diff for duplicates of <1538736566.3702.436.camel@linux.ibm.com> diff --git a/a/1.txt b/N1/1.txt index 75d0b87..2f92534 100644 --- a/a/1.txt +++ b/N1/1.txt @@ -11,16 +11,16 @@ On Thu, 2018-10-04 at 13:30 -0700, Matthew Garrett wrote: > hash (eg, fs-verity on ext4 could provide a hash and then later abort > any read()s that discover that the file doesn't match the measurement). -Really, a security vs. performance argument?! I don't need to tell +Really, a security vs. performance argument?! I don't need to tell you of all people, that one of the basic tenents of trusted boot is -calculating the actual file hash before use. Limiting the file hash +calculating the actual file hash before use. Limiting the file hash re-calculation is one thing, but relying on some out of band method of obtaining the file hash without the kernel ever calculating it is -totally different. The only exception will be for fs-verity, which +totally different. The only exception will be for fs-verity, which will return not the file hash, but the file's Merkle tree root hash. If you want to introduce support for identifying whether a FUSE file, -on a trusted mount, needs to be rehashed, that's fine. It should not +on a trusted mount, needs to be rehashed, that's fine. It should not be the default behavior. Mimi diff --git a/a/content_digest b/N1/content_digest index 8fef7aa..4ab0ead 100644 --- a/a/content_digest +++ b/N1/content_digest @@ -23,18 +23,18 @@ "> hash (eg, fs-verity on ext4 could provide a hash and then later abort\n" "> any read()s that discover that the file doesn't match the measurement).\n" "\n" - "Really, a security vs. performance argument?! I don't need to tell\n" + "Really, a security vs. performance argument?! \302\240I don't need to tell\n" "you of all people, that one of the basic tenents of trusted boot is\n" - "calculating the actual file hash before use. Limiting the file hash\n" + "calculating the actual file hash before use. \302\240Limiting the file hash\n" "re-calculation is one thing, but relying on some out of band method of\n" "obtaining the file hash without the kernel ever calculating it is\n" - "totally different. The only exception will be for fs-verity, which\n" + "totally different. \302\240The only exception will be for fs-verity, which\n" "will return not the file hash, but the file's Merkle tree root hash.\n" "\n" "If you want to introduce support for identifying whether a FUSE file,\n" - "on a trusted mount, needs to be rehashed, that's fine. It should not\n" + "on a trusted mount, needs to be rehashed, that's fine. \302\240It should not\n" "be the default behavior.\n" "\n" Mimi -77c470055128f604b3347fb935d92ae643ff2056d8292176dc57d964089c0c59 +9b6a9b0cab86c5455837dcbae80c33e772af659b944f7a9ce5bf8abc93dc5905
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.