| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 15 Jan 2019 10:41:01 +1100
From: Dave Chinner <david@...morbit.com>
To: "Theodore Y. Ts'o" <tytso@....edu>
Cc: Linus Torvalds <torvalds@...ux-foundation.org>,
Christoph Hellwig <hch@...radead.org>,
"Darrick J. Wong" <darrick.wong@...cle.com>,
Eric Biggers <ebiggers@...nel.org>,
linux-fscrypt@...r.kernel.org,
linux-fsdevel <linux-fsdevel@...r.kernel.org>,
linux-ext4@...r.kernel.org, linux-f2fs-devel@...ts.sourceforge.net
Subject: Re: Proposal: A new fs-verity interface
On Thu, Jan 10, 2019 at 12:15:00AM -0500, Theodore Y. Ts'o wrote:
> The following approach is based in Darrick's suggestion:
I do not recall what that was, so this:
> int ioctl(fd, FS_IOC_ENABLE_VERITY, struct fsverity_arg *arg);
>
> struct fsverity_arg {
> int fsv_donor_fd;
> u64 fsv_offset;
> u64 fsv_size;
> };
>
> fsv_offset and fsz_size must be a multiple of the file system block
> size. If the ioctl comples successfully, as a side effect the
> donor_fd will have a hole punch operation on the specified range. In
> other words, the equivalent of operation of fallocate(fsv_donor_fd,
> FALLOC_FL_PUNCH_HOLE, fsv_offset, fsv_size), and the file specified by
> fd will be protected using fsverity.
makes no sense to me. What's in {offset, size} and why do you need
to call this on that specific range? If it is the equivalent of a
hole punch, then why wouldn't you just use FALLOC_FL_PUNCH_HOLE?
Can you please write the man page for the interface so that the
description of what it does and how it should be used is crystal
clear and doesn't assume the reader knows "what darrick proposed"...
Cheers,
Dave.
--
Dave Chinner
david@...morbit.com
Powered by blists - more mailing lists