lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20170105001606.GC21696@gmail.com>
Date:   Wed, 4 Jan 2017 16:16:06 -0800
From:   Eric Biggers <ebiggers3@...il.com>
To:     Theodore Ts'o <tytso@....edu>
Cc:     linux-ext4@...r.kernel.org, Jaegeuk Kim <jaegeuk@...nel.org>,
        Andreas Dilger <adilger.kernel@...ger.ca>,
        linux-fsdevel@...r.kernel.org, Eric Biggers <ebiggers@...gle.com>
Subject: Re: [PATCH] fscrypt / ext4: make test_dummy_encryption require a
 keyring key

Hi Ted,

On Mon, Jan 02, 2017 at 03:43:43PM -0500, Theodore Ts'o wrote:
> The following patch is smaller (and causes a net reduction in code).
> It also uses allows us to properly test the context inheritance code,
> by completely removing any test_dummy_encryption specific hacks from
> fscrypt_inherit_context().
> 
> The suggested userspace shell script fragment works on big-endian
> systems, and uses fixed key instead of a random one.  The latter is
> useful for test sequences where it is useful to validate a file system
> that had been previously created using an older kernel.

I'm fine with your proposed version, though I'm not convinced it's really any
better than mine, since it basically just moves the "hack" from
fscrypt_inherit_context() to fscrypt_get_encryption_info().  The reason I
preferred it in fscrypt_inherit_context() was that allowing
fscrypt_get_encryption_info() to work on unencrypted files is kind of weird and
could allow for confusing scenarios where a previously existing unencrypted file
is accidentally treated as an encrypted one --- though that would require a
missing ext4_encrypted_inode() check of course.

Thanks,

Eric
--
To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ