lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:   Wed, 3 Feb 2021 04:43:00 -0700
From:   Andreas Dilger <adilger@...ger.ca>
To:     Theodore Ts'o <tytso@....edu>
Cc:     linux-ext4@...r.kernel.org
Subject: Re: [ANNOUNCE] e2fsprogs v1.46.0

On Feb 2, 2021, at 10:36, Theodore Ts'o <tytso@....edu> wrote:
> 
> I've released e2fsprogs 1.46.0 in all of the usual places;
> 
> E2fsprogs now supports file systems which have both file system
> encryption and the casefold feature enabled.  This requires Linux
> version 5.10.

Gah!  I just noticed these patches being submitted to the kernel, but
they break the dirdata format in an incompatible manner. I hadn't been
paying close attention to casefold + encryption since I thought it was
only changing the hashing function and not the actual dirent format,
and I didn't see these patches to e2fsprogs being submitted to the
list (I couldn't find them in patchworks either).

Since this hasn't been landed to the kernel yet, and 1.46.0 was *just*
released, can we roll this back and instead make the extra hash stored
in a dirdata field? Preferably #3, since #1 is the Lustre FID, and #2 was
proposed for the high 32 bits of the 64-bit inode number (though it was
never landed and I don't think it is in use anywhere).

Having just looked at these patches for the first time, I can't say for sure,
but it looks like only a small on-disk format change would be needed to
make both features compatible with each other.

There would need to be a bit set in the dirent type field to indicate that
there is a hash stored after the name:

#define EXT2_DIRENT_HASH     0x40

and the length of the hash field would be stored as the first byte. Since the
hash is stored aligned on a 4-byte boundary, the length is variable
(8+alignment), but storing the length at the start would not add any more
space for 3/4 of the names due to the existing padding for alignment.

Cheers, Andreas

Download attachment "signature.asc" of type "application/pgp-signature" (874 bytes)

Powered by blists - more mailing lists