| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20241021190249.GA1395714@google.com> Date: Mon, 21 Oct 2024 19:02:49 +0000 From: Eric Biggers <ebiggers@...nel.org> To: Mikulas Patocka <mpatocka@...hat.com> Cc: dm-devel@...ts.linux.dev, linux-block@...r.kernel.org, linux-kernel@...r.kernel.org, linux-fscrypt@...r.kernel.org, linux-ext4@...r.kernel.org, linux-f2fs-devel@...ts.sourceforge.net, Md Sadre Alam <quic_mdalam@...cinc.com>, Israel Rukshin <israelr@...dia.com>, Milan Broz <gmazyland@...il.com>, Adrian Vovk <adrianvovk@...il.com> Subject: Re: [RFC PATCH 2/4] block: add the bi_skip_dm_default_key flag On Mon, Oct 21, 2024 at 01:11:36PM +0200, Mikulas Patocka wrote: > Hi > > What about using the REQ_META flag (it is set on metadata bios and cleared > on data bios), instead of adding a new flag with the same meaning? > > Mikulas REQ_META is a hint and is not used for all metadata. And while metadata is the main point, more precisely the goal is to encrypt every block that isn't already encrypted. That means that the contents of files that are unencrypted at the filesystem layer are encrypted by dm-default-key too. So technically it's more than just metadata. To avoid recurring "oops, we forgot to encrypt this" bugs, the right model is really an opt-out flag, not opt-in. And especially not opt-in via something that is currently just a hint and is used as such. - Eric
Powered by blists - more mailing lists