lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20241021190249.GA1395714@google.com>
Date: Mon, 21 Oct 2024 19:02:49 +0000
From: Eric Biggers <ebiggers@...nel.org>
To: Mikulas Patocka <mpatocka@...hat.com>
Cc: dm-devel@...ts.linux.dev, linux-block@...r.kernel.org,
	linux-kernel@...r.kernel.org, linux-fscrypt@...r.kernel.org,
	linux-ext4@...r.kernel.org, linux-f2fs-devel@...ts.sourceforge.net,
	Md Sadre Alam <quic_mdalam@...cinc.com>,
	Israel Rukshin <israelr@...dia.com>,
	Milan Broz <gmazyland@...il.com>,
	Adrian Vovk <adrianvovk@...il.com>
Subject: Re: [RFC PATCH 2/4] block: add the bi_skip_dm_default_key flag

On Mon, Oct 21, 2024 at 01:11:36PM +0200, Mikulas Patocka wrote:
> Hi
> 
> What about using the REQ_META flag (it is set on metadata bios and cleared 
> on data bios), instead of adding a new flag with the same meaning?
> 
> Mikulas

REQ_META is a hint and is not used for all metadata.

And while metadata is the main point, more precisely the goal is to encrypt
every block that isn't already encrypted.  That means that the contents of files
that are unencrypted at the filesystem layer are encrypted by dm-default-key
too.  So technically it's more than just metadata.

To avoid recurring "oops, we forgot to encrypt this" bugs, the right model is
really an opt-out flag, not opt-in.  And especially not opt-in via something
that is currently just a hint and is used as such.

- Eric

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ