lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:	Thu, 18 Aug 2011 11:14:23 -0700
From:	"Darrick J. Wong" <>
To:	Andreas Dilger <>
Cc:	"Theodore Ts'o" <>,
	Andreas Dilger <>,
	linux-fsdevel <>,
	linux-ext4 <>,
	linux-kernel <>,
	Sunil Mushran <>,
	Joel Becker <>,
	Mingming Cao <>,
	Amir Goldstein <>,
	Coly Li <>, Andi Kleen <>
Subject: Re: [RFC] ext4 metadata checksumming design

On Thu, Aug 18, 2011 at 12:16:00AM -0600, Andreas Dilger wrote:
> On 2011-08-16, at 9:25 PM, "Darrick J. Wong" <> wrote:
> > - Extended attribute blocks that are stored in the inode table -- the h_magic
> >  field is written by the kernel, but neither the kernel nor e2fsprogs ever
> >  actually read this field.  The field could be reused to checksum the extra
> >  space since (as far as I can tell) EAs are the only user of that empty space.
> I haven't had a chance to read the document you wrote, but wanted to comment
> on xattrs. There is a hash field for each xattr (including internal xattrs),
> and one for the external xattr blocks that can be used to validate the xattr
> value.
> In addition to the hash for the in-inode xattrs, the inode hash itself would
> serve to validate the xattr values. 
> I have a patch for e2fsprogs that checks the xattr hash for in-inode xattrs
> (currently it is always 0).

I surveyed the h_hash/e_hash calculation code; it only covers the name and
value fields.  Do we care about checksum protection for the extra fields in
struct ext4_xattr_header and struct ext4_xattr_entry?  I think it would be
useful to be able to check the sanity of h_refcount and h_blocks.  Possibly
that extends to e_value_* as well, though the hash probably covers it.  Also,
there's no hardware acceleration available for the xattr hash, though I doubt
xattrs are especially performance sensitive.

> > Please have a look at the design document and please feel free to suggest any
> > changes.
> Hopefully soon. 
> Cheers, Andreas--
> To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
> the body of a message to
> More majordomo info at
To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
the body of a message to
More majordomo info at

Powered by blists - more mailing lists