lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <DA2IZNYD4QH3.111ZX60XF1N58@kode54.net>
Date: Thu, 22 May 2025 00:53:49 -0700
From: "Christopher Snowhill" <chris@...e54.net>
To: Malte Schröder <malte.schroeder@...ip.de>, "John
 Stoffel" <john@...ffel.org>, "Kent Overstreet" <kent.overstreet@...ux.dev>
Cc: "Amir Goldstein" <amir73il@...il.com>, <linux-fsdevel@...r.kernel.org>,
 <linux-bcachefs@...r.kernel.org>, <linux-kernel@...r.kernel.org>,
 <linux-unionfs@...r.kernel.org>, "Miklos Szeredi" <miklos@...redi.hu>,
 "Alexander Viro" <viro@...iv.linux.org.uk>, "Christian Brauner"
 <brauner@...nel.org>, "Jan Kara" <jack@...e.cz>
Subject: Re: [PATCH 0/6] overlayfs + casefolding

On Wed May 21, 2025 at 4:26 AM PDT, Malte Schröder wrote:
> On 20/05/2025 20:49, John Stoffel wrote:
>>>>>>> "Kent" == Kent Overstreet <kent.overstreet@...ux.dev> writes:
>>> On Tue, May 20, 2025 at 04:03:27PM +0200, Amir Goldstein wrote:
>>>> On Tue, May 20, 2025 at 2:43 PM Kent Overstreet
>>>> <kent.overstreet@...ux.dev> wrote:
>>>>> On Tue, May 20, 2025 at 02:40:07PM +0200, Amir Goldstein wrote:
>>>>>> On Tue, May 20, 2025 at 2:25 PM Kent Overstreet
>>>>>> <kent.overstreet@...ux.dev> wrote:
>>>>>>> On Tue, May 20, 2025 at 10:05:14AM +0200, Amir Goldstein wrote:
>>>>>>>> On Tue, May 20, 2025 at 7:16 AM Kent Overstreet
>>>>>>>> <kent.overstreet@...ux.dev> wrote:
>>>>>>>>> This series allows overlayfs and casefolding to safely be used on the
>>>>>>>>> same filesystem by providing exclusion to ensure that overlayfs never
>>>>>>>>> has to deal with casefolded directories.
>>>>>>>>>
>>>>>>>>> Currently, overlayfs can't be used _at all_ if a filesystem even
>>>>>>>>> supports casefolding, which is really nasty for users.
>>>>>>>>>
>>>>>>>>> Components:
>>>>>>>>>
>>>>>>>>> - filesystem has to track, for each directory, "does any _descendent_
>>>>>>>>>   have casefolding enabled"
>>>>>>>>>
>>>>>>>>> - new inode flag to pass this to VFS layer
>>>>>>>>>
>>>>>>>>> - new dcache methods for providing refs for overlayfs, and filesystem
>>>>>>>>>   methods for safely clearing this flag
>>>>>>>>>
>>>>>>>>> - new superblock flag for indicating to overlayfs & dcache "filesystem
>>>>>>>>>   supports casefolding, it's safe to use provided new dcache methods are
>>>>>>>>>   used"
>>>>>>>>>
>>>>>>>> I don't think that this is really needed.
>>>>>>>>
>>>>>>>> Too bad you did not ask before going through the trouble of this implementation.
>>>>>>>>
>>>>>>>> I think it is enough for overlayfs to know the THIS directory has no
>>>>>>>> casefolding.
>>>>>>> overlayfs works on trees, not directories...
>>>>>> I know how overlayfs works...
>>>>>>
>>>>>> I've explained why I don't think that sanitizing the entire tree is needed
>>>>>> for creating overlayfs over a filesystem that may enable casefolding
>>>>>> on some of its directories.
>>>>> So, you want to move error checking from mount time, where we _just_
>>>>> did a massive API rework so that we can return errors in a way that
>>>>> users will actually see them - to open/lookup, where all we have are a
>>>>> small fixed set of error codes?
>>>> That's one way of putting it.
>>>>
>>>> Please explain the use case.
>>>>
>>>> When is overlayfs created over a subtree that is only partially case folded?
>>>> Is that really so common that a mount time error justifies all the vfs
>>>> infrastructure involved?
>>> Amir, you've got two widely used filesystem features that conflict and
>>> can't be used on the same filesystem.
>> Wait, what?  How many people use casefolding, on a per-directory
>> basis?  It's stupid.  Unix/Linux has used case-sensitive filesystems
>> for years.  Yes, linux supports other OSes which did do casefolding,
>> but yikes... per-directory support is just insane.  It should be
>> per-filesystem only at BEST.  
>>
>>> That's _broken_.
>> So?  what about my cross mounting of VMS filesystems with "foo.txt;3"
>> version control so I can go back to previous versions?  Why can't I do
>> that from my Linux systems that's mounting that VMS image?   
>>
>> Just because it's done doesn't mean it's not dumb.  
>>
>>> Users hate partitioning just for separate /boot and /home, having to
>>> partition for different applications is horrible. And since overlay
>>> fs is used under the hood by docker, and casefolding is used under
>>> the hood for running Windows applications, this isn't something
>>> people can predict in advance.
>> Sure I can, I don't run windows applications to screw casefolding.
>> :-)
>>
>> And I personally LIKE having a seperate /boot and /home, because it
>> gives isolation.  The world is not just single user laptops with
>> everything all on one disk or spread across a couple of disks using
>> LVM or RAID or all of the above.  
>>
>> I also don't see any updates for the XFS tests, or any other
>> filesystem tests, that actually checks and confirms this decidedly
>> obtuse and dumb to implement idea.  
>>
>>
>> John
>>
> Hi there,
>
> would you partition different subdirs of your /home? So there is
> .local/share/containers where users put their container-stuff (at least
> podman does). Then there is .wine where case-folding-craziness lives.
> And then there is the mess that is Steam, which does all kinds of
> containery case-foldy stuff. As much as I would like to keep these
> things apart, it is not feasible. Not for me as a "power user", and
> certainly far out of reach for average Joe user.
>
> Just my 2 ct, greets

"But just disable it globally" How about no. Sure, ext4 has that flag,
but bcachefs by design does not. And a change that already made it into
6.15 has made it trip overlayfs as it is now, unconditionally. The
purpose of this new implementation is to make it work, and satisfy the
condition that overlayfs is guaranteed no casefolding in its tree, and
that nobody may create a new folder inside that tree and suddenly turn
on casefolding on it.

And this change also makes it possible to use it with ext4 with the
global casefolding flag enabled. It shouldn't be necessary to have a
global killswitch, these features should be able to live together on the
same filesystem as long as they're not touching each other, and aren't
allowed to touch each other.

>
> /Malte

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ