From 9d6e309432e362fd14f2b6deef38a1dd45af2797 Mon Sep 17 00:00:00 2001 From: Christopher Haster Date: Thu, 17 Jan 2019 00:43:58 -0600 Subject: [PATCH] Extended mount to check all metadata-pairs The most common issue with using littlefs in mbed-os is when users change from littlefs->FAT->littlefs (or with MBR or similar). When this corrupts the superblock, littlefs tries to fall back to the backup superblock. However, at this point in the time the old superblock may be very out-of-date and pointing to an incorrect filesystem. There's no complete solution to a malicious modification of the filesystem (short of checking all metadata+data, a very expensive operation), but we can at least expand our validation to all of the metadata for the filesystem. This at least catches the common issues with changing between different filesystems. --- .../storage/filesystem/littlefs/littlefs/lfs.c | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/features/storage/filesystem/littlefs/littlefs/lfs.c b/features/storage/filesystem/littlefs/littlefs/lfs.c index c6b5870395..40d2b86ddc 100644 --- a/features/storage/filesystem/littlefs/littlefs/lfs.c +++ b/features/storage/filesystem/littlefs/littlefs/lfs.c @@ -2206,6 +2206,10 @@ int lfs_mount(lfs_t *lfs, const struct lfs_config *cfg) { lfs->root[0] = superblock.d.root[0]; lfs->root[1] = superblock.d.root[1]; + if (lfs_paircmp(lfs->root, dir.d.tail) != 0) { + err = LFS_ERR_CORRUPT; + goto cleanup; + } } if (err || memcmp(superblock.d.magic, "littlefs", 8) != 0) { @@ -2223,10 +2227,18 @@ int lfs_mount(lfs_t *lfs, const struct lfs_config *cfg) { goto cleanup; } + // verify that no metadata pairs are corrupt + while (!lfs_pairisnull(dir.d.tail)) { + err = lfs_dir_fetch(lfs, &dir, dir.d.tail); + if (err) { + goto cleanup; + } + } + + // succuessfully mounted return 0; cleanup: - lfs_deinit(lfs); return err; }