| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 10 Dec 2020 17:48:57 -0300
From: Gabriel Krisman Bertazi <krisman@...labora.com>
To: Arnaud Ferraris <arnaud.ferraris@...labora.com>
Cc: linux-ext4@...r.kernel.org, drosen@...gle.com, ebiggers@...nel.org,
tytso@....edu
Subject: Re: [PATCH RESEND v2 10/12] e2fsck: Add option to force encoded
filename verification
Arnaud Ferraris <arnaud.ferraris@...labora.com> writes:
> From: Gabriel Krisman Bertazi <krisman@...labora.com>
>
> This is interesting for !strict filesystems as part of the encoding
> update procedure. Once the filesystem is known to not have badly encoded
> filenames, the update is trivial, thanks to the stability of assigned
> code points in the unicode specification.
Ted,
I thought of this after your comment on LSFMM 2019 that strict mode
made the update of the unicode version trivial. I think this patch is a
dependency for ext4 to support a newer unicode version, which I'd like
to support in the near feature, such that we don't lag too much behind
the Unicode specification.
>
> Signed-off-by: Gabriel Krisman Bertazi <krisman@...labora.com>
> Signed-off-by: Arnaud Ferraris <arnaud.ferraris@...labora.com>
> ---
> e2fsck/e2fsck.h | 1 +
> e2fsck/pass2.c | 5 +++--
> e2fsck/unix.c | 4 ++++
> 3 files changed, 8 insertions(+), 2 deletions(-)
>
> diff --git a/e2fsck/e2fsck.h b/e2fsck/e2fsck.h
> index dcaab0a1..f324e92c 100644
> --- a/e2fsck/e2fsck.h
> +++ b/e2fsck/e2fsck.h
> @@ -177,6 +177,7 @@ struct resource_track {
> #define E2F_OPT_ICOUNT_FULLMAP 0x20000 /* use an array for inode counts */
> #define E2F_OPT_UNSHARE_BLOCKS 0x40000
> #define E2F_OPT_CLEAR_UNINIT 0x80000 /* Hack to clear the uninit bit */
> +#define E2F_OPT_CHECK_ENCODING 0x100000 /* Force verification of encoded filenames */
>
> /*
> * E2fsck flags
> diff --git a/e2fsck/pass2.c b/e2fsck/pass2.c
> index b6514de8..f93e2b53 100644
> --- a/e2fsck/pass2.c
> +++ b/e2fsck/pass2.c
> @@ -1049,9 +1049,10 @@ static int check_dir_block(ext2_filsys fs,
> ctx = cd->ctx;
>
> /* We only want filename encoding verification on strict
> - * mode. */
> + * mode or if explicitly requested by user. */
> if (ext2fs_test_inode_bitmap2(ctx->inode_casefold_map, ino) &&
> - (ctx->fs->super->s_encoding_flags & EXT4_ENC_STRICT_MODE_FL))
> + ((ctx->fs->super->s_encoding_flags & EXT4_ENC_STRICT_MODE_FL) ||
> + (ctx->options & E2F_OPT_CHECK_ENCODING)))
> cf_dir = 1;
>
> if (ctx->flags & E2F_FLAG_RUN_RETURN)
> diff --git a/e2fsck/unix.c b/e2fsck/unix.c
> index 1cb51672..0a9012e5 100644
> --- a/e2fsck/unix.c
> +++ b/e2fsck/unix.c
> @@ -753,6 +753,9 @@ static void parse_extended_opts(e2fsck_t ctx, const char *opts)
> ctx->options |= E2F_OPT_UNSHARE_BLOCKS;
> ctx->options |= E2F_OPT_FORCE;
> continue;
> + } else if (strcmp(token, "check_encoding") == 0) {
> + ctx->options |= E2F_OPT_CHECK_ENCODING;
> + continue;
> #ifdef CONFIG_DEVELOPER_FEATURES
> } else if (strcmp(token, "clear_all_uninit_bits") == 0) {
> ctx->options |= E2F_OPT_CLEAR_UNINIT;
> @@ -784,6 +787,7 @@ static void parse_extended_opts(e2fsck_t ctx, const char *opts)
> fputs("\tbmap2extent\n", stderr);
> fputs("\tunshare_blocks\n", stderr);
> fputs("\tfixes_only\n", stderr);
> + fputs("\tcheck_encoding\n", stderr);
> fputc('\n', stderr);
> exit(1);
> }
--
Gabriel Krisman Bertazi
Powered by blists - more mailing lists