| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 22 Aug 2019 19:35:16 -0700
From: Satya Tangirala <satyat@...gle.com>
To: Jens Axboe <axboe@...nel.dk>, boojin.kim@...sung.com
Cc: linux-block@...r.kernel.org, linux-kernel@...r.kernel.org,
Herbert Xu <herbert@...dor.apana.org.au>,
"David S. Miller" <davem@...emloft.net>,
Eric Biggers <ebiggers@...nel.org>,
"Theodore Y. Ts'o" <tytso@....edu>, Chao Yu <chao@...nel.org>,
Jaegeuk Kim <jaegeuk@...nel.org>,
Andreas Dilger <adilger.kernel@...ger.ca>, dm-devel@...hat.com,
Mike Snitzer <snitzer@...hat.com>,
Alasdair Kergon <agk@...hat.com>,
Krzysztof Kozlowski <krzk@...nel.org>,
Kukjin Kim <kgene@...nel.org>,
Jaehoon Chung <jh80.chung@...sung.com>,
Ulf Hansson <ulf.hansson@...aro.org>,
linux-crypto@...r.kernel.org, linux-fscrypt@...r.kernel.org,
linux-mmc@...r.kernel.org, linux-samsung-soc@...r.kernel.org,
linux-ext4@...r.kernel.org, linux-f2fs-devel@...ts.sourceforge.net,
linux-arm-kernel@...ts.infradead.org, linux-fsdevel@...r.kernel.org
Subject: Re: [PATCH 5/9] block: support diskcipher
On Wed, Aug 21, 2019 at 5:10 AM Jens Axboe <axboe@...nel.dk> wrote:
>
> On 8/21/19 12:42 AM, boojin.kim wrote:
> > This patch supports crypto information to be maintained via BIO
> > and passed to the storage driver.
> >
> > To do this, 'bi_aux_private', 'REQ_CYPTE' and 'bi_dun' are added
> > to the block layer.
> >
> > 'bi_aux_private' is added for loading additional private information into
> > BIO.
> > 'REQ_CRYPT' is added to distinguish that bi_aux_private is being used
> > for diskcipher.
> > F2FS among encryption users uses DUN(device unit number) as
> > the IV(initial vector) for cryptographic operations.
> > DUN is stored in 'bi_dun' of bi_iter as a specific value for each BIO.
> >
> > Before attempting to merge the two BIOs, the operation is also added to
> > verify that the crypto information contained in two BIOs is consistent.
>
> This isn't going to happen. With this, and the inline encryption
> proposed by Google, we'll bloat the bio even more. At least the Google
> approach didn't include bio iter changes as well.
>
> Please work it out between yourselves so we can have a single, clean
> abstraction that works for both.
>
> --
> Jens Axboe
>
Hi Boojin,
We're very keen to make sure that our approach to inline encryption can
work with diverse hardware, including Samsung's FMP hardware; if you
can see any issues with using our approach with your hardware please
let us know.
We understand that a possible concern for getting FMP working with our
patch series for Inline Encryption Support at
https://lore.kernel.org/linux-block/20190821075714.65140-1-satyat@google.com/
is that unlike some inline encryption hardware (and also unlike the JEDEC
UFS v2.1 spec), FMP doesn't have the concept of a limited number of
keyslots - to address that difference we have a "passthrough keyslot
manager", which we put up on top of our patch series for inline encryption
support at
https://android-review.googlesource.com/c/kernel/common/+/980137/2
Setting up a passthrough keyslot manager in the request queue of a
device allows the device to receive a bio's encryption context as-is with
the bio, which is what FMP would prefer. Are there any issues with
using the passthrough keyslot manager for FMP?
Thanks!
Satya
Powered by blists - more mailing lists