From: Gabriel Krisman Bertazi <krisman@suse.de>
To: Christian Brauner <brauner@kernel.org>
Cc: viro@zeniv.linux.org.uk, tytso@mit.edu, ebiggers@kernel.org,
jaegeuk@kernel.org, linux-fsdevel@vger.kernel.org,
linux-ext4@vger.kernel.org,
linux-f2fs-devel@lists.sourceforge.net,
Gabriel Krisman Bertazi <krisman@collabora.com>
Subject: Re: [PATCH v4 1/7] fs: Expose name under lookup to d_revalidate hook
Date: Fri, 28 Jul 2023 11:49:00 -0400 [thread overview]
Message-ID: <87mszg11g3.fsf@suse.de> (raw)
In-Reply-To: <20230728-unrentabel-volumen-1500701f2524@brauner> (Christian Brauner's message of "Fri, 28 Jul 2023 16:00:10 +0200")
Christian Brauner <brauner@kernel.org> writes:
>> -static inline int d_revalidate(struct dentry *dentry, unsigned int flags)
>> +static inline int d_revalidate(struct dentry *dentry,
>> + const struct qstr *name,
>> + unsigned int flags)
>> {
>> - if (unlikely(dentry->d_flags & DCACHE_OP_REVALIDATE))
>> +
>> + if (unlikely(dentry->d_flags & DCACHE_OP_REVALIDATE)) {
>> + if (dentry->d_op->d_revalidate_name)
>> + return dentry->d_op->d_revalidate_name(dentry, name, flags);
>> return dentry->d_op->d_revalidate(dentry, flags);
>
> This whole sequence got me thinking.
>
...
> ubuntu@imp1-vm:~$ sudo mount -t ecryptfs /mnt/test/casefold-dir /opt
> ubuntu@imp1-vm:/opt$ findmnt | grep opt
> └─/opt /mnt/test/casefold-dir ecryptfs rw,relatime,ecryptfs_sig=8567ee2ae5880f2d,ecryptfs_cipher=aes,ecryptfs_key_bytes=16,ecryptfs_unlink_sigs
That's interesting. I was aware of overlayfs and wanted to eventually
get it to work together with casefold, but never considered an ecryptfs combo.
> So it doesn't even seem to care if the underlying filesytem uses a
> custom dentry hash function which seems problematic (So unrelated to
> this change someone should likely explain why that doesn't matter.).
>
> Afaict with your series this will be even more broken because ecryptfs
> and overlayfs call ->d_revalidate() directly.
>
> So this suggests that really you want to extend ->d_revalidate() and we
> should at least similar to overlayfs make ecryptfs reject being mounted
> on casefolding directories and refuse lookup requests for casefolding
> directories.
>
> Ideally we'd explicitly reject by having such fses detect casefolding
> unless it's really enough to reject based on DCACHE_OP_HASH.
Thanks for finding this issue. I'll follow up with merging d_revalidate
and d_revalidate_name and adding a patch to explicitly reject
combinations of ecryptfs/overlayfs with casefolding filesystems, and
safeguard the lookup.
--
Gabriel Krisman Bertazi
next prev parent reply other threads:[~2023-07-28 15:49 UTC|newest]
Thread overview: 48+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-07-27 17:28 [PATCH v4 0/7] Support negative dentries on case-insensitive ext4 and f2fs Gabriel Krisman Bertazi
2023-07-27 17:28 ` [f2fs-dev] " Gabriel Krisman Bertazi
2023-07-27 17:28 ` [PATCH v4 1/7] fs: Expose name under lookup to d_revalidate hook Gabriel Krisman Bertazi
2023-07-27 17:28 ` [f2fs-dev] " Gabriel Krisman Bertazi
2023-07-28 14:00 ` Christian Brauner
2023-07-28 14:00 ` [f2fs-dev] " Christian Brauner
2023-07-28 15:49 ` Gabriel Krisman Bertazi [this message]
2023-07-27 17:28 ` [PATCH v4 2/7] fs: Add DCACHE_CASEFOLDED_NAME flag Gabriel Krisman Bertazi
2023-07-27 17:28 ` [f2fs-dev] " Gabriel Krisman Bertazi
2023-07-29 4:34 ` Eric Biggers
2023-07-29 4:34 ` [f2fs-dev] " Eric Biggers
2023-07-27 17:28 ` [PATCH v4 3/7] libfs: Validate negative dentries in case-insensitive directories Gabriel Krisman Bertazi
2023-07-27 17:28 ` [f2fs-dev] " Gabriel Krisman Bertazi
2023-07-28 13:06 ` Christian Brauner
2023-07-28 13:06 ` [f2fs-dev] " Christian Brauner
2023-07-28 15:09 ` Gabriel Krisman Bertazi
2023-07-29 4:18 ` Eric Biggers
2023-07-29 4:18 ` [f2fs-dev] " Eric Biggers
2023-07-29 4:20 ` Eric Biggers
2023-07-29 4:20 ` [f2fs-dev] " Eric Biggers
2023-08-03 17:37 ` Gabriel Krisman Bertazi
2023-08-03 17:37 ` [f2fs-dev] " Gabriel Krisman Bertazi
2023-08-04 4:41 ` Eric Biggers
2023-08-04 4:41 ` [f2fs-dev] " Eric Biggers
2023-08-08 1:33 ` Gabriel Krisman Bertazi
2023-08-08 1:33 ` [f2fs-dev] " Gabriel Krisman Bertazi
2023-07-29 4:51 ` Eric Biggers
2023-07-29 4:51 ` [f2fs-dev] " Eric Biggers
2023-08-03 16:56 ` Gabriel Krisman Bertazi
2023-08-03 16:56 ` [f2fs-dev] " Gabriel Krisman Bertazi
2023-07-27 17:28 ` [PATCH v4 4/7] libfs: Chain encryption checks after case-insensitive revalidation Gabriel Krisman Bertazi
2023-07-27 17:28 ` [f2fs-dev] " Gabriel Krisman Bertazi
2023-07-27 17:28 ` [PATCH v4 5/7] libfs: Merge encrypted_ci_dentry_ops and ci_dentry_ops Gabriel Krisman Bertazi
2023-07-27 17:28 ` [f2fs-dev] " Gabriel Krisman Bertazi
2023-07-27 17:28 ` [PATCH v4 6/7] ext4: Enable negative dentries on case-insensitive lookup Gabriel Krisman Bertazi
2023-07-27 17:28 ` [f2fs-dev] " Gabriel Krisman Bertazi
2023-07-27 17:28 ` [PATCH v4 7/7] f2fs: " Gabriel Krisman Bertazi
2023-07-27 17:28 ` [f2fs-dev] " Gabriel Krisman Bertazi
2023-07-27 18:13 ` [PATCH v4 0/7] Support negative dentries on case-insensitive ext4 and f2fs Theodore Ts'o
2023-07-27 18:13 ` [f2fs-dev] " Theodore Ts'o
2023-07-27 18:39 ` Gabriel Krisman Bertazi
2023-07-27 18:39 ` [f2fs-dev] " Gabriel Krisman Bertazi
2023-07-27 19:41 ` Theodore Ts'o
2023-07-27 19:41 ` [f2fs-dev] " Theodore Ts'o
2023-07-28 7:45 ` Christian Brauner
2023-07-28 7:45 ` [f2fs-dev] " Christian Brauner
2023-07-28 11:21 ` Christian Brauner
2023-07-28 11:21 ` [f2fs-dev] " Christian Brauner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87mszg11g3.fsf@suse.de \
--to=krisman@suse.de \
--cc=brauner@kernel.org \
--cc=ebiggers@kernel.org \
--cc=jaegeuk@kernel.org \
--cc=krisman@collabora.com \
--cc=linux-ext4@vger.kernel.org \
--cc=linux-f2fs-devel@lists.sourceforge.net \
--cc=linux-fsdevel@vger.kernel.org \
--cc=tytso@mit.edu \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.