linux-fsdevel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Tetsuhiro Kohada <kohada.t2@gmail.com>
To: Namjae Jeon <namjae.jeon@samsung.com>,
	Kohada.Tetsuhiro@dc.MitsubishiElectric.co.jp
Cc: Mori.Takahiro@ab.MitsubishiElectric.co.jp,
	Motai.Hirotaka@aj.MitsubishiElectric.co.jp,
	'Sungjong Seo' <sj1557.seo@samsung.com>,
	linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH v2] exfat: integrates dir-entry getting and validation
Date: Wed, 5 Aug 2020 10:44:36 +0900	[thread overview]
Message-ID: <05c5c1e9-2ccf-203d-5e8c-1c951004a7f9@gmail.com> (raw)
In-Reply-To: <001c01d669fe$8ab7cf80$a0276e80$@samsung.com>


>>>> +	i = 2;
>>>> +	while ((ep = exfat_get_validated_dentry(es, i++, TYPE_NAME))) {
>>> As Sungjong said, I think that TYPE_NAME seems right to be validated in exfat_get_dentry_set().
>>
>> First, it is possible to correctly determine that "Immediately follow the Stream Extension directory
>> entry as a consecutive series"
>> whether the TYPE_NAME check is implemented here or exfat_get_dentry_set().
>> It's functionally same, so it is also right to validate in either.
>>
>> Second, the current implementation does not care for NameLength field, as I replied to Sungjong.
>> If name is not terminated with zero, the name will be incorrect.(With or without my patch) I think
>> TYPE_NAME and NameLength validation should not be separated from the name extraction.
>> If validate TYPE_NAME in exfat_get_dentry_set(), NameLength validation and name extraction should also
>> be implemented there.
>> (Otherwise, a duplication check with exfat_get_dentry_set() and here.) I will add NameLength
>> validation here.
> Okay.

Thank you for your understanding.

>> Therefore, TYPE_NAME validation here should not be omitted.
>>
>> Third, getting dentry and entry-type validation should be integrated.
>> These no longer have to be primitive.
>> The integration simplifies caller error checking.



>>>> diff --git a/fs/exfat/file.c b/fs/exfat/file.c index
>>>> 6707f3eb09b5..b6b458e6f5e3 100644
>>>> --- a/fs/exfat/file.c
>>>> +++ b/fs/exfat/file.c
>>>> @@ -160,8 +160,8 @@ int __exfat_truncate(struct inode *inode, loff_t new_size)
>>>>   				ES_ALL_ENTRIES);
>>>>   		if (!es)
>>>>   			return -EIO;
>>>> -		ep = exfat_get_dentry_cached(es, 0);
>>>> -		ep2 = exfat_get_dentry_cached(es, 1);
>>>> +		ep = exfat_get_validated_dentry(es, 0, TYPE_FILE);
>>>> +		ep2 = exfat_get_validated_dentry(es, 1, TYPE_STREAM);
>>> TYPE_FILE and TYPE_STREAM was already validated in exfat_get_dentry_set().
>>> Isn't it unnecessary duplication check ?
>>
>> No, as you say.
>> Although TYPE is specified, it is not good not to check the null of ep/ep2.
>> However, with TYPE_ALL, it becomes difficult to understand what purpose ep/ep2 is used for.
>> Therefore, I proposed adding ep_file/ep_stream to es, and here
>> 	ep = es->ep_file;
>> 	ep2 = es->ep_stream;
>>
>> How about this?
> You can factor out exfat_get_dentry_cached() from exfat_get_validated_dentry() and use it here.

I actually implemented and use it, but I feel it is not so good.
- Since there are two functions to get from es, so it's a bit confusing which one is better for use.
- There was the same anxiety as using exfat_get_validated_dentry() in that there is no NULL check of
   ep got with exfat_get_dentry_cached().

Whichever function I use, there are places where I check the return value and where I don't.
This will cause  missing entry-type validation or missing return value check,in the future.
I think it's easier to use by including it as a validated object in the member of exfat_entry_set_cache.

> And then, You can rename ep and ep2 to ep_file and ep_stream.

I propose a slightly different approach than last.
Add members to exfat_entry_set_cache as below.
     struct exfat_de_file *de_file;
     struct exfat_de_stream *de_stream;
And, use these as below.
     es->de_file->attr = cpu_to_le16(exfat_make_attr(inode));
     es->de_stream->valid_size = cpu_to_le64(on_disk_size);

exfat_de_file/exfat_de_stream corresponds to the file dir-entry/stream dir-enty structure in the exfat_dentry union.
We can use the validated valid values ​​directly.
Furthermore, these are strongly typed.


>> Or is it better to specify TYPE_ALL?
>>
>>
>> BTW
>> It's been about a month since I posted this patch.
>> In the meantime, I created a NameLength check and a checksum validation based on this patch.
>> Can you review those as well?
> Let me see the patches.

Thanks a lot.
For now, I will create and post a V3 patch with this proposal.
After that, I will recreate the NameLength check and a checksum validation patches based on the V3 patch and post them.
(Should I post these as an RFC?)

BR
---
Kohada Tetsuhiro <Kohada.Tetsuhiro@dc.MitsubishiElectric.co.jp>

      reply	other threads:[~2020-08-05  1:44 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <CGME20200715012304epcas1p23e9f45415afc551beea122e4e1bdb933@epcas1p2.samsung.com>
2020-07-15  1:22 ` [PATCH v2] exfat: integrates dir-entry getting and validation Tetsuhiro Kohada
2020-07-29 10:01   ` Tetsuhiro Kohada
2020-07-30  6:53   ` Namjae Jeon
2020-08-03  7:31     ` Kohada.Tetsuhiro
2020-08-04  1:28       ` Namjae Jeon
2020-08-05  1:44         ` Tetsuhiro Kohada [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=05c5c1e9-2ccf-203d-5e8c-1c951004a7f9@gmail.com \
    --to=kohada.t2@gmail.com \
    --cc=Kohada.Tetsuhiro@dc.MitsubishiElectric.co.jp \
    --cc=Mori.Takahiro@ab.MitsubishiElectric.co.jp \
    --cc=Motai.Hirotaka@aj.MitsubishiElectric.co.jp \
    --cc=linux-fsdevel@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=namjae.jeon@samsung.com \
    --cc=sj1557.seo@samsung.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).