From 7059d44c57cbbd4d912f15a814a68c434a98b838 Mon Sep 17 00:00:00 2001 From: Christopher Haster Date: Thu, 17 Jan 2019 00:43:58 -0600 Subject: [PATCH] Extended mount to check all metadata-pairs The most common issue with using littlefs in mbed-os is when users change from littlefs->FAT->littlefs (or with MBR or similar). When this corrupts the superblock, littlefs tries to fall back to the backup superblock. However, at this point in the time the old superblock may be very out-of-date and pointing to an incorrect filesystem. There's no complete solution to a malicious modification of the filesystem (short of checking all metadata+data, a very expensive operation), but we can at least expand our validation to all of the metadata for the filesystem. This at least catches the common issues with changing between different filesystems. --- .../storage/filesystem/littlefs/littlefs/lfs.c | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/features/storage/filesystem/littlefs/littlefs/lfs.c b/features/storage/filesystem/littlefs/littlefs/lfs.c index c6b5870395..40d2b86ddc 100644 --- a/features/storage/filesystem/littlefs/littlefs/lfs.c +++ b/features/storage/filesystem/littlefs/littlefs/lfs.c @@ -2206,6 +2206,10 @@ int lfs_mount(lfs_t *lfs, const struct lfs_config *cfg) { lfs->root[0] = superblock.d.root[0]; lfs->root[1] = superblock.d.root[1]; + if (lfs_paircmp(lfs->root, dir.d.tail) != 0) { + err = LFS_ERR_CORRUPT; + goto cleanup; + } } if (err || memcmp(superblock.d.magic, "littlefs", 8) != 0) { @@ -2223,10 +2227,18 @@ int lfs_mount(lfs_t *lfs, const struct lfs_config *cfg) { goto cleanup; } + // verify that no metadata pairs are corrupt + while (!lfs_pairisnull(dir.d.tail)) { + err = lfs_dir_fetch(lfs, &dir, dir.d.tail); + if (err) { + goto cleanup; + } + } + + // succuessfully mounted return 0; cleanup: - lfs_deinit(lfs); return err; }