Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 6332cd32 authored by Jaegeuk Kim's avatar Jaegeuk Kim Committed by Theodore Ts'o
Browse files

f2fs: check entire encrypted bigname when finding a dentry 



If user has no key under an encrypted dir, fscrypt gives digested dentries.
Previously, when looking up a dentry, f2fs only checks its hash value with
first 4 bytes of the digested dentry, which didn't handle hash collisions fully.
This patch enhances to check entire dentry bytes likewise ext4.

Eric reported how to reproduce this issue by:

 # seq -f "edir/abcdefghijklmnopqrstuvwxyz012345%.0f" 100000 | xargs touch
 # find edir -type f | xargs stat -c %i | sort | uniq | wc -l
100000
 # sync
 # echo 3 > /proc/sys/vm/drop_caches
 # keyctl new_session
 # find edir -type f | xargs stat -c %i | sort | uniq | wc -l
99999

Cc: <stable@vger.kernel.org>
Reported-by: default avatarEric Biggers <ebiggers@google.com>
Signed-off-by: default avatarJaegeuk Kim <jaegeuk@kernel.org>
(fixed f2fs_dentry_hash() to work even when the hash is 0)
Signed-off-by: default avatarEric Biggers <ebiggers@google.com>
Signed-off-by: default avatarTheodore Ts'o <tytso@mit.edu>
parent 413d5a9e

fs/f2fs/dir.c

+21 −16
Original line number Diff line number Diff line
@@ -130,19 +130,29 @@ struct f2fs_dir_entry *find_target_dentry(struct fscrypt_name *fname, 
			continue;

		}



		/* encrypted case */

		if (de->hash_code != namehash)

			goto not_match;



		de_name.name = d->filename[bit_pos];

		de_name.len = le16_to_cpu(de->name_len);



		/* show encrypted name */

		if (fname->hash) {

			if (de->hash_code == cpu_to_le32(fname->hash))

#ifdef CONFIG_F2FS_FS_ENCRYPTION

		if (unlikely(!name->name)) {

			if (fname->usr_fname->name[0] == '_') {

				if (de_name.len >= 16 &&

					!memcmp(de_name.name + de_name.len - 16,

						fname->crypto_buf.name + 8, 16))

					goto found;

		} else if (de_name.len == name->len &&

			de->hash_code == namehash &&

				goto not_match;

			}

			name->name = fname->crypto_buf.name;

			name->len = fname->crypto_buf.len;

		}

#endif

		if (de_name.len == name->len &&

				!memcmp(de_name.name, name->name, name->len))

			goto found;



not_match:

		if (max_slots && max_len > *max_slots)

			*max_slots = max_len;

		max_len = 0;
@@ -170,12 +180,7 @@ static struct f2fs_dir_entry *find_in_level(struct inode *dir, 
	struct f2fs_dir_entry *de = NULL;

	bool room = false;

	int max_slots;

	f2fs_hash_t namehash;



	if(fname->hash)

		namehash = cpu_to_le32(fname->hash);

	else

		namehash = f2fs_dentry_hash(&name);

	f2fs_hash_t namehash = f2fs_dentry_hash(&name, fname);



	nbucket = dir_buckets(level, F2FS_I(dir)->i_dir_level);

	nblock = bucket_blocks(level);
@@ -542,7 +547,7 @@ int f2fs_add_regular_entry(struct inode *dir, const struct qstr *new_name, 


	level = 0;

	slots = GET_DENTRY_SLOTS(new_name->len);

	dentry_hash = f2fs_dentry_hash(new_name);

	dentry_hash = f2fs_dentry_hash(new_name, NULL);



	current_depth = F2FS_I(dir)->i_current_depth;

	if (F2FS_I(dir)->chash == dentry_hash) {

fs/f2fs/f2fs.h

+2 −1
Original line number Diff line number Diff line
@@ -2133,7 +2133,8 @@ int sanity_check_ckpt(struct f2fs_sb_info *sbi); 
/*

 * hash.c

 */

f2fs_hash_t f2fs_dentry_hash(const struct qstr *name_info);

f2fs_hash_t f2fs_dentry_hash(const struct qstr *name_info,

				struct fscrypt_name *fname);



/*

 * node.c

fs/f2fs/hash.c

+6 −1
Original line number Diff line number Diff line
@@ -70,7 +70,8 @@ static void str2hashbuf(const unsigned char *msg, size_t len, 
		*buf++ = pad;

}



f2fs_hash_t f2fs_dentry_hash(const struct qstr *name_info)

f2fs_hash_t f2fs_dentry_hash(const struct qstr *name_info,

				struct fscrypt_name *fname)

{

	__u32 hash;

	f2fs_hash_t f2fs_hash;
@@ -79,6 +80,10 @@ f2fs_hash_t f2fs_dentry_hash(const struct qstr *name_info) 
	const unsigned char *name = name_info->name;

	size_t len = name_info->len;



	/* encrypted bigname case */

	if (fname && !fname->disk_name.name)

		return cpu_to_le32(fname->hash);



	if (is_dot_dotdot(name_info))

		return 0;

fs/f2fs/inline.c

+2 −2
Original line number Diff line number Diff line
@@ -296,7 +296,7 @@ struct f2fs_dir_entry *find_in_inline_dir(struct inode *dir, 
		return NULL;

	}



	namehash = f2fs_dentry_hash(&name);

	namehash = f2fs_dentry_hash(&name, fname);



	inline_dentry = inline_data_addr(ipage);
@@ -533,7 +533,7 @@ int f2fs_add_inline_entry(struct inode *dir, const struct qstr *new_name, 


	f2fs_wait_on_page_writeback(ipage, NODE, true);



	name_hash = f2fs_dentry_hash(new_name);

	name_hash = f2fs_dentry_hash(new_name, NULL);

	make_dentry_ptr(NULL, &d, (void *)dentry_blk, 2);

	f2fs_update_dentry(ino, mode, &d, new_name, name_hash, bit_pos);