Re: [PATCH v2 1/2] btrfs: add authentication support

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: Eric Biggers <ebiggers@xxxxxxxxxx>
Subject: Re: [PATCH v2 1/2] btrfs: add authentication support
From: Johannes Thumshirn <Johannes.Thumshirn@xxxxxxx>
Date: Wed, 6 May 2020 08:30:46 +0000
Accept-language: en-US
Cc: Johannes Thumshirn <jth@xxxxxxxxxx>, David Sterba <dsterba@xxxxxxx>, "linux-fsdevel@xxxxxxxxxxxxxxx" <linux-fsdevel@xxxxxxxxxxxxxxx>, "linux-btrfs@xxxxxxxxxxxxxxx" <linux-btrfs@xxxxxxxxxxxxxxx>, Richard Weinberger <richard@xxxxxx>
Ironport-sdr: tYPyYdMecbHhsPBM6ZzucEhSLLX5ZDXsRrchUgewIa0S/WyS/llNxy2lZ5bv/LWxUMf96r6uo3 Vdo/lQoX5P+bCaZsw+WzisErDdRoZtraITMGeQVQOTGvQPB78FFM8PJcLaOR/dIYSBDA5osXG2 CT5qb45zrTGiniX3avGTcdH0qxZsSZgMglKvRgPlf8cHBKLqtKbcXm56e4w5U7XV+BiD3VaDp8 r9uljxLCoGxzmHrzKkwz0XEgZdU3ZhTBhYH0canm+TK6gfc69wqcdEvl4FNDf5HXKLGVTsk4d2 ks0=
Thread-index: AQHWHUw3Fjk34p8J2kWvUrIfOj4HzQ==
Thread-topic: [PATCH v2 1/2] btrfs: add authentication support
Wdcipoutbound: EOP-TRUE

On 06/05/2020 00:37, Eric Biggers wrote:
> They replace the current content of the block device with the content at an
> earlier time.

We could mitigate this (at a later time probably), by writing the super 
block generation into some trusted store like a TPM.

But I think this would need general support from the kernel.

But thanks for showing me this attack, I'll document that this attack 
will still work.

References:
- [PATCH v2 0/2] Add file-system authentication to BTRFS
  - From: Johannes Thumshirn
- [PATCH v2 1/2] btrfs: add authentication support
  - From: Johannes Thumshirn
- Re: [PATCH v2 1/2] btrfs: add authentication support
  - From: Eric Biggers
- Re: [PATCH v2 1/2] btrfs: add authentication support
  - From: Johannes Thumshirn
- Re: [PATCH v2 1/2] btrfs: add authentication support
  - From: Eric Biggers
- Re: [PATCH v2 1/2] btrfs: add authentication support
  - From: Johannes Thumshirn
- Re: [PATCH v2 1/2] btrfs: add authentication support
  - From: Eric Biggers

Prev by Date: Re: [PATCH v2 1/2] btrfs: add authentication support
Next by Date: Re: [PATCH 02/11] ext4: fix fiemap size checks for bitmap files
Previous by thread: Re: [PATCH v2 1/2] btrfs: add authentication support
Next by thread: Re: [PATCH v2 1/2] btrfs: add authentication support
Index(es):
- Date
- Thread

[Index of Archives] [Linux Ext4 Filesystem] [Union Filesystem] [Filesystem Testing] [Ceph Users] [Ecryptfs] [AutoFS] [Kernel Newbies] [Share Photos] [Security] [Netfilter] [Bugtraq] [Yosemite News] [MIPS Linux] [ARM Linux] [Linux Security] [Linux Cachefs] [Reiser Filesystem] [Linux RAID] [Samba] [Device Mapper] [CEPH Development]