[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: announce: linux-int-2.4.3.1-hvr3

To: Herbert Valerio Riedel <hvr@gnu.org>
Subject: Re: announce: linux-int-2.4.3.1-hvr3
From: Jari Ruusu <jari.ruusu@pp.inet.fi>
Date: Mon, 09 Apr 2001 05:10:04 +0300
CC: linux-crypto@nl.linux.org, Alexander.Kjeldaas@fast.no, axboe@suse.de, acahalan@cs.uml.edu
References: <200104081429.QAA03970@phobos.hvrlab.org>
Sender: owner-linux-crypto@nl.linux.org

Herbert Valerio Riedel wrote:
> hello,
> 
> *WARNING* experimental *WARNING*
> 
> ...this patch (on top of the official international crypto
> patch-int-2.4.3.1) fixes some problems I've been experiencing with
> the IV calculation in loop.c, which have some annoying consequences;
> (say, you wanted to move around images among medias with
> different block sizes, e.g. burn an file backed image to a cdrom, then
> you'll surely have fun mounting directly that cdrom block device...
> but there are problems even creating the image from user space, and
> then having the blocksize changed in kernel space by some filesystem
> implementation... there were other issues too...)
> 
> the approach I've taken to 'fix' this comprises two changes,
> 
> 1. using a base of 512 (aka sector size) for IV calculation, instead
> of the former way, to take the actual blocksize of the underlying media.
> 
> 2. breaking up the encoding of a buffer into 512 byte chunks (if
> needed) and incrementing the IV in transfer_cryptoapi()
> 
> (3. returning -EINVAL if trying to setup an offset into the loop data
>  % 512 != 0  -- since that would break... unless somebody completely
> rewrites loop.c...)
> 
> as to the experimental-warning issued at the beginning of this mail,
> as you may already have noticed, this changes will make your old
> encrypted storages unusable, due to the new IV calculation...
> 
> http://www.hvrlab.org/pub/crypto/patch-int-2.4.3.1-hvr3.gz
> 
> PS: something not related to this patch, -- I've noticed SMP related
> data corruption, I suspect having the IV unlocked in the shared cipher
> context may lead to race conditions... (maybe the IV should be passed
> on a per-call basis in order to avoid spinlocks...)

Below is part of your patch, pay particular attention to line 348.

Regards,
Jari Ruusu <jari.ruusu@pp.inet.fi>


@@ -258,6 +280,12 @@
                                        lo->lo_device);
 }
 
+static inline unsigned long loop_get_iv(struct loop_device *lo,
+                                       unsigned long sector)
+{
+       return sector - (lo->lo_offset >> IV_SECTOR_BITS);
                   ^^^^^^ LINE 348 - CORRUPTION ?
+}
+
 static int lo_send(struct loop_device *lo, struct buffer_head *bh, int bsize,
                   loff_t pos)
 {
@@ -275,7 +303,7 @@

Linux-crypto:  cryptography in and on the Linux system
Archive:       http://mail.nl.linux.org/linux-crypto/

Follow-Ups:
- Re: announce: linux-int-2.4.3.1-hvr3
  - From: Herbert Valerio Riedel <hvr@hvrlab.org>

References:
- announce: linux-int-2.4.3.1-hvr3
  - From: Herbert Valerio Riedel <hvr@gnu.org>

Prev by Date: announce: linux-int-2.4.3.1-hvr3
Next by Date: Re: announce: linux-int-2.4.3.1-hvr3
Prev by thread: announce: linux-int-2.4.3.1-hvr3
Next by thread: Re: announce: linux-int-2.4.3.1-hvr3
Index(es):
- Date
- Thread