lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20161018095637.tgdjehscttskqz5q@ws.net.home>
Date:   Tue, 18 Oct 2016 11:56:37 +0200
From:   Karel Zak <kzak@...hat.com>
To:     Hannes Reinecke <hare@...e.de>
Cc:     Davidlohr Bueso <dbueso@...e.com>, Jens@...e.de,
        linux-efi@...r.kernel.org, linux-kernel@...r.kernel.org,
        Hannes Reinecke <hare@...e.com>
Subject: Re: [PATCH] partitions/efi: Ignore errors when alternate GPT is not
 at the end of disk

On Mon, Oct 17, 2016 at 12:20:30PM +0200, Hannes Reinecke wrote:
> The GPT specification requires that the alternate GPT is at the
> end of the disk. However, if a Software RAID1 is enabled the RAID
> metadata typically placed at the end of the disk, and the actual
> size of the disk is decreased by the size of the metadata.

This is not about GPT, but about kernel. It does not support this
use-case and it parses PT on wrong device. If I good remember udev
should be smart enough to remove (by partx) such partitions and 
re-create on /dev/mdX. 

The real solution is to use RAID1 signatures on the begin of the disk.
This problem is generic, not specific to GPT.

> Plus it's perfectly legit to have a partition table which is
> _smaller_ than the device

Well, this is reason why GPT differentiate between headers position
and usable area (addressed by {First,Last}UsableLba within the header.

> eg we don't check for the device
> size in the msdos partition, neither.

All the "backup" GPT stuff is based on well known place for the backup
header. How do you want to reliably support GPT recovery from the
backup header if there is no explicit place for the header? 

Let's imagine your primary header is broken and alternate_lba is
unreliable (or zero, etc.), where is the backup header?

    Karel

-- 
 Karel Zak  <kzak@...hat.com>
 http://karelzak.blogspot.com

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ