misc: amend unicode confusing name tests to check for hidden tag characters

The Unicode consortium has twice defined (and later deprecated) special
"tag" codepoints.  These tag codepoints are not supposed to be rendered
(i.e. they're invisible) but you can certainly encode them in
directories and labels to try to confuse users.

xfs_scrub already knows how complain about these tag characters because
libicu can detect both their presence and their use in confusing name
attacks, so add this as an explicit regression test.

Link: https://embracethered.com/blog/posts/2024/hiding-and-finding-text-with-unicode-tags/
Link: https://arstechnica.com/security/2024/10/ai-chatbots-can-read-and-write-invisible-text-creating-an-ideal-covert-channel/
Signed-off-by: Darrick J. Wong <djwong@kernel.org>
Reviewed-by: Christoph Hellwig <hch@lst.de>
Reviewed-by: Zorro Lang <zlang@redhat.com>
Signed-off-by: Zorro Lang <zlang@kernel.org>

diff --git a/tests/generic/453 b/tests/generic/453
index 855243a860b9bad7d453bb0e024fa0cb5c78f8cd..b7e686f37100da35715cad08f4ecc1aa4f1ce8db 100755 (executable)
--- a/tests/generic/453
+++ b/tests/generic/453
@@ -199,6 +199,10 @@ setf "job offer\xdc\x82pdf" "syriac sublinear full stop"
 setf "job offer\xea\x93\xb8pdf" "lisu letter tone mya ti"
 setf "job offer.pdf" "actual period"
 
+# encoding hidden tag characters in filenames to create confusing names
+setf "llamapirate\xf3\xa0\x80\x81\xf3\xa0\x81\x94\xf3\xa0\x81\xa8\xf3\xa0\x81\xa5\xf3\xa0\x80\xa0\xf3\xa0\x81\xb3\xf3\xa0\x81\xa1\xf3\xa0\x81\xac\xf3\xa0\x81\xa5\xf3\xa0\x81\xb3\xf3\xa0\x80\xa0\xf3\xa0\x81\xa6\xf3\xa0\x81\xaf\xf3\xa0\x81\xb2\xf3\xa0\x80\xa0\xf3\xa0\x81\x93\xf3\xa0\x81\xa5\xf3\xa0\x81\xa1\xf3\xa0\x81\xb4\xf3\xa0\x81\xb4\xf3\xa0\x81\xac\xf3\xa0\x81\xa5\xf3\xa0\x80\xa0\xf3\xa0\x81\xb7\xf3\xa0\x81\xa5\xf3\xa0\x81\xb2\xf3\xa0\x81\xa5\xf3\xa0\x80\xa0\xf3\xa0\x81\x95\xf3\xa0\x81\x93\xf3\xa0\x81\x84\xf3\xa0\x80\xa0\xf3\xa0\x80\xb1\xf3\xa0\x80\xb2\xf3\xa0\x80\xb0\xf3\xa0\x80\xb0\xf3\xa0\x80\xb0\xf3\xa0\x80\xb0\xf3\xa0\x81\xbf"
+setf "llamapirate"
+
 ls -laR $testdir >> $seqres.full
 
 echo "Test files"
@@ -269,6 +273,9 @@ testf "job offer\xdc\x82pdf" "syriac sublinear full stop"
 testf "job offer\xea\x93\xb8pdf" "lisu letter tone mya ti"
 testf "job offer.pdf" "actual period"
 
+testf "llamapirate\xf3\xa0\x80\x81\xf3\xa0\x81\x94\xf3\xa0\x81\xa8\xf3\xa0\x81\xa5\xf3\xa0\x80\xa0\xf3\xa0\x81\xb3\xf3\xa0\x81\xa1\xf3\xa0\x81\xac\xf3\xa0\x81\xa5\xf3\xa0\x81\xb3\xf3\xa0\x80\xa0\xf3\xa0\x81\xa6\xf3\xa0\x81\xaf\xf3\xa0\x81\xb2\xf3\xa0\x80\xa0\xf3\xa0\x81\x93\xf3\xa0\x81\xa5\xf3\xa0\x81\xa1\xf3\xa0\x81\xb4\xf3\xa0\x81\xb4\xf3\xa0\x81\xac\xf3\xa0\x81\xa5\xf3\xa0\x80\xa0\xf3\xa0\x81\xb7\xf3\xa0\x81\xa5\xf3\xa0\x81\xb2\xf3\xa0\x81\xa5\xf3\xa0\x80\xa0\xf3\xa0\x81\x95\xf3\xa0\x81\x93\xf3\xa0\x81\x84\xf3\xa0\x80\xa0\xf3\xa0\x80\xb1\xf3\xa0\x80\xb2\xf3\xa0\x80\xb0\xf3\xa0\x80\xb0\xf3\xa0\x80\xb0\xf3\xa0\x80\xb0\xf3\xa0\x81\xbf"
+testf "llamapirate"
+
 echo "Uniqueness of inodes?"
 stat -c '%i' "${testdir}/"* | sort | uniq -c | while read nr inum; do
        if [ "${nr}" -gt 1 ]; then
@@ -303,6 +310,7 @@ if _check_xfs_scrub_does_unicode "$SCRATCH_MNT" "$SCRATCH_DEV"; then
                grep -q "job offer.xea.x93.xb8pdf" $tmp.scrub || echo "No complaints about lisu letter tone mya ti?"
                grep -q "job offer.*could be confused with" $tmp.scrub || echo "No complaints about confusing job offers?"
                grep -q "job offer.xe2.x80.xa4.xe2.x80.x8dpdf" $tmp.scrub || echo "No complaints about one dot leader with invisible space?"
+               grep -q "llamapirate" $tmp.scrub || echo "No complaints about hidden llm instructions in filenames?"
        fi
 
        echo "Actual xfs_scrub output:" >> $seqres.full

diff --git a/tests/generic/454 b/tests/generic/454
index 3c9b39d059532d2de30caf22b8f1faa32b7c3a38..2cc2d81ce4cc774333d1bf0011e2fdc04748139b 100755 (executable)
--- a/tests/generic/454
+++ b/tests/generic/454
@@ -120,6 +120,10 @@ setf "zerojoin_moo\xe2\x80\x8ccow.txt" "zero width joiners"
 setf "combmark_\xe1\x80\x9c\xe1\x80\xad\xe1\x80\xaf.txt" "combining marks"
 setf "combmark_\xe1\x80\x9c\xe1\x80\xaf\xe1\x80\xad.txt" "combining marks"
 
+# encoding hidden tag characters in attrnames to create confusing xattrs
+setf "llamapirate\xf3\xa0\x80\x81\xf3\xa0\x81\x94\xf3\xa0\x81\xa8\xf3\xa0\x81\xa5\xf3\xa0\x80\xa0\xf3\xa0\x81\xb3\xf3\xa0\x81\xa1\xf3\xa0\x81\xac\xf3\xa0\x81\xa5\xf3\xa0\x81\xb3\xf3\xa0\x80\xa0\xf3\xa0\x81\xa6\xf3\xa0\x81\xaf\xf3\xa0\x81\xb2\xf3\xa0\x80\xa0\xf3\xa0\x81\x93\xf3\xa0\x81\xa5\xf3\xa0\x81\xa1\xf3\xa0\x81\xb4\xf3\xa0\x81\xb4\xf3\xa0\x81\xac\xf3\xa0\x81\xa5\xf3\xa0\x80\xa0\xf3\xa0\x81\xb7\xf3\xa0\x81\xa5\xf3\xa0\x81\xb2\xf3\xa0\x81\xa5\xf3\xa0\x80\xa0\xf3\xa0\x81\x95\xf3\xa0\x81\x93\xf3\xa0\x81\x84\xf3\xa0\x80\xa0\xf3\xa0\x80\xb1\xf3\xa0\x80\xb2\xf3\xa0\x80\xb0\xf3\xa0\x80\xb0\xf3\xa0\x80\xb0\xf3\xa0\x80\xb0\xf3\xa0\x81\xbf"
+setf "llamapirate"
+
 _getfattr --absolute-names -d "${testfile}" >> $seqres.full
 
 echo "Test files"
@@ -167,6 +171,9 @@ testf "zerojoin_moo\xe2\x80\x8ccow.txt" "zero width joiners"
 testf "combmark_\xe1\x80\x9c\xe1\x80\xad\xe1\x80\xaf.txt" "combining marks"
 testf "combmark_\xe1\x80\x9c\xe1\x80\xaf\xe1\x80\xad.txt" "combining marks"
 
+testf "llamapirate\xf3\xa0\x80\x81\xf3\xa0\x81\x94\xf3\xa0\x81\xa8\xf3\xa0\x81\xa5\xf3\xa0\x80\xa0\xf3\xa0\x81\xb3\xf3\xa0\x81\xa1\xf3\xa0\x81\xac\xf3\xa0\x81\xa5\xf3\xa0\x81\xb3\xf3\xa0\x80\xa0\xf3\xa0\x81\xa6\xf3\xa0\x81\xaf\xf3\xa0\x81\xb2\xf3\xa0\x80\xa0\xf3\xa0\x81\x93\xf3\xa0\x81\xa5\xf3\xa0\x81\xa1\xf3\xa0\x81\xb4\xf3\xa0\x81\xb4\xf3\xa0\x81\xac\xf3\xa0\x81\xa5\xf3\xa0\x80\xa0\xf3\xa0\x81\xb7\xf3\xa0\x81\xa5\xf3\xa0\x81\xb2\xf3\xa0\x81\xa5\xf3\xa0\x80\xa0\xf3\xa0\x81\x95\xf3\xa0\x81\x93\xf3\xa0\x81\x84\xf3\xa0\x80\xa0\xf3\xa0\x80\xb1\xf3\xa0\x80\xb2\xf3\xa0\x80\xb0\xf3\xa0\x80\xb0\xf3\xa0\x80\xb0\xf3\xa0\x80\xb0\xf3\xa0\x81\xbf"
+testf "llamapirate"
+
 echo "Uniqueness of keys?"
 crazy_keys="$(_getfattr --absolute-names -d "${testfile}" | grep -E -c '(french_|chinese_|greek_|arabic_|urk)')"
 expected_keys=11
@@ -175,16 +182,18 @@ test "${crazy_keys}" -ne "${expected_keys}" && echo "Expected ${expected_keys} k
 echo "Test XFS online scrub, if applicable"
 
 if _check_xfs_scrub_does_unicode "$SCRATCH_MNT" "$SCRATCH_DEV"; then
-       output="$(LC_ALL="C.UTF-8" ${XFS_SCRUB_PROG} -v -n "${SCRATCH_MNT}" 2>&1 | filter_scrub)"
-       echo "${output}" | grep -q "french_" || echo "No complaints about french e accent?"
-       echo "${output}" | grep -q "greek_" || echo "No complaints about greek letter mess?"
-       echo "${output}" | grep -q "arabic_" || echo "No complaints about arabic expanded string?"
-       echo "${output}" | grep -q "mixed_" || echo "No complaints about mixed script confusables?"
-       echo "${output}" | grep -q "hyphens_" || echo "No complaints about hyphenation confusables?"
-       echo "${output}" | grep -q "dz_digraph_" || echo "No complaints about single script confusables?"
-       echo "${output}" | grep -q "inadequate_" || echo "No complaints about inadequate rendering confusables?"
-       echo "${output}" | grep -q "prohibition_" || echo "No complaints about prohibited sequence confusables?"
-       echo "${output}" | grep -q "zerojoin_" || echo "No complaints about zero-width join confusables?"
+       LC_ALL="C.UTF-8" ${XFS_SCRUB_PROG} -v -n "${SCRATCH_MNT}" 2>&1 | filter_scrub > $tmp.scrub
+
+       grep -q "french_" $tmp.scrub || echo "No complaints about french e accent?"
+       grep -q "greek_" $tmp.scrub || echo "No complaints about greek letter mess?"
+       grep -q "arabic_" $tmp.scrub || echo "No complaints about arabic expanded string?"
+       grep -q "mixed_" $tmp.scrub || echo "No complaints about mixed script confusables?"
+       grep -q "hyphens_" $tmp.scrub || echo "No complaints about hyphenation confusables?"
+       grep -q "dz_digraph_" $tmp.scrub || echo "No complaints about single script confusables?"
+       grep -q "inadequate_" $tmp.scrub || echo "No complaints about inadequate rendering confusables?"
+       grep -q "prohibition_" $tmp.scrub || echo "No complaints about prohibited sequence confusables?"
+       grep -q "zerojoin_" $tmp.scrub || echo "No complaints about zero-width join confusables?"
+       grep -q "llamapirate" $tmp.scrub || echo "No complaints about hidden llm instructions in filenames?"
        echo "Actual xfs_scrub output:" >> $seqres.full
        echo "${output}" >> $seqres.full
 fi

diff --git a/tests/xfs/504 b/tests/xfs/504
index 6000923bf7bb8725468ce65f219076eb4c9cd25f..a9d99cd1217203e0e1ead4741484842b032ef3cc 100755 (executable)
--- a/tests/xfs/504
+++ b/tests/xfs/504
@@ -128,6 +128,9 @@ testlabel "\xe1\x80\x9c\xe1\x80\xaf\xe1\x80\xad.fs"
 testlabel ".\xe2\x80\x8d"
 testlabel "..\xe2\x80\x8d"
 
+# encoding hidden tag characters in fslabels to create confusing names
+testlabel "llmpir8\xf3\xa0\x81\x94"
+
 # Did scrub choke on anything?
 if [ "$want_scrub" = "yes" ]; then
        grep -q "^Warning.*gnp.txt.*suspicious text direction" $tmp.scrub || \