From patchwork Wed Jul 10 20:32:09 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Adolf Belka X-Patchwork-Id: 7911 Return-Path: Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mail01.haj.ipfire.org", Issuer "R11" (verified OK)) by web04.haj.ipfire.org (Postfix) with ESMTPS id 4WK8g85scZz3x0V for ; Wed, 10 Jul 2024 20:32:36 +0000 (UTC) Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) client-signature ECDSA (secp384r1)) (Client CN "mail02.haj.ipfire.org", Issuer "E5" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4WK8g54jSFz19H; Wed, 10 Jul 2024 20:32:33 +0000 (UTC) Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4WK8g52WdLz33xC; Wed, 10 Jul 2024 20:32:33 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) client-signature RSA-PSS (4096 bits)) (Client CN "mail01.haj.ipfire.org", Issuer "R11" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4WK8g31l08z32vg for ; Wed, 10 Jul 2024 20:32:31 +0000 (UTC) Received: from [127.0.0.1] (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by mail01.ipfire.org (Postfix) with ESMTPSA id 4WK8g22jhzzPQ; Wed, 10 Jul 2024 20:32:30 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003rsa; t=1720643550; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=WyFGZFfzCzI5zQknFev15uNPvWmspO2b3eCARxvgIFs=; b=KNZVpqs02sRkg50kaIv3Zv5/+e/bJoyb7bBeaUGRMIXMVp/VgodOvzDbHkk0NTGUHtLt5D uHBU2HYflL1utw1Qg9/S9k2eYcZMi837bnr2VhGp4DG9Pwa8pyxomOm+SbkIolkQ07jQYk /5ebljAr+1QL/8x5ET5oDtRJ6qGz/aawKVqtb+qKEFvBxch3CPqZCzkja4eJSdTOBUwnFe gFYD+m8OWjsbGpuaFaXMx2BN1bbufX1v0KrmdzsV404yCcdwXPraPDbpCOeLBF4hbUpbAB Jgsoj2gyZTOiAZng4z/BuDQv2/38zHPqAQlwssjc4rfLl0IF2F/rSnrOU6B2cA== DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003ed25519; t=1720643550; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding; bh=WyFGZFfzCzI5zQknFev15uNPvWmspO2b3eCARxvgIFs=; b=JIr/UI1etTteSdjqMNSe3TDPCYJBml0aije18rwMae9mWchw/JX8HN3tmb2Pi2kPZojqHj Uo694FgXW9bUYWAQ== From: Adolf Belka To: development@lists.ipfire.org Subject: [PATCH 1/2] e2fsprogs: Update to version 1.47.1 Date: Wed, 10 Jul 2024 22:32:09 +0200 Message-ID: <20240710203211.3909728-1-adolf.belka@ipfire.org> MIME-Version: 1.0 Message-ID-Hash: T36RGPRHNPUKUP4JTSWBPYOORXC4TZMX X-Message-ID-Hash: T36RGPRHNPUKUP4JTSWBPYOORXC4TZMX X-MailFrom: adolf.belka@ipfire.org X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header X-Mailman-Version: 3.3.8 Precedence: list List-Id: IPFire development talk Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: - Update from version 1.47.0 to 1.47.1 - Update of rootfile not required - Changelog 1.47.1 UI and Features Add post-2038 handling when e2fsprogs is compiled on a system with a 64-bit time_t. Mke2fs -d can now support an input tar file if the libarchive library is available. Add a udev rule which inhibits ext4 file systems from being automounted by udisks. This avoid security issues from exposing potentially maliciously fuzzed file systems from being mounted without being inspected using fsck first. Distributions can of course override this feature inhibition, but then they get to own the security vulnerability liability. Upstream ext4 file system developers are putting distributions on notice that blindly automounting file systems from (potentially) USB thumb drives which clueless users may have picked up in a parking lot is a ***bad*** idea, no matter what clueless enterprise Linux product managers might think. The debugfs 'hash' command will use the hash seed and algorithm from the superblock if debugfs has a file system open, instead of requiring the user to specify those parameters explicitly as options to the hash command. Also add a hash -v option which prints the hash parameters so the user knows what parameters were used when calculating the hash for the filename. Teach mke2fs a new extended options, root_perms, which overrides the permissions for the root directory for the new file system. Fixes When various e2fsprogs are replaying the journal (tune2fs, fuse2fs, e2fsck, etc.) save any error indicator in the superblock, so it can be restored afterwards. Most of the time (at least with modern kernels) if file system corruptions are discovered, the superblock update is journalled. However, if the journal is aborted or the journal commit fails, the error code might only be written in the superblock, so we need to save it so that a subsequent fsck can repair the file system after the journal replay. When mke2fs was creating a file system with the orphan file inode, it tries to read and truncate the orphan inode before it has been initialized. If there is an inode from a previous file system located there (as opposed to a all zeroes inode table block caused by a discard of the flash device or a newly created cloud block device or fille image), it can fail with bad checksum error, aborting the mke2fs operation. Fix this in ext2fs_create_orphan_file() not trying to truncate the orphan file if it is newly allocated (which will always be the case when mke2fs calls this library function). In the case where e2fsck comes across an orphan file which is empty but the orphan_present feature is set, in preen mode, e2fsck will now clear the orphan_present feature flag silently. E2fsck will now perform more consistency checks on EA (extended attribute value) inodes. Fix a big where e2fsck could potentially leak an acl block when releasing an orphan inode. Avoid a divide by zero crash in libext2fs if the container infrastructure, such as lxcfs, reports that the system has zero CPU's via sysconf(_SC_NPROCESSORS_CONF). When resize2fs is performing an online resize, it's possible for reading the superblock can race with a kernel modifying the superblock with the checksum being invalid and causing the resize to fail with an bad superblock checksum in the buffer cache. Have resize2fs open the file system using O_DIRECT to avoid the superblock with an invalid checksum. Fix a bug where a checksum failure in an htree directory can cause e2fsck's preen mode to abort unnecessarily. Fix e2fsck's handling of an invalid symlink in an inline_data directory. Fix e4crypt from issuing a spurious "success" error message when trying to set a policy on a non-directory. Fix a potential infinite loop in debugfs's logdump command in some edge cases. Fix e2fsck to correctly update quota usage after optimizing directories or deleting corrupted inodes. Fix fuse2fs so that directories are created with the correct permissions instead of having the other and group write permissions masked off. Fix a potential e2fsck divide by zero crash caused by a maliciously fuzzed file system. Fix dumpe2fs to report free block ranges correctly for bigalloc file systems. Fix resize2fs where resizing a bigalloc file system can result in the free cluster count in the last block group and the total free clusters count to be incorrect. Avoid spurious e2scrub failures caused by trying to scrub file syustems that do not have the journal enabled, and by aborting scrub runs while upgrading the e2fsprogs package on Debian/Ubuntu. Teach tune2fs to detect a file system which is mounted but is not mentioned in the mount namespace where tune2fs is run by treating a block device which is busy as if it is mounted. If tune2fs can't find the mountpoint for a file system which is apparently mounted (perhaps because it's not present in the current mount namespace) when attempting to set the label or UUID in the superblock, fall back to the old method of modifying block device and silence printing any error messages. If both the primary superblock and first block group's backup superblock are corrupted, e2fsck will now try additional backup superblocks if they are available. Avoid mke2fs from creating an invalid file system with an insufficient number of inodes when creating a file system which is very small (100k), a block size of 1k, and an inode size of 256 bytes. Fix a potential deadlock caused by e2fsck being run in Direct I/O mode with the threading optimization enabled. Fix e2scrub when the "systemctl" package is installed instead of systemd. (Addresses Debian Bug #1070107) Fixed/improved various Debian packaging issues. Update and clarify various man pages. (Addresses Debian Bugs #1038286, #1041115) Performance, Internal Implementation, Development Support etc. Add support for SOURCE_DATE_EPOCH environment variable per the specification https://reproducible-builds.org/specs/source-date-epoch Improve resize2fs's performance by eliminating extra cache flushes. Improve mke2fs's performance when zeroing a large number of inode table blocks (when lazy inode table initialization is not enabled) by batching calls to ext2fs_zero_blocks. Use a safe_getenv function for all calls to fetch the environment variable in libext2fs. Fix a massive buffer overrun bug in ext2fs_image_super_read(). This function isn't actually used by e2image, and it's unlikely that there are any users of this function since the most common way the e2image file is read is via ext2fs_openfs() with the EXT2_FLAG_IMAGE_FILE, which doesn't actually use ext2fs_image_super_read(). Add support for building fuse2fs using Fuse V3. Use FORTIFY_SOURCE=3 when hardening is enabled for more protection. Add support for continuous integration tests using Github Actions. Fix Windows-specific portability bugs to allow mke2fs to create a file system in a file which doesn't yet exist and to support file systems larger than 2GB. Fix a FreeBSD 14 build failure caused by changing the function signature of qsort_r() to be aligned with the POSIX and glibc definition of qsort_r(). Fix various portability issues for the Linux 32-bit musl C library, GNU/Hurd and Android. (Addresses Debian Bug: #1056145) Fix various portability problems in the regression test suite. Fix various sanitizer, static code analysis, and compiler warnings. Synchronized changes from Android's AOSP e2fsprogs tree. Updated config.guess and config.sub with newer versions from the FSF. Add Romainian translation. Update Chinese, Czech, French, Malay, Polish, Swedish, and Ukrainian translations. Signed-off-by: Adolf Belka --- lfs/e2fsprogs | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lfs/e2fsprogs b/lfs/e2fsprogs index ce1ba19a4..f30de965e 100644 --- a/lfs/e2fsprogs +++ b/lfs/e2fsprogs @@ -24,7 +24,7 @@ include Config -VER = 1.47.0 +VER = 1.47.1 THISAPP = e2fsprogs-$(VER) DL_FILE = $(THISAPP).tar.xz @@ -40,7 +40,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_BLAKE2 = 84f58b05a9f0e14e1a66c6e5171ff23b022f51c4e9a02d4d6d1d26c91909f3c7ec9c9f0462663a4457b4479043774502b8891f691e58a61f4ef6bf9ba33f33aa +$(DL_FILE)_BLAKE2 = 67924c38a6b688e0db5ee77b0e11a8b34ec602a729d48516668e9fdf7f36964c8a9369295f0313bfacdc8e5f3f5a27d79a8d99a1aca3b4fe0ced98a4db4884ea install : $(TARGET) From patchwork Wed Jul 10 20:32:10 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Adolf Belka X-Patchwork-Id: 7912 Return-Path: Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) client-signature RSA-PSS (4096 bits)) (Client CN "mail01.haj.ipfire.org", Issuer "R11" (verified OK)) by web04.haj.ipfire.org (Postfix) with ESMTPS id 4WK8g954g9z3x25 for ; Wed, 10 Jul 2024 20:32:37 +0000 (UTC) Received: from mail02.haj.ipfire.org (mail02.haj.ipfire.org [172.28.1.201]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) client-signature ECDSA (secp384r1)) (Client CN "mail02.haj.ipfire.org", Issuer "E5" (verified OK)) by mail01.ipfire.org (Postfix) with ESMTPS id 4WK8g56PQBz3nP; Wed, 10 Jul 2024 20:32:33 +0000 (UTC) Received: from mail02.haj.ipfire.org (localhost [127.0.0.1]) by mail02.haj.ipfire.org (Postfix) with ESMTP id 4WK8g540B8z33xG; Wed, 10 Jul 2024 20:32:33 +0000 (UTC) Received: from mail01.ipfire.org (mail01.haj.ipfire.org [172.28.1.202]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) client-signature RSA-PSS (4096 bits)) (Client CN "mail01.haj.ipfire.org", Issuer "R11" (verified OK)) by mail02.haj.ipfire.org (Postfix) with ESMTPS id 4WK8g33dMYz32vg for ; Wed, 10 Jul 2024 20:32:31 +0000 (UTC) Received: from [127.0.0.1] (localhost [127.0.0.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by mail01.ipfire.org (Postfix) with ESMTPSA id 4WK8g310PPz19H; Wed, 10 Jul 2024 20:32:31 +0000 (UTC) DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003ed25519; t=1720643551; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=agfWJw0HTKx+H0B91WnleUb3vcQfidZDAKk+sxsF25M=; b=V0LaKj9ym81Sn69ZUJ/uu4u+Y9bK5AcyTAfKQrSOO7Gqmc2laZur/G1XRGJb19cr2969Kn FUjqR+DkkJampaCA== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipfire.org; s=202003rsa; t=1720643551; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=agfWJw0HTKx+H0B91WnleUb3vcQfidZDAKk+sxsF25M=; b=fPK96N4EUHAXT+tE7wbFRGvCN3sHS2GfOo96Vjs8Cp4k1BBBeb7pvDhl/V4/NHbyOmLNnY Auf2otRILG9Wxb0QuFUFRL2cW56ABnqOQkbO7RuZuFomBxGPG0DGF9bSWiRnx7hpFS6nqC w4Oni3IQYTgTF6pkiUAs1ZvRk5kFpdcGBS0ranqRHRYoshmsqwtqImEsPCsE0zxsveYlnm M1Y540HDUrhL7jQA+oqgvexoTU6f2MGo4j3bp7xs+Uaye6ybsTIVNVEgyzQ3a80NuMG6RC jP6RfSPoj5K7RCobsNf5KufKwAdf1jZMVvhSp/Oh9XYUWfyqBQVbXmEQY5w/sg== From: Adolf Belka To: development@lists.ipfire.org Subject: [PATCH 2/2] btrfs-progs: Update to version 6.9.2 Date: Wed, 10 Jul 2024 22:32:10 +0200 Message-ID: <20240710203211.3909728-2-adolf.belka@ipfire.org> In-Reply-To: <20240710203211.3909728-1-adolf.belka@ipfire.org> References: <20240710203211.3909728-1-adolf.belka@ipfire.org> MIME-Version: 1.0 Message-ID-Hash: G3W6E2UVILDBKAMOYREDGY5P55IEPVHR X-Message-ID-Hash: G3W6E2UVILDBKAMOYREDGY5P55IEPVHR X-MailFrom: adolf.belka@ipfire.org X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header X-Mailman-Version: 3.3.8 Precedence: list List-Id: IPFire development talk Archived-At: List-Archive: List-Help: List-Owner: List-Post: List-Subscribe: List-Unsubscribe: - Update from 6.7.1 to 6.9.2 - Update of rootfile - Update of e2fsprogs to 1.47.1 changed a variable from inode_includes to ext2fs_inode_includes. btrfs-progs version 6.7.1 failed to build as it was still looking for the old variable name. The fix for e2fsprogs 1.47.1 was implemented in btrfs-progs version 6.9 - Changelog 6.9.2 subvol list: fix accidental trimming of subvolume name check: revert checking file extent item 'ram_bytes' libbtrfsutil: patchlevel version update 1.3.2 fix accidentally closing fd passed to subvolume iterator 6.9.1 (Not to be used) fix detection of intermediate super block flags (e.g. csum change and other conversions) raid-stripe-tree support (still experimental): moved under experimental build flags (mkfs, convert) format change, removed encoding type; backward incompatible receive dump: escape special chars in xattr names and values, and clone source path tune change csum: fix reservation size when starting a transaction other: new and updated tests updated CI images, new reference build targets cleanups and refactoring 6.9 mkfs: if --force used, don't continue if the mount status cannot be determined (e.g. due to permissions) fix minimum size calculation on zoned devices, make it work with option -b check: option --clear-ino-cache removed (functionality still provided in 'rescue' command group) detect and repair wrong file extent item ram_bytes value qgroup clear-stale: sync the filesystem before search to read the up to date state handle cases where qgroup cannot be deleted due to uncleaned subvolume or when squota is enabled qgroup show: display status of qgroup regarding the cleaning of the subvolume or if it's squota receive: fix stream parsing on strict alignment hosts (e.g. ARM v5 or v6) tune change-csum: fix check of dev-replace status item, continue if no dev-replace in progress dump-tree: print contents of dev-replace status item convert: fix extent iteration to handle prealloc/unwritten extents libbtrfsutil: patchlevel version update 1.3.1 fix potentially unaligned access to send stream create library links to all version levels libbtrfs: patchlevel version update 0.1.3 fix potentially unaligned access to send stream create library links to all version levels build: fix compatibility with e2fsprogs 1.47.1 fix header file dependency tracking -O2 by default other: new and updated tests ASAN and UBSAN test coverage in CI documentation updates 6.8.1 mkfs: fix writing on zoned device when block-group-tree is selected tune: fix writing on zoned device with option --convert-to-block-group-tree check: more progress and error messages unify handling of unknown command line options with other commands subvolume delete: remove options --delete-qgroup and --no-delete-qgroup (added in 6.6.3), qgroup deletion does not always work due to delayed background processing of subvolume or set value in sysfs:ggroup/drop_subtree_threshold other: misc refactoring error handling fixes reported by gcc -fanalyzer documentation updates new and updated tests 6.8 fix --enqueue option timeout handling subvolume: remove support for undocumented options -c and -x, functionality disabled in kernel libbtrfsutil: version 0.1.3, backward compabile add aliases for all existing functions with unified naming scheme updated header defintions for recently added kernel features send: v3 supported in experimental mode other: docs: manual page references, graphs, enhancements, clarifications error handling fixes cleanups and refactoring Signed-off-by: Adolf Belka --- config/rootfiles/common/btrfs-progs | 4 +++- lfs/btrfs-progs | 6 +++--- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/config/rootfiles/common/btrfs-progs b/config/rootfiles/common/btrfs-progs index 04af32d3f..864d6ea1a 100644 --- a/config/rootfiles/common/btrfs-progs +++ b/config/rootfiles/common/btrfs-progs @@ -26,8 +26,10 @@ usr/bin/mkfs.btrfs #usr/lib/libbtrfs.so usr/lib/libbtrfs.so.0 usr/lib/libbtrfs.so.0.1 +usr/lib/libbtrfs.so.0.1.3 #usr/lib/libbtrfsutil.a #usr/lib/libbtrfsutil.so usr/lib/libbtrfsutil.so.1 -usr/lib/libbtrfsutil.so.1.2.0 +usr/lib/libbtrfsutil.so.1.3 +usr/lib/libbtrfsutil.so.1.3.2 #usr/lib/pkgconfig/libbtrfsutil.pc diff --git a/lfs/btrfs-progs b/lfs/btrfs-progs index caf8f0b96..6030591fb 100644 --- a/lfs/btrfs-progs +++ b/lfs/btrfs-progs @@ -1,7 +1,7 @@ ############################################################################### # # # IPFire.org - A linux based firewall # -# Copyright (C) 2007-2023 IPFire Team # +# Copyright (C) 2007-2024 IPFire Team # # # # This program is free software: you can redistribute it and/or modify # # it under the terms of the GNU General Public License as published by # @@ -24,7 +24,7 @@ include Config -VER = 6.7.1 +VER = 6.9.2 THISAPP = btrfs-progs-v$(VER) DL_FILE = $(THISAPP).tar.xz @@ -40,7 +40,7 @@ objects = $(DL_FILE) $(DL_FILE) = $(DL_FROM)/$(DL_FILE) -$(DL_FILE)_BLAKE2 = 4e05e9dd80e5531425490970318389aef280f61cc636a80aa2bbc630399afd4f1f3ce649d194822ff93ff4b1774d65a504e3bed6f1426ff60830e4c0d0ac87b0 +$(DL_FILE)_BLAKE2 = 38ab189ac8271ba8d68b74e82569159c671cca1cb946f56ccab28b6b206cb6ee5b330d83afc3536b7e0d7399da3fb01e368809c1ef4a64b843ea88796ebd28bd install : $(TARGET)