lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20160326134748.GA971@zzz>
Date:	Sat, 26 Mar 2016 08:47:48 -0500
From:	Eric Biggers <ebiggers3@...il.com>
To:	Jaegeuk Kim <jaegeuk@...nel.org>
Cc:	Linus Torvalds <torvalds@...ux-foundation.org>,
	Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
	Linux FS Dev Mailing List <linux-fsdevel@...r.kernel.org>,
	Linux F2FS Dev Mailing List 
	<linux-f2fs-devel@...ts.sourceforge.net>
Subject: Re: [GIT PULL] f2fs updates for v4.6

It seems strange to me --- a "renaming" commit made IVs start getting reused,
weakening the encryption.  Do you have an explanation for how this change got
introduced?

Another question about the choice of IV.  If the page index in CPU order is
(supposed to be) used as the IV, doesn't make the on-disk format of the
filesystem endianness-dependent?  I thought that's a big no-no.

On Sat, Mar 26, 2016 at 01:56:06AM -0700, Jaegeuk Kim wrote:
> On Sat, Mar 26, 2016 at 01:10:07AM -0500, Eric Biggers wrote:
> > Why was the XTS tweak initialization changed in commit 0b81d0779072 ("fs crypto:
> > move per-file encryption from f2fs tree to fs/crypto")?
> > 
> > Old code:
> > 
> >        memcpy(xts_tweak, &index, sizeof(index));
> >        memset(&xts_tweak[sizeof(index)], 0,
> >                        F2FS_XTS_TWEAK_SIZE - sizeof(index));
> > 
> > New code:
> >        memcpy(xts_tweak, &inode->i_ino, sizeof(index));
> >        memset(&xts_tweak[sizeof(index)], 0,
> >                        FS_XTS_TWEAK_SIZE - sizeof(index));
> > 
> > Now the XTS tweak is the same for all pages of each inode.
> 
> Thank you for catching this.
> I've checked several times, but turns out I missed something tho. :(
> Let me write a patch to fix this.
> 
> Thanks,
> 
> 

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ