Attempt to perform fs_read, fs_write, fs_seek, fs_tell, fs_truncate
and fs_sync on file that has been closed, prior to attempt, would cause
NULL pointer dereference.
With this fix, such operations would instead return -EBADF.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
If fs_close gets invoked on closed file (e.g. double close) it would
cause NULL dereference and system crash. Instead now it will just
return with success, as the file is already closed anyway.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
nvs_gc does not verify the crc8 of close_ate before using
close_ate.offset. This means that close_ate.offset could contain an
offset that points beyond valid ate's in the sector. For example, there
might be a valid ate at offset 0x100 but close_ate.offset is 0x200.
If that is the case that value will not be moved and so it will be lost.
Solve this by refactoring the recovery loop from nvs_prev_ate into
nvs_recover_last_ate and use that function in nvs_gc if a corrupt
close_ate is found.
The crc8 of gc_ate is not checked before trying to find another ate
with the same id. If there are no valid ate with that id in the whole
fs the inner while(1)-loop will never stop since the break condition
includes a check for a correct crc8.
Solve this by skipping gc_ate's with an invalid crc8.
Fixes#26407
Signed-off-by: Tobias Svehagen <tobias.svehagen@gmail.com>
fatfs_open and fatfs_opendir fail to free reserved memory on error
which may lead to memory exhaustion, when too many file/dir open errors
are caused, and will cause all subsequent open attempts to fail with
ENOMEM error.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Pointer to flash_parameters have been added to nvs_fs structure and it
is no longer needed to store write_block_size within the nvs_fs.
Signed-off-by: Dominik Ermel <dominik.ermel@nordicsemi.no>
Initialize LittleFS at POST_KERNEL and not at APPLICATION stage.
When using LittleFS as settings backend for OpenThread, LittleFS needs
to be available when net_init is performed.
Arguably, FS is an OS kernel component that should be ready when
applications are starting.
Possibly, the same change should be applied to FAT fs as well.
Signed-off-by: Markus Becker <markus.becker@tridonic.com>
The current code truncates the size_t block size to a u8_t, which
causes a 256 or 512 byte block size to be truncated to zero and
passing the size check.
Check as a size_t then truncate once the check passes.
Signed-off-by: Michael Hope <mlhx@google.com>
Convert with a combo of scripts and by hand fixups:
git grep -l DT_FLASH_AREA_.*_ID | \
xargs sed -i -r 's/DT_FLASH_AREA_(.*)_ID/FLASH_AREA_ID(\L\1)/'
git grep -l DT_FLASH_AREA_.*_OFFSET | \
xargs sed -i -r 's/DT_FLASH_AREA_(.*)_OFFSET/FLASH_AREA_OFFSET(\L\1)/'
git grep -l DT_FLASH_AREA_.*_SIZE | \
xargs sed -i -r 's/DT_FLASH_AREA_(.*)_SIZE/FLASH_AREA_SIZE(\L\1)/'
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
Replace all occurences of BUILD_ASSERT_MSG() with BUILD_ASSERT()
as a result of merging BUILD_ASSERT() and BUILD_ASSERT_MSG().
Signed-off-by: Oleg Zhurakivskyy <oleg.zhurakivskyy@intel.com>
This reverts commit 8739517107.
Pull Request #23437 was merged by mistake with an invalid manifest.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Replace all occurences of BUILD_ASSERT_MSG() with BUILD_ASSERT()
as a result of merging BUILD_ASSERT() and BUILD_ASSERT_MSG().
Signed-off-by: Oleg Zhurakivskyy <oleg.zhurakivskyy@intel.com>
The build infrastructure should not be adding the drivers subdirectory
to the include path. Fix the legacy uses that depended on that
addition.
Signed-off-by: Peter Bigot <peter.bigot@nordicsemi.no>
ELM FatFS implementation supports LFN, enabled via ffconf.h
configuration file. Additionally, code page (character set),
max file name length, and memory mode (LFN working buffer location)
are configurable options closely related to LFN.
Without LFN filenames are restricted to 8.3 filename format.
Add kconfig options to expose following FatFS configurations:
enable LFN, specify max filename length, specify code page
(character set), specify LFN working buffer location.
Signed-off-by: Audun Korneliussen <audun.korneliussen@nordicsemi.no>
NFFS is removed as it has serious bugs (by design) which haven't
been resolved since extended range of time.
One of most serious issues bunch were described here:
https://github.com/apache/mynewt-nffs/issues/10
Since lack of support NFFS upsterem it doesn't make sense to keep
it in zephyr.
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
Remove leading/trailing blank lines in .c, .h, .py, .rst, .yml, and
.yaml files.
Will avoid failures with the new CI test in
https://github.com/zephyrproject-rtos/ci-tools/pull/112, though it only
checks changed files.
Move the 'target-notes' target in boards/xtensa/odroid_go/doc/index.rst
to get rid of the trailing blank line there. It was probably misplaced.
Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
In nvs writing addresses are u32_t. Coverty reports two situations
where the address could be converted (unwanted) to a signed value.
Both have been corrected.
There is however a general problem with flash API where the addresses
are defined as off_t which is a s32_t. These are converted in the flash
hal to u32_t. As a result of this only half of the possible range can
be used.
Solves #20867 and #20866
Signed-off-by: Laczen JMS <laczenjms@gmail.com>
Fix for not served error code in fcb_offset_last_n()
implementation.
Issue was reported by static code analyze scan.
Looks like the function might have failed silently
if aggressive access to the fcb instance
from another thread have been occurring while the function
have been processing the fcb storage.
fixes#20512
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
Use this short header style in all Kconfig files:
# <description>
# <copyright>
# <license>
...
Also change all <description>s from
# Kconfig[.extension] - Foo-related options
to just
# Foo-related options
It's clear enough that it's about Kconfig.
The <description> cleanup was done with this command, along with some
manual cleanup (big letter at the start, etc.)
git ls-files '*Kconfig*' | \
xargs sed -i -E '1 s/#\s*Kconfig[\w.-]*\s*-\s*/# /'
Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
Clean up space errors and use a consistent style throughout the Kconfig
files. This makes reading the Kconfig files more distraction-free, helps
with grepping, and encourages the same style getting copied around
everywhere (meaning another pass hopefully won't be needed).
Go for the most common style:
- Indent properties with a single tab, including for choices.
Properties on choices work exactly the same syntactically as
properties on symbols, so not sure how the no-indentation thing
happened.
- Indent help texts with a tab followed by two spaces
- Put a space between 'config' and the symbol name, not a tab. This
also helps when grepping for definitions.
- Do '# A comment' instead of '#A comment'
I tweaked Kconfiglib a bit to find most of the stuff.
Some help texts were reflowed to 79 columns with 'gq' in Vim as well,
though not all, because I was afraid I'd accidentally mess up
formatting.
Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
The Zephyr fs readdir abstraction returns OK with a zero-length file
name when the last directory entry has been found. The loop to build
multiple entries instead checked for a non-file entry type.
Correct the loop exit condition.
Signed-off-by: Peter A. Bigot <pab@pabigot.com>
The FatFs f_readdir function returns OK with a zero-length file name
when the last directory entry has been found. The Zephyr wrapper
unconditionally accessed fields that are left uninitialized in that
situation, propagating garbage values to the caller.
Avoid referencing uninitialized fields of the output structure in this
case.
Signed-off-by: Peter A. Bigot <pab@pabigot.com>
Unused since commit 7d2e59813f ("subsys: fs/nvs: Rewrite for improved
robustness").
Found with a script.
Signed-off-by: Ulf Magnusson <Ulf.Magnusson@nordicsemi.no>
When overwriting an NVS item with data that was a truncated version of
the existing data, the "is this already saved" logic was ignoring the
differing lengths and not saving the new item because the data matched.
Fixes#19250
Signed-off-by: Justin Brzozoski <justin.brzozoski@signal-fire.com>
Switch form using privater FCB error codes to
errno codes. FCB private codes convention were compatible
with <errno.h> codes:
- 0 mean success
- negative values mean errors
- similar error types.
There was no sense to kept private FCB error codes.
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
Move the inclusion of the littefs Kconfig options inside the
'if FILESYSTEM' block so we don't leak Kconfig symbols if FILESYSTEM
support isn't enabled.
Signed-off-by: Kumar Gala <kumar.gala@linaro.org>
Make sure that the last entry added is deleted correctly by storing the
fact that one was found in a local variable.
Fix by Laczen JMS <laczenjms@gmail.com>
Fixes#18813.
Signed-off-by: Carles Cufi <carles.cufi@nordicsemi.no>
Increase temporary buffer size to 8 bytes in fcb_append to prevent
stack overflow in case flash alignment is bigger then 2 bytes.
Signed-off-by: Jan Van Winkel <jan.van_winkel@dxplore.eu>
Closes#18392 by asserting and returning an error if the block size is
not positive.
Closes#18458. The diagnosis here was not relevant as an in-range EOS
is written before the buffer is used, but using the non-terminated
length is slightly more clear about intent and may avoid a read overrun
of the mount point.
Signed-off-by: Peter Bigot <peter.bigot@nordicsemi.no>
No need to write deletion entry for non-existing entry.
Furthermore such a write to filled up storage will make another
writes impossible as it occupied delete nvs_ate space, but it
does not remove anything.
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
During initialization NVS analyzes open sector for
find write addresses. It was possible to infinite loop
in case when there was no space for any new ATE in the sector.
This patch introduce check for space available in the sector which
fix the issue.
fixes#17891
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
NVS always leave space for deletion ate in a full sector.
Even that it was not possible to write delete nvs_ate to the
full sector. Because of that it was possible to fill up NVS,
and be able to delete nothing.
This patch introduce recognition of case
the delete ate is writing, and allow to write such nvs_ate to
opened full sector.
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
Previous ATE searching is accelerate by reading sector
close ate, which allow to skip reading whole storage.
ATE is already covered by crc8. That patch introduce
check on correctness offset read form close ate. This
increases meta-data integrity check level.
This also preserves against possible looping when read
incorrect or not a NVS storage image.
fixes#16899
Signed-off-by: Andrzej Puzdrowski <andrzej.puzdrowski@nordicsemi.no>
There's desire to be able to customize parameters on a per-filesystem
basis, which means we need a way to override the Kconfig defaults which
are global. This also means the littlefs data structure cannot own the
cache and lookahead buffers.
Switch to using a macro to define the littlefs data structure. The
default version uses the Kconfig constants. A custom one takes
arguments providing the most likely partition-specific parameters.
Finally the user is free to bypass the helper macros and set any
parameters desired, though validation is limited and only present when
CONFIG_DEBUG is enabled.
Extend the test suite with a performance module, which confirms that
these settings have an impact proportional to the log of changes to the
cache or IO sizes.
Signed-off-by: Peter A. Bigot <pab@pabigot.com>
Existing file system implementations do not provide the special "."
(current) and ".." (parent) directory entries in the readdir results.
littlefs does.
Remove these entries in the abstraction layer. This simplifies code in
higher level consumers that aren't prepared to see them. Consumers like
FUSE that need them can put them back without having to worry about
conflicts.
Closes issue #17951
Signed-off-by: Peter A. Bigot <pab@pabigot.com>
The previous way of creating an absolute path relied on snprintf(), and
when used with newlib gcc warned that the output could be truncated
before the last format character. Rework to use code that doesn't rely
on snprintf.
See discussion at https://bugzilla.redhat.com/show_bug.cgi?id=1431678
Also ensure that cwd is always NUL-terminated, and use the utility
function to create the absolute path in cmd_trunc.
Signed-off-by: Peter A. Bigot <pab@pabigot.com>
Add support for the littlefs file system in the fs shell. Update
the sample to use the same partition configuration as the littlefs
example for the SPI NOR test platform.
Signed-off-by: Peter A. Bigot <pab@pabigot.com>
littlefs is a fail-safe filesystem from ARM Mbed that has wear-leveling
capabilities.
Signed-off-by: Peter A. Bigot <pab@pabigot.com>
Signed-off-by: Jim Paris <jim@bolt.io>
The sector size is 0 will pass "fs->sector_size % info.size" then start
a loop in nvs_startup() and never return. So retrun an error if the
sector size is 0.
Signed-off-by: Harry Jiang <explora26@gmail.com>
This will list all mount points in response to opendir("/").
This isn't perfect; mount points in subdirectories will show up as
their full path in this listing. But it's better than just returning
-EINVAL.
Signed-off-by: Jim Paris <jim@jtan.com>
Michael Hope
