lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <20251031091820.GA9508@lst.de>
Date: Fri, 31 Oct 2025 10:18:20 +0100
From: Christoph Hellwig <hch@....de>
To: Eric Biggers <ebiggers@...nel.org>
Cc: Christoph Hellwig <hch@....de>, Carlos Llamas <cmllamas@...gle.com>,
	Keith Busch <kbusch@...nel.org>, Keith Busch <kbusch@...a.com>,
	linux-block@...r.kernel.org, linux-fsdevel@...r.kernel.org,
	linux-xfs@...r.kernel.org, linux-ext4@...r.kernel.org,
	axboe@...nel.dk, Hannes Reinecke <hare@...e.de>,
	"Martin K. Petersen" <martin.petersen@...cle.com>
Subject: Re: [PATCHv4 5/8] iomap: simplify direct io validity check

On Thu, Oct 30, 2025 at 10:40:15AM -0700, Eric Biggers wrote:
> Allowing DIO segments to be aligned (in memory address and/or length) to
> less than crypto_data_unit_size on encrypted files has been attempted
> and discussed before.  Read the cover letter of
> https://lore.kernel.org/linux-fscrypt/20220128233940.79464-1-ebiggers@kernel.org/

Hmm, where does "First, it
necessarily causes it to be possible that crypto data units span bvecs.
Splits cannot occur at such locations; however the block layer currently
assumes that bios can be split at any bvec boundary.? come from?  The
block layer splits at arbitrary boundaries that don't need any kind of
bvec alignment.

> We eventually decided to proceed with DIO support without it, since it
> would have added a lot of complexity.  It would have made the bio
> splitting code in the block layer split bios at boundaries where the
> length isn't aligned to crypto_data_unit_size, it would have caused a
> lot of trouble for blk-crypto-fallback, and it even would have been
> incompatible with some of the hardware drivers (e.g. ufs-exynos.c).

Ok, if hardware drivers can't handle it that's a good argument.  I can
see why handling it in the software case is very annoying, but non-stupid
hardware should not be affected.  Stupid me assuming UFS might not be
dead stupid of course.

> It also didn't seem to be all that useful, and it would have introduced
> edge cases that don't get tested much.  All reachable to unprivileged
> userspace code too, of course.

xfstests just started exercising this and we're getting lots of interesting
reports (for the non-fscrypt case).

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ