This reverts commit 58766a472932c485d41163b1746fb1d9e7984f07.
In edk2 commit 58766a4, validation of the two reserved FAT entries
was added.
However, it also checked the return of FatGetFatEntry to MAX_UINT32,
which is what FatGetFatEntry returns when it encounters an error,
e.g. not being able to read the disk. However, MAX_UINT32 is also a
valid value for the reserved FAT entries and under some conditions
these will be returned in the success case.
A FAT volume formatted with these valid values of the reserved FAT
entries will fail to boot an OS because the opening of the volume
will fail.
However, the reason FatGetFatEntry returns MAX_UINT32 is that most
other uses of the function are comparing it against the END_OF_CHAIN
mark, which MAX_UINT32 will trip and those functions will fail out.
Because this is a critical bug that can prevent OS booting and the
bug the original commit was solving was accounting for a bad FAT
filesystem formatting tool, this commit is reverted for now.
Future work will clean up FatGetFatEntry so that it returns an
EFI_STATUS, but that involves more work and this bug needs to be
resolved in the meantime.
Signed-off-by: Oliver Smith-Denny <osde@microsoft.com>
There are two reserved FAT entries in the FAT filesystem that
are expected to have valid contents in them. Today the FAT drivers
do not validate these entries when reading from a device for the
first time. This can cause infinite loops in the FAT driver when
trying to read corrupted disks as reported in
https://github.com/tianocore/edk2/issues/9679.
This PR follows the recommended update requested in that bug to
check the two reserved FAT entries and validate their contents
against the spec defined values in both FatPei and EnhancedFatDxe
when opening a device for the first time.
Signed-off-by: Oliver Smith-Denny <osde@microsoft.com>
This patch improves dirty bit checking in FAT and coalesces multiple
writes to adjacent blocks into a single write.
For good read performance, the Fat code caches 64KB lines from the
file system. Any update to the data will force 64KB writes. Writing
the full 64KB causes collateral blocks (i.e. blocks belonging to
other files) to be written. This is inefficient to write blocks that
are not dirty, the FAT driver should only be writing blocks that have
actually been updated through its cache.
This also resolves an issue with existing bootloaders which have ways
to update files outside of the FAT code and the collateral write can
corrupt those files. One such file is the Windows BCD that gets updated
outside of the FAT code and has been seen to be corrupted by the
collateral writes, causing the OS to fail to boot.
This fix keeps track of physical disk block (LBA) size and will only
mark LBA size zones of the 64KB cache line that are written to. When the
file is closed and the cached data is written, only the dirty LBAs are
written, which avoids the collateral write and therefore the corruption.
In addition, adjacent LBAs will be coalesced into one write for
performance considerations.
Signed-off-by: Oliver Smith-Denny <osde@linux.microsoft.com>
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3737
Apply uncrustify changes to .c/.h files in the FatPkg package
Cc: Andrew Fish <afish@apple.com>
Cc: Leif Lindholm <leif@nuviainc.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Reviewed-by: Ray Ni <ray.ni@intel.com>
Fix various typos in FatPkg/EnhancedFatDxe comments.
Cc: Ray Ni <ray.ni@intel.com>
Signed-off-by: Antoine Coeur <coeur@gmx.fr>
Reviewed-by: Philippe Mathieu-Daude <philmd@redhat.com>
Acked-by: Liming Gao <liming.gao@intel.com>
Signed-off-by: Philippe Mathieu-Daude <philmd@redhat.com>
Message-Id: <20200207010831.9046-8-philmd@redhat.com>
Unsafe string functions are replaced with safe ones.
Safe string functions will assert if DestMax is not greater than
StrnLenS(Source, DestMax). Therefore, additional assert for checking the
size of source and destination buffers can be removed.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Jaben Carsey <jaben.carsey@intel.com>
(based on FatPkg commit 2cb92b4f19b096daf133d6501afa13e5a85062c5)
[jordan.l.justen@intel.com: Use script to relicense to 2-clause BSD]
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
Acked-by: Mark Doran <mark.doran@intel.com>
Acked-by: Laszlo Ersek <lersek@redhat.com>
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
(based on FatPkg commit accbbb1b8bc3590ba41d57d429bb94d2eca6ef52)
[jordan.l.justen@intel.com: Use script to relicense to 2-clause BSD]
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
Acked-by: Mark Doran <mark.doran@intel.com>
Acked-by: Laszlo Ersek <lersek@redhat.com>
(based on FatPkg commit 171c4de5919a4638db8f6f472b365ffbbac6070b)
[jordan.l.justen@intel.com: Use script to relicense to 2-clause BSD]
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
Acked-by: Mark Doran <mark.doran@intel.com>
Acked-by: Laszlo Ersek <lersek@redhat.com>
(based on FatPkg commit c243d2ce08e76bfaefc0a3e9256603993a3b5ebe)
[jordan.l.justen@intel.com: Use script to relicense to 2-clause BSD]
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
Acked-by: Mark Doran <mark.doran@intel.com>
Acked-by: Laszlo Ersek <lersek@redhat.com>
(based on FatPkg commit 9f5ac6912eb71e9037fe05b8bd6bf02b5cee5ac6)
[jordan.l.justen@intel.com: Use script to relicense to 2-clause BSD]
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
Acked-by: Mark Doran <mark.doran@intel.com>
Acked-by: Laszlo Ersek <lersek@redhat.com>
(based on FatPkg commit 63726907ef8f40b3ffea8aab464d133fa06f1e67)
[jordan.l.justen@intel.com: Use script to relicense to 2-clause BSD]
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
Acked-by: Mark Doran <mark.doran@intel.com>
Acked-by: Laszlo Ersek <lersek@redhat.com>
(based on FatPkg commit 80c742a0be4426f9431ef6541268413e0b139368)
[jordan.l.justen@intel.com: Use script to relicense to 2-clause BSD]
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
Acked-by: Mark Doran <mark.doran@intel.com>
Acked-by: Laszlo Ersek <lersek@redhat.com>
(based on FatPkg commit ea0ebff7f3afd5808da4fc6bcdd996a8fc977185)
[jordan.l.justen@intel.com: Use script to relicense to 2-clause BSD]
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
Acked-by: Mark Doran <mark.doran@intel.com>
Acked-by: Laszlo Ersek <lersek@redhat.com>
(based on FatPkg commit e51cd032db84a6fb1f44a0605f80d96f5fdf4bc6)
[jordan.l.justen@intel.com: Use script to relicense to 2-clause BSD]
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jordan Justen <jordan.l.justen@intel.com>
Acked-by: Mark Doran <mark.doran@intel.com>
Acked-by: Laszlo Ersek <lersek@redhat.com>
