| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <3181bbd4-40df-eecf-c9b2-45b09018b8af@redhat.com>
Date: Fri, 3 Jan 2025 17:25:59 +0100 (CET)
From: Mikulas Patocka <mpatocka@...hat.com>
To: Milan Broz <gmazyland@...il.com>
cc: Alasdair Kergon <agk@...hat.com>, Mike Snitzer <snitzer@...nel.org>,
dm-devel@...ts.linux.dev, Yu Kuai <yukuai1@...weicloud.com>,
lkml <linux-kernel@...r.kernel.org>, "yukuai (C)" <yukuai3@...wei.com>
Subject: Re: [discussion] proposal to bypass zero data for dm-crypt
Milan, what do you think about this from a cryptographic point of view?
Does it make sense to add an option that would detect zero data and skip
decryption in this case?
Mikulas
On Sat, 21 Dec 2024, Yu Kuai wrote:
> Background
>
> We provide virtual machines for customers to use, which include an important
> feature: in the initial state, the disks in the virtual machine do not occupy
> actual storage space, and the data read by users is all zeros until the user
> writes data for the first time. This can save a large amount of storage.
>
> Problem
>
> However, after introducing dm-crypt, this feature has failed. Because we
> expect the data read by users in the initial state to be zero, we have to
> write all zeros from dm-crypt.
>
> Hence we'd like to propose to bypass zero data for dm-crypt, for
> example:
>
> before:
> zero data -> encrypted zero data
> decrypted zero data -> zero data
> others
>
> after:
> zero data -> zero data
> decrypted zero data -> encrypted zero data
> others(doesn't change)
>
> We'd like to hear from the community for suggestions first, before we
> start. :)
>
> Thanks,
> Kuai
>
Powered by blists - more mailing lists