lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <alpine.DEB.2.00.1205201418170.27583@eristoteles.iwoars.net>
Date:	Sun, 20 May 2012 14:28:07 +0200 (CEST)
From:	Joel Reardon <joel@...mbassador.com>
To:	Artem Bityutskiy <dedekind1@...il.com>
cc:	linux-mtd@...ts.infradead.org, linux-kernel@...r.kernel.org
Subject: [PATCH] UBIFS: add ksa_pos to replay buds, read when replaying

This patch read the ksa_pos from data nodes to the replay buds when performing
a replay after unclean commit. This is critical for the correctness of the key
state map, because the keys that are assigned to uncommited data nodes will be
considered "unused" after mounting but will be considered "used" after
replaying. The ksa_pos values stored in the replay bud are passed to the TNC
using ubifs_tnc_add.

This was tested by assigning distinct ksa_pos values and disabling commiting.
Data was written and then the drive was remounted. The ksa_pos values were
read from the journal and outputted while replaying. When the file was later
read, it was confirmed that the ksa_pos values were already loaded into the
TNC.

Signed-off-by: Joel Reardon <reardonj@....ethz.ch>
---
 fs/ubifs/replay.c |   15 ++++++++++-----
 1 files changed, 10 insertions(+), 5 deletions(-)

diff --git a/fs/ubifs/replay.c b/fs/ubifs/replay.c
index 1fec6e2..1f02829 100644
--- a/fs/ubifs/replay.c
+++ b/fs/ubifs/replay.c
@@ -47,6 +47,7 @@
  * @nm: directory entry name
  * @old_size: truncation old size
  * @new_size: truncation new size
+ * @ksa_pos: the node's cryptographic key's position in the KSA
  *
  * The replay process first scans all buds and builds the replay list, then
  * sorts the replay list in nodes sequence number order, and then inserts all
@@ -67,6 +68,7 @@ struct replay_entry {
 			loff_t new_size;
 		};
 	};
+	long long ksa_pos;
 };

 /**
@@ -251,7 +253,7 @@ static int apply_replay_entry(struct ubifs_info *c, struct replay_entry *r)
 			}
 		else
 			err = ubifs_tnc_add(c, &r->key, r->lnum, r->offs,
-					    r->len, 0);
+					    r->len, r->ksa_pos);
 		if (err)
 			return err;

@@ -345,6 +347,7 @@ static void destroy_replay_list(struct ubifs_info *c)
  * @used: number of bytes in use in a LEB
  * @old_size: truncation old size
  * @new_size: truncation new size
+ * @ksa_pos: the node's cryptographic key's position in the KSA
  *
  * This function inserts a scanned non-direntry node to the replay list. The
  * replay list contains @struct replay_entry elements, and we sort this list in
@@ -356,7 +359,7 @@ static void destroy_replay_list(struct ubifs_info *c)
 static int insert_node(struct ubifs_info *c, int lnum, int offs, int len,
 		       union ubifs_key *key, unsigned long long sqnum,
 		       int deletion, int *used, loff_t old_size,
-		       loff_t new_size)
+		       loff_t new_size, long long ksa_pos)
 {
 	struct replay_entry *r;

@@ -371,6 +374,7 @@ static int insert_node(struct ubifs_info *c, int lnum, int offs, int len,

 	if (!deletion)
 		*used += ALIGN(len, 8);
+	r->ksa_pos = ksa_pos;
 	r->lnum = lnum;
 	r->offs = offs;
 	r->len = len;
@@ -606,7 +610,7 @@ static int replay_bud(struct ubifs_info *c, struct bud_entry *b)
 				deletion = 1;
 			err = insert_node(c, lnum, snod->offs, snod->len,
 					  &snod->key, snod->sqnum, deletion,
-					  &used, 0, new_size);
+					  &used, 0, new_size, 0);
 			break;
 		}
 		case UBIFS_DATA_NODE:
@@ -618,7 +622,8 @@ static int replay_bud(struct ubifs_info *c, struct bud_entry *b)

 			err = insert_node(c, lnum, snod->offs, snod->len,
 					  &snod->key, snod->sqnum, deletion,
-					  &used, 0, new_size);
+					  &used, 0, new_size,
+					  le64_to_cpu(dn->ksa_pos));
 			break;
 		}
 		case UBIFS_DENT_NODE:
@@ -658,7 +663,7 @@ static int replay_bud(struct ubifs_info *c, struct bud_entry *b)
 			trun_key_init(c, &key, le32_to_cpu(trun->inum));
 			err = insert_node(c, lnum, snod->offs, snod->len,
 					  &key, snod->sqnum, 1, &used,
-					  old_size, new_size);
+					  old_size, new_size, 0);
 			break;
 		}
 		default:
-- 
1.7.5.4


--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ