| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 5 Nov 2019 22:35:44 -0500
From: "Theodore Y. Ts'o" <tytso@....edu>
To: Eric Biggers <ebiggers@...nel.org>
Cc: linux-fscrypt@...r.kernel.org, linux-ext4@...r.kernel.org,
linux-f2fs-devel@...ts.sourceforge.net,
linux-fsdevel@...r.kernel.org, Satya Tangirala <satyat@...gle.com>,
Paul Crowley <paulcrowley@...gle.com>,
Paul Lawrence <paullawrence@...gle.com>,
Jaegeuk Kim <jaegeuk@...nel.org>
Subject: Re: [PATCH v2 1/3] fscrypt: add support for IV_INO_LBLK_64 policies
On Thu, Oct 24, 2019 at 02:54:36PM -0700, Eric Biggers wrote:
> @@ -83,6 +118,10 @@ bool fscrypt_supported_policy(const union fscrypt_policy *policy_u,
> return false;
> }
>
> + if ((policy->flags & FSCRYPT_POLICY_FLAG_IV_INO_LBLK_64) &&
> + !supported_iv_ino_lblk_64_policy(policy, inode))
> + return false;
> +
> if (memchr_inv(policy->__reserved, 0,
> sizeof(policy->__reserved))) {
> fscrypt_warn(inode,
fscrypt_supported_policy is getting more and more complicated, and
supported_iv_ino_lblk_64_policy calls a fs-supplied callback function,
etc. And we need to use this every single time we need to set up an
inode. Granted that compared to the crypto, even if it is ICE, it's
probably small beer --- but perhaps we should think about caching some
of what fscrypt_supported_policy does on a per-file system basis at
some point?
- Ted
Powered by blists - more mailing lists