| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 17 Jul 2023 19:27:03 +0800
From: Jingbo Xu <jefflexu@...ux.alibaba.com>
To: hsiangkao@...ux.alibaba.com, chao@...nel.org, huyue2@...lpad.com,
linux-erofs@...ts.ozlabs.org
Cc: linux-kernel@...r.kernel.org
Subject: [PATCH v2] erofs: deprecate superblock checksum feature
Later we're going to try the self-contained image verification.
The current superblock checksum feature has quite limited
functionality, instead, merkle trees can provide better protection
for image integrity.
xxhash is also used in the following xattr name filter feature. It is
redundant for one filesystem to rely on two hashing algorithms at the
same time.
Since the superblock checksum is a compatible feature, just deprecate
it now.
Signed-off-by: Jingbo Xu <jefflexu@...ux.alibaba.com>
---
changes since v1:
- improve commit message (Gao Xiang)
v1: https://lore.kernel.org/all/20230714033832.111740-1-jefflexu@linux.alibaba.com/
---
fs/erofs/Kconfig | 1 -
fs/erofs/super.c | 44 +++++---------------------------------------
2 files changed, 5 insertions(+), 40 deletions(-)
diff --git a/fs/erofs/Kconfig b/fs/erofs/Kconfig
index f259d92c9720..ebcb1f6a426a 100644
--- a/fs/erofs/Kconfig
+++ b/fs/erofs/Kconfig
@@ -4,7 +4,6 @@ config EROFS_FS
tristate "EROFS filesystem support"
depends on BLOCK
select FS_IOMAP
- select LIBCRC32C
help
EROFS (Enhanced Read-Only File System) is a lightweight read-only
file system with modern designs (e.g. no buffer heads, inline
diff --git a/fs/erofs/super.c b/fs/erofs/super.c
index 9d6a3c6158bd..bb6a966ac4d4 100644
--- a/fs/erofs/super.c
+++ b/fs/erofs/super.c
@@ -8,7 +8,6 @@
#include <linux/statfs.h>
#include <linux/parser.h>
#include <linux/seq_file.h>
-#include <linux/crc32c.h>
#include <linux/fs_context.h>
#include <linux/fs_parser.h>
#include <linux/dax.h>
@@ -51,33 +50,6 @@ void _erofs_info(struct super_block *sb, const char *function,
va_end(args);
}
-static int erofs_superblock_csum_verify(struct super_block *sb, void *sbdata)
-{
- size_t len = 1 << EROFS_SB(sb)->blkszbits;
- struct erofs_super_block *dsb;
- u32 expected_crc, crc;
-
- if (len > EROFS_SUPER_OFFSET)
- len -= EROFS_SUPER_OFFSET;
-
- dsb = kmemdup(sbdata + EROFS_SUPER_OFFSET, len, GFP_KERNEL);
- if (!dsb)
- return -ENOMEM;
-
- expected_crc = le32_to_cpu(dsb->checksum);
- dsb->checksum = 0;
- /* to allow for x86 boot sectors and other oddities. */
- crc = crc32c(~0, dsb, len);
- kfree(dsb);
-
- if (crc != expected_crc) {
- erofs_err(sb, "invalid checksum 0x%08x, 0x%08x expected",
- crc, expected_crc);
- return -EBADMSG;
- }
- return 0;
-}
-
static void erofs_inode_init_once(void *ptr)
{
struct erofs_inode *vi = ptr;
@@ -113,15 +85,16 @@ static void erofs_free_inode(struct inode *inode)
static bool check_layout_compatibility(struct super_block *sb,
struct erofs_super_block *dsb)
{
- const unsigned int feature = le32_to_cpu(dsb->feature_incompat);
+ struct erofs_sb_info *sbi = EROFS_SB(sb);
- EROFS_SB(sb)->feature_incompat = feature;
+ sbi->feature_compat = le32_to_cpu(dsb->feature_compat);
+ sbi->feature_incompat = le32_to_cpu(dsb->feature_incompat);
/* check if current kernel meets all mandatory requirements */
- if (feature & (~EROFS_ALL_FEATURE_INCOMPAT)) {
+ if (sbi->feature_incompat & (~EROFS_ALL_FEATURE_INCOMPAT)) {
erofs_err(sb,
"unidentified incompatible feature %x, please upgrade kernel version",
- feature & ~EROFS_ALL_FEATURE_INCOMPAT);
+ sbi->feature_incompat & ~EROFS_ALL_FEATURE_INCOMPAT);
return false;
}
return true;
@@ -365,13 +338,6 @@ static int erofs_read_superblock(struct super_block *sb)
goto out;
}
- sbi->feature_compat = le32_to_cpu(dsb->feature_compat);
- if (erofs_sb_has_sb_chksum(sbi)) {
- ret = erofs_superblock_csum_verify(sb, data);
- if (ret)
- goto out;
- }
-
ret = -EINVAL;
if (!check_layout_compatibility(sb, dsb))
goto out;
--
2.19.1.6.gb485710b
Powered by blists - more mailing lists