| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 21 Apr 2017 00:44:02 -0700
From: Eric Biggers <ebiggers3@...il.com>
To: Jaegeuk Kim <jaegeuk@...nel.org>
Cc: Gwendal Grignou <gwendal@...omium.org>, hashimoto@...omium.org,
ebiggers@...gle.com, linux-f2fs-devel@...ts.sourceforge.net,
linux-fscrypt@...r.kernel.org, linux-mtd@...ts.infradead.org,
tytso@....edu, linux-ext4@...r.kernel.org, kinaba@...omium.org
Subject: Re: [f2fs-dev] [PATCH] fscrypt: use 32 bytes of encrypted filename
Hi Jaegeuk,
On Wed, Apr 19, 2017 at 01:44:48PM -0700, Jaegeuk Kim wrote:
>
> Thank you for sharing more details. I could reproduce this issue and reach out
> to what you mentioned. In order to resolve this, I wrote a patch for f2fs first
> to act like ext4 for easy backports. Then, I expect a global fscrypt function
> is easily able to clean them up.
[...]
> @@ -130,19 +130,29 @@ struct f2fs_dir_entry *find_target_dentry(struct fscrypt_name *fname,
> continue;
> }
>
> - /* encrypted case */
> + if (de->hash_code != namehash)
> + goto not_match;
> +
> de_name.name = d->filename[bit_pos];
> de_name.len = le16_to_cpu(de->name_len);
>
> - /* show encrypted name */
> - if (fname->hash) {
> - if (de->hash_code == cpu_to_le32(fname->hash))
> - goto found;
> - } else if (de_name.len == name->len &&
> - de->hash_code == namehash &&
> - !memcmp(de_name.name, name->name, name->len))
> +#ifdef CONFIG_F2FS_FS_ENCRYPTION
> + if (unlikely(!name->name)) {
> + if (fname->usr_fname->name[0] == '_') {
> + if (de_name.len >= 16 &&
> + !memcmp(de_name.name + de_name.len - 16,
> + fname->crypto_buf.name + 8, 16))
> + goto found;
> + goto not_match;
> + }
> + name->name = fname->crypto_buf.name;
> + name->len = fname->crypto_buf.len;
> + }
> +#endif
> + if (de_name.len == name->len &&
> + !memcmp(de_name.name, name->name, name->len))
> goto found;
> -
> +not_match:
I agree with this approach, but I don't think it's ever the case that
fname->usr_fname->name[0] != '_'. (Yes, ext4 checks it, but I think it's
unneeded there too.) And if it was, it doesn't make sense to modify the 'name'
that is passed in.
In any case, I guess that unless there are other ideas we can do these patches:
1.) f2fs patch to start checking the name, as above
2.) patch to start encoding last 32 bytes of the name (or second-to-last CTS
block, I haven't decided yet) rather than last 16 bytes, changing
fs/crypto/, fs/ext4/, and fs/f2fs/
3.) cleanup patches to introduce helper function and switch ext4 and f2fs to it
(1) and (2) will be backported.
UBIFS can be changed to use the helper function later if needed. It's not as
important for it to be backported there since UBIFS does the "double hashing",
and UBIFS encryption was just added in 4.10 anyway.
I can try to put together the full series when I have time. It probably would
make sense for it to go through the fscrypt tree, given the dependencies.
Eric
Powered by blists - more mailing lists