lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20120629181349.GA16668@thunk.org>
Date:	Fri, 29 Jun 2012 14:13:50 -0400
From:	Ted Ts'o <tytso@....edu>
To:	Andreas Dilger <adilger@...ger.ca>
Cc:	djwong@...ibm.com, Tao Ma <tm@....ma>, linux-ext4@...r.kernel.org
Subject: Re: [PATCH] ext4: Use s_csum_seed instead of i_csum_seed for xattr
 block csum.

On Thu, Jun 28, 2012 at 08:27:06PM -0600, Andreas Dilger wrote:
> That was my fault.  I was trying to avoid the case when some node gets
> wrong xattr block, and there is no way to detect this.  Going from a
> single owner (using ino as seed) to multiple owners (using block as seed)
> is easy.  It's just the case of going from multiple owners to a single
> one that is tricky.
> 
> We could take the easy way out, and fall back to the block-seed checksum
> if the inode seed checksum fails.  In the most common cases (no shared
> block checksum, or many inodes sharing a checksum) this works fine, and
> in the uncommon case (formerly shared block only used by one inode) it
> would need to compute the checksum twice.  This means there are only a
> small number of xattr blocks for which two checksums work, instead of
> all xattr blocks which can be incorrectly referenced by any inode since
> if the inode is pointing at that block it will also compute the right
> checksum using the block seed.
> 
> Note that I'm not dead set on this, but wanted to explain the reasoning
> about how this decision got made.

I thought about proposing adding a flag to the xattr header to
indicate whether the superblock seed or the per-inode seed should be
used; I ultimately decided it wasn't worth the complexity that it
would add, so I didn't bring it up.

It seems to me that in the vast majority of the cases, the xattr will
fit in the inode, especially in the SElinux and ACL case.  So the
question is how often will we have really large xattrs.  It *should*
be rare, since if it is happening all the time for ACL's and SElinux
cases, performance will be disastrous.  If we do have lots of xattr
blocks, it would make sense to be worried about per-inode seeds, but
is it worth the extra complexity?

Eh.....  In the end it's kind of on the line as I see it.  I don't
feel strongly enough to engineer it myself, but if someone were to
send me the patch, I'd probably accept it.

Regards,

						- Ted
--
To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ