subject:"\[PATCH\] staging\: erofs\: harden inode lookup for 32\-bit platforms"

Re: [PATCH] staging: erofs: harden inode lookup for 32-bit platforms

2018-10-11 Thread Gao Xiang

Hi Dan,

On 2018/10/11 19:12, Dan Carpenter wrote:
> On Thu, Oct 11, 2018 at 06:49:57PM +0800, Gao Xiang wrote:
>> Hi Dan,
>>
>> On 2018/10/11 18:18, Dan Carpenter wrote:
>>> On Thu, Oct 11, 2018 at 05:46:26PM +0800, Gao Xiang wrote:


 On 2018/10/11 16:44, Dan Carpenter wrote:
> On Tue, Oct 09, 2018 at 10:07:13PM +0800, Gao Xiang wrote:
>> This patch introduces inode hash function, test and set callbacks,
>> and iget5_locked to find the right inode for 32-bit platforms.
>>
>
> The way I read this changelog, we're trying to deal with corrupt file
> systems?  Is that correct?  Presumably in the current code it could lead
> to a Oops or something?

 No, this commit isn't trying to deal with corrupt file systems.
 In EROFS, the nid is not continuous and it represents the inode offset
 inode offset = nid * 32.
 Therefore the nid is 64-bit both for 32-bit and 64-bit platforms. However,
 i_ino is 'unsigned long', which means for 32-bit platforms, i_ino is not 
 enough
 to contain the nid.

 Therefore, we should use iget5_locked for this case.
>>>
>>> I guess what I'm saying is, what are the user visible effects of this
>>> patch?  It's hard for me to tell from the patch description.  Could you
>>> please re-write the description and send a v2?
>>
>> Sorry for my just hurry reply. It seems I really misunderstood your point :-(
>>
>> If all nids are less than 32-bit, the user will see the correct inode/nid 
>> number
>> for all 32-bit platforms, but if some nids are greater than 32-bit, it could 
>> be
>> collisions without this patch for 32-bit platforms.
>>
>> This patch switch the inode number by XOR the high 32-bit and the low 32-bit,
>> use customized tester to avoid collisions for 32-bit platforms.
>>
>> I will send v2 to fix the commit message...but it seems Greg is already 
>> merged in
>> https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging.git/commit/?h=staging-testing&id=2abd7814138774eb56319e9dcc0abd08ece45424
>>
> 
> Oh.  Then that's fine then.  If Greg already merged it, then it's too
> late to change.  Thanks for the explanation, though.

I appended the v2 patch in the end of this reply for reference...

Thanks,
Gao Xiang

> 
> regards,
> dan carpenter
> 


>From 175eb3f1c6e1cddf8292853ab0fb7644320c3ae2 Mon Sep 17 00:00:00 2001
From: Gao Xiang 
Date: Mon, 1 Oct 2018 12:32:55 +0800
Subject: [PATCH v2] staging: erofs: harden inode lookup for 32-bit platforms

Each erofs inode has a unique 64-bit nid to distinguish from others.
However, the inode number is usually defined as `unsigned long',
which means some collisions could happen if we directly use iget_locked
for 32-bit platforms.

Therefore, this patch introduces a inode hash function, test and set
callbacks, and iget5_locked to avoid potential collisions
for 32-bit platforms.

In addition, if the value of a nid is greater than 32-bit, users from
32-bit platforms will see XOR-ed inode numbers after this patch.

Reviewed-by: Chao Yu 
Signed-off-by: Gao Xiang 
---

change log v2:
 - add more infos to the commit message as pointed out by Dan Carpenter.

Thanks,
Gao Xiang

 drivers/staging/erofs/inode.c| 37 -
 drivers/staging/erofs/internal.h |  9 +
 2 files changed, 45 insertions(+), 1 deletion(-)

diff --git a/drivers/staging/erofs/inode.c b/drivers/staging/erofs/inode.c
index da8693a7c3d3..04c61a9d7b76 100644
--- a/drivers/staging/erofs/inode.c
+++ b/drivers/staging/erofs/inode.c
@@ -232,10 +232,45 @@ static int fill_inode(struct inode *inode, int isdir)
return err;
 }
 
+/*
+ * erofs nid is 64bits, but i_ino is 'unsigned long', therefore
+ * we should do more for 32-bit platform to find the right inode.
+ */
+#if BITS_PER_LONG == 32
+static int erofs_ilookup_test_actor(struct inode *inode, void *opaque)
+{
+   const erofs_nid_t nid = *(erofs_nid_t *)opaque;
+
+   return EROFS_V(inode)->nid == nid;
+}
+
+static int erofs_iget_set_actor(struct inode *inode, void *opaque)
+{
+   const erofs_nid_t nid = *(erofs_nid_t *)opaque;
+
+   inode->i_ino = erofs_inode_hash(nid);
+   return 0;
+}
+#endif
+
+static inline struct inode *erofs_iget_locked(struct super_block *sb,
+ erofs_nid_t nid)
+{
+   const unsigned long hashval = erofs_inode_hash(nid);
+
+#if BITS_PER_LONG >= 64
+   /* it is safe to use iget_locked for >= 64-bit platform */
+   return iget_locked(sb, hashval);
+#else
+   return iget5_locked(sb, hashval, erofs_ilookup_test_actor,
+   erofs_iget_set_actor, &nid);
+#endif
+}
+
 struct inode *erofs_iget(struct super_block *sb,
erofs_nid_t nid, bool isdir)
 {
-   struct inode *inode = iget_locked(sb, nid);
+   struct inode *inode = erofs_iget_locked(sb, nid);
 
if (unlikely(inode == NULL))
return ERR_PTR(-ENOMEM);
diff --git a/drivers/staging/erofs/internal.h b/drivers/sta

Re: [PATCH] staging: erofs: harden inode lookup for 32-bit platforms

2018-10-11 Thread Dan Carpenter

On Thu, Oct 11, 2018 at 06:49:57PM +0800, Gao Xiang wrote:
> Hi Dan,
> 
> On 2018/10/11 18:18, Dan Carpenter wrote:
> > On Thu, Oct 11, 2018 at 05:46:26PM +0800, Gao Xiang wrote:
> >>
> >>
> >> On 2018/10/11 16:44, Dan Carpenter wrote:
> >>> On Tue, Oct 09, 2018 at 10:07:13PM +0800, Gao Xiang wrote:
>  This patch introduces inode hash function, test and set callbacks,
>  and iget5_locked to find the right inode for 32-bit platforms.
> 
> >>>
> >>> The way I read this changelog, we're trying to deal with corrupt file
> >>> systems?  Is that correct?  Presumably in the current code it could lead
> >>> to a Oops or something?
> >>
> >> No, this commit isn't trying to deal with corrupt file systems.
> >> In EROFS, the nid is not continuous and it represents the inode offset
> >> inode offset = nid * 32.
> >> Therefore the nid is 64-bit both for 32-bit and 64-bit platforms. However,
> >> i_ino is 'unsigned long', which means for 32-bit platforms, i_ino is not 
> >> enough
> >> to contain the nid.
> >>
> >> Therefore, we should use iget5_locked for this case.
> > 
> > I guess what I'm saying is, what are the user visible effects of this
> > patch?  It's hard for me to tell from the patch description.  Could you
> > please re-write the description and send a v2?
> 
> Sorry for my just hurry reply. It seems I really misunderstood your point :-(
> 
> If all nids are less than 32-bit, the user will see the correct inode/nid 
> number
> for all 32-bit platforms, but if some nids are greater than 32-bit, it could 
> be
> collisions without this patch for 32-bit platforms.
> 
> This patch switch the inode number by XOR the high 32-bit and the low 32-bit,
> use customized tester to avoid collisions for 32-bit platforms.
> 
> I will send v2 to fix the commit message...but it seems Greg is already 
> merged in
> https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging.git/commit/?h=staging-testing&id=2abd7814138774eb56319e9dcc0abd08ece45424
> 

Oh.  Then that's fine then.  If Greg already merged it, then it's too
late to change.  Thanks for the explanation, though.

regards,
dan carpenter

___
devel mailing list
de...@linuxdriverproject.org
http://driverdev.linuxdriverproject.org/mailman/listinfo/driverdev-devel

Re: [PATCH] staging: erofs: harden inode lookup for 32-bit platforms

2018-10-11 Thread Gao Xiang

Hi Dan,

On 2018/10/11 18:18, Dan Carpenter wrote:
> On Thu, Oct 11, 2018 at 05:46:26PM +0800, Gao Xiang wrote:
>>
>>
>> On 2018/10/11 16:44, Dan Carpenter wrote:
>>> On Tue, Oct 09, 2018 at 10:07:13PM +0800, Gao Xiang wrote:
 This patch introduces inode hash function, test and set callbacks,
 and iget5_locked to find the right inode for 32-bit platforms.

>>>
>>> The way I read this changelog, we're trying to deal with corrupt file
>>> systems?  Is that correct?  Presumably in the current code it could lead
>>> to a Oops or something?
>>
>> No, this commit isn't trying to deal with corrupt file systems.
>> In EROFS, the nid is not continuous and it represents the inode offset
>> inode offset = nid * 32.
>> Therefore the nid is 64-bit both for 32-bit and 64-bit platforms. However,
>> i_ino is 'unsigned long', which means for 32-bit platforms, i_ino is not 
>> enough
>> to contain the nid.
>>
>> Therefore, we should use iget5_locked for this case.
> 
> I guess what I'm saying is, what are the user visible effects of this
> patch?  It's hard for me to tell from the patch description.  Could you
> please re-write the description and send a v2?

Sorry for my just hurry reply. It seems I really misunderstood your point :-(

If all nids are less than 32-bit, the user will see the correct inode/nid number
for all 32-bit platforms, but if some nids are greater than 32-bit, it could be
collisions without this patch for 32-bit platforms.

This patch switch the inode number by XOR the high 32-bit and the low 32-bit,
use customized tester to avoid collisions for 32-bit platforms.

I will send v2 to fix the commit message...but it seems Greg is already merged 
in
https://git.kernel.org/pub/scm/linux/kernel/git/gregkh/staging.git/commit/?h=staging-testing&id=2abd7814138774eb56319e9dcc0abd08ece45424

Thanks,
Gao Xiang

> 
> regards,
> dan carpenter
> 
___
devel mailing list
de...@linuxdriverproject.org
http://driverdev.linuxdriverproject.org/mailman/listinfo/driverdev-devel

Re: [PATCH] staging: erofs: harden inode lookup for 32-bit platforms

2018-10-11 Thread Dan Carpenter

On Thu, Oct 11, 2018 at 05:46:26PM +0800, Gao Xiang wrote:
> 
> 
> On 2018/10/11 16:44, Dan Carpenter wrote:
> > On Tue, Oct 09, 2018 at 10:07:13PM +0800, Gao Xiang wrote:
> >> This patch introduces inode hash function, test and set callbacks,
> >> and iget5_locked to find the right inode for 32-bit platforms.
> >>
> > 
> > The way I read this changelog, we're trying to deal with corrupt file
> > systems?  Is that correct?  Presumably in the current code it could lead
> > to a Oops or something?
> 
> No, this commit isn't trying to deal with corrupt file systems.
> In EROFS, the nid is not continuous and it represents the inode offset
> inode offset = nid * 32.
> Therefore the nid is 64-bit both for 32-bit and 64-bit platforms. However,
> i_ino is 'unsigned long', which means for 32-bit platforms, i_ino is not 
> enough
> to contain the nid.
> 
> Therefore, we should use iget5_locked for this case.

I guess what I'm saying is, what are the user visible effects of this
patch?  It's hard for me to tell from the patch description.  Could you
please re-write the description and send a v2?

regards,
dan carpenter

___
devel mailing list
de...@linuxdriverproject.org
http://driverdev.linuxdriverproject.org/mailman/listinfo/driverdev-devel

Re: [PATCH] staging: erofs: harden inode lookup for 32-bit platforms

2018-10-11 Thread Gao Xiang

On 2018/10/11 16:44, Dan Carpenter wrote:
> On Tue, Oct 09, 2018 at 10:07:13PM +0800, Gao Xiang wrote:
>> This patch introduces inode hash function, test and set callbacks,
>> and iget5_locked to find the right inode for 32-bit platforms.
>>
> 
> The way I read this changelog, we're trying to deal with corrupt file
> systems?  Is that correct?  Presumably in the current code it could lead
> to a Oops or something?

No, this commit isn't trying to deal with corrupt file systems.
In EROFS, the nid is not continuous and it represents the inode offset
inode offset = nid * 32.
Therefore the nid is 64-bit both for 32-bit and 64-bit platforms. However,
i_ino is 'unsigned long', which means for 32-bit platforms, i_ino is not enough
to contain the nid.

Therefore, we should use iget5_locked for this case.

> 
> regards,
> dan carpenter
> 
___
devel mailing list
de...@linuxdriverproject.org
http://driverdev.linuxdriverproject.org/mailman/listinfo/driverdev-devel

Re: [PATCH] staging: erofs: harden inode lookup for 32-bit platforms

2018-10-11 Thread Dan Carpenter

On Tue, Oct 09, 2018 at 10:07:13PM +0800, Gao Xiang wrote:
> This patch introduces inode hash function, test and set callbacks,
> and iget5_locked to find the right inode for 32-bit platforms.
> 

The way I read this changelog, we're trying to deal with corrupt file
systems?  Is that correct?  Presumably in the current code it could lead
to a Oops or something?

regards,
dan carpenter

___
devel mailing list
de...@linuxdriverproject.org
http://driverdev.linuxdriverproject.org/mailman/listinfo/driverdev-devel

[PATCH] staging: erofs: harden inode lookup for 32-bit platforms

2018-10-09 Thread Gao Xiang

This patch introduces inode hash function, test and set callbacks,
and iget5_locked to find the right inode for 32-bit platforms.

Reviewed-by: Chao Yu 
Signed-off-by: Gao Xiang 
---

The patch has been previewed in the linux-erofs mailing list, submit to
the staging mailing list for linux-4.20.

Thanks,
Gao Xiang

 drivers/staging/erofs/inode.c| 37 -
 drivers/staging/erofs/internal.h |  9 +
 2 files changed, 45 insertions(+), 1 deletion(-)

diff --git a/drivers/staging/erofs/inode.c b/drivers/staging/erofs/inode.c
index da8693a7c3d3..04c61a9d7b76 100644
--- a/drivers/staging/erofs/inode.c
+++ b/drivers/staging/erofs/inode.c
@@ -232,10 +232,45 @@ static int fill_inode(struct inode *inode, int isdir)
return err;
 }
 
+/*
+ * erofs nid is 64bits, but i_ino is 'unsigned long', therefore
+ * we should do more for 32-bit platform to find the right inode.
+ */
+#if BITS_PER_LONG == 32
+static int erofs_ilookup_test_actor(struct inode *inode, void *opaque)
+{
+   const erofs_nid_t nid = *(erofs_nid_t *)opaque;
+
+   return EROFS_V(inode)->nid == nid;
+}
+
+static int erofs_iget_set_actor(struct inode *inode, void *opaque)
+{
+   const erofs_nid_t nid = *(erofs_nid_t *)opaque;
+
+   inode->i_ino = erofs_inode_hash(nid);
+   return 0;
+}
+#endif
+
+static inline struct inode *erofs_iget_locked(struct super_block *sb,
+ erofs_nid_t nid)
+{
+   const unsigned long hashval = erofs_inode_hash(nid);
+
+#if BITS_PER_LONG >= 64
+   /* it is safe to use iget_locked for >= 64-bit platform */
+   return iget_locked(sb, hashval);
+#else
+   return iget5_locked(sb, hashval, erofs_ilookup_test_actor,
+   erofs_iget_set_actor, &nid);
+#endif
+}
+
 struct inode *erofs_iget(struct super_block *sb,
erofs_nid_t nid, bool isdir)
 {
-   struct inode *inode = iget_locked(sb, nid);
+   struct inode *inode = erofs_iget_locked(sb, nid);
 
if (unlikely(inode == NULL))
return ERR_PTR(-ENOMEM);
diff --git a/drivers/staging/erofs/internal.h b/drivers/staging/erofs/internal.h
index 5096b27bcf0d..57575c7f5635 100644
--- a/drivers/staging/erofs/internal.h
+++ b/drivers/staging/erofs/internal.h
@@ -517,6 +517,15 @@ erofs_get_inline_page(struct inode *inode,
 }
 
 /* inode.c */
+static inline unsigned long erofs_inode_hash(erofs_nid_t nid)
+{
+#if BITS_PER_LONG == 32
+   return (nid >> 32) ^ (nid & 0x);
+#else
+   return nid;
+#endif
+}
+
 extern struct inode *erofs_iget(struct super_block *sb,
erofs_nid_t nid, bool dir);
 
-- 
2.14.4

___
devel mailing list
de...@linuxdriverproject.org
http://driverdev.linuxdriverproject.org/mailman/listinfo/driverdev-devel

Re: [PATCH] staging: erofs: harden inode lookup for 32-bit platforms

Re: [PATCH] staging: erofs: harden inode lookup for 32-bit platforms

Re: [PATCH] staging: erofs: harden inode lookup for 32-bit platforms

Re: [PATCH] staging: erofs: harden inode lookup for 32-bit platforms

Re: [PATCH] staging: erofs: harden inode lookup for 32-bit platforms

Re: [PATCH] staging: erofs: harden inode lookup for 32-bit platforms

[PATCH] staging: erofs: harden inode lookup for 32-bit platforms

7 matches

Site Navigation

Mail list logo

Footer information