lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20151209133834.GA8898@thunk.org>
Date:	Wed, 9 Dec 2015 08:38:34 -0500
From:	Theodore Ts'o <tytso@....edu>
To:	Michael Halcrow <mhalcrow@...gle.com>
Cc:	Ext4 Developers List <linux-ext4@...r.kernel.org>
Subject: Re: [PATCH RFC 2/2] ext4 crypto: add ioctls to allow backup of
 encryption metadata

On Tue, Dec 08, 2015 at 01:32:15PM -0800, Michael Halcrow wrote:
> 
> Looks like something went wonky here.

Oops, fixed.

> > +/**
> > + * Structure used for communicating encrypted metadata with userspace
> > + */
> > +struct ext4_encrypted_metadata {
> > +	u32 len;
> > +	char metadata[288];
> 
> Did you choose 288 because of the max encrypted file name length?
> 
> While struct ext4_encryption_context is currently 28 bytes, it could
> conceivably get much larger with more advanced key management
> features.  E.g., supporting multiple users' keys per file.
> 
> Do you think it's worth anticipating this with a version number?  Or
> plan on something like adding another IOCTL if we end up needing more
> space?

For the ioctl's that do a GET, the caller is required to initialize
mdata.len to the size of the metadata array, and then the kernel
returns the actual size in mdata.len.  (I suppose that means I should
have used _IORW for the ioctl encoding for
EXT4_IOC_GET_ENCRYPTION_METADATA and EXT4_IOC_SET_ENCRYPTION_METADATA.
I'll fix that in the next spin of the patches.)

At the moment we just blindly copy the entire ext4_encrypted_metadata
structure in and out of userspace, mainly because it's much easier,
and because today there is no way for the ioctl's to return more than
256 bytes (I added 32 bytes worth of padding just in case some day we
want to support a crypto system that requires an explicit IV for
filename encryption, although at the moment we don't have a way to
encode this in the on-disk directory entry.)

But the way I constructed the interface, it *is* possible to support
larger metadata sizes for things like public keys, etc., should we
ever decide to go down that path.

Cheers,

						- Ted
--
To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ