); + + this_read = read(file, filebuf, this_size); + if (this_read <= 0 || this_read > this_size) { + fprintf(stderr, "Can not read %s file\n", location); + goto error; + } + + if (fwrite(filebuf, this_read, 1, stdout) != 1) { fprintf(stderr, "writing filebuf failed\n"); goto error; } - offset += size; - push_pad(); + offset += this_read; + size -= this_read; } + push_pad(); name += namesize; } ino++; rc = 0; - + error: - if (filebuf) free(filebuf); - if (file >= 0) close(file); + if (file >= 0) + close(file); return rc; } -- cgit v1.2.3-58-ga151 From ea8048719a0c46d95e6ab925bf0924e7198d9971 Mon Sep 17 00:00:00 2001 From: David Disseldorp Date: Mon, 9 May 2022 18:29:20 -0700 Subject: gen_init_cpio: support file checksum archiving Documentation/driver-api/early-userspace/buffer-format.rst includes the specification for checksum-enabled cpio archives. Implement support for this format in gen_init_cpio via a new '-c' parameter. Link: https://lkml.kernel.org/r/20220404093429.27570-6-ddiss@suse.de Signed-off-by: David Disseldorp Suggested-by: Matthew Wilcox (Oracle) Cc: Al Viro Cc: Christian Brauner Cc: Martin Wilck Signed-off-by: Andrew Morton --- usr/gen_init_cpio.c | 54 ++++++++++++++++++++++++++++++++++++++++++++--------- 1 file changed, 45 insertions(+), 9 deletions(-) (limited to 'usr') diff --git a/usr/gen_init_cpio.c b/usr/gen_init_cpio.c index 9a0f8c37273a..dc838e26a5b9 100644 --- a/usr/gen_init_cpio.c +++ b/usr/gen_init_cpio.c @@ -1,6 +1,8 @@ // SPDX-License-Identifier: GPL-2.0 #include #include +#include +#include #include #include #include @@ -25,6 +27,7 @@ static unsigned int offset; static unsigned int ino = 721; static time_t default_mtime; +static bool do_csum = false; struct file_handler { const char *type; @@ -78,7 +81,7 @@ static void cpio_trailer(void) sprintf(s, "%s%08X%08X%08lX%08lX%08X%08lX" "%08X%08X%08X%08X%08X%08X%08X", - "070701", /* magic */ + do_csum ? "070702" : "070701", /* magic */ 0, /* ino */ 0, /* mode */ (long) 0, /* uid */ @@ -110,7 +113,7 @@ static int cpio_mkslink(const char *name, const char *target, name++; sprintf(s,"%s%08X%08X%08lX%08lX%08X%08lX" "%08X%08X%08X%08X%08X%08X%08X", - "070701", /* magic */ + do_csum ? "070702" : "070701", /* magic */ ino++, /* ino */ S_IFLNK | mode, /* mode */ (long) uid, /* uid */ @@ -159,7 +162,7 @@ static int cpio_mkgeneric(const char *name, unsigned int mode, name++; sprintf(s,"%s%08X%08X%08lX%08lX%08X%08lX" "%08X%08X%08X%08X%08X%08X%08X", - "070701", /* magic */ + do_csum ? "070702" : "070701", /* magic */ ino++, /* ino */ mode, /* mode */ (long) uid, /* uid */ @@ -253,7 +256,7 @@ static int cpio_mknod(const char *name, unsigned int mode, name++; sprintf(s,"%s%08X%08X%08lX%08lX%08X%08lX" "%08X%08X%08X%08X%08X%08X%08X", - "070701", /* magic */ + do_csum ? "070702" : "070701", /* magic */ ino++, /* ino */ mode, /* mode */ (long) uid, /* uid */ @@ -293,6 +296,29 @@ static int cpio_mknod_line(const char *line) return rc; } +static int cpio_mkfile_csum(int fd, unsigned long size, uint32_t *csum) +{ + while (size) { + unsigned char filebuf[65536]; + ssize_t this_read; + size_t i, this_size = MIN(size, sizeof(filebuf)); + + this_read = read(fd, filebuf, this_size); + if (this_read <= 0 || this_read > this_size) + return -1; + + for (i = 0; i < this_read; i++) + *csum += filebuf[i]; + + size -= this_read; + } + /* seek back to the start for data segment I/O */ + if (lseek(fd, 0, SEEK_SET) < 0) + return -1; + + return 0; +} + static int cpio_mkfile(const char *name, const char *location, unsigned int mode, uid_t uid, gid_t gid, unsigned int nlinks) @@ -305,6 +331,7 @@ static int cpio_mkfile(const char *name, const char *location, int rc = -1; int namesize; unsigned int i; + uint32_t csum = 0; mode |= S_IFREG; @@ -332,6 +359,11 @@ static int cpio_mkfile(const char *name, const char *location, goto error; } + if (do_csum && cpio_mkfile_csum(file, buf.st_size, &csum) < 0) { + fprintf(stderr, "Failed to checksum file %s\n", location); + goto error; + } + size = 0; for (i = 1; i <= nlinks; i++) { /* data goes on last link */ @@ -343,7 +375,7 @@ static int cpio_mkfile(const char *name, const char *location, namesize = strlen(name) + 1; sprintf(s,"%s%08X%08X%08lX%08lX%08X%08lX" "%08lX%08X%08X%08X%08X%08X%08X", - "070701", /* magic */ + do_csum ? "070702" : "070701", /* magic */ ino, /* ino */ mode, /* mode */ (long) uid, /* uid */ @@ -356,7 +388,7 @@ static int cpio_mkfile(const char *name, const char *location, 0, /* rmajor */ 0, /* rminor */ namesize, /* namesize */ - 0); /* chksum */ + size ? csum : 0); /* chksum */ push_hdr(s); push_string(name); push_pad(); @@ -464,7 +496,7 @@ static int cpio_mkfile_line(const char *line) static void usage(const char *prog) { fprintf(stderr, "Usage:\n" - "\t%s [-t ] \n" + "\t%s [-t ] [-c] \n" "\n" " is a file containing newline separated entries that\n" "describe the files to be included in the initramfs archive:\n" @@ -499,7 +531,8 @@ static void usage(const char *prog) "\n" " is time in seconds since Epoch that will be used\n" "as mtime for symlinks, special files and directories. The default\n" - "is to use the current time for these entries.\n", + "is to use the current time for these entries.\n" + "-c: calculate and store 32-bit checksums for file data.\n", prog); } @@ -541,7 +574,7 @@ int main (int argc, char *argv[]) default_mtime = time(NULL); while (1) { - int opt = getopt(argc, argv, "t:h"); + int opt = getopt(argc, argv, "t:ch"); char *invalid; if (opt == -1) @@ -556,6 +589,9 @@ int main (int argc, char *argv[]) exit(1); } break; + case 'c': + do_csum = true; + break; case 'h': case '?': usage(argv[0]); -- cgit v1.2.3-58-ga151