cachefiles: Implement key to filename encoding

Implement a function to encode a binary cookie key as something that can be
used as a filename.  Four options are considered:

 (1) All printable chars with no '/' characters.  Prepend a 'D' to indicate
     the encoding but otherwise use as-is.

 (2) Appears to be an array of __be32.  Encode as 'S' plus a list of
     hex-encoded 32-bit ints separated by commas.  If a number is 0, it is
     rendered as "" instead of "0".

 (3) Appears to be an array of __le32.  Encoded as (2) but with a 'T'
     encoding prefix.

 (4) Encoded as base64 with an 'E' prefix plus a second char indicating how
     much padding is involved.  A non-standard base64 encoding is used
     because '/' cannot be used in the encoded form.

If (1) is not possible, whichever of (2), (3) or (4) produces the shortest
string is selected (hex-encoding a number may be less dense than base64
encoding it).

Note that the prefix characters have to be selected from the set [DEIJST@]
lest cachefilesd remove the files because it recognise the name.

Changes
=======
ver #2:
 - Fix a short allocation that didn't allow for a string terminator[1]

Signed-off-by: David Howells <dhowells@redhat.com>
Reviewed-by: Jeff Layton <jlayton@kernel.org>
cc: linux-cachefs@redhat.com
Link: https://lore.kernel.org/r/bcefb8f2-576a-b3fc-cc29-89808ebfd7c1@linux.alibaba.com/
Link: https://lore.kernel.org/r/163819640393.215744.15212364106412961104.stgit@warthog.procyon.org.uk/
Link: https://lore.kernel.org/r/163906940529.143852.17352132319136117053.stgit@warthog.procyon.org.uk/
Link: https://lore.kernel.org/r/163967149827.1823006.6088580775428487961.stgit@warthog.procyon.org.uk/
Link: https://lore.kernel.org/r/164021549223.640689.14762875188193982341.stgit@warthog.procyon.org.uk/

diff --git a/fs/cachefiles/Makefile b/fs/cachefiles/Makefile
index d67210e..6f02594 100644 (file)
--- a/fs/cachefiles/Makefile
+++ b/fs/cachefiles/Makefile
@@ -7,6 +7,7 @@ cachefiles-y := \
        cache.o \
        daemon.o \
        interface.o \
+       key.o \
        main.o \
        namei.o \
        security.o \

diff --git a/fs/cachefiles/internal.h b/fs/cachefiles/internal.h
index 8763ee4..dbc37f5 100644 (file)
--- a/fs/cachefiles/internal.h
+++ b/fs/cachefiles/internal.h
@@ -174,6 +174,11 @@ extern void cachefiles_put_object(struct cachefiles_object *object,
                                  enum cachefiles_obj_ref_trace why);
 
 /*
+ * key.c
+ */
+extern bool cachefiles_cook_key(struct cachefiles_object *object);
+
+/*
  * main.c
  */
 extern struct kmem_cache *cachefiles_object_jar;

diff --git a/fs/cachefiles/key.c b/fs/cachefiles/key.c
new file mode 100644 (file)
index 0000000..bf935e2
--- /dev/null
+++ b/fs/cachefiles/key.c
@@ -0,0 +1,138 @@
+// SPDX-License-Identifier: GPL-2.0-or-later
+/* Key to pathname encoder
+ *
+ * Copyright (C) 2021 Red Hat, Inc. All Rights Reserved.
+ * Written by David Howells (dhowells@redhat.com)
+ */
+
+#include <linux/slab.h>
+#include "internal.h"
+
+static const char cachefiles_charmap[64] =
+       "0123456789"                    /* 0 - 9 */
+       "abcdefghijklmnopqrstuvwxyz"    /* 10 - 35 */
+       "ABCDEFGHIJKLMNOPQRSTUVWXYZ"    /* 36 - 61 */
+       "_-"                            /* 62 - 63 */
+       ;
+
+static const char cachefiles_filecharmap[256] = {
+       /* we skip space and tab and control chars */
+       [33 ... 46] = 1,                /* '!' -> '.' */
+       /* we skip '/' as it's significant to pathwalk */
+       [48 ... 127] = 1,               /* '0' -> '~' */
+};
+
+static inline unsigned int how_many_hex_digits(unsigned int x)
+{
+       return x ? round_up(ilog2(x) + 1, 4) / 4 : 0;
+}
+
+/*
+ * turn the raw key into something cooked
+ * - the key may be up to NAME_MAX in length (including the length word)
+ *   - "base64" encode the strange keys, mapping 3 bytes of raw to four of
+ *     cooked
+ *   - need to cut the cooked key into 252 char lengths (189 raw bytes)
+ */
+bool cachefiles_cook_key(struct cachefiles_object *object)
+{
+       const u8 *key = fscache_get_key(object->cookie), *kend;
+       unsigned char ch;
+       unsigned int acc, i, n, nle, nbe, keylen = object->cookie->key_len;
+       unsigned int b64len, len, print, pad;
+       char *name, sep;
+
+       _enter(",%u,%*phN", keylen, keylen, key);
+
+       BUG_ON(keylen > NAME_MAX - 3);
+
+       print = 1;
+       for (i = 0; i < keylen; i++) {
+               ch = key[i];
+               print &= cachefiles_filecharmap[ch];
+       }
+
+       /* If the path is usable ASCII, then we render it directly */
+       if (print) {
+               len = 1 + keylen;
+               name = kmalloc(len + 1, GFP_KERNEL);
+               if (!name)
+                       return false;
+
+               name[0] = 'D'; /* Data object type, string encoding */
+               memcpy(name + 1, key, keylen);
+               goto success;
+       }
+
+       /* See if it makes sense to encode it as "hex,hex,hex" for each 32-bit
+        * chunk.  We rely on the key having been padded out to a whole number
+        * of 32-bit words.
+        */
+       n = round_up(keylen, 4);
+       nbe = nle = 0;
+       for (i = 0; i < n; i += 4) {
+               u32 be = be32_to_cpu(*(__be32 *)(key + i));
+               u32 le = le32_to_cpu(*(__le32 *)(key + i));
+
+               nbe += 1 + how_many_hex_digits(be);
+               nle += 1 + how_many_hex_digits(le);
+       }
+
+       b64len = DIV_ROUND_UP(keylen, 3);
+       pad = b64len * 3 - keylen;
+       b64len = 2 + b64len * 4; /* Length if we base64-encode it */
+       _debug("len=%u nbe=%u nle=%u b64=%u", keylen, nbe, nle, b64len);
+       if (nbe < b64len || nle < b64len) {
+               unsigned int nlen = min(nbe, nle) + 1;
+               name = kmalloc(nlen, GFP_KERNEL);
+               if (!name)
+                       return false;
+               sep = (nbe <= nle) ? 'S' : 'T'; /* Encoding indicator */
+               len = 0;
+               for (i = 0; i < n; i += 4) {
+                       u32 x;
+                       if (nbe <= nle)
+                               x = be32_to_cpu(*(__be32 *)(key + i));
+                       else
+                               x = le32_to_cpu(*(__le32 *)(key + i));
+                       name[len++] = sep;
+                       if (x != 0)
+                               len += snprintf(name + len, nlen - len, "%x", x);
+                       sep = ',';
+               }
+               goto success;
+       }
+
+       /* We need to base64-encode it */
+       name = kmalloc(b64len + 1, GFP_KERNEL);
+       if (!name)
+               return false;
+
+       name[0] = 'E';
+       name[1] = '0' + pad;
+       len = 2;
+       kend = key + keylen;
+       do {
+               acc  = *key++;
+               if (key < kend) {
+                       acc |= *key++ << 8;
+                       if (key < kend)
+                               acc |= *key++ << 16;
+               }
+
+               name[len++] = cachefiles_charmap[acc & 63];
+               acc >>= 6;
+               name[len++] = cachefiles_charmap[acc & 63];
+               acc >>= 6;
+               name[len++] = cachefiles_charmap[acc & 63];
+               acc >>= 6;
+               name[len++] = cachefiles_charmap[acc & 63];
+       } while (key < kend);
+
+success:
+       name[len] = 0;
+       object->d_name = name;
+       object->d_name_len = len;
+       _leave(" = %s", object->d_name);
+       return true;
+}