| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 23 Jun 2020 22:57:07 -0700
From: Eric Biggers <ebiggers@...nel.org>
To: Daniel Rosenberg <drosen@...gle.com>
Cc: Theodore Ts'o <tytso@....edu>, linux-ext4@...r.kernel.org,
Jaegeuk Kim <jaegeuk@...nel.org>, Chao Yu <chao@...nel.org>,
linux-f2fs-devel@...ts.sourceforge.net,
linux-fscrypt@...r.kernel.org,
Alexander Viro <viro@...iv.linux.org.uk>,
Richard Weinberger <richard@....at>,
linux-mtd@...ts.infradead.org,
Andreas Dilger <adilger.kernel@...ger.ca>,
Jonathan Corbet <corbet@....net>, linux-doc@...r.kernel.org,
linux-kernel@...r.kernel.org, linux-fsdevel@...r.kernel.org,
Gabriel Krisman Bertazi <krisman@...labora.com>,
kernel-team@...roid.com
Subject: Re: [PATCH v9 2/4] fs: Add standard casefolding support
On Tue, Jun 23, 2020 at 09:33:39PM -0700, Daniel Rosenberg wrote:
> This adds general supporting functions for filesystems that use
> utf8 casefolding. It provides standard dentry_operations and adds the
> necessary structures in struct super_block to allow this standardization.
>
> Ext4 and F2fs will switch to these common implementations.
>
> Signed-off-by: Daniel Rosenberg <drosen@...gle.com>
> ---
> fs/libfs.c | 101 +++++++++++++++++++++++++++++++++++++++++++++
> include/linux/fs.h | 22 ++++++++++
> 2 files changed, 123 insertions(+)
>
> diff --git a/fs/libfs.c b/fs/libfs.c
> index 4d08edf19c782..f7345a5ed562f 100644
> --- a/fs/libfs.c
> +++ b/fs/libfs.c
> @@ -20,6 +20,8 @@
> #include <linux/fs_context.h>
> #include <linux/pseudo_fs.h>
> #include <linux/fsnotify.h>
> +#include <linux/unicode.h>
> +#include <linux/fscrypt.h>
>
> #include <linux/uaccess.h>
>
> @@ -1363,3 +1365,102 @@ bool is_empty_dir_inode(struct inode *inode)
> return (inode->i_fop == &empty_dir_operations) &&
> (inode->i_op == &empty_dir_inode_operations);
> }
> +
> +#ifdef CONFIG_UNICODE
> +/**
> + * needs_casefold - generic helper to determine if a filename should be casefolded
> + * @dir: Parent directory
> + *
> + * Generic helper for filesystems to use to determine if the name of a dentry
> + * should be casefolded. It does not make sense to casefold the no-key token of
> + * an encrypted filename.
> + *
> + * Return: if names will need casefolding
> + */
> +bool needs_casefold(const struct inode *dir)
> +{
> + return IS_CASEFOLDED(dir) && dir->i_sb->s_encoding &&
> + (!IS_ENCRYPTED(dir) || fscrypt_has_encryption_key(dir));
> +}
> +EXPORT_SYMBOL(needs_casefold);
Note that the '!IS_ENCRYPTED(dir) || fscrypt_has_encryption_key(dir)' check can
be racy, because a process can be looking up a no-key token in a directory while
concurrently another process initializes the directory's ->i_crypt_info, causing
fscrypt_has_encryption_key(dir) to suddenly start returning true.
In my rework of filename handling in f2fs, I actually ended up removing all
calls to needs_casefold(), thus avoiding this race. f2fs now decides whether
the name is going to need casefolding early on, in __f2fs_setup_filename(),
where it knows in a race-free way whether the filename is a no-key token or not.
Perhaps ext4 should work the same way? It did look like there would be some
extra complexity due to how the ext4 directory hashing works in comparison to
f2fs's, but I haven't had a chance to properly investigate it.
- Eric
Powered by blists - more mailing lists