[PATCH v3 0/9] hash.h: support choosing a separate SHA-1 for non-cryptographic uses

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

This series adds a build-time knob to allow selecting an alternative
SHA-1 implementation for non-cryptographic hashing within Git, starting
with the `hashwrite()` family of functions.

This version is a more size-able reroll from the first two rounds, which
updates pack-objects to use a (hardened) version of
`finalize_object_file()`, that is now sensitive to checksum collisions.

Peff and I wrote the first four (new) patches together, and I feel
confident now that we're in a good spot to address the concerns raised
in [1].

Thanks in advance for your review!

[1]: https://lore.kernel.org/git/20240905202707.GA2602440@xxxxxxxxxxxxxxxxxxxxxxx/

Taylor Blau (9):
  finalize_object_file(): check for name collision before renaming
  finalize_object_file(): refactor unlink_or_warn() placement
  finalize_object_file(): implement collision check
  pack-objects: use finalize_object_file() to rename pack/idx/etc
  i5500-git-daemon.sh: use compile-able version of Git without OpenSSL
  sha1: do not redefine `platform_SHA_CTX` and friends
  hash.h: scaffolding for _fast hashing variants
  Makefile: allow specifying a SHA-1 for non-cryptographic uses
  csum-file.c: use fast SHA-1 implementation when available

 Makefile                              |  25 ++++++
 block-sha1/sha1.h                     |   2 +
 csum-file.c                           |  18 ++---
 hash.h                                |  72 +++++++++++++++++
 object-file.c                         | 110 +++++++++++++++++++++++++-
 pack-write.c                          |   7 +-
 sha1/openssl.h                        |   2 +
 sha1dc_git.h                          |   3 +
 t/interop/i5500-git-daemon.sh         |   2 +-
 t/t5303-pack-corruption-resilience.sh |   7 +-
 10 files changed, 230 insertions(+), 18 deletions(-)

Range-diff against v2:
 -:  ----------- >  1:  738b1eb17b4 finalize_object_file(): check for name collision before renaming
 -:  ----------- >  2:  e1c2c39711f finalize_object_file(): refactor unlink_or_warn() placement
 -:  ----------- >  3:  0feee5d1d4f finalize_object_file(): implement collision check
 -:  ----------- >  4:  620dde48a9d pack-objects: use finalize_object_file() to rename pack/idx/etc
 -:  ----------- >  5:  bfe992765cd i5500-git-daemon.sh: use compile-able version of Git without OpenSSL
 1:  e7cd23bf4cd =  6:  22863d9f6df sha1: do not redefine `platform_SHA_CTX` and friends
 2:  3b5f21e4a62 =  7:  119c318d812 hash.h: scaffolding for _fast hashing variants
 3:  02764de1395 =  8:  137ec30d68a Makefile: allow specifying a SHA-1 for non-cryptographic uses
 4:  311fcc95960 =  9:  4018261366f csum-file.c: use fast SHA-1 implementation when available

base-commit: 159f2d50e75c17382c9f4eb7cbda671a6fa612d1
-- 
2.46.0.430.gca674632b70
[Index of Archives]     [Linux Kernel Development]     [Gcc Help]     [IETF Annouce]     [DCCP]     [Netdev]     [Networking]     [Security]     [V4L]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Linux SCSI]     [Fedora Users]

  Powered by Linux