Page MenuHomeFreeBSD

Fix panic and other issues in msdosfs
ClosedPublic

Authored by se on Apr 1 2023, 9:26 PM.
Tags
None
Referenced Files
F106936610: D39386.diff
Tue, Jan 7, 6:06 PM
Unknown Object (File)
Sun, Jan 5, 9:59 AM
Unknown Object (File)
Fri, Dec 20, 8:41 PM
Unknown Object (File)
Nov 21 2024, 2:08 AM
Unknown Object (File)
Nov 20 2024, 1:47 PM
Unknown Object (File)
Sep 29 2024, 2:21 PM
Unknown Object (File)
Sep 29 2024, 2:20 PM
Unknown Object (File)
Sep 29 2024, 12:27 PM
Subscribers

Details

Summary

The msdosfs code contains a number of issues, including 1 issue that causes a kernel panic when mounting a FAT12 file system with a FAT that extends beyond 1 cluster.
Other issues are misreporting of the total disk space and of sectors allocated to the FAT and to the root directory on FAT12 or FAT16 filesystems.

Test Plan

Apply patch and verify that the issues reported in PR #270587 are resolved and that correct values and behavior can be observed for FAT file systems generated with default parameters or with other parameters that are allowed by the specification (e.g. large sector sizes, large clusters, or large root directories).

Diff Detail

Repository
rG FreeBSD src repository
Lint
Lint Skipped
Unit
Tests Skipped

Event Timeline

se requested review of this revision.Apr 1 2023, 9:26 PM

PR270587 contains the description of the unexpected behavior fixed by these patches.
The code path for FAT32 is not affected by these patches.

sys/fs/msdosfs/msdosfs_fat.c
95

For FAT12 a multiple of 3 bytes needs to be fetched and parsed to avoid an out-of-bounds access to a cluster entry that crosses cluster boundaries.

sys/fs/msdosfs/msdosfs_vfsops.c
710

The condition was wrong and caused valid FAT12 file systems to be trated as FAT16 in the following lines, leading to only 3/4 of the size being made available (e.g. 12 MB for a file system consisting of 4084 clusters of 4 KB).

1051

The first data cluster is cluster #2, thus for example maxcluster=1023 would represent a data area indexed by [2 .. 1023] and with a size of 1022 clusters.

sys/fs/msdosfs/msdosfs_vnops.c
319

The root directory of a FAT12 or FAT16 file system exists in a separate area outside the data area. The directory has a logical size of #entries * 32, but no blocks from the data area are allocated to it.

Have you verified that these changes resolve the issues reported in PR #270587?

Have you verified that these changes resolve the issues reported in PR #270587?

Yes, all 3 issues are fixed by this patch set - the inline comments explain which change addresses which issue.
Most important is of course the panic due to an out-of-bounds access beyond the allocated page for certain FAT12 parameters.

An ugly but functional test script has been attached to PR #270587.

This is an extended version of the script used to test the tallying of used root directory entries in review D38987, which caused my system to panic and which also reported the other inconsistencies addressed in this review.

Looks ready to commit.

This revision is now accepted and ready to land.Apr 7 2023, 4:50 AM