[PATCH 2/2] uboot: fs/btrfs: Fix LZO false decompression error caused by pending zero
Matthias Brugger
matthias.bgg at gmail.com
Thu Mar 19 14:33:28 CET 2020
Hi Qu,
On 19/03/2020 13:30, Qu Wenruo wrote:
> [BUG]
> For certain btrfs files with compressed file extent, uboot will fail to
> load it:
>
> btrfs_read_extent_reg: disk_bytenr=14229504 disk_len=73728 offset=0 nr_bytes=131
> 072
> decompress_lzo: tot_len=70770
> decompress_lzo: in_len=1389
> decompress_lzo: in_len=2400
> decompress_lzo: in_len=3002
> decompress_lzo: in_len=1379
> decompress_lzo: in_len=88539136
> decompress_lzo: header error, in_len=88539136 clen=65534 tot_len=62580
>
> NOTE: except the last line, all other lines are debug output.
>
> [CAUSE]
> Btrfs lzo compression uses its own format to record compressed size
> (segmant header, LE32).
>
> However to make decompression easier, we never put such segment header
> across page boundary.
>
> In above case, the xxd dump of the lzo compressed data looks like this:
>
> 00001fe0: 4cdc 02fc 0bfd 02c0 dc02 0d13 0100 0001 L...............
> 00001ff0: 0000 0008 0300 0000 0000 0011 0000|0000 ................
> 00002000: 4705 0000 0001 cc02 0000 0000 0000 1e01 G...............
>
> '|' is the "expected" segment header start position.
>
> But in that page, there are only 2 bytes left, can't contain the 4 bytes
> segment header.
>
> So btrfs compression will skip that 2 bytes, put the segment header in
> next page directly.
>
> Uboot doesn't have such check, and read the header with 2 bytes offset,
> result 0x05470000 (88539136), other than the expected result
> 0x00000547 (1351), resulting above error.
>
> [FIX]
> Follow the btrfs-progs restore implementation, by introducing tot_in to
> record total processed bytes (including headers), and do proper page
> boundary skip to fix it.
>
> Signed-off-by: Qu Wenruo <wqu at suse.com>
> ---
> fs/btrfs/compression.c | 20 ++++++++++++++++++++
> 1 file changed, 20 insertions(+)
>
> diff --git a/fs/btrfs/compression.c b/fs/btrfs/compression.c
> index 4ef44ce11485..2a6ac8bb1029 100644
> --- a/fs/btrfs/compression.c
> +++ b/fs/btrfs/compression.c
> @@ -9,6 +9,7 @@
> #include <malloc.h>
> #include <linux/lzo.h>
> #include <linux/zstd.h>
> +#include <linux/compat.h>
> #include <u-boot/zlib.h>
> #include <asm/unaligned.h>
>
> @@ -17,6 +18,7 @@
> static u32 decompress_lzo(const u8 *cbuf, u32 clen, u8 *dbuf, u32 dlen)
> {
> u32 tot_len, in_len, res;
> + u32 tot_in = 0;
> size_t out_len;
> int ret;
>
> @@ -27,6 +29,7 @@ static u32 decompress_lzo(const u8 *cbuf, u32 clen, u8 *dbuf, u32 dlen)
> cbuf += LZO_LEN;
> clen -= LZO_LEN;
> tot_len -= LZO_LEN;
> + tot_in += LZO_LEN;
>
> if (tot_len == 0 && dlen)
> return -1;
> @@ -36,6 +39,9 @@ static u32 decompress_lzo(const u8 *cbuf, u32 clen, u8 *dbuf, u32 dlen)
> res = 0;
>
> while (tot_len > LZO_LEN) {
> + size_t mod_page;
> + size_t rem_page;
> +
> in_len = le32_to_cpu(get_unaligned((u32 *)cbuf));
> cbuf += LZO_LEN;
> clen -= LZO_LEN;
> @@ -44,6 +50,7 @@ static u32 decompress_lzo(const u8 *cbuf, u32 clen, u8 *dbuf, u32 dlen)
> return -1;
>
> tot_len -= (LZO_LEN + in_len);
> + tot_in += (LZO_LEN + in_len);
>
> out_len = dlen;
> ret = lzo1x_decompress_safe(cbuf, in_len, dbuf, &out_len);
> @@ -56,6 +63,19 @@ static u32 decompress_lzo(const u8 *cbuf, u32 clen, u8 *dbuf, u32 dlen)
> dlen -= out_len;
>
> res += out_len;
> +
> + /*
> + * If the 4 bytes header does not fit to the rest of the page we
> + * have to move to next one, or we read some garbage.
> + */
> + mod_page = tot_in % PAGE_SIZE;
in U-Boot we use 4K page sizes, but the OS could use another page size (16K or
64k). Would we need to adapt that code to reflect which page size is used on the
medium we want to access?
Regards,
Matthias
> + rem_page = PAGE_SIZE - mod_page;
> + if (rem_page < LZO_LEN) {
> + cbuf += rem_page;
> + tot_in += rem_page;
> + clen -= rem_page;
> + tot_len -= rem_page;
> + }
> }
>
> return res;
>
More information about the U-Boot
mailing list