| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAOQ4uxgDw5SVaoSJNzt2ma4P+XkVcvaJZoKmd1AmrTuqDxHc6A@mail.gmail.com>
Date: Thu, 14 Aug 2025 14:53:14 +0200
From: Amir Goldstein <amir73il@...il.com>
To: André Almeida <andrealmeid@...lia.com>
Cc: Miklos Szeredi <miklos@...redi.hu>, Theodore Tso <tytso@....edu>,
Gabriel Krisman Bertazi <krisman@...nel.org>, linux-unionfs@...r.kernel.org,
linux-kernel@...r.kernel.org, linux-fsdevel@...r.kernel.org,
Alexander Viro <viro@...iv.linux.org.uk>, Christian Brauner <brauner@...nel.org>, Jan Kara <jack@...e.cz>,
kernel-dev@...lia.com
Subject: Re: [PATCH v4 3/9] ovl: Create ovl_casefold() to support casefolded strncmp()
On Thu, Aug 14, 2025 at 12:37 AM André Almeida <andrealmeid@...lia.com> wrote:
>
> To add overlayfs support casefold filesystems, create a new function
> ovl_casefold(), to be able to do case-insensitive strncmp().
>
> ovl_casefold() allocates a new buffer and stores the casefolded version
> of the string on it. If the allocation or the casefold operation fails,
> fallback to use the original string.
>
> The case-insentive name is then used in the rb-tree search/insertion
> operation. If the name is found in the rb-tree, the name can be
> discarded and the buffer is freed. If the name isn't found, it's then
> stored at struct ovl_cache_entry to be used later.
>
> Signed-off-by: André Almeida <andrealmeid@...lia.com>
> ---
> Changes from v3:
> - Improve commit message text
> - s/OVL_NAME_LEN/NAME_MAX
> - drop #ifdef in favor of if(IS_ENABLED)
> - use new helper sb_encoding
> - merged patch "Store casefold name..." and "Create ovl_casefold()..."
> - Guard all the casefolding inside of IS_ENABLED(UNICODE)
>
> Changes from v2:
> - Refactor the patch to do a single kmalloc() per rb_tree operation
> - Instead of casefolding the cache entry name everytime per strncmp(),
> casefold it once and reuse it for every strncmp().
> ---
> fs/overlayfs/readdir.c | 99 ++++++++++++++++++++++++++++++++++++++++++++------
> 1 file changed, 87 insertions(+), 12 deletions(-)
>
> diff --git a/fs/overlayfs/readdir.c b/fs/overlayfs/readdir.c
> index b65cdfce31ce27172d28d879559f1008b9c87320..3d92c0b407fe355053ca80ef999d3520eb7d2462 100644
> --- a/fs/overlayfs/readdir.c
> +++ b/fs/overlayfs/readdir.c
> @@ -27,6 +27,8 @@ struct ovl_cache_entry {
> bool is_upper;
> bool is_whiteout;
> bool check_xwhiteout;
> + const char *cf_name;
> + int cf_len;
> char name[];
> };
>
> @@ -45,6 +47,7 @@ struct ovl_readdir_data {
> struct list_head *list;
> struct list_head middle;
> struct ovl_cache_entry *first_maybe_whiteout;
> + struct unicode_map *map;
> int count;
> int err;
> bool is_upper;
> @@ -66,6 +69,27 @@ static struct ovl_cache_entry *ovl_cache_entry_from_node(struct rb_node *n)
> return rb_entry(n, struct ovl_cache_entry, node);
> }
>
> +static int ovl_casefold(struct unicode_map *map, const char *str, int len, char **dst)
> +{
> + const struct qstr qstr = { .name = str, .len = len };
> + int cf_len;
> +
> + if (!IS_ENABLED(CONFIG_UNICODE) || !map || is_dot_dotdot(str, len))
> + return 0;
> +
> + *dst = kmalloc(NAME_MAX, GFP_KERNEL);
> +
> + if (dst) {
> + cf_len = utf8_casefold(map, &qstr, *dst, NAME_MAX);
> +
> + if (cf_len > 0)
> + return cf_len;
> + }
> +
> + kfree(*dst);
> + return 0;
> +}
> +
> static bool ovl_cache_entry_find_link(const char *name, int len,
> struct rb_node ***link,
> struct rb_node **parent)
> @@ -79,7 +103,7 @@ static bool ovl_cache_entry_find_link(const char *name, int len,
>
> *parent = *newp;
> tmp = ovl_cache_entry_from_node(*newp);
> - cmp = strncmp(name, tmp->name, len);
> + cmp = strncmp(name, tmp->cf_name, tmp->cf_len);
> if (cmp > 0)
> newp = &tmp->node.rb_right;
> else if (cmp < 0 || len < tmp->len)
> @@ -101,7 +125,7 @@ static struct ovl_cache_entry *ovl_cache_entry_find(struct rb_root *root,
> while (node) {
> struct ovl_cache_entry *p = ovl_cache_entry_from_node(node);
>
> - cmp = strncmp(name, p->name, len);
> + cmp = strncmp(name, p->cf_name, p->cf_len);
> if (cmp > 0)
> node = p->node.rb_right;
> else if (cmp < 0 || len < p->len)
> @@ -145,13 +169,16 @@ static bool ovl_calc_d_ino(struct ovl_readdir_data *rdd,
>
> static struct ovl_cache_entry *ovl_cache_entry_new(struct ovl_readdir_data *rdd,
> const char *name, int len,
> + const char *cf_name, int cf_len,
> u64 ino, unsigned int d_type)
> {
> struct ovl_cache_entry *p;
>
> p = kmalloc(struct_size(p, name, len + 1), GFP_KERNEL);
> - if (!p)
> + if (!p) {
> + kfree(cf_name);
> return NULL;
> + }
>
> memcpy(p->name, name, len);
> p->name[len] = '\0';
> @@ -167,6 +194,14 @@ static struct ovl_cache_entry *ovl_cache_entry_new(struct ovl_readdir_data *rdd,
> /* Defer check for overlay.whiteout to ovl_iterate() */
> p->check_xwhiteout = rdd->in_xwhiteouts_dir && d_type == DT_REG;
>
> + if (cf_name && cf_name != name) {
> + p->cf_name = cf_name;
> + p->cf_len = cf_len;
> + } else {
> + p->cf_name = p->name;
> + p->cf_len = len;
> + }
> +
> if (d_type == DT_CHR) {
> p->next_maybe_whiteout = rdd->first_maybe_whiteout;
> rdd->first_maybe_whiteout = p;
> @@ -175,17 +210,24 @@ static struct ovl_cache_entry *ovl_cache_entry_new(struct ovl_readdir_data *rdd,
> }
>
> static bool ovl_cache_entry_add_rb(struct ovl_readdir_data *rdd,
> - const char *name, int len, u64 ino,
> + const char *name, int len,
> + const char *cf_name, int cf_len,
> + u64 ino,
> unsigned int d_type)
> {
> struct rb_node **newp = &rdd->root->rb_node;
> struct rb_node *parent = NULL;
> struct ovl_cache_entry *p;
>
> - if (ovl_cache_entry_find_link(name, len, &newp, &parent))
> + if (ovl_cache_entry_find_link(cf_name, cf_len, &newp, &parent)) {
> + if (cf_name != name) {
> + kfree(cf_name);
> + cf_name = NULL;
> + }
No use of setting cf_name to NULL here.
Please include comment to explain this free (as you did in commit message)
> return true;
> + }
>
> - p = ovl_cache_entry_new(rdd, name, len, ino, d_type);
> + p = ovl_cache_entry_new(rdd, name, len, cf_name, cf_len, ino, d_type);
> if (p == NULL) {
> rdd->err = -ENOMEM;
> return false;
> @@ -200,15 +242,21 @@ static bool ovl_cache_entry_add_rb(struct ovl_readdir_data *rdd,
>
> static bool ovl_fill_lowest(struct ovl_readdir_data *rdd,
> const char *name, int namelen,
> + const char *cf_name, int cf_len,
> loff_t offset, u64 ino, unsigned int d_type)
> {
> struct ovl_cache_entry *p;
>
> - p = ovl_cache_entry_find(rdd->root, name, namelen);
> + p = ovl_cache_entry_find(rdd->root, cf_name, cf_len);
> if (p) {
> list_move_tail(&p->l_node, &rdd->middle);
> + if (cf_name != name) {
> + kfree(cf_name);
> + cf_name = NULL;
No use of setting cf_name to NULL here.
Please include comment to explain this free (as you did in commit message)
> + }
> } else {
> - p = ovl_cache_entry_new(rdd, name, namelen, ino, d_type);
> + p = ovl_cache_entry_new(rdd, name, namelen, cf_name, cf_len,
> + ino, d_type);
> if (p == NULL)
> rdd->err = -ENOMEM;
> else
> @@ -223,8 +271,11 @@ void ovl_cache_free(struct list_head *list)
> struct ovl_cache_entry *p;
> struct ovl_cache_entry *n;
>
> - list_for_each_entry_safe(p, n, list, l_node)
> + list_for_each_entry_safe(p, n, list, l_node) {
> + if (p->cf_name != p->name)
> + kfree(p->cf_name);
> kfree(p);
> + }
>
> INIT_LIST_HEAD(list);
> }
> @@ -260,12 +311,28 @@ static bool ovl_fill_merge(struct dir_context *ctx, const char *name,
> {
> struct ovl_readdir_data *rdd =
> container_of(ctx, struct ovl_readdir_data, ctx);
> + struct ovl_fs *ofs = OVL_FS(rdd->dentry->d_sb);
> + const char *aux = NULL;
It looks strange to me that you need aux
and it looks strange to pair <aux, cf_len>
neither here or there...
> + char *cf_name = NULL;
> + int cf_len = 0;
> +
> + if (ofs->casefold)
> + cf_len = ovl_casefold(rdd->map, name, namelen, &cf_name);
> +
> + if (cf_len <= 0) {
> + aux = name;
why not:
cf_name = name;
> + cf_len = namelen;
> + } else {
> + aux = cf_name;
> + }
and no aux and no else needed at all?
If you don't like a var named cf_name to point at a non-casefolded
name buffer, then use other var names which are consistent such as
<c_name, c_len> (c for "canonical" or "compare" name).
>
> rdd->count++;
> if (!rdd->is_lowest)
> - return ovl_cache_entry_add_rb(rdd, name, namelen, ino, d_type);
> + return ovl_cache_entry_add_rb(rdd, name, namelen, aux, cf_len,
> + ino, d_type);
> else
> - return ovl_fill_lowest(rdd, name, namelen, offset, ino, d_type);
> + return ovl_fill_lowest(rdd, name, namelen, aux, cf_len,
> + offset, ino, d_type);
> }
>
What do you think about moving all the consume/free buffer logic out to caller:
diff --git a/fs/overlayfs/readdir.c b/fs/overlayfs/readdir.c
index b65cdfce31ce..e77530c63207 100644
--- a/fs/overlayfs/readdir.c
+++ b/fs/overlayfs/readdir.c
@@ -174,7 +174,8 @@ static struct ovl_cache_entry
*ovl_cache_entry_new(struct ovl_readdir_data *rdd,
return p;
}
-static bool ovl_cache_entry_add_rb(struct ovl_readdir_data *rdd,
+/* Return 0 for found, >0 for added, <0 for error */
+static int ovl_cache_entry_add_rb(struct ovl_readdir_data *rdd,
const char *name, int len, u64 ino,
unsigned int d_type)
{
@@ -183,22 +184,23 @@ static bool ovl_cache_entry_add_rb(struct
ovl_readdir_data *rdd,
struct ovl_cache_entry *p;
if (ovl_cache_entry_find_link(name, len, &newp, &parent))
- return true;
+ return 0;
p = ovl_cache_entry_new(rdd, name, len, ino, d_type);
if (p == NULL) {
rdd->err = -ENOMEM;
- return false;
+ return -ENOMEM;
}
list_add_tail(&p->l_node, rdd->list);
rb_link_node(&p->node, parent, newp);
rb_insert_color(&p->node, rdd->root);
- return true;
+ return 1;
}
-static bool ovl_fill_lowest(struct ovl_readdir_data *rdd,
+/* Return 0 for found, >0 for added, <0 for error */
+static int ovl_fill_lowest(struct ovl_readdir_data *rdd,
const char *name, int namelen,
loff_t offset, u64 ino, unsigned int d_type)
{
@@ -207,6 +209,7 @@ static bool ovl_fill_lowest(struct ovl_readdir_data *rdd,
p = ovl_cache_entry_find(rdd->root, name, namelen);
if (p) {
list_move_tail(&p->l_node, &rdd->middle);
+ return 0;
} else {
p = ovl_cache_entry_new(rdd, name, namelen, ino, d_type);
if (p == NULL)
@@ -215,7 +218,7 @@ static bool ovl_fill_lowest(struct ovl_readdir_data *rdd,
list_add_tail(&p->l_node, &rdd->middle);
}
- return rdd->err == 0;
+ return rdd->err ?: 1;
}
@@ -260,12 +263,31 @@ static bool ovl_fill_merge(struct dir_context
*ctx, const char *name,
{
struct ovl_readdir_data *rdd =
container_of(ctx, struct ovl_readdir_data, ctx);
+ struct ovl_fs *ofs = OVL_FS(rdd->dentry->d_sb);
+ char *c_name = NULL;
+ int c_len = 0;
+ int ret;
+
+ if (ofs->casefold)
+ c_len = ovl_casefold(rdd->map, name, namelen, &c_name);
+
+ if (c_len <= 0) {
+ c_name = name;
+ c_len = namelen;
+ }
rdd->count++;
- if (!rdd->is_lowest)
- return ovl_cache_entry_add_rb(rdd, name, namelen, ino, d_type);
- else
- return ovl_fill_lowest(rdd, name, namelen, offset, ino, d_type);
+ if (!rdd->is_lowest) {
+ ret = ovl_cache_entry_add_rb(rdd, name, namelen, c_name, c_len,
+ ino, d_type);
+ } else {
+ ret = ovl_fill_lowest(rdd, name, namelen, c_name, c_len, offset,
+ ino, d_type);
+ }
+ // ret > 1 means c_name is consumed
+ if (ret <= 0 && c_len > 0)
+ kfree(c_name);
+ return ret >= 0;
}
Thanks,
Amir.
Powered by blists - more mailing lists