* Recurrency is removed from filesystem directory rename.
* Fixes use after free in buffer that was used as output and argument.
Signed-off-by: Tomasz 'CeDeROM' CEDRO <tomek@cedro.info>
To save more space (equivalent to the size of one erase sector of
MTD device) and to achieve faster read and write speeds, a method
for direct writing was introduced at the FTL layer.
This can be accomplished simply by using the following oflags during
the open operation:
1. O_DIRECT. when this flag is passed in, ftl internally uses
the direct write strategy and no read cache is used in ftl;
otherwise, each write will be executed with the minimum
granularity of flash erase sector size which means a
"sector read back - erase sector - write sector" operation
is performed by using a read cache buffer in heap.
2. O_SYNC. When this flag is passed in, we assume that the
flash has been erased in advance and no erasure operation
will be performed internally within ftl. O_SYNC will take
effect only when both O_DIRECT and O_SYNC are passed in
simultaneously.
3. For uniformity, we remapped the mount flag in mount.h and
unified it with the open flag in fcntl.h. The repetitive
parts of their definitions were reused, and the remaining
part of the mount flag redefine to the unused bit of open
flags.
Signed-off-by: jingfei <jingfei@xiaomi.com>
Double free occurred in lib_put_pathbuffer if CONFIG_FS_NOTIFY option
was enabled. The second if statement has to be called only if the
close operation returned error. The bug was introduced in 14f5c48
and was causing misc/lib_tempbuffer.c:141 debug assertion.
Signed-off-by: Michal Lenc <michallenc@seznam.cz>
these command FIOGCLEX/FIOCLEX/FIONCLEX are related to struct fd,
so need to use ioctl to implement.
Signed-off-by: dongjiuzhu1 <dongjiuzhu1@xiaomi.com>
This patch is a rework of the NuttX file descriptor implementation. The
goal is two-fold:
1. Improve POSIX compliance. The old implementation tied file description
to inode only, not the file struct. POSIX however dictates otherwise.
2. Fix a bug with descriptor duplication (dup2() and dup3()). There is
an existing race condition with this POSIX API that currently results
in a kernel side crash.
The crash occurs when a partially open / closed file descriptor is
duplicated. The reason for the crash is that even if the descriptor is
closed, the file might still be in use by the kernel (due to e.g. ongoing
write to file). The open file data is changed by file_dup3() and this
causes a crash in the device / drivers themselves as they lose access to
the inode and private data.
The fix is done by separating struct file into file and file descriptor
structs. The file struct can live on even if the descriptor is closed,
fixing the crash. This also fixes the POSIX issue, as two descriptors
can now point to the same file.
Signed-off-by: Ville Juven <ville.juven@unikie.com>
Signed-off-by: dongjiuzhu1 <dongjiuzhu1@xiaomi.com>
1. The call to file_close_without_clear in file_dup3 does not clear
the tag information, so there is no need to back it up.
2. file_dup3 don't need to copy tag information, tag is only valid for fd.
Signed-off-by: dongjiuzhu1 <dongjiuzhu1@xiaomi.com>
Currently the code is dumped into one massive file; fs_files. Move the
different logical parts into their own files.
Signed-off-by: Ville Juven <ville.juven@unikie.com>
Signed-off-by: dongjiuzhu1 <dongjiuzhu1@xiaomi.com>
When a new pseudofile is created, the inode reference count needs to
be bumped to protect the node.
Signed-off-by: Ville Juven <ville.juven@unikie.com>
Allow users to operate poll in the kernel using the file_poll
approach, as file is protected with reference counting,
making it more secure.
Signed-off-by: dongjiuzhu1 <dongjiuzhu1@xiaomi.com>
When we use fcntl for dup, an fd is directly passed. If we have opened FDCHECK. we need to restore this file descriptor.
open FDCHECK and test this:
`
int main(int ac, char **av)
{
int fd1= open("./1.txt", O_WRONLY | O_CREAT, 0666);
if (fd1 < 0)
{
printf("open err\n");
return fd1;
}
int fd2= open("./2.txt", O_WRONLY | O_CREAT, 0666);
if (fd2 < 0)
{
printf("open err\n");
close(fd1);
return fd2;
}
//close(fd2);
int fd3 = fcntl(fd1, F_DUPFD, fd2);
printf("fd3 = %d\n", fd3);
close(fd1);
close(fd3);
return 0;
}
`
Signed-off-by: zhangshoukui <zhangshoukui@xiaomi.com>
Add the noinstrument_function attribute to the poll_notify function
to avoid it being looped if -finstrument-functions is set to the
fs/vfs files.
Signed-off-by: Tiago Medicci Serrano <tiago.medicci@espressif.com>
* Make readv/writev implementations update struct uio
This can simplify partial result handling.
* change the error number on the overflow from EOVERFLOW to EINVAL
to match NetBSD
* add a commented out uio_offset field. I used "#if 0" here as
C comments can't nest.
* add a few helper functions
Note on uio_copyfrom/uio_copyto:
although i'm not quite happy with the "offset" functionality,
it's necessary to simplify the adaptation of some drivers like
drivers/serial/serial.c, which (ab)uses the user-supplied buffer
as a line-buffer.
Modify the kernel to use only atomic_xx and atomic64_xx interfaces,
avoiding the use of sizeof or typeof to determine the type of
atomic operations, thereby simplifying the kernel's atomic
interface operations.
Signed-off-by: zhangyuan29 <zhangyuan29@xiaomi.com>
Most tools used for compliance and SBOM generation use SPDX identifiers
This change brings us a step closer to an easy SBOM generation.
Signed-off-by: Alin Jerpelea <alin.jerpelea@sony.com>
The problem has been inherited from the original libc readv/writev
implementation. However, now it's exposed in more situations because
this implemenation is used to back read/write as well.
I expect this fixes the regressions observed on the Espressif CI.
https://github.com/apache/nuttx/pull/13498#issuecomment-2448031197
Note that, even with this fix, these "compat" readv/writev
implementations are still inheritedly broken. (E.g. consider that
a data boundary happens to match one of iovec boundaries) However,
this fix is enough for read/write, where iovcnt is always 1.
This patch fixed userspace headers conflict. Architecture-related definition and API should not be exposed to users.
Signed-off-by: ouyangxiangzhen <ouyangxiangzhen@xiaomi.com>
currently, nuttx implements readv/writev on the top of read/write.
while it might work for the simplest cases, it's broken by design.
for example, it's impossible to make it work correctly for files
which need to preserve data boundaries without allocating a single
contiguous buffer. (udp socket, some character devices, etc)
this change is a start of the migration to a better design.
that is, implement read/write on the top of readv/writev.
to avoid a single huge change, following things will NOT be done in
this commit:
* fix actual bugs caused by the original readv-based-on-read design.
(cf. https://github.com/apache/nuttx/pull/12674)
* adapt filesystems/drivers to actually benefit from the new interface.
(except a few trivial examples)
* eventually retire the old interface.
* retire read/write syscalls. implement them in libc instead.
* pread/pwrite/preadv/pwritev (except the introduction of struct uio,
which is a preparation to back these variations with the new
interface.)
The man manual describes that poll only has EFAULT, EINTR, EINVAL, and ENOMEM return values.
If a file returns an error, the POLLERR event should be set and OK should be returned
https://man7.org/linux/man-pages/man2/poll.2.html
When using libuv to poll the socket, the socket poll returned an EBUSY error, causing libuv to abort.
The expected logic should be to return OK, allowing libuv to notify the event listener that the POLLERR event occurred.
Signed-off-by: yinshengkai <yinshengkai@xiaomi.com>
Signed-off-by: ligd <liguiding1@xiaomi.com>
timeout is a type of int
in MSEC2TICK, timeout may be multiplied by USEC_PER_MSEC
and the result may be out of range of int
Besides, this will induce following ERROR while running simulator:
vfs/fs_poll.c:498:38: runtime error: signed integer overflow:
19768268 * 1000 cannot be represented in type 'int'
Signed-off-by: zhengyu9 <zhengyu9@xiaomi.com>
Signed-off-by: ligd <liguiding1@xiaomi.com>
Summary:
Reference https://man7.org/linux/man-pages/man2/open.2.html
EISDIR pathname refers to a directory and the access requested
involved writing (that is, O_WRONLY or O_RDWR is set).
Signed-off-by: chenrun1 <chenrun1@xiaomi.com>
Close operation on file should lead to IN_CLOSE_WRITE or
IN_CLOSE_NOWRITE notifications. This commits adds the notification
support. Notifying on close is a little bit trickier as a lower layer
may not have the full file path after successful close and inode release.
Calling notification before close is not a solution since close might
not end successfully.
The solution is to obtain and buffer the path before calling close
and then pass the buffered path to the notify_close. This required the
change in notify_close function arguments: filep is no longer
required, path and oflags are passed instead.
Signed-off-by: Michal Lenc <michallenc@seznam.cz>
IN_MODIFY event should occur on file modification, which includes
truncate. This is consistent with the inotify usage on Linux.
Signed-off-by: Michal Lenc <michallenc@seznam.cz>
Summary:
Fixed the problem of releasing the bucket prematurely in multi-threaded flock scenarios.
A thread setlk
B thread setlk_wait
A thread releases lock but fails to determine if nwaiter causes the bucket to be released prematurely
post B thread causes crash due to heap use after free
https://github.com/apache/nuttx/issues/13821
Signed-off-by: chenrun1 <chenrun1@xiaomi.com>
Example:
When executing "df -h" on Core A to view mount information, this
process will traverse inode nodes, thereby holding the inode_lock.
Since the inode type of the mount point may be rpmsgfs, it will fetch statfs
information from another Core B.
Meanwhile, rcS on Core B needs to obtain file information from Core A,
which will be achieved by fetching stat information through rpmsgfs.
When this message arrives at Core A, a deadlock can occur between Core A's
rptun ap and nsh task.
However, both of these places involve read operations only, thus a reader-writer lock
can be utilized to prevent such a deadlock.
Signed-off-by: dongjiuzhu1 <dongjiuzhu1@xiaomi.com>
