From: Christoph Anton Mitterer <calestyo@scientia.org>
To: Qu Wenruo <wqu@suse.com>,
linux-btrfs@vger.kernel.org, linux-crypto@vger.kernel.org
Subject: Re: [PATCH] btrfs-progs: docs: add warning for btrfs checksum features
Date: Sat, 22 Nov 2025 00:55:18 +0100 [thread overview]
Message-ID: <5493c0684cc1014614ae156e9b8888d52857d2bf.camel@scientia.org> (raw)
In-Reply-To: <5495561f-415d-4bb0-9cd4-4543c510f111@suse.com>
On Fri, 2025-11-21 at 17:14 +1030, Qu Wenruo wrote:
>
> Adding linux-crypto list for more feedback.
It would be good if any of them could confirm or reject:
- Whether a filesystem that uses full checksumming (data + meta-data)
and that is encrypted with dm-crypt,... is effectively integrity
protected like it would be with an AEAD.
In particular also:
- Whether this requires a strong cryptographic hash (or as Qu presumed,
any hash would do) and whether the hashing is needed to be done as a
Merkle-tree or whether that's not needed
- Whether, if one uses such a fs, AEAD or dm-verity is even
recommended, or just a waste of resources as the checksumming done by
the fs would already be enough.
> > The question IMO is, whether a (dm-crypt) encrypted btrfs that uses
> > a strong hash function for btrfs (i.e. like hash-then-encrypt)
> > would be effectively integrity protected.
>
> In that case, I can not give a concrete answer, but I tend to believe
> it's protected, and no matter what the algorithm is (including
> CRC32C).
I'd rather not think CRC would be enough... I mean why would all crypto
use strong hash algos for signatures, if it could also be done with
fast CRC.
> - For metadata
> The bytenr will mismatch, thus be rejected.
>
> This prevents csum tree from bing modified.
But meta data *is* still checksum protected right (i.e. it doesn'thave
only the bytenr).
Maybe, if someone from the crypto guys has a look, you could outline
them how the exact hashing structure looks for btrfs.... like is it a
full Merkle-tree starting from the super block, what about super block
copies, etc. pp.
Thanks,
Chris.
next prev parent reply other threads:[~2025-11-21 23:55 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <7458cde1f481c8d8af2786ee64d2bffde5f0386c.1763700989.git.wqu@suse.com>
[not found] ` <9523838F-B99E-4CC5-8434-B34B105FD08B@scientia.org>
[not found] ` <bc5249ba-9c39-42b1-903d-e50375a433d2@suse.com>
[not found] ` <3C200394-F95B-4D1C-9256-3718E331ED34@scientia.org>
2025-11-21 6:44 ` [PATCH] btrfs-progs: docs: add warning for btrfs checksum features Qu Wenruo
2025-11-21 23:55 ` Christoph Anton Mitterer [this message]
2025-11-22 0:52 ` Eric Biggers
2025-11-22 14:36 ` Neal Gompa
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5493c0684cc1014614ae156e9b8888d52857d2bf.camel@scientia.org \
--to=calestyo@scientia.org \
--cc=linux-btrfs@vger.kernel.org \
--cc=linux-crypto@vger.kernel.org \
--cc=wqu@suse.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox