[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <f415bfef-12d9-6444-9e94-9ae3e3363cfb@nod.at>
Date: Wed, 19 Apr 2017 19:21:05 +0200
From: Richard Weinberger <richard@....at>
To: Eric Biggers <ebiggers3@...il.com>
Cc: Gwendal Grignou <gwendal@...omium.org>, hashimoto@...omium.org,
Eric Biggers <ebiggers@...gle.com>,
linux-f2fs-devel@...ts.sourceforge.net,
linux-fscrypt@...r.kernel.org,
"linux-mtd@...ts.infradead.org" <linux-mtd@...ts.infradead.org>,
Theodore Ts'o <tytso@....edu>, linux-ext4@...r.kernel.org,
kinaba@...omium.org
Subject: Re: [PATCH] fscrypt: use 32 bytes of encrypted filename
Am 19.04.2017 um 19:16 schrieb Eric Biggers:
> On Wed, Apr 19, 2017 at 03:40:13PM +0200, Richard Weinberger wrote:
>>> Strangely, f2fs and ubifs do not use the bytes from the filename at all when
>>> trying to find a specific directory entry in this case. So this patch doesn't
>>> really affect them. This seems unreliable; perhaps we should introduce a
>>> function like "fscrypt_name_matches()" which all the filesystems could call?
>>> Can any of the f2fs and ubifs developers explain why they don't look at any
>>> bytes from the filename?
>>
>> Not sure if I understand you correctly, but for long filenames UBIFS
>> does a lookup
>> by hash/cookie, not by filename.
>>
>
> Well, like I said to Jaegeuk for F2FS, that's what the code does, but _why_?
> Like F2FS, it's probably not the case that the hash is sufficient to reliably
> identify a directory entry. Granted, UBIFS does it a lot better than F2FS since
> UBIFS uses two 32-bit hashes rather than just one, but it seems the second hash
> may be neither necessary nor sufficient to identify a specific directory entry,
> and it should be looking at the bytes of ciphertext from the filename instead,
> like what ext4 does. (Provided that is fixed to account for how CTS mode
> encryption works.)
Let me dig into this, maybe I made a boo boo.
The idea was looking up by the filename hash and resolving
possible collisions using the secondary hash.
Thanks,
//richard
Powered by blists - more mailing lists