xfs
[Top] [All Lists]

Re: possible hash-dos enabled by using crc32 checksums?

To: xfs@xxxxxxxxxxx
Subject: Re: possible hash-dos enabled by using crc32 checksums?
From: Carlos Maiolino <cmaiolino@xxxxxxxxxx>
Date: Fri, 14 Dec 2012 09:33:28 -0200
In-reply-to: <20121213232715.GJ16353@dastard>
References: <20121213145839.GA16282@xxxxxxxxxxxxxxxxxxxxxxxxxxxx> <20121213232715.GJ16353@dastard>
User-agent: Mutt/1.5.21 (2010-09-15)
Thanks for the very detailed explanation dave.

On Fri, Dec 14, 2012 at 10:27:16AM +1100, Dave Chinner wrote:
> On Thu, Dec 13, 2012 at 12:58:40PM -0200, Carlos Maiolino wrote:
> > Hi guys,
> > 
> > I just read this blog post:
> > http://crypto.junod.info/2012/12/13/hash-dos-and-btrfs/
> > 
> 
> The above describes a directory name hashing attack, where duplicate
> hashes prevent creation of otherwise unique filenames in the same
> directory. This problem is unique to btrfs, and has nothing to do
> with the use of CRC32 for hashing - the problem is simply that btrfs
> does not handle hash collisions at all well.
> 
> FWIW, the directory name hashing tricks for fast random lookups that
> btrfs uses was actually copied from XFS. XFS doesn't have this DOS
> problem, however, because XFS does not use the hashed value as a
> unique identifier. i.e. we can have multiple entries in a directory
> that hash to exactly the same value and not have any problems at
> all.
> 
> Like I said, a problem unique to btrfs.
> 
> > And got worried if this would not be possible with XFS after the checksum
> > implementation.
> > TBH I'm horrible with crypto and those maths, but I'm worried if after crc32
> > checksum implementation we may not be enabling hash-dos attacks to XFS.
> 
> We'll be using CRCs completely internally to XFS and they are not
> used as indexes into structures or lookup keys. They are purely for
> verification, and hence I think it's impossible to use them as a DOS
> vector...
> 
> Cheers,
> 
> Dave.
> -- 
> Dave Chinner
> david@xxxxxxxxxxxxx
> 
> _______________________________________________
> xfs mailing list
> xfs@xxxxxxxxxxx
> http://oss.sgi.com/mailman/listinfo/xfs

-- 
Carlos

<Prev in Thread] Current Thread [Next in Thread>