lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 29 Nov 2016 22:30:00 +0100
From:   Richard Weinberger <richard@....at>
To:     linux-fsdevel <linux-fsdevel@...r.kernel.org>
Cc:     "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        Ext4 Developers List <linux-ext4@...r.kernel.org>,
        mhalcrow@...gle.com, tytso@....edu, muslukhovi@...il.com,
        David Gstir <david@...ma-star.at>
Subject: Idea behind EXT4_IOC_GET_ENCRYPTION_PWSALT?

Hi!

As the subject states, I'm a bit confused wrt. EXT4_IOC_GET_ENCRYPTION_PWSALT.
Will common fscrypt userspace depend on it?

IIUC you want to store some salt to seed the user password.
But what if /home/rw and /home/dags have different keys? Is it okay
to use the same salt for both keys?
Or is it an ad-hoc solution to allow an encrypted filesystem root
because you need a way to store the seed on the same filesystem but not as
file since all files are encrypted?
Wouldn't a xattr stored in the filesystem root directory also do it?

Long story short, I'm not sure whether we really need this ioctl command
in UBIFS and what the designated semantics are. :-)

Thanks,
//richard

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ