| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 11 Apr 2015 09:10:52 -0400
From: Theodore Ts'o <tytso@....edu>
To: Andreas Dilger <adilger@...ger.ca>
Cc: Ext4 Developers List <linux-ext4@...r.kernel.org>,
jaegeuk@...nel.org, mhalcrow@...gle.com,
Ildar Muslukhov <muslukhovi@...il.com>
Subject: Re: [PATCH 06/22] ext4 crypto: add encryption policy checking
On Wed, Apr 08, 2015 at 12:07:16PM -0600, Andreas Dilger wrote:
> > +/* Policy provided via an ioctl on the topmost directory */
> > +struct ext4_encryption_policy {
> > + char version;
> > + char contents_encryption_mode;
> > + char filenames_encryption_mode;
> > + char master_key_descriptor[EXT4_KEY_DESCRIPTOR_SIZE];
> > +} __attribute__((__packed__));
>
> It wouldn't be bad to add a padding byte before master_key_descriptor,
> even if this is only passed from the ioctl. That allows casting the
> key to a numeric value if desired without problems on some arches.
This data structure is only used for the ioctl interface. The on-disk
format is the struct ext4_encryption_context, where we do have the
padding.
> > +#define EXT4_ENCRYPTION_CONTEXT_FORMAT_V0 0
>
> Per comments in the call, it is better not to use "0" as a defined
> version, since this is much more likely to be seen accidentally
> (e.g. uninitialized buffer, memory corruption, etc). Better to
> start with version 1.
I'll make this change.
- Ted
--
To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists