From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from kanga.kvack.org (kanga.kvack.org [205.233.56.17]) by smtp.lore.kernel.org (Postfix) with ESMTP id C64BFD2F7CF for ; Wed, 16 Oct 2024 22:00:45 +0000 (UTC) Received: by kanga.kvack.org (Postfix) id 57F996B0093; Wed, 16 Oct 2024 18:00:45 -0400 (EDT) Received: by kanga.kvack.org (Postfix, from userid 40) id 52F386B0095; Wed, 16 Oct 2024 18:00:45 -0400 (EDT) X-Delivered-To: int-list-linux-mm@kvack.org Received: by kanga.kvack.org (Postfix, from userid 63042) id 445666B0096; Wed, 16 Oct 2024 18:00:45 -0400 (EDT) X-Delivered-To: linux-mm@kvack.org Received: from relay.hostedemail.com (smtprelay0011.hostedemail.com [216.40.44.11]) by kanga.kvack.org (Postfix) with ESMTP id 261DC6B0093 for ; Wed, 16 Oct 2024 18:00:45 -0400 (EDT) Received: from smtpin04.hostedemail.com (a10.router.float.18 [10.200.18.1]) by unirelay04.hostedemail.com (Postfix) with ESMTP id DC19C1A0C77 for ; Wed, 16 Oct 2024 22:00:25 +0000 (UTC) X-FDA: 82680835440.04.6301EF2 Received: from fanzine2.igalia.com (fanzine.igalia.com [178.60.130.6]) by imf15.hostedemail.com (Postfix) with ESMTP id 0FC79A0028 for ; Wed, 16 Oct 2024 22:00:31 +0000 (UTC) Authentication-Results: imf15.hostedemail.com; dkim=pass header.d=igalia.com header.s=20170329 header.b=S1ID1XUI; spf=pass (imf15.hostedemail.com: domain of andrealmeid@igalia.com designates 178.60.130.6 as permitted sender) smtp.mailfrom=andrealmeid@igalia.com; dmarc=pass (policy=none) header.from=igalia.com ARC-Seal: i=1; s=arc-20220608; d=hostedemail.com; t=1729115968; a=rsa-sha256; cv=none; b=DLLKN1FY5rEyA8gb5uiBsuvSnSTSuZBKTXGp1b1exhOPAghLYmAAqi1KDug2SwE8dqzDPG iauy21TMe/2jPyp4iB9Lmr16qNib9dR00bBL2fyfF0VmPUFQlqGTCAgQQwf3qgWFUtKCdA 0WNolgPYnM0LExP9ru9LZj0G7C+30Nw= ARC-Authentication-Results: i=1; imf15.hostedemail.com; dkim=pass header.d=igalia.com header.s=20170329 header.b=S1ID1XUI; spf=pass (imf15.hostedemail.com: domain of andrealmeid@igalia.com designates 178.60.130.6 as permitted sender) smtp.mailfrom=andrealmeid@igalia.com; dmarc=pass (policy=none) header.from=igalia.com ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=hostedemail.com; s=arc-20220608; t=1729115968; h=from:from:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:dkim-signature; bh=x/5rC1xxa1L+8foNZ96vhDMYxXts5+xHlK0v36f7pTo=; b=a9TiGRK7PEdo7qPKxPeVYa/vao0CMs86BwxDW0X5ZWOB4l9MOSxDL5yyozZccyimydwkBK ee4W7jZXfjjKEuvS9yMuDgidVGgvoHLuNgaUikcsBEsSKfoZNy721LscFuJgaT8Ot8nuZB y3Q/f1d8syIXR6Mufk1ROr64X6KIioI= DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=igalia.com; s=20170329; h=Content-Transfer-Encoding:Content-Type:In-Reply-To:From: References:Cc:To:Subject:MIME-Version:Date:Message-ID:Sender:Reply-To: Content-ID:Content-Description:Resent-Date:Resent-From:Resent-Sender: Resent-To:Resent-Cc:Resent-Message-ID:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=x/5rC1xxa1L+8foNZ96vhDMYxXts5+xHlK0v36f7pTo=; b=S1ID1XUIpYRZxd95Lq9A6uoH8N 8IDRXXr9OBR+TBeJNazOHCmmP5yAu522EddTdoOekBTXwTX2aevD5aLUmdKdWVJoMkKh+2DTIoKpf LysiBhB2jRJ9QwoPxRLuzpLqzgtWVCc2Y8RbvQG6xyoqxop0a1bVBNsxJcbnBX+SXcVxsxCfWqXrO EOYKiVsqLkjIjklOuESs1Z9eiT3EXkWPuV8ElRSgBnkHybZgeJfzynqdaR1HcAM4AhQOCHD3iHZev 2f2L/IeQaBmoRao4h1dyPp4+y1OmWMAkajPsx/R+Anp4vFiLV3FzJhd+wL/cinLl3DwsT2vskX+vu 4XLAwGVg==; Received: from [179.118.186.49] (helo=[192.168.15.100]) by fanzine2.igalia.com with esmtpsa (Cipher TLS1.3:ECDHE_X25519__RSA_PSS_RSAE_SHA256__AES_128_GCM:128) (Exim) id 1t1C3r-00BMoD-HR; Thu, 17 Oct 2024 00:00:07 +0200 Message-ID: Date: Wed, 16 Oct 2024 18:59:58 -0300 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [PATCH v6 01/10] libfs: Create the helper function generic_ci_validate_strict_name() To: Gabriel Krisman Bertazi Cc: Alexander Viro , Christian Brauner , Jan Kara , Theodore Ts'o , Andreas Dilger , Hugh Dickins , Andrew Morton , Jonathan Corbet , smcv@collabora.com, kernel-dev@igalia.com, linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org, linux-ext4@vger.kernel.org, linux-mm@kvack.org, linux-doc@vger.kernel.org References: <20241010-tonyk-tmpfs-v6-0-79f0ae02e4c8@igalia.com> <20241010-tonyk-tmpfs-v6-1-79f0ae02e4c8@igalia.com> <87bjzls6ff.fsf@mailhost.krisman.be> Content-Language: en-US From: =?UTF-8?Q?Andr=C3=A9_Almeida?= In-Reply-To: <87bjzls6ff.fsf@mailhost.krisman.be> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-Stat-Signature: 6dcn3cy5yfiks53cyx5e85o8r5ziz9y7 X-Rspamd-Queue-Id: 0FC79A0028 X-Rspam-User: X-Rspamd-Server: rspam10 X-HE-Tag: 1729116031-499709 X-HE-Meta: U2FsdGVkX18S9FxvNayZqGaEMnoyJuC1uMQhxyUa+BbeVHm79m++KHExvT1zC1mZmDmLTo4PL83wAg3NA0gz6AOt8CxBWY0bOoiBob93B9NkapgvKLMaVADVEAH4jRGtjqnm/BjiKPvf8w08Lk+NPfaE82AAEyBj4tQAqXBwIWUj39p8SAoGbtN/+N7gU3iymZP8v8iTgkBV6sXWf4ExajczpdW8jEXxtGCd4eBfJrVD5aTUXP4c5eHOYMir5CVa2JEay/ah9ULc+qda6V9M3T0vgLl6bVojLEeta2Ffr3rmrgZQL4pmUot39zr9SO/NukmWR4Kno8U58tx6bTXajb48tR6JCDuBXrwl+F4Z7a/L7Q5zW1yQh1XbOzI6E3J1G5AvP+73CXQBP3ZHLEqrtLQnEfgQhit4F+eEAYZH10Hw8WlpzlB0720S1mL4jqn/9tOV+qdNEiUYom11k/i3Esk4O7ArlHfahvwj/ARdggoTVjFr48vPK8B1fZ9YbOMOibQOBLSZUdFmUcdpmcGlyfyTZuBeABf6hoOln3aKxz3tOZqzLHhyNgPTYtCYCbaFwIUIAQ4pBWhcuSOKFLkPSW7vDUogToPX00NT3bYcsnCi2FoUonrti3EXyooFhsGcjVuipkWeZeCUkwhlCNPW/FGGwqZkd7ZVMBT7srXsuY9UnCuE9MIjndJy9cOpyN42/LH9J9snaFLqekCiIX5cGNYxYC6vUI08YlCwb/a71xwZW6Xx+DqZlY6NEkSS8WVkgDqh3J2DbeSh+ya+ZM56TwuMn0mNCY9SnH1AOj8eaDRN3DeonbLHrAnWM6wc0Y2UNYU4XHNkFEJM+qi8Cpple9Jwtx6Zb/yYLPH0NYIP7QUMGqbw6psmTGjGTLW1CcmL1AQFEGHPCls7d8OrhBkgp1XTsPI7Y5BA/vLFCOFys79cdybBawL/gEq8gXScjsgqg2vmh7tvlADecLOVfvr Oc3378GV 2rguYlfOhsacy9YdfCxfwHKF1q3b2Jf7R+Z9v4Pc22xf/VaDGsXB5YTaxlyBL8MN9rUwMjHy4WtnrWYoODP4nbFqWUUtHWArSvQbYSLatSNwzPQh4qY9chVN744yZr1kbIShz3JG0BPfABhmGvqpY7d1vtT1FgdiHI01bYADEiHbS+EeL7ToSTECTygLt3Xob4rkNFuri2i81K/NZNUNVUxprwKDQSPL5YAf2I/YRoJJwIz9/bEC+FeQBIv+nZsd7EdtWUAVXyHWuvKyIYb2yO/E7KYEVW9nn61GbRqd8gA2KSu9wqSBrb5UWo3C7+N0geO9cEkwG9sjByaTI704ZqBgzpN2VFez+x7A5JOz9pFl9TAH4WIO0JGFPOW98jdDQyKf4sKUlaIdtdhJ1QPpLnexjzgAPg7V0lIJozZjupa+3HIc= X-Bogosity: Ham, tests=bogofilter, spamicity=0.000000, version=1.2.4 Sender: owner-linux-mm@kvack.org Precedence: bulk X-Loop: owner-majordomo@kvack.org List-ID: List-Subscribe: List-Unsubscribe: Em 15/10/2024 12:59, Gabriel Krisman Bertazi escreveu: > André Almeida writes: > >> +static inline bool generic_ci_validate_strict_name(struct inode *dir, struct qstr *name) >> +{ >> + if (!IS_CASEFOLDED(dir) || !sb_has_strict_encoding(dir->i_sb)) >> + return true; >> + >> + /* >> + * A casefold dir must have a encoding set, unless the filesystem >> + * is corrupted >> + */ >> + if (WARN_ON_ONCE(!dir->i_sb->s_encoding)) >> + return true; >> + >> + return utf8_validate(dir->i_sb->s_encoding, name); > > There is something fishy here. Concerningly, the fstests test doesn't > catch it. > > utf8_validate is defined as: > > int utf8_validate(const struct unicode_map *um, const struct qstr *str) > > Which returns 0 on success and !0 on error. Thus, when casting to bool, > the return code should be negated. > > But generic/556 doesn't fail. That's because we are over cautious, and > also check the string at the end of generic_ci_d_hash. So we never > really reach utf8_validate in the tested case. > > But if you comment the final if in generic_ci_d_hash, you'll see this > patchset regresses the fstests case generic/556 over ext4. > > We really need the check in both places, though. We don't want to rely > on the behavior of generic_ci_d_hash to block invalid filenames, as that > might change. > Thanks Krisman! Nice catch. I fixed this for the next version. Testing with the modified generic_ci_d_hash(), I also realized that the validation was in the wrong place and leaving an inode behind, this fixed: diff --git a/mm/shmem.c b/mm/shmem.c index eb1ea1f3b37c..7bd7ca5777af 100644 --- a/mm/shmem.c +++ b/mm/shmem.c @@ -3624,13 +3624,13 @@ shmem_mknod(struct mnt_idmap *idmap, struct inode *dir, struct inode *inode; int error; + if (!generic_ci_validate_strict_name(dir, &dentry->d_name)) + return -EINVAL; + inode = shmem_get_inode(idmap, dir->i_sb, dir, mode, dev, VM_NORESERVE); if (IS_ERR(inode)) return PTR_ERR(inode); - if (!generic_ci_validate_strict_name(dir, &dentry->d_name)) - return -EINVAL; -