ext4: include charset encoding information in the superblock
authorGabriel Krisman Bertazi <krisman@collabora.co.uk>
Thu, 25 Apr 2019 18:05:42 +0000 (14:05 -0400)
committerTheodore Ts'o <tytso@mit.edu>
Thu, 25 Apr 2019 18:05:42 +0000 (14:05 -0400)
Support for encoding is considered an incompatible feature, since it has
potential to create collisions of file names in existing filesystems.
If the feature flag is not enabled, the entire filesystem will operate
on opaque byte sequences, respecting the original behavior.

The s_encoding field stores a magic number indicating the encoding
format and version used globally by file and directory names in the
filesystem.  The s_encoding_flags defines policies for using the charset
encoding, like how to handle invalid sequences.  The magic number is
mapped to the exact charset table, but the mapping is specific to ext4.
Since we don't have any commitment to support old encodings, the only
encoding I am supporting right now is utf8-12.1.0.

The current implementation prevents the user from enabling encoding and
per-directory encryption on the same filesystem at the same time.  The
incompatibility between these features lies in how we do efficient
directory searches when we cannot be sure the encryption of the user
provided fname will match the actual hash stored in the disk without
decrypting every directory entry, because of normalization cases.  My
quickest solution is to simply block the concurrent use of these
features for now, and enable it later, once we have a better solution.

Signed-off-by: Gabriel Krisman Bertazi <krisman@collabora.co.uk>
Signed-off-by: Theodore Ts'o <tytso@mit.edu>
fs/ext4/ext4.h
fs/ext4/super.c

index 2a2e6ed9aab4fb9f580f1b651f2d7e3333537c8b..c1504c471fef99526c440a0a5301900e813def2f 100644 (file)
@@ -1313,7 +1313,9 @@ struct ext4_super_block {
        __u8    s_first_error_time_hi;
        __u8    s_last_error_time_hi;
        __u8    s_pad[2];
-       __le32  s_reserved[96];         /* Padding to the end of the block */
+       __le16  s_encoding;             /* Filename charset encoding */
+       __le16  s_encoding_flags;       /* Filename charset encoding flags */
+       __le32  s_reserved[95];         /* Padding to the end of the block */
        __le32  s_checksum;             /* crc32c(superblock) */
 };
 
@@ -1338,6 +1340,16 @@ struct ext4_super_block {
 /* Number of quota types we support */
 #define EXT4_MAXQUOTAS 3
 
+#define EXT4_ENC_UTF8_12_1     1
+
+/*
+ * Flags for ext4_sb_info.s_encoding_flags.
+ */
+#define EXT4_ENC_STRICT_MODE_FL        (1 << 0)
+
+#define ext4_has_strict_mode(sbi) \
+       (sbi->s_encoding_flags & EXT4_ENC_STRICT_MODE_FL)
+
 /*
  * fourth extended-fs super-block data in memory
  */
@@ -1387,6 +1399,10 @@ struct ext4_sb_info {
        struct kobject s_kobj;
        struct completion s_kobj_unregister;
        struct super_block *s_sb;
+#ifdef CONFIG_UNICODE
+       struct unicode_map *s_encoding;
+       __u16 s_encoding_flags;
+#endif
 
        /* Journaling */
        struct journal_s *s_journal;
@@ -1660,6 +1676,7 @@ static inline void ext4_clear_state_flags(struct ext4_inode_info *ei)
 #define EXT4_FEATURE_INCOMPAT_LARGEDIR         0x4000 /* >2GB or 3-lvl htree */
 #define EXT4_FEATURE_INCOMPAT_INLINE_DATA      0x8000 /* data in inode */
 #define EXT4_FEATURE_INCOMPAT_ENCRYPT          0x10000
+#define EXT4_FEATURE_INCOMPAT_CASEFOLD         0x20000
 
 extern void ext4_update_dynamic_rev(struct super_block *sb);
 
@@ -1753,6 +1770,7 @@ EXT4_FEATURE_INCOMPAT_FUNCS(csum_seed,            CSUM_SEED)
 EXT4_FEATURE_INCOMPAT_FUNCS(largedir,          LARGEDIR)
 EXT4_FEATURE_INCOMPAT_FUNCS(inline_data,       INLINE_DATA)
 EXT4_FEATURE_INCOMPAT_FUNCS(encrypt,           ENCRYPT)
+EXT4_FEATURE_INCOMPAT_FUNCS(casefold,          CASEFOLD)
 
 #define EXT2_FEATURE_COMPAT_SUPP       EXT4_FEATURE_COMPAT_EXT_ATTR
 #define EXT2_FEATURE_INCOMPAT_SUPP     (EXT4_FEATURE_INCOMPAT_FILETYPE| \
@@ -1780,6 +1798,7 @@ EXT4_FEATURE_INCOMPAT_FUNCS(encrypt,              ENCRYPT)
                                         EXT4_FEATURE_INCOMPAT_MMP | \
                                         EXT4_FEATURE_INCOMPAT_INLINE_DATA | \
                                         EXT4_FEATURE_INCOMPAT_ENCRYPT | \
+                                        EXT4_FEATURE_INCOMPAT_CASEFOLD | \
                                         EXT4_FEATURE_INCOMPAT_CSUM_SEED | \
                                         EXT4_FEATURE_INCOMPAT_LARGEDIR)
 #define EXT4_FEATURE_RO_COMPAT_SUPP    (EXT4_FEATURE_RO_COMPAT_SPARSE_SUPER| \
index 184944d4d8d1a5828e27f7f265317086a32f9a08..c1b02c3a5a681d0aab1ddd6dff51ab7c7575ac29 100644 (file)
@@ -42,6 +42,7 @@
 #include <linux/cleancache.h>
 #include <linux/uaccess.h>
 #include <linux/iversion.h>
+#include <linux/unicode.h>
 
 #include <linux/kthread.h>
 #include <linux/freezer.h>
@@ -1054,6 +1055,9 @@ static void ext4_put_super(struct super_block *sb)
                crypto_free_shash(sbi->s_chksum_driver);
        kfree(sbi->s_blockgroup_lock);
        fs_put_dax(sbi->s_daxdev);
+#ifdef CONFIG_UNICODE
+       utf8_unload(sbi->s_encoding);
+#endif
        kfree(sbi);
 }
 
@@ -1750,6 +1754,36 @@ static const struct mount_opts {
        {Opt_err, 0, 0}
 };
 
+#ifdef CONFIG_UNICODE
+static const struct ext4_sb_encodings {
+       __u16 magic;
+       char *name;
+       char *version;
+} ext4_sb_encoding_map[] = {
+       {EXT4_ENC_UTF8_12_1, "utf8", "12.1.0"},
+};
+
+static int ext4_sb_read_encoding(const struct ext4_super_block *es,
+                                const struct ext4_sb_encodings **encoding,
+                                __u16 *flags)
+{
+       __u16 magic = le16_to_cpu(es->s_encoding);
+       int i;
+
+       for (i = 0; i < ARRAY_SIZE(ext4_sb_encoding_map); i++)
+               if (magic == ext4_sb_encoding_map[i].magic)
+                       break;
+
+       if (i >= ARRAY_SIZE(ext4_sb_encoding_map))
+               return -EINVAL;
+
+       *encoding = &ext4_sb_encoding_map[i];
+       *flags = le16_to_cpu(es->s_encoding_flags);
+
+       return 0;
+}
+#endif
+
 static int handle_mount_opt(struct super_block *sb, char *opt, int token,
                            substring_t *args, unsigned long *journal_devnum,
                            unsigned int *journal_ioprio, int is_remount)
@@ -2880,6 +2914,15 @@ static int ext4_feature_set_ok(struct super_block *sb, int readonly)
                return 0;
        }
 
+#ifndef CONFIG_UNICODE
+       if (ext4_has_feature_casefold(sb)) {
+               ext4_msg(sb, KERN_ERR,
+                        "Filesystem with casefold feature cannot be "
+                        "mounted without CONFIG_UNICODE");
+               return 0;
+       }
+#endif
+
        if (readonly)
                return 1;
 
@@ -3770,6 +3813,43 @@ static int ext4_fill_super(struct super_block *sb, void *data, int silent)
                           &journal_ioprio, 0))
                goto failed_mount;
 
+#ifdef CONFIG_UNICODE
+       if (ext4_has_feature_casefold(sb) && !sbi->s_encoding) {
+               const struct ext4_sb_encodings *encoding_info;
+               struct unicode_map *encoding;
+               __u16 encoding_flags;
+
+               if (ext4_has_feature_encrypt(sb)) {
+                       ext4_msg(sb, KERN_ERR,
+                                "Can't mount with encoding and encryption");
+                       goto failed_mount;
+               }
+
+               if (ext4_sb_read_encoding(es, &encoding_info,
+                                         &encoding_flags)) {
+                       ext4_msg(sb, KERN_ERR,
+                                "Encoding requested by superblock is unknown");
+                       goto failed_mount;
+               }
+
+               encoding = utf8_load(encoding_info->version);
+               if (IS_ERR(encoding)) {
+                       ext4_msg(sb, KERN_ERR,
+                                "can't mount with superblock charset: %s-%s "
+                                "not supported by the kernel. flags: 0x%x.",
+                                encoding_info->name, encoding_info->version,
+                                encoding_flags);
+                       goto failed_mount;
+               }
+               ext4_msg(sb, KERN_INFO,"Using encoding defined by superblock: "
+                        "%s-%s with flags 0x%hx", encoding_info->name,
+                        encoding_info->version?:"\b", encoding_flags);
+
+               sbi->s_encoding = encoding;
+               sbi->s_encoding_flags = encoding_flags;
+       }
+#endif
+
        if (test_opt(sb, DATA_FLAGS) == EXT4_MOUNT_JOURNAL_DATA) {
                printk_once(KERN_WARNING "EXT4-fs: Warning: mounting "
                            "with data=journal disables delayed "
@@ -4586,6 +4666,11 @@ failed_mount2:
 failed_mount:
        if (sbi->s_chksum_driver)
                crypto_free_shash(sbi->s_chksum_driver);
+
+#ifdef CONFIG_UNICODE
+       utf8_unload(sbi->s_encoding);
+#endif
+
 #ifdef CONFIG_QUOTA
        for (i = 0; i < EXT4_MAXQUOTAS; i++)
                kfree(sbi->s_qf_names[i]);