| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 15 Apr 2020 20:48:09 -0700
From: Ira Weiny <ira.weiny@...el.com>
To: Eric Biggers <ebiggers@...nel.org>
Cc: Jan Kara <jack@...e.cz>, linux-kernel@...r.kernel.org,
"Darrick J. Wong" <darrick.wong@...cle.com>,
Dan Williams <dan.j.williams@...el.com>,
Dave Chinner <david@...morbit.com>,
Christoph Hellwig <hch@....de>,
"Theodore Y. Ts'o" <tytso@....edu>, Jeff Moyer <jmoyer@...hat.com>,
linux-ext4@...r.kernel.org, linux-xfs@...r.kernel.org,
linux-fsdevel@...r.kernel.org
Subject: Re: [PATCH RFC 2/8] fs/ext4: Disallow verity if inode is DAX
On Wed, Apr 15, 2020 at 06:29:01PM -0700, Eric Biggers wrote:
> On Wed, Apr 15, 2020 at 12:14:52PM -0700, Ira Weiny wrote:
> > On Wed, Apr 15, 2020 at 02:00:02PM +0200, Jan Kara wrote:
> > > On Mon 13-04-20 21:00:24, ira.weiny@...el.com wrote:
> > > > From: Ira Weiny <ira.weiny@...el.com>
> > > >
> > > > Verity and DAX are incompatible. Changing the DAX mode due to a verity
> > > > flag change is wrong without a corresponding address_space_operations
> > > > update.
> > > >
> > > > Make the 2 options mutually exclusive by returning an error if DAX was
> > > > set first.
> > > >
> > > > (Setting DAX is already disabled if Verity is set first.)
> > > >
> > > > Signed-off-by: Ira Weiny <ira.weiny@...el.com>
> > > > ---
> > > > fs/ext4/verity.c | 3 +++
> > > > 1 file changed, 3 insertions(+)
> > > >
> > > > diff --git a/fs/ext4/verity.c b/fs/ext4/verity.c
> > > > index dc5ec724d889..ce3f9a198d3b 100644
> > > > --- a/fs/ext4/verity.c
> > > > +++ b/fs/ext4/verity.c
> > > > @@ -113,6 +113,9 @@ static int ext4_begin_enable_verity(struct file *filp)
> > > > handle_t *handle;
> > > > int err;
> > > >
> > > > + if (WARN_ON_ONCE(IS_DAX(inode)))
> > > > + return -EINVAL;
> > > > +
> > >
> > > Hum, one question, is there a reason for WARN_ON_ONCE()? If I understand
> > > correctly, user could normally trigger this, couldn't he?
> >
> > Ok. I did not think this through but I did think about this. I was following
> > the code from the encryption side which issues a warning and was thinking that
> > would be a good way to alert the user they are doing something wrong...
> >
> > I think you are right about both of them but we also need to put something in
> > the verity, dax, and ... (I can't find a file in Documentation which talks
> > about encryption right off) documentation files.... For verity something like.
> >
> > <quote>
> > Verity and DAX
> > --------------
> >
> > Verity and DAX are not compatible and attempts to set both of these flags on a
> > file will fail.
> > </quote>
> >
> > And the same thing in the DAX doc?
> >
> > And where would be appropriate for the encrypt doc?
> >
>
> Documentation/filesystems/fscrypt.rst mentions that DAX isn't supported on
> encrypted files, but it doesn't say what happens if someone tries to do it
> anyway. Feel free to improve the documentation.
Thanks for pointing this out!
Ira
Powered by blists - more mailing lists