MaxExtentsPerNode should be same type as eh_max uint16, because maximum
count of extent header entries is 65535
Signed-off-by: Savva Mitrofanov <savvamtr@gmail.com>
We had added support for CSUM_SEED but accidentally forgot to advertise
it in gSupportedIncompatFeat. This made it (erroneously) impossible to
mount CSUM_SEED filesystems.
Detected by attempting to mount a relatively new mkfs.ext4'd filesystem.
Cc: Marvin Häuser <mhaeuser@posteo.de>
Signed-off-by: Pedro Falcato <pedro.falcato@gmail.com>
Reviewed-by: Marvin Häuser <mhaeuser@posteo.de>
Improve the extent tree node validation by validating the number of
entries the node advertises against the theoretical max (derived from
the size of on-disk structs and the block size (or i_data, if inline
extents).
Previously, we did not validate the number of entries. This could be
exploited for out-of-bounds reads and crashes.
Cc: Marvin Häuser <mhaeuser@posteo.de>
Fixes: d9ceedca6c8f ("Ext4Pkg: Add Ext4Dxe driver.")
Reported-by: Savva Mitrofanov <savvamtr@gmail.com>
Signed-off-by: Pedro Falcato <pedro.falcato@gmail.com>
Reviewed-by: Marvin Häuser <mhaeuser@posteo.de>
There have been reports[1] of failures to boot due to unicode collation
protocols not being available at Ext4Dxe load time. Therefore, attempt
to initialize unicode collation at Start() time, like done previously in
FatPkg/EnhancedFatDxe. By doing so, we move collation initialization
to BDS, where the module responsible for protocol installation should
have already been loaded and ran.
[1]: https://edk2.groups.io/g/devel/message/100312
Cc: Ard Biesheuvel <ardb@kernel.org>
Cc: Marvin Häuser <mhaeuser@posteo.de>
Fixes: d9ceedca6c8f ("Ext4Pkg: Add Ext4Dxe driver.")
Signed-off-by: Pedro Falcato <pedro.falcato@gmail.com>
Acked-by: Ard Biesheuvel <ardb@kernel.org>
Reviewed-by: Marvin Häuser <mhaeuser@posteo.de>
The SymlinkTmp was deallocated unconditionally, so we shouldn't free it
again on EFI_ERROR
Cc: Marvin Häuser <mhaeuser@posteo.de>
Cc: Pedro Falcato <pedro.falcato@gmail.com>
Cc: Vitaly Cheptsov <vit9696@protonmail.com>
Fixes: e81432fbacb7 ("Ext4Pkg: Add symbolic links support")
Signed-off-by: Savva Mitrofanov <savvamtr@gmail.com>
Using UINT64 index while accessing array item makes MSVC compiler to
include `__allmul` function in NOOPT which is not referenced in IA32.
So we null-terminates string using ReadSize, which should be equal to
SymlinkSizeTmp after correct reading. Also adds missing MultU64x32
in Ext4Read.
Signed-off-by: Savva Mitrofanov <savvamtr@gmail.com>
This reverts commit f21c8083753d667815d2719a9e7417dd4f1277c5.
We don't need to perform this check in SetPosition because by spec this
check done in read operation
Signed-off-by: Savva Mitrofanov <savvamtr@gmail.com>
Missing EFI_OUT_OF_RESOURCES exit status on failed Ext4CreateDentry
leads to NULL-pointer dereference in Ext4GetFileInfo (passing NULL
buffer in Ext4ReadDir)
Signed-off-by: Savva Mitrofanov <savvamtr@gmail.com>
Missing check in some cases leads to failed StrCpyS call in
Ext4GetVolumeLabelInfo. Also correct condition that checks Inode pointer
for being NULL in Ext4AllocateInode
Signed-off-by: Savva Mitrofanov <savvamtr@gmail.com>
This check already present in the while loop below, but absent for cases
when input file is nameless, so to handle assertion in Ext4ReadFile we
need to add it at the top of function
Signed-off-by: Savva Mitrofanov <savvamtr@gmail.com>
Missing check for wrong s_log_block_size exponent leads to shift out of
bounds. Limit block size to 2 MiB
Signed-off-by: Savva Mitrofanov <savvamtr@gmail.com>
We need to validate inode number to prevent possible null-pointer
dereference of directory parent in Ext4OpenDirent. Also checks that
inode number valid across opened partition before we read it in
Ext4ReadInode.
Signed-off-by: Savva Mitrofanov <savvamtr@gmail.com>
Missing such comparison leads to infinite loop states, for example code
which trying to read entire file can easily get out of bound of
file size by passing position value which exceeds file size without this
check. So we need to add there missing comparison between the desired
position to be set and file size
Signed-off-by: Savva Mitrofanov <savvamtr@gmail.com>
Superblock s_inodes_per_group field can't be zero, it leads to division
by zero in BlockGroup routine Ext4ReadInode
Signed-off-by: Savva Mitrofanov <savvamtr@gmail.com>
Directory entry structure can contain name_len bigger than size of "."
or "..", that's why CompareMem in such cases leads to global buffer
overflow. So there are two problems. The first is that statement doesn't
check cases when name_len != 0 but > 2 and the second is that we passing
big Length to CompareMem routine.
The correct way here is to check that name_len <= 2 and check for
null-terminator presence
Signed-off-by: Savva Mitrofanov <savvamtr@gmail.com>
Constant EXT4_NAME_MAX is related to EXT4_DIR_ENTRY FS structure, so it
should be placed into Ext4Disk.h header
Signed-off-by: Savva Mitrofanov <savvamtr@gmail.com>
We need to free buffer on return if BlockRemainder != 0. Also changed
return logic from function to use use common exit to prevent code
duplication.
Signed-off-by: Savva Mitrofanov <savvamtr@gmail.com>
Adds a Pedro Falcato's UEFI EXT4 filesystem driver that implements the EFI_FILE_PROTOCOL and EFI_SIMPLE_FILE_SYSTEM_PROTOCOL.
Signed-off-by: Savva Mitrofanov <savvamtr@gmail.com>
