xfs
[Top] [All Lists]

Re: possible hash-dos enabled by using crc32 checksums?

To: Carlos Maiolino <cmaiolino@xxxxxxxxxx>
Subject: Re: possible hash-dos enabled by using crc32 checksums?
From: Dave Chinner <david@xxxxxxxxxxxxx>
Date: Fri, 14 Dec 2012 10:27:16 +1100
Cc: xfs@xxxxxxxxxxx
In-reply-to: <20121213145839.GA16282@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>
References: <20121213145839.GA16282@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>
User-agent: Mutt/1.5.21 (2010-09-15)
On Thu, Dec 13, 2012 at 12:58:40PM -0200, Carlos Maiolino wrote:
> Hi guys,
> 
> I just read this blog post:
> http://crypto.junod.info/2012/12/13/hash-dos-and-btrfs/
> 

The above describes a directory name hashing attack, where duplicate
hashes prevent creation of otherwise unique filenames in the same
directory. This problem is unique to btrfs, and has nothing to do
with the use of CRC32 for hashing - the problem is simply that btrfs
does not handle hash collisions at all well.

FWIW, the directory name hashing tricks for fast random lookups that
btrfs uses was actually copied from XFS. XFS doesn't have this DOS
problem, however, because XFS does not use the hashed value as a
unique identifier. i.e. we can have multiple entries in a directory
that hash to exactly the same value and not have any problems at
all.

Like I said, a problem unique to btrfs.

> And got worried if this would not be possible with XFS after the checksum
> implementation.
> TBH I'm horrible with crypto and those maths, but I'm worried if after crc32
> checksum implementation we may not be enabling hash-dos attacks to XFS.

We'll be using CRCs completely internally to XFS and they are not
used as indexes into structures or lookup keys. They are purely for
verification, and hence I think it's impossible to use them as a DOS
vector...

Cheers,

Dave.
-- 
Dave Chinner
david@xxxxxxxxxxxxx

<Prev in Thread] Current Thread [Next in Thread>