From: "George Spelvin" <linux@horizon.com>
To: linux@horizon.com, tytso@mit.edu
Cc: adilger@dilger.ca, linux-ext4@vger.kernel.org
Subject: Re: [RFC] mke2fs -E hash_alg=siphash: any interest?
Date: 23 Sep 2014 20:37:55 -0400 [thread overview]
Message-ID: <20140924003755.31421.qmail@ns.horizon.com> (raw)
In-Reply-To: <20140923232206.GI17784@thunk.org>
> Well, yes. That's why I suggested doing something with a RAM disk.
> Perhaps creating a huge number of zero length files, then unmounting
> the the file system and remounting it, and then deleting the huge
> number of zero length files.
>
> If that doesn't show an improvement, then it's unlikely any real world
> use case would likely show an improvement....
I've been using a file on a persistent file system, but that's
how I've been doing my validation testing. I'll beat on it some more,
thanks!
> The other thing to consider is what you get if you manage to crack the
> crypto, which is that you might be able to force the worst case
> performance, and possibly cause a directory creation to fail with an
> ENOENT if the huge number of hash collisions cause the two-level htree
> to overfill.
Yes, it's just a DoS, but sometimes that's enough. As the world comes
to depend more and more on computer servers providing services, denial
thereof becomes powerful.
> Neither is going to get you a huge amount, so it this decreases the
> incentive for someone to spend a lot of effort trying to attack the
> system. I'm quite certain though that if there is some way such a
> failure could cause an Iranian nuclear centrifuge to fail
> catastrophically, our friends at Fort Meade would have absolutely no
> problems finding an attack. After all, they did for MD5. :-)
Just remember that *that* was, at its heart, a DoS attack. It actually
damaged equipment, and was effective for far longer because it was
sufficiently surreptitious, but its entire goal was denying the "service"
of gas centrifugation.
halfmd4 is, honestly, probably good enough. It's just that file systems
have a long lifetime, and I'd rather use something well tested.
That's what created this itch; I was picking the parameters for a new
large file system and didn't like the available options.
prev parent reply other threads:[~2014-09-24 0:37 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-09-21 9:53 [RFC] mke2fs -E hash_alg=siphash: any interest? George Spelvin
2014-09-21 17:55 ` Theodore Ts'o
2014-09-21 21:04 ` linux
2014-09-21 22:08 ` TR Reardon
2014-09-22 2:31 ` George Spelvin
2014-09-22 17:09 ` Theodore Ts'o
2014-09-22 23:14 ` George Spelvin
2014-09-22 1:17 ` Theodore Ts'o
2014-09-23 22:25 ` Andreas Dilger
2014-09-23 23:00 ` George Spelvin
2014-09-23 23:22 ` Theodore Ts'o
2014-09-24 0:37 ` George Spelvin [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20140924003755.31421.qmail@ns.horizon.com \
--to=linux@horizon.com \
--cc=adilger@dilger.ca \
--cc=linux-ext4@vger.kernel.org \
--cc=tytso@mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).