Commit 53853995 authored by Kees Cook's avatar Kees Cook
Browse files

qnx4: Extract dir entry filename processing into helper 



Both dir.c and namei.c need to perform the same work to figure out a
directory entry's name and size. Extract this into a helper for use
in the next patch.

Acked-by: default avatarAnders Larsen <al@alarsen.net>
Link: https://lore.kernel.org/r/20231130205120.3642477-1-keescook@chromium.org


Signed-off-by: default avatarKees Cook <keescook@chromium.org>
parent ac7110d8

fs/qnx4/dir.c

+7 −45
Original line number Diff line number Diff line
@@ -15,43 +15,6 @@ 
#include <linux/buffer_head.h>

#include "qnx4.h"



/*

 * A qnx4 directory entry is an inode entry or link info

 * depending on the status field in the last byte. The

 * first byte is where the name start either way, and a

 * zero means it's empty.

 *

 * Also, due to a bug in gcc, we don't want to use the

 * real (differently sized) name arrays in the inode and

 * link entries, but always the 'de_name[]' one in the

 * fake struct entry.

 *

 * See

 *

 *   https://gcc.gnu.org/bugzilla/show_bug.cgi?id=99578#c6

 *

 * for details, but basically gcc will take the size of the

 * 'name' array from one of the used union entries randomly.

 *

 * This use of 'de_name[]' (48 bytes) avoids the false positive

 * warnings that would happen if gcc decides to use 'inode.di_name'

 * (16 bytes) even when the pointer and size were to come from

 * 'link.dl_name' (48 bytes).

 *

 * In all cases the actual name pointer itself is the same, it's

 * only the gcc internal 'what is the size of this field' logic

 * that can get confused.

 */

union qnx4_directory_entry {

	struct {

		const char de_name[48];

		u8 de_pad[15];

		u8 de_status;

	};

	struct qnx4_inode_entry inode;

	struct qnx4_link_info link;

};



static int qnx4_readdir(struct file *file, struct dir_context *ctx)

{

	struct inode *inode = file_inode(file);
@@ -74,26 +37,25 @@ static int qnx4_readdir(struct file *file, struct dir_context *ctx) 
		ix = (ctx->pos >> QNX4_DIR_ENTRY_SIZE_BITS) % QNX4_INODES_PER_BLOCK;

		for (; ix < QNX4_INODES_PER_BLOCK; ix++, ctx->pos += QNX4_DIR_ENTRY_SIZE) {

			union qnx4_directory_entry *de;

			const char *fname;



			offset = ix * QNX4_DIR_ENTRY_SIZE;

			de = (union qnx4_directory_entry *) (bh->b_data + offset);



			if (!de->de_name[0])

				continue;

			if (!(de->de_status & (QNX4_FILE_USED|QNX4_FILE_LINK)))

			fname = get_entry_fname(de, &size);

			if (!fname)

				continue;



			if (!(de->de_status & QNX4_FILE_LINK)) {

				size = sizeof(de->inode.di_fname);

				ino = blknum * QNX4_INODES_PER_BLOCK + ix - 1;

			} else {

				size = sizeof(de->link.dl_fname);

				ino = ( le32_to_cpu(de->link.dl_inode_blk) - 1 ) *

					QNX4_INODES_PER_BLOCK +

					de->link.dl_inode_ndx;

			}

			size = strnlen(de->de_name, size);

			QNX4DEBUG((KERN_INFO "qnx4_readdir:%.*s\n", size, name));

			if (!dir_emit(ctx, de->de_name, size, ino, DT_UNKNOWN)) {



			QNX4DEBUG((KERN_INFO "qnx4_readdir:%.*s\n", size, fname));

			if (!dir_emit(ctx, fname, size, ino, DT_UNKNOWN)) {

				brelse(bh);

				return 0;

			}

fs/qnx4/qnx4.h

+60 −0
Original line number Diff line number Diff line
@@ -44,3 +44,63 @@ static inline struct qnx4_inode_entry *qnx4_raw_inode(struct inode *inode) 
{

	return &qnx4_i(inode)->raw;

}



/*

 * A qnx4 directory entry is an inode entry or link info

 * depending on the status field in the last byte. The

 * first byte is where the name start either way, and a

 * zero means it's empty.

 *

 * Also, due to a bug in gcc, we don't want to use the

 * real (differently sized) name arrays in the inode and

 * link entries, but always the 'de_name[]' one in the

 * fake struct entry.

 *

 * See

 *

 *   https://gcc.gnu.org/bugzilla/show_bug.cgi?id=99578#c6

 *

 * for details, but basically gcc will take the size of the

 * 'name' array from one of the used union entries randomly.

 *

 * This use of 'de_name[]' (48 bytes) avoids the false positive

 * warnings that would happen if gcc decides to use 'inode.di_name'

 * (16 bytes) even when the pointer and size were to come from

 * 'link.dl_name' (48 bytes).

 *

 * In all cases the actual name pointer itself is the same, it's

 * only the gcc internal 'what is the size of this field' logic

 * that can get confused.

 */

union qnx4_directory_entry {

	struct {

		const char de_name[48];

		u8 de_pad[15];

		u8 de_status;

	};

	struct qnx4_inode_entry inode;

	struct qnx4_link_info link;

};



static inline const char *get_entry_fname(union qnx4_directory_entry *de,

					  int *size)

{

	/* Make sure the status byte is in the same place for all structs. */

	BUILD_BUG_ON(offsetof(struct qnx4_inode_entry, di_status) !=

			offsetof(struct qnx4_link_info, dl_status));

	BUILD_BUG_ON(offsetof(struct qnx4_inode_entry, di_status) !=

			offsetof(union qnx4_directory_entry, de_status));



	if (!de->de_name[0])

		return NULL;

	if (!(de->de_status & (QNX4_FILE_USED|QNX4_FILE_LINK)))

		return NULL;

	if (!(de->de_status & QNX4_FILE_LINK))

		*size = sizeof(de->inode.di_fname);

	else

		*size = sizeof(de->link.dl_fname);



	*size = strnlen(de->de_name, *size);



	return de->de_name;

}