lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <ZO8HcBirOZnX9iRs@gondor.apana.org.au>
Date:   Wed, 30 Aug 2023 17:10:08 +0800
From:   Herbert Xu <herbert@...dor.apana.org.au>
To:     Linus Torvalds <torvalds@...ux-foundation.org>
Cc:     ardb@...nel.org, keescook@...omium.org, kees@...nel.org,
        linux-kernel@...r.kernel.org, enlin.mu@...soc.com,
        ebiggers@...gle.com, gpiccoli@...lia.com, willy@...radead.org,
        yunlong.xing@...soc.com, yuxiaozhang@...gle.com
Subject: Re: [GIT PULL] pstore updates for v6.6-rc1

Linus Torvalds <torvalds@...ux-foundation.org> wrote:
>
> Of course, potentially even better would be to actually move this fix
> into our copy of zlib. Does the bug / misfeature still exist in
> upstream zlib?
> 
> Also, grepping around a bit, I note that btrfs, for example, just does
> that Z_SYNC_FLUSH, and then checks for Z_OK. None of this Z_STREAM_END
> stuff.
> 
> Similarly, going off to the debian code search, I find other code that
> just accepts either Z_OK or Z_STREAM_END.
> 
> So what's so magical about how pstore uses zlib? This is just very odd.

The Crypto API DEFLATE algorithm was added for IPComp (RFC 2394).
So there is a specific format required and to achieve that through
zlib, you must use raw mode.

Later on someone added "zlib-deflate" to the Crypto API which does
emit the zlib header/trailer.  It appears to be completely unused
and it was only added because certain hardware happened be able to
emit the same header/trailer.  We should remove zlib-defalte
and all the driver implementations of it from the Crypto API.

Normally, zlib will emit a header and a checksum trailer.  That's
why its implementation assumes that there will be at least one (or
in fact two) byte(s) after the end of the compressed data.  I haven't
checked the latest upstream but I would presume that it would still
make the same assumption as raw mode (or DEFLATE) is an undocumented
feature of zlib.

Coming back to pstore, for better or worse the original implementation
of pstore chose the Crypto API deflate algorithm so it produces
output that is equivalent to that of RFC 2394.  Therefore it relies
on zlib raw mode and it must supply an extra byte at the end of
the compressed data to ensure that decompression works properly.

The other in-kernel users of zlib appears to use it with a header and
trailer so they are unaffected by this.

Cheers,
-- 
Email: Herbert Xu <herbert@...dor.apana.org.au>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ