lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20150804145210.GC6887@boyd>
Date:	Tue, 4 Aug 2015 09:52:11 -0500
From:	Tyler Hicks <tyhicks@...onical.com>
To:	Richard Weinberger <richard@....at>
Cc:	ecryptfs@...r.kernel.org, linux-kernel@...r.kernel.org,
	linux-fsdevel <linux-fsdevel@...r.kernel.org>
Subject: Re: [RFC][PATCH] ecryptfs: Allow only one instance per lower path

On 2015-08-04 07:46:50, Richard Weinberger wrote:
> Tyler,
> 
> Am 04.08.2015 um 01:07 schrieb Tyler Hicks:
> >> Okay, then I'd argument to give my patch a try although it is not the solution
> >> to the problem I've reported. :-)
> >> If you don't mind I'll resend with a proper changelog.
> > 
> > That patch isn't correct since it assumes that all eCryptfs super blocks
> > are equal if the lower paths (and, ultimately, the lower inode) are
> > equal. However, the lower path is only one of many properties of an
> > eCryptfs superblock. For example, the second mount may have been
> > configured to use a different file encryption key.
> 
> How would this work if I mount /foo using AES to /mnt_a
> and /foo again using 3DES to /mnt_b?
> Wouldn't both ecrytpfs instances kill each other's files?

No, they shouldn't. Each file contains metadata that describes the
cipher, cipher mode, key signature, etc., that was used to encrypt the
file.

When the file is initially opened, the process must have the correct key
in the keyrings that it has access to. After that requirement has been
met, eCryptfs is smart enough to parse the metadata and use the correct
cipher and mode.

The mount options, such as ecryptfs_cipher, only specify what should be
used when creating new files.

Tyler

Download attachment "signature.asc" of type "application/pgp-signature" (820 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ