From patchwork Wed Jun 14 16:12:26 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Lukas Zeller X-Patchwork-Id: 1795025 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; spf=none (no SPF record) smtp.mailfrom=lists.openwrt.org (client-ip=2607:7c80:54:3::133; helo=bombadil.infradead.org; envelope-from=openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org; receiver=) Authentication-Results: legolas.ozlabs.org; dkim=pass (2048-bit key; secure) header.d=lists.infradead.org header.i=@lists.infradead.org header.a=rsa-sha256 header.s=bombadil.20210309 header.b=mv4T6Lgr; dkim-atps=neutral Received: from bombadil.infradead.org (bombadil.infradead.org [IPv6:2607:7c80:54:3::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4Qh9WD5LVDz20QH for ; Thu, 15 Jun 2023 02:15:20 +1000 (AEST) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lists.infradead.org; s=bombadil.20210309; h=Sender:Content-Type: List-Subscribe:List-Help:List-Post:List-Archive:List-Unsubscribe:List-Id:To: Date:Message-Id:Subject:Mime-Version:From:Reply-To:Cc: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To: References:List-Owner; bh=gno1jPVev24wy9Z6kZxB6C8gLiEv6ICNVdj2AqUDNTY=; b=mv4 T6LgrkX0LfEdLRBgCpTpmZ70bQaguwjTUeG5y114PKwVuF+bYTHmbZzADo4L4QZA1/IhnmyHEZxBg qDmeHt+S+Y9IEz38oPjlP1bnHyKkK+4tJ7N+rB7PV1j5AnMxiRUlpoIJM6Fib5YJrp7KkIpnU6tZO yVsUA3PpwhaY/uthoMWU2f81tZ3kMklEn5XmpyQZ/VFty/35BRigU3/FBhopTWQ3TBzpJIl+u8YaP pbSAWVRCrng1ScS4bgnZ+axjOIoUMV4LCbs9eRvJC1iwu+Q8aAEnTyzNSWTwxJhLlIahHaRylljO2 HrryFt9IGA1pdTj+Dwx/8zykZRfeX7Q==; Received: from localhost ([::1] helo=bombadil.infradead.org) by bombadil.infradead.org with esmtp (Exim 4.96 #2 (Red Hat Linux)) id 1q9T6q-00CAYe-2v; Wed, 14 Jun 2023 16:12:36 +0000 Received: from plan442.nine.ch ([5.148.180.31]) by bombadil.infradead.org with esmtps (Exim 4.96 #2 (Red Hat Linux)) id 1q9T6n-00CAXX-1p for openwrt-devel@lists.openwrt.org; Wed, 14 Jun 2023 16:12:35 +0000 Received: from fiber7.gleis70.ch ([85.195.224.34] helo=smtpclient.apple) by plan442.nine.ch with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1q9T6g-0003z9-OJ for openwrt-devel@lists.openwrt.org; Wed, 14 Jun 2023 18:12:26 +0200 From: Lukas Zeller X-Mao-Original-Outgoing-Id: 708451945.872014-805ee2f36662aa8f84094a5e32877aa9 Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3731.600.7\)) Subject: [PATCH] bcm27xx: pad image to avoid false f2fs detection Message-Id: Date: Wed, 14 Jun 2023 18:12:26 +0200 To: OpenWrt Development List X-Mailer: Apple Mail (2.3731.600.7) X-CRM114-Version: 20100106-BlameMichelson ( TRE 0.8.0 (BSD) ) MR-646709E3 X-CRM114-CacheID: sfid-20230614_091233_602589_1AB9B746 X-CRM114-Status: GOOD ( 18.97 ) X-Spam-Score: 0.0 (/) X-Spam-Report: Spam detection software, running on the system "bombadil.infradead.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: From: Lukas Zeller Problem: - bcm27xx SDCard images for squashfs/f2fs only contain the squashfs part. Content analysis details: (0.0 points, 5.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [5.148.180.31 listed in list.dnswl.org] -0.0 SPF_PASS SPF: sender matches SPF record 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record X-BeenThere: openwrt-devel@lists.openwrt.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: OpenWrt Development List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: "openwrt-devel" Errors-To: openwrt-devel-bounces+incoming=patchwork.ozlabs.org@lists.openwrt.org From: Lukas Zeller Problem: - bcm27xx SDCard images for squashfs/f2fs only contain the squashfs part. - sysupgrade copies the image to the SDCard, with the space in the partition between end of the image and end of the partition untouched. - This is the space where the f2fs overlay lives. Depending on the history of the SDcard, this space can contain anything. - At reboot after sysupgrade, mount_root tries to detect a file system in that space. - Usually, during a sysupgrade enough of that space gets overwritten to prevent detection of an existing file system (because normally, firmware upgrades mean increased squashfs size). This leads (as is correct after sysupgrade) to creation of a new f2fs. - With a bit of bad luck however remaining parts of previous f2fs can lead to false detection by mount_root, but then failure to actually mount the overlay, or mounting a overlay with wrong data in it, leaving the device in an unusable state. See [1],[2] for detail description of how this happened in my case, [3] for another problem also caused by false FS detection happening to others. Solution: - As suggested by Michel Lespinasse in [4], padding the image with zeroes following the squashfs part solves the problem in a simple way. - Michel's version did pad the image up to the full size of the rootfs partition, which does not make a noticeable difference in the gzipped form. - However expansion, which takes place on device for sysupgrade, would potentially cause writing extra gigabytes of zeroes to the SDCard, depending on partition size, and also cause unneeded flash wear. - Therefore, this patch limits padding to 1Mbytes or the remaining space in the rootfs partition, whichever is less. The 1M zero padding has been verified sufficient to prevent false f2fs detection with several RPi devices. [1] http://lists.openwrt.org/pipermail/openwrt-devel/2023-May/041062.html [2] https://forum.openwrt.org/t/broken-f2fs-after-sysupgrade-on-rpi-config-not-restored/159703 [3] https://forum.openwrt.org/t/rpi-4-sysupgrade-21-02-1-squashfs-overlay-retained/110586?u=wulfy23 [4] https://github.com/openwrt/openwrt/issues/9113#issuecomment-1293060405 Signed-off-by: Lukas Zeller --- .../linux/bcm27xx/image/gen_rpi_sdcard_img.sh | 27 +++++++++++++++++++ 1 file changed, 27 insertions(+) -- 2.37.5 diff --git a/target/linux/bcm27xx/image/gen_rpi_sdcard_img.sh b/target/linux/bcm27xx/image/gen_rpi_sdcard_img.sh index 5e8fb2769c..a5185003bf 100755 --- a/target/linux/bcm27xx/image/gen_rpi_sdcard_img.sh +++ b/target/linux/bcm27xx/image/gen_rpi_sdcard_img.sh @@ -22,7 +22,34 @@ BOOTSIZE="$(($2 / 512))" ROOTFSOFFSET="$(($3 / 512))" ROOTFSSIZE="$(($4 / 512))" +# for sqashfs + f2fs layout, the rootfs image is only the sqashfs part, which +# is (usually much) smaller than the rootfs partition. +# The f2fs part (for the overlay) will be created only at first boot +# into the new image, when mount_root does not detect a valid filesystem already +# present. To make sure random data from previous installations are not falsely +# detected (which could and did happen in earlier versions), we add 1 MB zero padding +# or up to the end of the rootfs partition, whichever is less. +# While the padding is required for the squashfs+f2fs layout only, it does not +# interfere with other rootfs partition types such as ext4. + +# the image itself is usually less than the partition size (ROOTFSSIZE) +ROOTFSBYTES="$(wc -c < $ROOTFS)" +ROOTFSIMGSIZE="$(( ($ROOTFSBYTES+511) / 512))" +# we start padding one block BEFORE image ends +PADOFFSET="$(($ROOTFSOFFSET + $ROOTFSIMGSIZE - 1))" +PADSIZE="$(($ROOTFSSIZE - ROOTFSIMGSIZE + 1))" +# limit the padding to 1M, it needs to be just enough to prevent false fs detection by mount_root +if (( $PADSIZE > 2048 )); then + PADSIZE=2048 +fi + +# write the boot partition dd bs=512 if="$BOOTFS" of="$OUTPUT" seek="$BOOTOFFSET" conv=notrunc +# pad out some space after rootfs image, overlapping last block +if (( $PADSIZE > 0 )); then + dd bs=512 if=/dev/zero of="$OUTPUT" seek="$PADOFFSET" count="$PADSIZE" conv=notrunc +fi +# write the rootfs image which does usually not fill the entire partition dd bs=512 if="$ROOTFS" of="$OUTPUT" seek="$ROOTFSOFFSET" conv=notrunc