tjh.dev / kernel
Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel os linux
fork atom

f2fs: Support case-insensitive file name lookups

Modeled after commit b886ee3e778e ("ext4: Support case-insensitive file
name lookups")

"""
This patch implements the actual support for case-insensitive file name
lookups in f2fs, based on the feature bit and the encoding stored in the
superblock.

A filesystem that has the casefold feature set is able to configure
directories with the +F (F2FS_CASEFOLD_FL) attribute, enabling lookups
to succeed in that directory in a case-insensitive fashion, i.e: match
a directory entry even if the name used by userspace is not a byte per
byte match with the disk name, but is an equivalent case-insensitive
version of the Unicode string. This operation is called a
case-insensitive file name lookup.

The feature is configured as an inode attribute applied to directories
and inherited by its children. This attribute can only be enabled on
empty directories for filesystems that support the encoding feature,
thus preventing collision of file names that only differ by case.

* dcache handling:

For a +F directory, F2Fs only stores the first equivalent name dentry
used in the dcache. This is done to prevent unintentional duplication of
dentries in the dcache, while also allowing the VFS code to quickly find
the right entry in the cache despite which equivalent string was used in
a previous lookup, without having to resort to ->lookup().

d_hash() of casefolded directories is implemented as the hash of the
casefolded string, such that we always have a well-known bucket for all
the equivalencies of the same string. d_compare() uses the
utf8_strncasecmp() infrastructure, which handles the comparison of
equivalent, same case, names as well.

For now, negative lookups are not inserted in the dcache, since they
would need to be invalidated anyway, because we can't trust missing file
dentries. This is bad for performance but requires some leveraging of
the vfs layer to fix. We can live without that for now, and so does
everyone else.

* on-disk data:

Despite using a specific version of the name as the internal
representation within the dcache, the name stored and fetched from the
disk is a byte-per-byte match with what the user requested, making this
implementation 'name-preserving'. i.e. no actual information is lost
when writing to storage.

DX is supported by modifying the hashes used in +F directories to make
them case/encoding-aware. The new disk hashes are calculated as the
hash of the full casefolded string, instead of the string directly.
This allows us to efficiently search for file names in the htree without
requiring the user to provide an exact name.

* Dealing with invalid sequences:

By default, when a invalid UTF-8 sequence is identified, ext4 will treat
it as an opaque byte sequence, ignoring the encoding and reverting to
the old behavior for that unique file. This means that case-insensitive
file name lookup will not work only for that file. An optional bit can
be set in the superblock telling the filesystem code and userspace tools
to enforce the encoding. When that optional bit is set, any attempt to
create a file name using an invalid UTF-8 sequence will fail and return
an error to userspace.

* Normalization algorithm:

The UTF-8 algorithms used to compare strings in f2fs is implemented
in fs/unicode, and is based on a previous version developed by
SGI. It implements the Canonical decomposition (NFD) algorithm
described by the Unicode specification 12.1, or higher, combined with
the elimination of ignorable code points (NFDi) and full
case-folding (CF) as documented in fs/unicode/utf8_norm.c.

NFD seems to be the best normalization method for F2FS because:

- It has a lower cost than NFC/NFKC (which requires
decomposing to NFD as an intermediary step)
- It doesn't eliminate important semantic meaning like
compatibility decompositions.

Although:

- This implementation is not completely linguistic accurate, because
different languages have conflicting rules, which would require the
specialization of the filesystem to a given locale, which brings all
sorts of problems for removable media and for users who use more than
one language.
"""

Signed-off-by: Daniel Rosenberg <drosen@google.com>
Reviewed-by: Chao Yu <yuchao0@huawei.com>
Signed-off-by: Jaegeuk Kim <jaegeuk@kernel.org>

authored by

Daniel Rosenberg and committed by
Jaegeuk Kim 2c2eb7a3 5aba5430

+204 -20
+115 -10
fs/f2fs/dir.c
··· 8 8 #include <linux/fs.h> 9 9 #include <linux/f2fs_fs.h> 10 10 #include <linux/sched/signal.h> 11 + #include <linux/unicode.h> 11 12 #include "f2fs.h" 12 13 #include "node.h" 13 14 #include "acl.h" ··· 82 81 return bidx; 83 82 } 84 83 85 - static struct f2fs_dir_entry *find_in_block(struct page *dentry_page, 84 + static struct f2fs_dir_entry *find_in_block(struct inode *dir, 85 + struct page *dentry_page, 86 86 struct fscrypt_name *fname, 87 87 f2fs_hash_t namehash, 88 88 int *max_slots, ··· 95 93 96 94 dentry_blk = (struct f2fs_dentry_block *)page_address(dentry_page); 97 95 98 - make_dentry_ptr_block(NULL, &d, dentry_blk); 96 + make_dentry_ptr_block(dir, &d, dentry_blk); 99 97 de = f2fs_find_target_dentry(fname, namehash, max_slots, &d); 100 98 if (de) 101 99 *res_page = dentry_page; 102 100 103 101 return de; 104 102 } 103 + 104 + #ifdef CONFIG_UNICODE 105 + /* 106 + * Test whether a case-insensitive directory entry matches the filename 107 + * being searched for. 108 + * 109 + * Returns: 0 if the directory entry matches, more than 0 if it 110 + * doesn't match or less than zero on error. 111 + */ 112 + int f2fs_ci_compare(const struct inode *parent, const struct qstr *name, 113 + const struct qstr *entry) 114 + { 115 + const struct f2fs_sb_info *sbi = F2FS_SB(parent->i_sb); 116 + const struct unicode_map *um = sbi->s_encoding; 117 + int ret; 118 + 119 + ret = utf8_strncasecmp(um, name, entry); 120 + if (ret < 0) { 121 + /* Handle invalid character sequence as either an error 122 + * or as an opaque byte sequence. 123 + */ 124 + if (f2fs_has_strict_mode(sbi)) 125 + return -EINVAL; 126 + 127 + if (name->len != entry->len) 128 + return 1; 129 + 130 + return !!memcmp(name->name, entry->name, name->len); 131 + } 132 + 133 + return ret; 134 + } 135 + #endif 105 136 106 137 struct f2fs_dir_entry *f2fs_find_target_dentry(struct fscrypt_name *fname, 107 138 f2fs_hash_t namehash, int *max_slots, ··· 143 108 struct f2fs_dir_entry *de; 144 109 unsigned long bit_pos = 0; 145 110 int max_len = 0; 111 + #ifdef CONFIG_UNICODE 112 + struct qstr entry; 113 + #endif 146 114 147 115 if (max_slots) 148 116 *max_slots = 0; ··· 157 119 } 158 120 159 121 de = &d->dentry[bit_pos]; 122 + #ifdef CONFIG_UNICODE 123 + entry.name = d->filename[bit_pos]; 124 + entry.len = de->name_len; 125 + #endif 160 126 161 127 if (unlikely(!de->name_len)) { 162 128 bit_pos++; 163 129 continue; 164 130 } 131 + if (de->hash_code == namehash) { 132 + #ifdef CONFIG_UNICODE 133 + if (F2FS_SB(d->inode->i_sb)->s_encoding && 134 + IS_CASEFOLDED(d->inode) && 135 + !f2fs_ci_compare(d->inode, 136 + fname->usr_fname, &entry)) 137 + goto found; 165 138 166 - if (de->hash_code == namehash && 167 - fscrypt_match_name(fname, d->filename[bit_pos], 168 - le16_to_cpu(de->name_len))) 169 - goto found; 139 + #endif 140 + if (fscrypt_match_name(fname, d->filename[bit_pos], 141 + le16_to_cpu(de->name_len))) 142 + goto found; 143 + } 170 144 171 145 if (max_slots && max_len > *max_slots) 172 146 *max_slots = max_len; ··· 207 157 struct f2fs_dir_entry *de = NULL; 208 158 bool room = false; 209 159 int max_slots; 210 - f2fs_hash_t namehash = f2fs_dentry_hash(&name, fname); 160 + f2fs_hash_t namehash = f2fs_dentry_hash(dir, &name, fname); 211 161 212 162 nbucket = dir_buckets(level, F2FS_I(dir)->i_dir_level); 213 163 nblock = bucket_blocks(level); ··· 229 179 } 230 180 } 231 181 232 - de = find_in_block(dentry_page, fname, namehash, &max_slots, 233 - res_page); 182 + de = find_in_block(dir, dentry_page, fname, namehash, 183 + &max_slots, res_page); 234 184 if (de) 235 185 break; 236 186 ··· 299 249 struct f2fs_dir_entry *de = NULL; 300 250 struct fscrypt_name fname; 301 251 int err; 252 + 253 + #ifdef CONFIG_UNICODE 254 + if (f2fs_has_strict_mode(F2FS_I_SB(dir)) && IS_CASEFOLDED(dir) && 255 + utf8_validate(F2FS_I_SB(dir)->s_encoding, child)) { 256 + *res_page = ERR_PTR(-EINVAL); 257 + return NULL; 258 + } 259 + #endif 302 260 303 261 err = fscrypt_setup_filename(dir, child, 1, &fname); 304 262 if (err) { ··· 562 504 563 505 level = 0; 564 506 slots = GET_DENTRY_SLOTS(new_name->len); 565 - dentry_hash = f2fs_dentry_hash(new_name, NULL); 507 + dentry_hash = f2fs_dentry_hash(dir, new_name, NULL); 566 508 567 509 current_depth = F2FS_I(dir)->i_current_depth; 568 510 if (F2FS_I(dir)->chash == dentry_hash) { ··· 1001 943 .compat_ioctl = f2fs_compat_ioctl, 1002 944 #endif 1003 945 }; 946 + 947 + #ifdef CONFIG_UNICODE 948 + static int f2fs_d_compare(const struct dentry *dentry, unsigned int len, 949 + const char *str, const struct qstr *name) 950 + { 951 + struct qstr qstr = {.name = str, .len = len }; 952 + 953 + if (!IS_CASEFOLDED(dentry->d_parent->d_inode)) { 954 + if (len != name->len) 955 + return -1; 956 + return memcmp(str, name, len); 957 + } 958 + 959 + return f2fs_ci_compare(dentry->d_parent->d_inode, name, &qstr); 960 + } 961 + 962 + static int f2fs_d_hash(const struct dentry *dentry, struct qstr *str) 963 + { 964 + struct f2fs_sb_info *sbi = F2FS_SB(dentry->d_sb); 965 + const struct unicode_map *um = sbi->s_encoding; 966 + unsigned char *norm; 967 + int len, ret = 0; 968 + 969 + if (!IS_CASEFOLDED(dentry->d_inode)) 970 + return 0; 971 + 972 + norm = f2fs_kmalloc(sbi, PATH_MAX, GFP_ATOMIC); 973 + if (!norm) 974 + return -ENOMEM; 975 + 976 + len = utf8_casefold(um, str, norm, PATH_MAX); 977 + if (len < 0) { 978 + if (f2fs_has_strict_mode(sbi)) 979 + ret = -EINVAL; 980 + goto out; 981 + } 982 + str->hash = full_name_hash(dentry, norm, len); 983 + out: 984 + kvfree(norm); 985 + return ret; 986 + } 987 + 988 + const struct dentry_operations f2fs_dentry_ops = { 989 + .d_hash = f2fs_d_hash, 990 + .d_compare = f2fs_d_compare, 991 + }; 992 + #endif
+14 -4
fs/f2fs/f2fs.h
··· 2367 2367 #define F2FS_INDEX_FL 0x00001000 /* hash-indexed directory */ 2368 2368 #define F2FS_DIRSYNC_FL 0x00010000 /* dirsync behaviour (directories only) */ 2369 2369 #define F2FS_PROJINHERIT_FL 0x20000000 /* Create with parents projid */ 2370 + #define F2FS_CASEFOLD_FL 0x40000000 /* Casefolded file */ 2370 2371 2371 2372 /* Flags that should be inherited by new inodes from their parent. */ 2372 2373 #define F2FS_FL_INHERITED (F2FS_SYNC_FL | F2FS_NODUMP_FL | F2FS_NOATIME_FL | \ 2373 - F2FS_DIRSYNC_FL | F2FS_PROJINHERIT_FL) 2374 + F2FS_DIRSYNC_FL | F2FS_PROJINHERIT_FL | \ 2375 + F2FS_CASEFOLD_FL) 2374 2376 2375 2377 /* Flags that are appropriate for regular files (all but dir-specific ones). */ 2376 - #define F2FS_REG_FLMASK (~(F2FS_DIRSYNC_FL | F2FS_PROJINHERIT_FL)) 2378 + #define F2FS_REG_FLMASK (~(F2FS_DIRSYNC_FL | F2FS_PROJINHERIT_FL | \ 2379 + F2FS_CASEFOLD_FL)) 2377 2380 2378 2381 /* Flags that are appropriate for non-directories/regular files. */ 2379 2382 #define F2FS_OTHER_FLMASK (F2FS_NODUMP_FL | F2FS_NOATIME_FL) ··· 2936 2933 bool hot, bool set); 2937 2934 struct dentry *f2fs_get_parent(struct dentry *child); 2938 2935 2936 + extern int f2fs_ci_compare(const struct inode *parent, 2937 + const struct qstr *name, 2938 + const struct qstr *entry); 2939 + 2939 2940 /* 2940 2941 * dir.c 2941 2942 */ ··· 3003 2996 /* 3004 2997 * hash.c 3005 2998 */ 3006 - f2fs_hash_t f2fs_dentry_hash(const struct qstr *name_info, 3007 - struct fscrypt_name *fname); 2999 + f2fs_hash_t f2fs_dentry_hash(const struct inode *dir, 3000 + const struct qstr *name_info, struct fscrypt_name *fname); 3008 3001 3009 3002 /* 3010 3003 * node.c ··· 3447 3440 #endif 3448 3441 3449 3442 extern const struct file_operations f2fs_dir_operations; 3443 + #ifdef CONFIG_UNICODE 3444 + extern const struct dentry_operations f2fs_dentry_ops; 3445 + #endif 3450 3446 extern const struct file_operations f2fs_file_operations; 3451 3447 extern const struct inode_operations f2fs_file_inode_operations; 3452 3448 extern const struct address_space_operations f2fs_dblock_aops;
+12 -2
fs/f2fs/file.c
··· 1664 1664 if (IS_NOQUOTA(inode)) 1665 1665 return -EPERM; 1666 1666 1667 + if ((iflags ^ fi->i_flags) & F2FS_CASEFOLD_FL) { 1668 + if (!f2fs_sb_has_casefold(F2FS_I_SB(inode))) 1669 + return -EOPNOTSUPP; 1670 + if (!f2fs_empty_dir(inode)) 1671 + return -ENOTEMPTY; 1672 + } 1673 + 1667 1674 fi->i_flags = iflags | (fi->i_flags & ~mask); 1668 1675 1669 1676 if (fi->i_flags & F2FS_PROJINHERIT_FL) ··· 1705 1698 { F2FS_INDEX_FL, FS_INDEX_FL }, 1706 1699 { F2FS_DIRSYNC_FL, FS_DIRSYNC_FL }, 1707 1700 { F2FS_PROJINHERIT_FL, FS_PROJINHERIT_FL }, 1701 + { F2FS_CASEFOLD_FL, FS_CASEFOLD_FL }, 1708 1702 }; 1709 1703 1710 1704 #define F2FS_GETTABLE_FS_FL ( \ ··· 1719 1711 FS_PROJINHERIT_FL | \ 1720 1712 FS_ENCRYPT_FL | \ 1721 1713 FS_INLINE_DATA_FL | \ 1722 - FS_NOCOW_FL) 1714 + FS_NOCOW_FL | \ 1715 + FS_CASEFOLD_FL) 1723 1716 1724 1717 #define F2FS_SETTABLE_FS_FL ( \ 1725 1718 FS_SYNC_FL | \ ··· 1729 1720 FS_NODUMP_FL | \ 1730 1721 FS_NOATIME_FL | \ 1731 1722 FS_DIRSYNC_FL | \ 1732 - FS_PROJINHERIT_FL) 1723 + FS_PROJINHERIT_FL | \ 1724 + FS_CASEFOLD_FL) 1733 1725 1734 1726 /* Convert f2fs on-disk i_flags to FS_IOC_{GET,SET}FLAGS flags */ 1735 1727 static inline u32 f2fs_iflags_to_fsflags(u32 iflags)
+36 -1
fs/f2fs/hash.c
··· 14 14 #include <linux/f2fs_fs.h> 15 15 #include <linux/cryptohash.h> 16 16 #include <linux/pagemap.h> 17 + #include <linux/unicode.h> 17 18 18 19 #include "f2fs.h" 19 20 ··· 68 67 *buf++ = pad; 69 68 } 70 69 71 - f2fs_hash_t f2fs_dentry_hash(const struct qstr *name_info, 70 + static f2fs_hash_t __f2fs_dentry_hash(const struct qstr *name_info, 72 71 struct fscrypt_name *fname) 73 72 { 74 73 __u32 hash; ··· 103 102 hash = buf[0]; 104 103 f2fs_hash = cpu_to_le32(hash & ~F2FS_HASH_COL_BIT); 105 104 return f2fs_hash; 105 + } 106 + 107 + f2fs_hash_t f2fs_dentry_hash(const struct inode *dir, 108 + const struct qstr *name_info, struct fscrypt_name *fname) 109 + { 110 + #ifdef CONFIG_UNICODE 111 + struct f2fs_sb_info *sbi = F2FS_SB(dir->i_sb); 112 + const struct unicode_map *um = sbi->s_encoding; 113 + int r, dlen; 114 + unsigned char *buff; 115 + struct qstr folded; 116 + 117 + if (!name_info->len || !IS_CASEFOLDED(dir)) 118 + goto opaque_seq; 119 + 120 + buff = f2fs_kzalloc(sbi, sizeof(char) * PATH_MAX, GFP_KERNEL); 121 + if (!buff) 122 + return -ENOMEM; 123 + 124 + dlen = utf8_casefold(um, name_info, buff, PATH_MAX); 125 + if (dlen < 0) { 126 + kvfree(buff); 127 + goto opaque_seq; 128 + } 129 + folded.name = buff; 130 + folded.len = dlen; 131 + r = __f2fs_dentry_hash(&folded, fname); 132 + 133 + kvfree(buff); 134 + return r; 135 + 136 + opaque_seq: 137 + #endif 138 + return __f2fs_dentry_hash(name_info, fname); 106 139 }
+2 -2
fs/f2fs/inline.c
··· 320 320 return NULL; 321 321 } 322 322 323 - namehash = f2fs_dentry_hash(&name, fname); 323 + namehash = f2fs_dentry_hash(dir, &name, fname); 324 324 325 325 inline_dentry = inline_data_addr(dir, ipage); 326 326 ··· 580 580 581 581 f2fs_wait_on_page_writeback(ipage, NODE, true, true); 582 582 583 - name_hash = f2fs_dentry_hash(new_name, NULL); 583 + name_hash = f2fs_dentry_hash(dir, new_name, NULL); 584 584 f2fs_update_dentry(ino, mode, &d, new_name, name_hash, bit_pos); 585 585 586 586 set_page_dirty(ipage);
+3 -1
fs/f2fs/inode.c
··· 46 46 new_fl |= S_DIRSYNC; 47 47 if (file_is_encrypt(inode)) 48 48 new_fl |= S_ENCRYPTED; 49 + if (flags & F2FS_CASEFOLD_FL) 50 + new_fl |= S_CASEFOLD; 49 51 inode_set_flags(inode, new_fl, 50 52 S_SYNC|S_APPEND|S_IMMUTABLE|S_NOATIME|S_DIRSYNC| 51 - S_ENCRYPTED); 53 + S_ENCRYPTED|S_CASEFOLD); 52 54 } 53 55 54 56 static void __get_inode_rdev(struct inode *inode, struct f2fs_inode *ri)
+21
fs/f2fs/namei.c
··· 489 489 goto out_iput; 490 490 } 491 491 out_splice: 492 + #ifdef CONFIG_UNICODE 493 + if (!inode && IS_CASEFOLDED(dir)) { 494 + /* Eventually we want to call d_add_ci(dentry, NULL) 495 + * for negative dentries in the encoding case as 496 + * well. For now, prevent the negative dentry 497 + * from being cached. 498 + */ 499 + trace_f2fs_lookup_end(dir, dentry, ino, err); 500 + return NULL; 501 + } 502 + #endif 492 503 new = d_splice_alias(inode, dentry); 493 504 err = PTR_ERR_OR_ZERO(new); 494 505 trace_f2fs_lookup_end(dir, dentry, ino, err); ··· 548 537 goto fail; 549 538 } 550 539 f2fs_delete_entry(de, page, dir, inode); 540 + #ifdef CONFIG_UNICODE 541 + /* VFS negative dentries are incompatible with Encoding and 542 + * Case-insensitiveness. Eventually we'll want avoid 543 + * invalidating the dentries here, alongside with returning the 544 + * negative dentries at f2fs_lookup(), when it is better 545 + * supported by the VFS for the CI case. 546 + */ 547 + if (IS_CASEFOLDED(dir)) 548 + d_invalidate(dentry); 549 + #endif 551 550 f2fs_unlock_op(sbi); 552 551 553 552 if (IS_DIRSYNC(dir))
+1
fs/f2fs/super.c
··· 3152 3152 3153 3153 sbi->s_encoding = encoding; 3154 3154 sbi->s_encoding_flags = encoding_flags; 3155 + sbi->sb->s_d_op = &f2fs_dentry_ops; 3155 3156 } 3156 3157 #else 3157 3158 if (f2fs_sb_has_casefold(sbi)) {