From: Al Viro <viro@zeniv.linux.org.uk>
To: Eric Biggers <ebiggers@kernel.org>
Cc: Tiezhu Yang <yangtiezhu@loongson.cn>,
"Theodore Y. Ts'o" <tytso@mit.edu>,
Jaegeuk Kim <jaegeuk@kernel.org>, Chao Yu <yuchao0@huawei.com>,
Tyler Hicks <tyhicks@canonical.com>,
linux-fsdevel@vger.kernel.org, ecryptfs@vger.kernel.org,
linux-fscrypt@vger.kernel.org,
linux-f2fs-devel@lists.sourceforge.net,
linux-kernel@vger.kernel.org
Subject: Re: [PATCH v4] fs: introduce is_dot_or_dotdot helper for cleanup
Date: Tue, 10 Dec 2019 23:10:09 +0000 [thread overview]
Message-ID: <20191210231009.GB4203@ZenIV.linux.org.uk> (raw)
In-Reply-To: <20191210191912.GA99557@gmail.com>
On Tue, Dec 10, 2019 at 11:19:13AM -0800, Eric Biggers wrote:
> > +static inline bool is_dot_or_dotdot(const unsigned char *name, size_t len)
> > +{
> > + if (unlikely(name[0] == '.')) {
> > + if (len < 2 || (len == 2 && name[1] == '.'))
> > + return true;
> > + }
> > +
> > + return false;
> > +}
>
> This doesn't handle the len=0 case. Did you check that none of the users pass
> in zero-length names? It looks like fscrypt_fname_disk_to_usr() can, if the
> directory entry on-disk has a zero-length name. Currently it will return
> -EUCLEAN in that case, but with this patch it may think it's the name ".".
>
> So I think there needs to either be a len >= 1 check added, *or* you need to
> make an argument for why it's okay to not care about the empty name case.
Frankly, the only caller that matters in practice is link_path_walk(); _that_
is by far the hottest path that might make use of that thing.
BTW, the callers that might end up passing 0 for len really ought to take
a good look at another thing - that name[0] is, in fact, mapped. Something
along the lines of
if (name + len > end_of_buffer)
sod off
if (<that function>(name, len))
....
is not enough, for obvious reasons.
WARNING: multiple messages have this Message-ID (diff)
From: Al Viro <viro@zeniv.linux.org.uk>
To: Eric Biggers <ebiggers@kernel.org>
Cc: ecryptfs@vger.kernel.org, "Theodore Y. Ts'o" <tytso@mit.edu>,
linux-kernel@vger.kernel.org, Tyler Hicks <tyhicks@canonical.com>,
linux-fscrypt@vger.kernel.org, linux-fsdevel@vger.kernel.org,
Jaegeuk Kim <jaegeuk@kernel.org>,
Tiezhu Yang <yangtiezhu@loongson.cn>,
linux-f2fs-devel@lists.sourceforge.net
Subject: Re: [f2fs-dev] [PATCH v4] fs: introduce is_dot_or_dotdot helper for cleanup
Date: Tue, 10 Dec 2019 23:10:09 +0000 [thread overview]
Message-ID: <20191210231009.GB4203@ZenIV.linux.org.uk> (raw)
In-Reply-To: <20191210191912.GA99557@gmail.com>
On Tue, Dec 10, 2019 at 11:19:13AM -0800, Eric Biggers wrote:
> > +static inline bool is_dot_or_dotdot(const unsigned char *name, size_t len)
> > +{
> > + if (unlikely(name[0] == '.')) {
> > + if (len < 2 || (len == 2 && name[1] == '.'))
> > + return true;
> > + }
> > +
> > + return false;
> > +}
>
> This doesn't handle the len=0 case. Did you check that none of the users pass
> in zero-length names? It looks like fscrypt_fname_disk_to_usr() can, if the
> directory entry on-disk has a zero-length name. Currently it will return
> -EUCLEAN in that case, but with this patch it may think it's the name ".".
>
> So I think there needs to either be a len >= 1 check added, *or* you need to
> make an argument for why it's okay to not care about the empty name case.
Frankly, the only caller that matters in practice is link_path_walk(); _that_
is by far the hottest path that might make use of that thing.
BTW, the callers that might end up passing 0 for len really ought to take
a good look at another thing - that name[0] is, in fact, mapped. Something
along the lines of
if (name + len > end_of_buffer)
sod off
if (<that function>(name, len))
....
is not enough, for obvious reasons.
_______________________________________________
Linux-f2fs-devel mailing list
Linux-f2fs-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
next prev parent reply other threads:[~2019-12-10 23:10 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-12-10 12:10 [PATCH v4] fs: introduce is_dot_or_dotdot helper for cleanup Tiezhu Yang
2019-12-10 12:10 ` [f2fs-dev] " Tiezhu Yang
2019-12-10 12:13 ` Matthew Wilcox
2019-12-10 12:13 ` [f2fs-dev] " Matthew Wilcox
2019-12-10 19:19 ` Eric Biggers
2019-12-10 19:19 ` [f2fs-dev] " Eric Biggers
2019-12-10 23:10 ` Al Viro [this message]
2019-12-10 23:10 ` Al Viro
2019-12-11 0:56 ` Tiezhu Yang
2019-12-11 0:56 ` [f2fs-dev] " Tiezhu Yang
2019-12-12 18:13 ` Matthew Wilcox
2019-12-12 18:13 ` [f2fs-dev] " Matthew Wilcox
-- strict thread matches above, loose matches on Subject: below --
2020-01-28 22:11 [willy@infradead.org: Re: [willy@infradead.org: Re: [PATCH v4] fs: introduce is_dot_or_dotdot helper for cleanup]] Matthew Wilcox
2020-01-29 1:23 ` [PATCH v4] fs: introduce is_dot_or_dotdot helper for cleanup Andreas Dilger
2020-01-29 7:36 ` Matthew Wilcox
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20191210231009.GB4203@ZenIV.linux.org.uk \
--to=viro@zeniv.linux.org.uk \
--cc=ebiggers@kernel.org \
--cc=ecryptfs@vger.kernel.org \
--cc=jaegeuk@kernel.org \
--cc=linux-f2fs-devel@lists.sourceforge.net \
--cc=linux-fscrypt@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=tyhicks@canonical.com \
--cc=tytso@mit.edu \
--cc=yangtiezhu@loongson.cn \
--cc=yuchao0@huawei.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.