From: Christian Ebner <c.ebner@proxmox.com>
To: pbs-devel@lists.proxmox.com
Subject: [pbs-devel] [PATCH v2 stable-2 pxar 1/1] format/decoder/accessor: backport pxar entry type `Version`
Date: Wed, 5 Jun 2024 17:41:54 +0200 [thread overview]
Message-ID: <20240605154155.2365-2-c.ebner@proxmox.com> (raw)
In-Reply-To: <20240605154155.2365-1-c.ebner@proxmox.com>
Backports the pxar format entry type `Version` and the associated
decoder methods. The format version entry is expected once as the
first entry of the pxar archive, marked with a `PXAR_FORMAT_VERSION`
header followed by the encoded version number for archives with
format version 2 or higher.
If not present, the default format version 1 is assumed as encoding
format for the archive.
The entry allows to early detect and bail if an incompatible archive
version is encountered.
The format version entry is not backwards compatible to pxar format
version 1.
Signed-off-by: Christian Ebner <c.ebner@proxmox.com>
---
Note:
This patch is intended to be applied on a dedicated branch to be forked
from previous master commit 675ecff32fbeff0973eaea016c4b8f3877015adb
examples/mk-format-hashes.rs | 5 +++++
src/accessor/mod.rs | 28 ++++++++++++++++++++++++++--
src/decoder/mod.rs | 28 ++++++++++++++++++++++++++--
src/format/mod.rs | 19 +++++++++++++++++++
src/lib.rs | 3 +++
tests/simple/fs.rs | 1 +
6 files changed, 80 insertions(+), 4 deletions(-)
diff --git a/examples/mk-format-hashes.rs b/examples/mk-format-hashes.rs
index 6e00654..afd0924 100644
--- a/examples/mk-format-hashes.rs
+++ b/examples/mk-format-hashes.rs
@@ -1,6 +1,11 @@
use pxar::format::hash_filename;
const CONSTANTS: &[(&str, &str, &str)] = &[
+ (
+ "Pxar format version entry, fallback to version 1 if not present",
+ "PXAR_FORMAT_VERSION",
+ "__PROXMOX_FORMAT_VERSION__",
+ ),
(
"Beginning of an entry (current version).",
"PXAR_ENTRY",
diff --git a/src/accessor/mod.rs b/src/accessor/mod.rs
index 6a2de73..73d79e1 100644
--- a/src/accessor/mod.rs
+++ b/src/accessor/mod.rs
@@ -17,7 +17,7 @@ use endian_trait::Endian;
use crate::binary_tree_array;
use crate::decoder::{self, DecoderImpl};
-use crate::format::{self, GoodbyeItem};
+use crate::format::{self, FormatVersion, GoodbyeItem};
use crate::util;
use crate::{Entry, EntryKind};
@@ -185,11 +185,23 @@ pub(crate) struct AccessorImpl<T> {
}
impl<T: ReadAt> AccessorImpl<T> {
- pub async fn new(input: T, size: u64) -> io::Result<Self> {
+ pub async fn new(mut input: T, size: u64) -> io::Result<Self> {
if size < (size_of::<GoodbyeItem>() as u64) {
io_bail!("too small to contain a pxar archive");
}
+ let header: format::Header = read_entry_at(&mut input, 0).await?;
+ header.check_header_size()?;
+
+ if header.htype == format::PXAR_FORMAT_VERSION {
+ let version: u64 = read_entry_at(
+ &mut input,
+ size_of::<format::Header>() as u64,
+ )
+ .await?;
+ FormatVersion::deserialize(version)?;
+ }
+
Ok(Self {
input,
size,
@@ -293,6 +305,12 @@ impl<T: Clone + ReadAt> AccessorImpl<T> {
.next()
.await
.ok_or_else(|| io_format_err!("unexpected EOF while decoding file entry"))??;
+
+ if let EntryKind::Version(_) = entry.kind() {
+ // client is incompatible with any format version entry (version 1 is never encoded)
+ io_bail!("got format version not compatible with this client.");
+ }
+
Ok(FileEntryImpl {
input: self.input.clone(),
entry,
@@ -516,6 +534,12 @@ impl<T: Clone + ReadAt> DirectoryImpl<T> {
.next()
.await
.ok_or_else(|| io_format_err!("unexpected EOF while decoding directory entry"))??;
+
+ if let EntryKind::Version(_) = entry.kind() {
+ // client is incompatible with any format version entry (version 1 is never encoded)
+ io_bail!("got format version not compatible with this client.");
+ }
+
Ok((entry, decoder))
}
diff --git a/src/decoder/mod.rs b/src/decoder/mod.rs
index d1fb911..c6eae9f 100644
--- a/src/decoder/mod.rs
+++ b/src/decoder/mod.rs
@@ -17,7 +17,7 @@ use std::task::{Context, Poll};
use endian_trait::Endian;
-use crate::format::{self, Header};
+use crate::format::{self, FormatVersion, Header};
use crate::util::{self, io_err_other};
use crate::{Entry, EntryKind, Metadata};
@@ -162,6 +162,7 @@ pub(crate) struct DecoderImpl<T> {
eof_after_entry: bool,
}
+#[derive(Clone, PartialEq)]
enum State {
Begin,
Default,
@@ -236,7 +237,16 @@ impl<I: SeqRead> DecoderImpl<I> {
loop {
match self.state {
State::Eof => return Ok(None),
- State::Begin => return self.read_next_entry().await.map(Some),
+ State::Begin => {
+ let entry = self.read_next_entry().await.map(Some);
+ if let Ok(Some(ref entry)) = entry {
+ if let EntryKind::Version(_) = entry.kind() {
+ // client is incompatible with any format version entry (version 1 is never encoded)
+ io_bail!("got format version not compatible with this client.");
+ }
+ }
+ return entry;
+ }
State::Default => {
// we completely finished an entry, so now we're going "up" in the directory
// hierarchy and parse the next PXAR_FILENAME or the PXAR_GOODBYE:
@@ -354,6 +364,7 @@ impl<I: SeqRead> DecoderImpl<I> {
}
async fn read_next_entry_or_eof(&mut self) -> io::Result<Option<Entry>> {
+ let previous_state = self.state.clone();
self.state = State::Default;
self.entry.clear_data();
@@ -373,6 +384,14 @@ impl<I: SeqRead> DecoderImpl<I> {
self.entry.metadata = Metadata::default();
self.entry.kind = EntryKind::Hardlink(self.read_hardlink().await?);
+ Ok(Some(self.entry.take()))
+ } else if header.htype == format::PXAR_FORMAT_VERSION {
+ if previous_state != State::Begin {
+ io_bail!("Got format version entry at unexpected position");
+ }
+ self.current_header = header;
+ self.entry.kind = EntryKind::Version(self.read_format_version().await?);
+
Ok(Some(self.entry.take()))
} else if header.htype == format::PXAR_ENTRY || header.htype == format::PXAR_ENTRY_V1 {
if header.htype == format::PXAR_ENTRY {
@@ -661,6 +680,11 @@ impl<I: SeqRead> DecoderImpl<I> {
async fn read_quota_project_id(&mut self) -> io::Result<format::QuotaProjectId> {
self.read_simple_entry("quota project id").await
}
+
+ async fn read_format_version(&mut self) -> io::Result<format::FormatVersion> {
+ let version: u64 = seq_read_entry(&mut self.input).await?;
+ FormatVersion::deserialize(version)
+ }
}
/// Reader for file contents inside a pxar archive.
diff --git a/src/format/mod.rs b/src/format/mod.rs
index bfea9f6..2e21635 100644
--- a/src/format/mod.rs
+++ b/src/format/mod.rs
@@ -6,6 +6,7 @@
//! item data.
//!
//! An archive contains items in the following order:
+//! * `FORMAT_VERSION` -- (optional for v1), version of encoding format
//! * `ENTRY` -- containing general stat() data and related bits
//! * `XATTR` -- one extended attribute
//! * ... -- more of these when there are multiple defined
@@ -79,6 +80,8 @@ pub mod mode {
}
// Generated by `cargo run --example mk-format-hashes`
+/// Pxar format version entry, fallback to version 1 if not present
+pub const PXAR_FORMAT_VERSION: u64 = 0x730f6c75df16a40d;
/// Beginning of an entry (current version).
pub const PXAR_ENTRY: u64 = 0xd5956474e588acef;
/// Previous version of the entry struct
@@ -177,6 +180,7 @@ impl Header {
impl Display for Header {
fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
let readable = match self.htype {
+ PXAR_FORMAT_VERSION => "FORMAT_VERSION",
PXAR_FILENAME => "FILENAME",
PXAR_SYMLINK => "SYMLINK",
PXAR_HARDLINK => "HARDLINK",
@@ -540,6 +544,21 @@ impl From<&std::fs::Metadata> for Stat {
}
}
+#[derive(Clone, Debug, Default, PartialEq)]
+pub enum FormatVersion {
+ #[default]
+ Version1,
+}
+
+impl FormatVersion {
+ pub fn deserialize(version: u64) -> Result<FormatVersion, io::Error> {
+ match version {
+ 1u64 => Ok(FormatVersion::Version1),
+ version => io_bail!("incompatible format version {version}")
+ }
+ }
+}
+
#[derive(Clone, Debug)]
pub struct Filename {
pub name: Vec<u8>,
diff --git a/src/lib.rs b/src/lib.rs
index 210c4b1..b63d43c 100644
--- a/src/lib.rs
+++ b/src/lib.rs
@@ -342,6 +342,9 @@ impl Acl {
/// Identifies whether the entry is a file, symlink, directory, etc.
#[derive(Clone, Debug)]
pub enum EntryKind {
+ /// Pxar file format version
+ Version(format::FormatVersion),
+
/// Symbolic links.
Symlink(format::Symlink),
diff --git a/tests/simple/fs.rs b/tests/simple/fs.rs
index 9a89c4d..fd13e65 100644
--- a/tests/simple/fs.rs
+++ b/tests/simple/fs.rs
@@ -229,6 +229,7 @@ impl Entry {
})?))
};
match item.kind() {
+ PxarEntryKind::Version(_) => continue,
PxarEntryKind::GoodbyeTable => break,
PxarEntryKind::File { size, .. } => {
let mut data = Vec::new();
--
2.30.2
_______________________________________________
pbs-devel mailing list
pbs-devel@lists.proxmox.com
https://lists.proxmox.com/cgi-bin/mailman/listinfo/pbs-devel
next prev parent reply other threads:[~2024-06-05 15:42 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-06-05 15:41 [pbs-devel] [PATCH v2 stable-2 pxar proxmox-backup 0/2] backport pxar format version check Christian Ebner
2024-06-05 15:41 ` Christian Ebner [this message]
2024-06-06 8:21 ` [pbs-devel] [PATCH v2 stable-2 pxar 1/1] format/decoder/accessor: backport pxar entry type `Version` Fabian Grünbichler
2024-06-06 8:49 ` Christian Ebner
2024-06-06 9:05 ` Fabian Grünbichler
2024-06-05 15:41 ` [pbs-devel] [PATCH v2 stable-2 proxmox-backup 2/2] client: pxar: bail on incompatible format versions Christian Ebner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20240605154155.2365-2-c.ebner@proxmox.com \
--to=c.ebner@proxmox.com \
--cc=pbs-devel@lists.proxmox.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox