• Home
  • History
  • Annotate
Name Date Size #Lines LOC

..03-May-2022-

squashfs-tools/H03-May-2022-26,91618,510

ACKNOWLEDGEMENTSH A D29-Aug-20195.9 KiB163112

CHANGESH A D29-Aug-201928.4 KiB665548

COPYINGH A D29-Aug-201917.7 KiB340281

INSTALLH A D29-Aug-20191.6 KiB4529

README-4.4H A D29-Aug-201910.4 KiB317203

USAGEH A D29-Aug-201947.9 KiB1,217941

pseudo-file.exampleH A D29-Aug-20192.7 KiB7554

README-4.4

1	SQUASHFS 4.4 - A squashed read-only filesystem for Linux
2
3	Copyright 2002-2019 Phillip Lougher <phillip@squashfs.org.uk>
4
5	Released under the GPL licence (version 2 or later).
6
7Welcome to Squashfs 4.4.  This is the first release in over 5 years, and
8there are substantial improvements: reproducible builds, new compressors,
9CVE fixes, security hardening and new options for Mksquashfs/Unsquashfs.
10
11Please see the INSTALL file for instructions on installing the tools,
12and the USAGE file for documentation on how to use the tools.
13
14Summary of changes (and sections below)
15---------------------------------------
16
171. Mksquashfs now generates reproducible images by default.  Mkfs time and
18   file timestamps can also be specified.
19
202. Support for the Zstandard (ZSTD) compression algorithm has been added.
21
223. Pseudo files now support symbolic links.
23
244. CVE-2015-4645 and CVE-2015-4646 have been fixed.
25
265. Unsquashfs has been further hardened against corrupted filestems.
27
286. Unsquashfs is now more strict about error handling.
29
307. Miscellaneous new options and major bug fixes for Mksquashfs.
31
328. Miscellaneous new options and major bug fixes for Unsquashfs.
33
349. Squashfs-tools 4.4 is compatible with all earlier 4.x filesystems
35   and releases.
36
37
381. Introducing reproducible builds
39----------------------------------
40
41Ever since Mksquashfs was parallelised back in 2006, there
42has been a certain randomness in how fragments and multi-block
43files are ordered in the output filesystem even if the input
44remains the same.
45
46This is because the multiple parallel threads can be scheduled
47differently between Mksquashfs runs.  For example, the thread
48given fragment 10 to compress may finish before the thread
49given fragment 9 to compress on one run (writing fragment 10
50to the output filesystem before fragment 9), but, on the next
51run it could be vice-versa.  There are many different scheduling
52scenarios here, all of which can have a knock on effect causing
53different scheduling and ordering later in the filesystem too.
54
55Mkquashfs doesn't care about the ordering of fragments and
56multi-block files within the filesystem, as this does not
57affect the correctness of the filesystem.
58
59In fact not caring about the ordering, as it doesn't matter, allows
60Mksquashfs to run as fast as possible, maximising CPU and I/O
61performance.
62
63But, in the last couple of years, Squashfs has become used in
64scenarios (cloud etc) where this randomness is causing problems.
65Specifically this appears to be where downloaders, installers etc.
66try to work out the differences between Squashfs filesystem
67updates to minimise the amount of data that needs to transferred
68to update an image.
69
70Additionally, in the last couple of years has arisen the notion
71of reproducible builds, that is the same source and build
72environment etc should be able to (re-)generate identical
73output.  This is usually for verification and security, allowing
74binaries/distributions to be checked for malicious activity.
75See https://reproducible-builds.org/ for more information.
76
77Mksquashfs now generates reproducible images by default.
78Images generated by Mksquashfs will be ordered identically to
79previous runs if the same input has been supplied, and the
80same options used.
81
821.1.1 Dealing with timestamps
83
84Timestamps embedded in the filesystem will stiil cause differences.
85Each new run of Mksquashfs will produce a different mkfs (make filesystem)
86timestamp in the super-block.  Moreover if any file timestamps have changed
87(even if the content hasn't), this will produce a difference.
88
89To prevent timestamps from producing differences, the following
90new Mksquashfs options have been added.
91
921.1.2 -mkfs-time <time>
93
94This option takes a positive time value (which is the number
95of seconds since the epoch of 1970-01-01 00:00:00 UTC), and sets
96the file system timestamp to that.
97
98Squashfs uses an unsigned 32-bit integer to store time, and the
99time given should be in that range.
100
101Obviously you can use the date command to convert dates into
102this value, i.e.
103
104% mksquashfs source source.sqsh -mkfs-time $(date +%s -d "Jan 1 2019 19:00")
105
1061.1.3 -all-time <time>
107
108This option takes a positive time value (which is the number
109of seconds since the epoch of 1970-01-01 00:00:00 UTC), and sets
110the timestamp on all files to that (but not the mkfs time).
111
1121.1.4 environment variable SOURCE_DATE_EPOCH
113
114As an alternative to the above command line options, you can
115set the environment variable SOURCE_DATE_EPOCH to a time value.
116
117This value will be used to set the mkfs time.  Also any
118file timestamps which are after SOURCE_DATE_EPOCH will be
119clamped to SOURCE_DATE_EPOCH.
120
121See https://reproducible-builds.org/docs/source-date-epoch/
122for more information.
123
124Note: both SOURCE_DATE_EPOCH and the command line options cannot
125be used at the same time.  They are different ways to do the same thing,
126and both have FORCE sematics which mean they can't be over-ridden
127elsewhere (otherwise it would defeat the purpose).
128
1291.1.5 -not-reproducible
130
131This option tells Mksquashfs that the files do not have to be
132strictly ordered.  This will make Mksquashfs behave like version 4.3.
133
134
1352. Zstandard (ZSTD) compression added
136-------------------------------------
137
138This is named zstd.  It supports the following
139compression options.
140
141	zstd
142	  -Xcompression-level <compression-level>
143		<compression-level> should be 1 .. 22 (default 15)
144
145
1463. Pseudo file symbolic link support added
147------------------------------------------
148
149Pseudo definition
150
151Filename s mode uid gid symlink
152
153uid and gid can be either specified as a decimal number, or by name.
154
155Note mode is ignored, as symlinks always have "rwxrwxrwx" permissions.
156
157For example:
158
159symlink s 0 root root example
160
161creates a symlink "symlink" to file "example" with root uid/gid.
162
163
1644. CVE-2015-2015-4645 and CVE-2015-4646
165---------------------------------------
166
167These CVEs were raised due to Unsquashfs having variable overflow and
168stack overflow in a number of vulnerable functions.
169
170All instances of variable overflow and stack overflow have been
171removed.
172
173
1745. Unsquashfs hardened against corrupted filestems
175--------------------------------------------------
176
177The filesystem super-block values and filesystem metadata tables
178are further sanity checked.  More importantly, these values are now
179checked for validity against other values in the metadata tables, and
180these values must match.
181
182
1836. Unsquashfs is now more strict about error handling
184-----------------------------------------------------
185
186Unsquashfs splits errors into two categories: fatal errors and non-fatal
187errors.  In this release a significant number of errors that were previously
188non-fatal have been hardened to fatal.
189
190Fatal errors are those which cause Unsquashfs to abort instantly.
191These are generally due to failure to read the filesystem (corruption),
192and/or failure to write files to the output filesystem, due to I/O error
193or out of space.  Generally anything which is unexpected is a fatal error.
194
195Non-fatal errors are generally where support is lacking in the
196output filesystem, and it can be considered to be an expected failure.
197This includes the inability to write extended attributes (xattrs) to
198a filesystem that doesn't support them, the inability to create files on
199filesystem that doesn't support them (i.e. symbolic links on VFAT), and the
200inability to execute privileged operations as a user-process.
201
202The user may well know the filesystem cannot support certain operations
203and would prefer Unsquashfs to ignore then without aborting.
204
205Two new options have been added:
206
2076.1. -ignore-errors
208
209This makes Unsquashfs behave like previous versions, and treats more
210errors as non-fatal.
211
2126.2. -strict-errors
213
214This makes Unsquashfs treat every error as fatal, and it will abort
215instantly.
216
217
2187. Miscellaneous new options and major bug fixes for Mksquashfs
219---------------------------------------------------------------
220
2217.1. -root-mode <mode>
222
223This sets the permissions of the root directory to the octal <mode>.
224This is mostly intended for when multiple sources are specified on
225the command line.  In this instance Mksquashfs produces a dummy top level
226directory with permissions 0777 (rwxrwxrwx).  This option allows the
227permissions to be changed.  But the option can also be used when a single
228source is specified.
229
2307.2. -quiet
231
232This suppresses all output from Mksquashfs, except the progress bar.
233
234The progress bar can disabled with -no-progress to produce completely
235silent output.
236
237This new option is useful for scripts.
238
2397.3. -noId
240
241This is similar to the pre-existing -noI option, except, it specifies that
242only the Id table (uids and gids) should be uncompressed.  This option was
243added to enable a use-case where uids and gids need to be updated after
244filesystem generation.
245
2467.4. -offset <offset>
247
248This option skips <offset> bytes at the beginning of the output filesystem.
249
250Optionally a suffix of K, M or G can be given to specify Kbytes, Mbytes or
251Gbytes respectively.
252
2537.5. Update lz4 wrapper to use new functions introduced in 1.7.0
254
2557.5. Bug fix, don't allow "/" pseudo filenames
256
2577.6. Bug fix, allow quoting of pseudo files, to better handle filenames with
258     spaces
259
2607.7. Fix compilation with glibc 2.25+
261
262
2638. Miscellaneous new options and major bug fixes for Unsquashfs
264---------------------------------------------------------------
265
2668.1. -lln[umeric]
267
268This is similar to the "-lls" option but displays uids and gids numerically.
269
2708.2. -lc option
271
272This is similar to the "-ls" option except it only displays files and empty
273directories.
274
2758.3. -llc option
276
277As "-llc" option but displays file attributes.
278
2798.4. -offset <offset>
280
281This option skips <offset> bytes at the beginning of the input filesystem.
282
283Optionally a suffix of K, M or G can be given to specify Kbytes, Mbytes or
284Gbytes respectively.
285
2868.5. -quiet
287
288This suppresses all output from Unsquashfs, except the progress bar.
289
290The progress bar can disabled with -no-progress to produce completely
291silent output.
292
293This new option is useful for scripts.
294
2958.6. -UTC
296
297This option makes Unsquashfs display all times in the UTC time zone rather
298than using the default local time zone.
299
3008.7. Update lz4 wrapper to use new functions introduced in 1.7.0
301
3028.8. Bug fix, fatal and non-fatal errors now set the exit code to 1
303
3048.9. Bug fix, fix time setting for symlinks
305
3068.10. Bug fix, try to set sticky-bit when running as a user process
307
3088.11. Fix compilation with glibc 2.25+
309
310
3119. Compatiblity
312---------------
313
314Mksquashfs 4.4 generates 4.0 filesystems.  These filesystems are fully
315compatible/interchangable with filesystems generated by Mksquashfs 4.x and are
316mountable on 2.6.29 and later kernels.
317