lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Mon, 27 Aug 2018 22:51:56 +0200
From:   Richard Weinberger <richard@....at>
To:     Sascha Hauer <s.hauer@...gutronix.de>
Cc:     linux-mtd@...ts.infradead.org, David Gstir <david@...ma-star.at>,
        kernel@...gutronix.de, linux-kernel@...r.kernel.org
Subject: Re: [PATCH 15/25] ubifs: Add auth nodes to garbage collector journal head

Am Mittwoch, 4. Juli 2018, 14:41:27 CEST schrieb Sascha Hauer:
> To be able to authenticate the garbage collector journal head add
> authentication nodes to the buds the garbage collector creates.
> 
> Signed-off-by: Sascha Hauer <s.hauer@...gutronix.de>
> ---
>  fs/ubifs/gc.c | 37 ++++++++++++++++++++++++++++++++++---
>  1 file changed, 34 insertions(+), 3 deletions(-)
> 
> diff --git a/fs/ubifs/gc.c b/fs/ubifs/gc.c
> index ac3a3f7c6a6e..8feeeb12b6ed 100644
> --- a/fs/ubifs/gc.c
> +++ b/fs/ubifs/gc.c
> @@ -365,12 +365,13 @@ static int move_nodes(struct ubifs_info *c, struct ubifs_scan_leb *sleb)
>  
>  	/* Write nodes to their new location. Use the first-fit strategy */
>  	while (1) {
> -		int avail;
> +		int avail, moved = 0;
>  		struct ubifs_scan_node *snod, *tmp;
>  
>  		/* Move data nodes */
>  		list_for_each_entry_safe(snod, tmp, &sleb->nodes, list) {
> -			avail = c->leb_size - wbuf->offs - wbuf->used;
> +			avail = c->leb_size - wbuf->offs - wbuf->used -
> +					ubifs_auth_node_sz(c);
>  			if  (snod->len > avail)
>  				/*
>  				 * Do not skip data nodes in order to optimize
> @@ -378,14 +379,19 @@ static int move_nodes(struct ubifs_info *c, struct ubifs_scan_leb *sleb)
>  				 */
>  				break;
>  
> +			ubifs_shash_update(c, c->jheads[GCHD].log_hash,
> +					   snod->node, snod->len);
> +
>  			err = move_node(c, sleb, snod, wbuf);
>  			if (err)
>  				goto out;
> +			moved = 1;
>  		}
>  
>  		/* Move non-data nodes */
>  		list_for_each_entry_safe(snod, tmp, &nondata, list) {
> -			avail = c->leb_size - wbuf->offs - wbuf->used;
> +			avail = c->leb_size - wbuf->offs - wbuf->used -
> +					ubifs_auth_node_sz(c);
>  			if (avail < min)
>  				break;
>  
> @@ -403,7 +409,32 @@ static int move_nodes(struct ubifs_info *c, struct ubifs_scan_leb *sleb)
>  				continue;
>  			}
>  
> +			ubifs_shash_update(c, c->jheads[GCHD].log_hash,
> +					   snod->node, snod->len);
> +
>  			err = move_node(c, sleb, snod, wbuf);
> +			if (err)
> +				goto out;
> +			moved = 1;
> +		}
> +
> +		if (ubifs_authenticated(c) && moved) {
> +			struct ubifs_auth_node *auth;
> +
> +			auth = kmalloc(ubifs_auth_node_sz(c), GFP_NOFS);
> +			if (!auth) {
> +				err = -ENOMEM;
> +				goto out;
> +			}
> +
> +			ubifs_prepare_auth_node(c, auth,
> +						c->jheads[GCHD].log_hash);

ubifs_prepare_auth_node() does a crypto_shash_final(), check.
But the overall "hash life cycle" is not 100% clear to me.
For example, does move_nodes() assume that the hash is initialized
or is it allowed that an crypto_shash_update() happened before?

Thanks,
//richard

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ