Re: 64-bit inodes (ino64) Status Update and Call for Testing

From: Jilles Tjoelker <jilles_at_stack.nl>
Date: Sun, 21 May 2017 23:27:26 +0200
On Sun, May 21, 2017 at 05:25:35PM +0300, Konstantin Belousov wrote:
> On Sun, May 21, 2017 at 04:03:55PM +0200, Jilles Tjoelker wrote:
> > On Sun, May 21, 2017 at 03:31:18PM +0300, Konstantin Belousov wrote:
> > > On Sun, May 21, 2017 at 02:14:56PM +0200, Jilles Tjoelker wrote:
> > > > We have another type in this area which is too small in some situations:
> > > > uint8_t for struct dirent.d_namlen. For filesystems that store filenames
> > > > as upto 255 UTF-16 code units, the name to be stored in d_name may be
> > > > upto 765 bytes long in UTF-8. This was reported in PR 204643. The code
> > > > currently handles this by returning the short (8.3) name, but this name
> > > > may not be present or usable, leaving the file inaccessible.

> > > > Actually allowing longer names seems too complicated to add to the ino64
> > > > change, but changing d_namlen to uint16_t (using d_pad0 space) and
> > > > skipping entries with d_namlen > 255 in libc may be helpful.

> > > > Note that applications using the deprecated readdir_r() will not be able
> > > > to read such long names, since the API does not allow specifying that a
> > > > larger buffer has been provided. (This could be avoided by making struct
> > > > dirent.d_name 766 bytes long instead of 256.)

> > > > Unfortunately, the existence of readdir_r() also prevents changing
> > > > struct dirent.d_name to the more correct flexible array.

> > > Yes, changing the size of d_name at this stage of the project is out of
> > > question. My reading of your proposal is that we should extend the size
> > > of d_namlen to uint16_t, am I right ? Should we go to 32bit directly
> > > then, perhaps ?

> > Yes, my proposal is to change d_namlen to uint16_t.

> > Making it 32 bits is not useful with the 16-bit d_reclen, and increasing
> > d_reclen does not seem useful to me with the current model of
> > getdirentries() where the whole dirent must fit into the caller's
> > buffer.

> Bumping it now might cause less churn later, even if unused, but ok.

> > > I did not committed the change below, nor did I tested or even build it.

> > I'd like to skip overlong names in the native readdir_r() as well, so
> > that long name support can be added to the kernel later without causing
> > buffer overflows with applications using FreeBSD 12.0 libc.

> > The native readdir() does not seem to have such a problem.

> Again, not even compiled.

Looks good to me.

> [patch snipped]

-- 
Jilles Tjoelker
Received on Sun May 21 2017 - 19:27:29 UTC

This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:41:11 UTC