• Artem Bityutskiy's avatar
    UBIFS: fix a bug in empty space fix-up · c6727932
    Artem Bityutskiy authored
    UBIFS has a feature called "empty space fix-up" which is a quirk to work-around
    limitations of dumb flasher programs. Namely, of those flashers that are unable
    to skip NAND pages full of 0xFFs while flashing, resulting in empty space at
    the end of half-filled eraseblocks to be unusable for UBIFS. This feature is
    relatively new (introduced in v3.0).
    
    The fix-up routine (fixup_free_space()) is executed only once at the very first
    mount if the superblock has the 'space_fixup' flag set (can be done with -F
    option of mkfs.ubifs). It basically reads all the UBIFS data and metadata and
    writes it back to the same LEB. The routine assumes the image is pristine and
    does not have anything in the journal.
    
    There was a bug in 'fixup_free_space()' where it fixed up the log incorrectly.
    All but one LEB of the log of a pristine file-system are empty. And one
    contains just a commit start node. And 'fixup_free_space()' just unmapped this
    LEB, which resulted in wiping the commit start node. As a result, some users
    were unable to mount the file-system next time with the following symptom:
    
    UBIFS error (pid 1): replay_log_leb: first log node at LEB 3:0 is not CS node
    UBIFS error (pid 1): replay_log_leb: log error detected while replaying the log at LEB 3:0
    
    The root-cause of this bug was that 'fixup_free_space()' wrongly assumed
    that the beginning of empty space in the log head (c->lhead_offs) was known
    on mount. However, it is not the case - it was always 0. UBIFS does not store
    in it the master node and finds out by scanning the log on every mount.
    
    The fix is simple - just pass commit start node size instead of 0 to
    'fixup_leb()'.
    Signed-off-by: default avatarArtem Bityutskiy <Artem.Bityutskiy@linux.intel.com>
    Cc: stable@vger.kernel.org [v3.0+]
    Reported-by: default avatarIwo Mergler <Iwo.Mergler@netcommwireless.com>
    Tested-by: default avatarIwo Mergler <Iwo.Mergler@netcommwireless.com>
    Reported-by: default avatarJames Nute <newten82@gmail.com>
    c6727932
sb.c 23 KB