lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Thu, 14 Oct 2021 18:54:31 -0300
From:   Gabriel Krisman Bertazi <krisman@...labora.com>
To:     "Theodore Ts'o" <tytso@....edu>
Cc:     Shreeya Patel <shreeya.patel@...labora.com>,
        viro@...iv.linux.org.uk, adilger.kernel@...ger.ca,
        linux-ext4@...r.kernel.org, linux-fsdevel@...r.kernel.org,
        linux-kernel@...r.kernel.org, kernel@...labora.com
Subject: Re: [PATCH 2/2] fs: ext4: Fix the inconsistent name exposed by
 /proc/self/cwd

"Theodore Ts'o" <tytso@....edu> writes:

> On Fri, Oct 01, 2021 at 03:11:30PM -0400, Gabriel Krisman Bertazi wrote:
>> 
>> The dcache name is exposed in more places, like /proc/mounts.  We have a
>> bug reported against flatpak where its initialization code bind mounts a
>> directory that was previously touched with a different case combination,
>> and then checks /proc/mounts in a case-sensitive way to see if the mount
>> succeeded.  This code now regresses on CI directories because the name
>> it asked to bind mount is not found in /proc/mounts.
>
> Ah, thanks for the context.  That makes sense.
>
>> I think the more reasonable approach is to save the disk exact name on
>> the dcache, because that is the only version that doesn't change based
>> on who won the race for the first lookup.
>
> What about the alternative of storing the casefolded name?  The
> advantage of using the casefolded name is that we can always casefold
> the name, where as in the case of a negative dentry, there is no disk
> exact name to use (since by definition there is no on-disk name).

That would work.  The casefolded version is always predictable (since
unicode is stable) and even though is not as easily available as the
disk name function (getdents), it solves the issue.

It would also allow us to use utf8_strncasecmp_folded in the d_compare
hook, which is nice.

Do you have an implementation suggestion to solve the dcache issue
pointed by Viro?

-- 
Gabriel Krisman Bertazi

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ