From: Hannes Frederic Sowa <hannes@stressinduktion.org>
To: George Spelvin <linux@horizon.com>
Cc: dborkman@redhat.com, herbert@gondor.apana.org.au,
linux-kernel@vger.kernel.org, netdev@vger.kernel.org,
tgraf@suug.ch
Subject: Re: Where exactly will arch_fast_hash be used
Date: Sun, 07 Dec 2014 14:41:36 +0100 [thread overview]
Message-ID: <1417959696.17658.37.camel@localhost> (raw)
In-Reply-To: <20141207133056.25209.qmail@ns.horizon.com>
On So, 2014-12-07 at 08:30 -0500, George Spelvin wrote:
> Thanks for the encouragement!
>
> > Please consider xfs, too.
> > AFAIK xfs doesn't seed their hashing so far and the hashing function is
> > pretty weak. One example:
> > http://marc.info/?l=linux-xfs&m=139590613002926&w=2
>
> Is that something that *can* be changed without breaking the
> disk format? SipHash is explicitly *not* designed to be secure as
> an unkeyed hash in the way that SHA-type algorithms are.
I did some research and it looked like it would need a change to the
disk format but it should be doable by incrementing the super block
version, so at least newly created filesystem would benefit from it.
> What it's designed to do is provide second preimage resistance
> of its output, or a function (like modular reduction) of its output,
> against an attacker who doesn't know the secret seed.
>
> > Ack. If we want to use it in the networking stack we should be able to
> > use it without a dependency to the crypto framework.
>
> Already understood. My big question is whether a single function call
> is okay or we need something inlinable.
Like md5_transfrom, I think a non-inline function would be just fine.
Otherwise kernel code size would increase. Most hash users in the
network stack mostly deal with less bytes of input than one round needs.
Bye,
Hannes
next prev parent reply other threads:[~2014-12-07 13:41 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-12-07 5:20 Where exactly will arch_fast_hash be used George Spelvin
2014-12-07 9:28 ` Herbert Xu
2014-12-07 10:02 ` George Spelvin
2014-12-07 12:51 ` Herbert Xu
2014-12-07 13:23 ` George Spelvin
2014-12-07 14:06 ` Hannes Frederic Sowa
2014-12-07 21:33 ` George Spelvin
2014-12-08 11:25 ` Hannes Frederic Sowa
2014-12-08 16:19 ` George Spelvin
2014-12-08 16:32 ` Hannes Frederic Sowa
2014-12-09 14:24 ` Herbert Xu
2014-12-07 13:14 ` Hannes Frederic Sowa
2014-12-07 13:30 ` George Spelvin
2014-12-07 13:41 ` Hannes Frederic Sowa [this message]
2014-12-07 13:52 ` Hannes Frederic Sowa
-- strict thread matches above, loose matches on Subject: below --
2014-12-04 8:11 Herbert Xu
2014-12-04 12:34 ` Hannes Frederic Sowa
2014-12-04 13:14 ` Daniel Borkmann
2014-12-04 15:26 ` Thomas Graf
2014-12-04 15:29 ` Herbert Xu
2014-12-04 15:39 ` Thomas Graf
2014-12-04 15:43 ` Daniel Borkmann
2014-12-04 15:47 ` Herbert Xu
2014-12-04 15:51 ` Daniel Borkmann
2014-12-04 15:56 ` David Laight
2014-12-04 16:10 ` Herbert Xu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1417959696.17658.37.camel@localhost \
--to=hannes@stressinduktion.org \
--cc=dborkman@redhat.com \
--cc=herbert@gondor.apana.org.au \
--cc=linux-kernel@vger.kernel.org \
--cc=linux@horizon.com \
--cc=netdev@vger.kernel.org \
--cc=tgraf@suug.ch \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).