Last commit 3831530d was intended
"explicitly specify FAT12/16 root directory parsing buffer size, instead
of relying on cluster size". Howver, the underlying function requires
the size of the buffer in blocks, not in bytes, and instead of passing
a double sector size a request for 1024 blocks is sent. This generates
a buffer overflow with overwriting of other structure (in the case seen,
USB structures were overwritten).

Signed-off-by: Stefano Babic <sbabic@denx.de>
CC: Mikhail Zolotaryov <lebon@lebon.org.ua>

The U-Boot code has the following bugs related to the processing of Long File
Name (LFN) entries scattered across several clusters/sectors :

1) get_vfatname() function is designed to gather scattered LFN entries by
cluster chain processing - that doesn't work for FAT12/16 root directory.
In other words, the function expects the following input data:
 1.1) FAT32 directory (which is cluster chain based);
        OR
 1.2) FAT12/16 non-root directory (which is also cluster chain based);
        OR
 1.3) FAT12/16 root directory (allocated as contiguous sectors area), but
 all necessary information MUST be within the input buffer of filesystem cluster
 size (thus cluster-chain jump is never initiated).

In order to accomplish the last condition, root directory parsing code in
do_fat_read() uses the following trick: read-out cluster-size block, process
only first sector (512 bytes), then shift 512 forward, read-out cluster-size
block and so on. This works great unless cluster size is equal to 512 bytes
(in a case you have a small partition), or long file name entries are scattered
across three sectors, see 4) for details.

2) Despite of the fact that get_vfatname() supports FAT32 root directory
browsing, do_fat_read() function doesn't send current cluster number correctly,
so root directory look-up doesn't work correctly.

3) get_vfatname() doesn't gather scattered entries correctly also is the case
when all LFN entries are located at the end of the source cluster, but real
directory entry (which must be returned) is at the only beginning of the
next one. No error detected, the resulting directory entry returned contains
a semi-random information (wrong size, wrong start cluster number and so on)
i.e. the entry is not accessible.

4) LFN (VFAT) allows up to 20 entries (slots) each containing 26 bytes (13
UTF-16 code units) to represent a single long file name i.e. up to 520 bytes.
U-Boot allocates 256 bytes buffer instead, i.e. 10 or more LFN slots record
may cause buffer overflow / memory corruption.
Also, it's worth to mention that 20+1 slots occupy 672 bytes space which may
take more than one cluster of 512 bytes (medium-size FAT32 or small FAT16
partition) - get_vfatname() function doesn't support such case as well.

The patch attached fixes these problems in the following way:
- keep using 256 bytes buffer for a long file name, but safely prevent a
possible buffer overflow (skip LFN processing, if it contains 10 or more
slots).

- explicitly specify FAT12/16 root directory parsing buffer size, instead
of relying on cluster size. The value used is a double sector size (to store
current sector and the next one). This fixes the first problem and increases
performance on big FAT12/16 partitions;

- send current cluster number (FAT32) to get_vfatname() during root
directory processing;

- use LFN counter to seek the real directory entry in get_vfatname() - fixes the
third problem;

- skip deleted entries in the root directory (to prevent bogus buffer
overflow detection and LFN counter steps).

Note: it's not advised to split up the patch, because a separate part may
operate incorrectly.

Signed-off-by: Mikhail Zolotaryov <lebon@lebon.org.ua>

Doubly-indirect block numbers are compared against the first-level
indirect block when checking for a cached copy.  This is causing the
doubly-indirect block to be re-read each time it is accessed.
Repairing this reduces load time for a 70M file from 72 seconds
to 38 seconds.

Signed-off-by: Aaron Pace <Aaron.Pace@alcatel-lucent.com>

- reformat
- throw out macros like FAT_DPRINT and FAT_DPRINT
- remove dead code

Signed-off-by: Wolfgang Denk <wd@denx.de>

On FAT32, instead of fetching the cluster numbers from the FAT, the
code assumed (incorrectly) that the clusters for the root directory
were allocated contiguously. In the result, only the first cluster
could be accessed. At the typical cluster size of 8 sectors this
caused all accesses to files after the first 128 entries to fail -
"fatls" would terminate after 128 files (usually displaying a bogus
file name, occasionally even crashing the system), and "fatload"
would fail to find any files that were not in the first directory
cluster.

Signed-off-by: Wolfgang Denk <wd@denx.de>

"Superfloppy" format (in U-Boot called PBR) did not work for FAT32 as
the file system type string is at a different location. Add support
for FAT32.

Signed-off-by: Wolfgang Denk <wd@denx.de>

The nios-32 arch is obsolete and broken. So it is removed.

Signed-off-by: Thomas Chou <thomas@wytron.com.tw>

ubifsmount is not working and causes an access with
a pointer set to zero because the ubifs_fs_type
is not initialized correctly.

Signed-off-by: Stefano Babic <sbabic@denx.de>
Signed-off-by: Stefan Roese <sr@denx.de>

$ ./MAKEALL suen3
jffs2_1pass.c: In function 'get_fl_mem':
jffs2_1pass.c:399: warning: unused variable 'id'
jffs2_1pass.c: In function 'get_node_mem':
jffs2_1pass.c:423: warning: unused variable 'id'

Signed-off-by: Heiko Schocher <hs@denx.de>
Tested-by: Tom <Tom.Rix@windriver.com>

Support for LZARI compression mode was added based on a MTD CVS
snapshot of March 13, 2005. However, fs/jffs2/compr_lzari.c contains
contradictory licensing terms: the original copyright clause says "All
rights reserved. Permission granted for non-commercial use.", but
later reference to the file 'LICENCE' in the jffs2 directory was added
which says GPL v2 or later.

As no boards ever used LZARI compression, and this file is also not
present in recent MTD code, we resolve this conflict by removing the
conflicting file and references to it.

Also copy the referenced but missing file 'LICENCE' from the current
MTD source tree.

Signed-off-by: Wolfgang Denk <wd@denx.de>

Prototype for gunzip/zunzip was only in lib_generic/gunzip.c and thus
repeated in every file using it. This patch moves the prototypes to
common.h and removes all prototypes distributed anywhere else.

Signed-off-by: Wolfgang Wegner <w.wegner@astro-kom.de>

There is more and more usage of printing 64bit values,
so enable this feature generally, and delete the
CONFIG_SYS_64BIT_VSPRINTF and CONFIG_SYS_64BIT_STRTOUL
defines.

Signed-off-by: Heiko Schocher <hs@denx.de>

extfs.c assumes that there is always a valid inode_size field in the
superblock. But this is not true for ext2fs rev 0. Such ext2fs images
are for instance generated by genext2fs. Symptoms on ARM machines are
messages like: "raise: Signal # 8 caught"; on PowerPC "ext2ls" will
print nothing.
This fix checks for rev 0 and uses then 128 bytes as inode size.

Signed-off-by: Michael Brandt <Michael.Brandt@emsyso.de>
Tested on: TQM5200S
Tested-by: Wolfgang Denk <wd@denx.de>
Signed-off-by: Wolfgang Denk <wd@denx.de>

This patch adds support for resolving symlinks to directories as well as
relative symlinks. Symlinks are now always resolved during file lookup,
so the load stage no longer needs to special-case them.

Signed-off-by: Simon Kagstrom <simon.kagstrom@netinsight.net>
Signed-off-by: Stefan Roese <sr@denx.de>

__set_bit and __clear_bit are defined in ubifs.h as well as in
asm/include/bitops.h for some architectures. This patch moves
the generic implementation to include/linux/bitops.h and uses
that unless it's defined by the architecture.

Signed-off-by: Simon Kagstrom <simon.kagstrom@netinsight.net>

Add #ifdefs where necessary to not perform relocation fixups.  This
allows boards/architectures which support relocation to trim a decent
chunk of code.

Note that this patch doesn't add #ifdefs to architecture-specific code
which does not support relocation.

Signed-off-by: Peter Tyser <ptyser@xes-inc.com>

Files in directories which are symlinked to were not dereferenced
correctly in last commit. E.g., with a symlink

   /boot/lnk -> /boot/real_dir

loading

   /boot/lnk/uImage

will fail. This patch fixes that by simply seeing to it that the target
base directory has a slash after it.

Signed-off-by: Simon Kagstrom <simon.kagstrom@netinsight.net>
Signed-off-by: Stefan Roese <sr@denx.de>

This patch adds support for resolving symlinks to directories as well as
relative symlinks. Symlinks are now always resolved during file lookup,
so the load stage no longer needs to special-case them.

Signed-off-by: Simon Kagstrom <simon.kagstrom@netinsight.net>
Signed-off-by: Stefan Roese <sr@denx.de>

__set_bit and __clear_bit are defined in ubifs.h as well as in
asm/include/bitops.h for some architectures. This patch moves
the generic implementation to include/linux/bitops.h and uses
that unless it's defined by the architecture.

Signed-off-by: Simon Kagstrom <simon.kagstrom@netinsight.net>

This patch fixes some issues with JFFS2 summary support in U-Boot.
1/ Summary support made compilation configurable (as summary support
considered expiremental even in Linux).
2/ Summary code can do unaligned 16-bit and 32-bit memory accesses.
We need to get data byte by byte to exclude data aborts.
3/ Make summary scan in two passes so we can safely fall back to full
scan if we found unsupported entry in the summary.

Signed-off-by: Ilya Yanok <yanok@emcraft.com>

We should call jffs2_clean_cache() if we return from jffs2_build_lists()
with an error to prevent usage of incomplete lists. Also we should
free() a local buffer to prevent memory leaks.

Signed-off-by: Ilya Yanok <yanok@emcraft.com>

Signed-off-by: unsik Kim <donari75@gmail.com>
Signed-off-by: Bernhard Weirich <bernhard.weirich@riedel.net>
Signed-off-by: Wolfgang Denk <wd@denx.de>
Tested-by: Wolfgang Denk <wd@denx.de>

Legacy NAND had been scheduled for removal.  Any boards that use this
were already not building in the previous release due to an #error.

The disk on chip code in common/cmd_doc.c relies on legacy NAND,
and it has also been removed.  There is newer disk on chip code
in drivers/mtd/nand; someone with access to hardware and sufficient
time and motivation can try to get that working, but for now disk
on chip is not supported.

Signed-off-by: Scott Wood <scottwood@freescale.com>

The static function compare_sign is only used to compare the fs_type string
and does not do anything more than what strncmp does.

The addition of the trailing '\0' to fs_type, while legal, is not needed
because the it is never printed out and strncmp does not depend on NULL
terminated strings.

Signed-off-by: Tom Rix <Tom.Rix@windriver.com>

In do_readpage(), don't free 'dn' if its allocation failed.

Signed-off-by: Daniel Mack <daniel@caiaq.de>

Blocks compressed with zlib dont have the full gzip header.

Without this patch, block compressed with zlib cannot be readed!

Signed-off-by: Ricardo Ribalda Delgado <ricardo.ribalda@uam.es>

If the memory used to copy the link_make is "dirty" the string wont
be ended with NULL, throwing out multiple memory bugs.

Signed-off-by: Ricardo Ribalda Delgado <ricardo.ribalda@uam.es>
Acked-by: Stefan Roese <sr@denx.de>

I missed removing this file while implementing the UBIFS support. It's
not referenced at all, so let's remove it. Thanks to Artem Bityutskiy
for spotting.

Signed-off-by: Stefan Roese <sr@denx.de>

UBIFS did not recovery in a situation in which it could
have. The relevant function assumed there could not be
more nodes in an eraseblock after a corrupted node, but
in fact the last (NAND) page written might contain anything.
The correct approach is to check for empty space (0xFF bytes)
from then on.

Signed-off-by: Adrian Hunter <adrian.hunter@nokia.com>
Signed-off-by: Stefan Roese <sr@denx.de>

Now UBIFS is supported by u-boot. If we ever decide to change the
media format, then people will have to upgrade their u-boots to
mount new format images. However, very often it is possible to
preserve R/O forward-compatibility, even though the write
forward-compatibility is not preserved.

This patch introduces a new super-block field which stores the
R/O compatibility version.

Signed-off-by: Artem Bityutskiy <Artem.Bityutskiy@nokia.com>
Acked-by: Adrian Hunter <Adrian.Hunter@nokia.com>
Signed-off-by: Stefan Roese <sr@denx.de>

Some systems have zlib.h installed in /usr/include/. This isn't the
desired file for u-boot code - we want the one in include/zlib.h.
This rename will avoid the conflict.

Signed-off-by: Jean-Christophe PLAGNIOL-VILLARD <plagnioj@jcrosoft.com>
Signed-off-by: Mike Frysinger <vapier@gentoo.org>

Mflash is fusion memory device mainly targeted consumer eletronic and
mobile phone.
Internally, it have nand flash and other hardware logics and supports
some different operation (ATA, IO, XIP) modes.

IO mode is custom mode for the host that doesn't have IDE interface.
(Many mobile targeted SoC doesn't have IDE bus)

This driver support mflash IO mode.

Followings are brief descriptions about IO mode.

1. IO mode based on ATA protocol and uses some custom command. (read
   confirm, write confirm)
2. IO mode uses SRAM bus interface.

Signed-off-by: unsik Kim <donari75@gmail.com>

On systems where U-Boot is linked to another address than it really lays
(e.g. backup image), calls via function pointers must be fixed with a
'+= gd->reloc_off'.
This was not done for none_compr in ubifs_compressors_init() what leads
to system crash on ubifsmount command.

Signed-off-by: Michael Lawnick <ml.lawnick@gmx.de>
Acked-by: Stefan Roese <sr@denx.de>

The U-Boot UBIFS implementation is largely a direct copy from the current
Linux version (2.6.29-rc6). As already done in the UBI version we have an
"abstraction layer" to redefine or remove some OS calls (e.g. mutex_lock()
...). This makes it possible to use the original Linux code with very
little changes. And by this we can better update to later Linux versions.

I removed some of the Linux features that are not used in the U-Boot
version (e.g. garbage-collection, write support).

Signed-off-by: Stefan Roese <sr@denx.de>
CC: Artem Bityutskiy <dedekind@infradead.org>
CC: Adrian Hunter <ext-Adrian.Hunter@nokia.com>

Fix based on suggestion by David Hawkins <dwh@ovro.caltech.edu>.

Signed-off-by: Wolfgang Denk <wd@denx.de>

A couple of buffers in the fat code are declared as an array of bytes.
But it is then cast up to a structure with 16bit and 32bit members.
Since GCC assumes structure alignment here, we have to force the
buffers to be aligned according to the structure usage.

Signed-off-by: Bryan Wu <bryan.wu@analog.com>
Signed-off-by: Mike Frysinger <vapier@gentoo.org>

Include <linux/mtd/compat.h> header for min_t definition instead of
providing our own one. Removes warnings in case of OneNAND support
enabled.

Although I thinks it's a bit silly to include <linux/mtd/compat.h>
just for min_t...

Signed-off-by: Ilya Yanok <yanok@emcraft.com>
Acked-by: Stefan Roese <sr@denx.de>

The FAT file system driver should also handle FAT on SATA devices.

Signed-off-by: Sonic Zhang <Sonic.Zhang@analog.com>
Signed-off-by: Mike Frysinger <vapier@gentoo.org>

As we moved data_crc() invocation from jffs2_1pass_build_lists() to
jffs2_1pass_read_inode() data_crc is going to be calculated on each
inode access. This patch adds caching of data_crc() results. There
is no significant improvement in speed (because of flash access
caching added in previous patch I think, crc in RAM is really fast)
but this patch impacts memory usage -- every b_node structure uses
12 bytes instead of 8.

Signed-off-by: Alexey Neyman <avn@emcraft.com>
Signed-off-by: Ilya Yanok <yanok@emcraft.com>