Re: [PATCH v2 1/2] btrfs: add authentication support

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



----- Ursprüngliche Mail -----
> Von: "Johannes Thumshirn" <jth@xxxxxxxxxx>
> An: "David Sterba" <dsterba@xxxxxxx>
> CC: "linux-fsdevel" <linux-fsdevel@xxxxxxxxxxxxxxx>, "linux-btrfs" <linux-btrfs@xxxxxxxxxxxxxxx>, "Eric Biggers"
> <ebiggers@xxxxxxxxxx>, "richard" <richard@xxxxxx>, "Johannes Thumshirn" <johannes.thumshirn@xxxxxxx>, "Johannes
> Thumshirn" <jthumshirn@xxxxxxx>
> Gesendet: Dienstag, 28. April 2020 12:58:58
> Betreff: [PATCH v2 1/2] btrfs: add authentication support

> From: Johannes Thumshirn <johannes.thumshirn@xxxxxxx>
> 
> Add authentication support for a BTRFS file-system.
> 
> This works, because in BTRFS every meta-data block as well as every
> data-block has a own checksum. For meta-data the checksum is in the
> meta-data node itself. For data blocks, the checksums are stored in the
> checksum tree.

Eric already raised doubts, let me ask more directly.
Does the checksum tree really cover all moving parts of BTRFS?

I'm a little surprised how small your patch is.
Getting all this done for UBIFS was not easy and given that UBIFS is truly
copy-on-write it was still less work than it would be for other filesystems.

If I understand the checksum tree correctly, the main purpose is protecting
you from flipping bits.
An attacker will perform much more sophisticated attacks.

Thanks,
//richard



[Index of Archives]     [Linux Ext4 Filesystem]     [Union Filesystem]     [Filesystem Testing]     [Ceph Users]     [Ecryptfs]     [AutoFS]     [Kernel Newbies]     [Share Photos]     [Security]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux Cachefs]     [Reiser Filesystem]     [Linux RAID]     [Samba]     [Device Mapper]     [CEPH Development]

  Powered by Linux