On Tue, May 06, 2014 at 09:36:05AM +0200, Ćukasz Majewski wrote: > This bug shows up when file stored on the ext4 file system is updated. > > The ext4fs_delete_file() is responsible for deleting file's (e.g. uImage) > data. > However some global data (especially ext4fs_indir2_block), which is used > during file deletion are left unchanged. > > The ext4fs_indir2_block pointer stores reference to old ext4 double > indirect allocated blocks. When it is unchanged, after file deletion, > ext4fs_write_file() uses the same pointer (since it is already initialized > - i.e. not NULL) to return number of blocks to write. This trunks larger > file when previous one was smaller. > > Lets consider following scenario: > > 1. Flash target with ext4 formatted boot.img (which has uImage [*] on itself) > 2. Developer wants to upload their custom uImage [**] > - When new uImage [**] is smaller than the [*] - everything works > correctly - we are able to store the whole smaller file with corrupted > ext4fs_indir2_block pointer > - When new uImage [**] is larger than the [*] - theCRC is corrupted, > since truncation on data stored at eMMC was done. > 3. When uImage CRC error appears, then reboot and LTHOR/DFU reflashing causes > proper setting of ext4fs_indir2_block() and after that uImage[**] > is successfully stored (correct uImage [*] metadata is stored at an > eMMC on the first flashing). > > Due to above the bug was very difficult to reproduce. > This patch sets default values for all ext4fs_indir* pointers/variables. > > Signed-off-by: Lukasz Majewski <l.majew...@samsung.com>
Applied to u-boot/master, thanks! -- Tom
signature.asc
Description: Digital signature
_______________________________________________ U-Boot mailing list U-Boot@lists.denx.de http://lists.denx.de/mailman/listinfo/u-boot