'Re: bug list int.2.4.x ?'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       linux-crypto
Subject:    Re: bug list int.2.4.x ?
From:       Jari Ruusu <jari.ruusu () pp ! inet ! fi>
Date:       2001-07-22 9:45:49
[Download RAW message or body]

Marc Mutz wrote:
> can you _please_ stop these shameless plugs and spam-like advertizing
> for your patch? The poster asked for incompatibilities between 2.2.x
> and 2.4.x international kernel patches.
> 
> Answer that or keep quiet.

Jari Ruusu wrote:
> 1)  IV is block size based. When block size changes -> IV changes and shit
>     hits the fan. This block size insanity is a real time bomb.
>     - Study kernel sources how block sizes are used in filesystems and
>       elsewhere. Grep kernel sources for set_blocksize().
>     - Study kernel sources how IV is computed in loop.c
> 
>     When mounting a file system (ext2 for example), a superblock must be
>     read from disk. Superblock contains the block size of the file system.
>     To read the superblock without corrupting any data, following items are
>     needed:
> 
>     a)  Encrypted data on the disk... Yep, got that.
>     b)  Encryption key... Yep, got that too.
>     c)  Sector offset of superblock, needed for IV calculation... Yep.
>     d)  Blocksize, needed for IV calculation... Blocksize? Hello?

Above means:
- If reads do not start at same offset as writes were performed earlier ->
  wrong IV -> data corruption.
- If reads are longer than writes were earlier -> wrong IV in middle of read
  -> data corruption.
- If block size is not same as when writes done -> wrong IV -> data
  corruption.

International crypto patch makes a lot of assumptions about how file systems
access the disk, including assumption that block size newer changes. Many of
these assumptions are just NOT TRUE and cause data corruption and
INCOMPATIBLE behavior. It is just a broken design, period.

Sorry if stating facts annoys you.

Regards,
Jari Ruusu <jari.ruusu@pp.inet.fi>

Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic