Received: by 10.223.176.46 with SMTP id f43csp1888443wra; Thu, 25 Jan 2018 01:30:35 -0800 (PST) X-Google-Smtp-Source: AH8x226f8iTPibIbCvtcLz60IydLUZ2IadZRCyws4sfprBUDiqmlJquGMi8xXPdE+JdROduKGjJi X-Received: by 10.98.27.5 with SMTP id b5mr15624771pfb.103.1516872634993; Thu, 25 Jan 2018 01:30:34 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1516872634; cv=none; d=google.com; s=arc-20160816; b=QR+pwv186tyIwsth1nQB00QWYrqCnvjtTaeQMAinwWG37wd2sBZ5JK/GUHoWSCwNkw nVHANcZE3UDwVexhopJszZXSUT9HcRkejNf+QiJC21rbjcofGXxapVAIw5iZjIB7cF1V Apf8SaIMbQw9iPr3hhMcfQ9/BcaTXXy8lrS1akg3P93AvevP9+SFJgKHLcqhQFwenvPS xf0ttTAvjlX3WNJy6yfdahG4Pjj7AJa9SCYKMtszs8nIXMzV/zLnfzTTT0T3gHeBqbNj 9xnYKZpEA++5zwzaH8C0sfqKBzKBRjMYIcQpRCiuI5U2ZVqKu4dW3sN0rhkqFmeAVIv+ OUBA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :references:in-reply-to:mime-version:dkim-signature :arc-authentication-results; bh=fyIk78pod9xeYj04xi8I/gXuJE7wryUm5CMMIdB89rE=; b=TqH2nywEqqO8A18I3Lnb1ecimJcfWpQZYm+yuVkmtKoy/WxibRgn4y1ztZIXUF+/Fw Bou81KHDMnwSpIJs3Ha+oJuYn39MBV0BkP2G+TwM+YndATjfktAuM2FtfvsEnQ8Y5/BW 0D1GJQjeCdpyknm8kn14mKcLtDtL4V372TcFdyS9M+mY+cMz5s0KSBSRiPLXQrVtgLo9 aDrJEBRzftCq84WExJ+HdoKNiknbmmn9n7Je4jAbFczzzyHGy3qq7GiZhOsNDqCWY313 IijkD8Mbodc2kmpN6RR8krN1Cd8ZYkeFcs8WeDz4fLO0GDnYdH+nwAwNvYVo2hX3DjzP c2cw== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@gmail.com header.s=20161025 header.b=fJ9AjSXu; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id c2si1294384pgf.611.2018.01.25.01.30.20; Thu, 25 Jan 2018 01:30:34 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=fail header.i=@gmail.com header.s=20161025 header.b=fJ9AjSXu; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751536AbeAYJ3T (ORCPT + 99 others); Thu, 25 Jan 2018 04:29:19 -0500 Received: from mail-oi0-f65.google.com ([209.85.218.65]:46135 "EHLO mail-oi0-f65.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751378AbeAYJ3O (ORCPT ); Thu, 25 Jan 2018 04:29:14 -0500 Received: by mail-oi0-f65.google.com with SMTP id 8so461269oix.13; Thu, 25 Jan 2018 01:29:13 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=fyIk78pod9xeYj04xi8I/gXuJE7wryUm5CMMIdB89rE=; b=fJ9AjSXuR13SUA2BUHfYBUoTSOne4YmuU6i0WVPEJ1JBoXRlXwiAMsthBkXaNEX9bX dOh3NvEROX5bOaonunFRI+kZP/uJnO+bBWIOWMTxxmDGTWWmjpytw35I2VyphDcP35bD Yv8wZ7Nm4BlFQnZg3YEu58NDjhHcepglw1Mv4oqJ61uJhZvuea1D9Noib8SEl2jPpLEs tova+z+T5w5Zqz1wMxn+qpsa5q+dQCr5DBjw8P0mSfFpAMWZhfO9dZeETcnerGzESCE/ VU2tIbFvcqOmtkGbIUVCQw6FNOjE/ukMmEgIJw5qeUH0In4alDTOPJu8ut7mPfg7DoCw PbmA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=fyIk78pod9xeYj04xi8I/gXuJE7wryUm5CMMIdB89rE=; b=Bw6tiAy1eW1yRzUFbsSRAagdkw6cGaNhfecre3/LTf3H6ujvdpzBhMmFBW5W8RXMX2 xZq44uH5irkPyovenR9tTtR1tnBYi6QsnBnpOFpWPIVxLIU1G+o5Ou5WFa6c1bqzTZaG rHOQamtbGWj3CvLkrHthnJL5PjLvjK0lzmlXqkZ2x7M+7Juhno955IRMbCwYn8O4AmYD O6kO7kBEOWVDlsu+iCJYS0+COnY0ltXFX7ea4Xi1kukl2z+VRFQh+6dkqjo65e4QHgmG a/86PvmjVSw/UFDNyEKYrgpOmkVXGi/ckUPgc6tJ7pVV5TYbLIaJWGy31IFqW4RUwxa0 LMfQ== X-Gm-Message-State: AKwxyteSbR5iU+hR48T1bhM45PyD0ZT1CrS8ynOJCNjJ5xKbKO2aV4DV QRNkJNpWe2mKsTFI2HtfHl2rxFJ2sR6nJ153aqM= X-Received: by 10.202.232.211 with SMTP id f202mr8958441oih.128.1516872553013; Thu, 25 Jan 2018 01:29:13 -0800 (PST) MIME-Version: 1.0 Received: by 10.157.68.119 with HTTP; Thu, 25 Jan 2018 01:29:12 -0800 (PST) In-Reply-To: <1516850875-25066-2-git-send-email-takondra@cisco.com> References: <1516850875-25066-1-git-send-email-takondra@cisco.com> <1516850875-25066-2-git-send-email-takondra@cisco.com> From: Arnd Bergmann Date: Thu, 25 Jan 2018 10:29:12 +0100 X-Google-Sender-Auth: 1fk485KKSzj6tZkyFmolNadDjB0 Message-ID: Subject: Re: [PATCH v2 01/15] Documentation: add newcx initramfs format description To: Taras Kondratiuk Cc: "H. Peter Anvin" , Al Viro , Rob Landley , Mimi Zohar , Jonathan Corbet , James McMechan , initramfs@vger.kernel.org, Victor Kamensky , linux-doc@vger.kernel.org, Linux Kernel Mailing List , LSM List , xe-linux-external@cisco.com Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Thu, Jan 25, 2018 at 4:27 AM, Taras Kondratiuk wrote: > Many of the Linux security/integrity features are dependent on file > metadata, stored as extended attributes (xattrs), for making decisions. > These features need to be initialized during initcall and enabled as > early as possible for complete security coverage. > > Initramfs (tmpfs) supports xattrs, but newc CPIO archive format does not > support including them into the archive. > > This patch describes "extended" newc format (newcx) that is based on > newc and has following changes: > - extended attributes support > - increased size of filesize to support files >4GB. > - increased mtime field size to have usec precision and more than > 32-bit of seconds. > - removed unused checksum field. > > Signed-off-by: Taras Kondratiuk > Signed-off-by: Mimi Zohar > Signed-off-by: Victor Kamensky Ah nice, I like the extension of the time handling, that certainly addresses one of the issues with y2038 that we have previously hacked around in an ugly way (interpreting the 32-bit number as unsigned). However, if this is to become a generally supported format for cpio files, could we make it use nanosecond resolution instead? The issue that I see with microseconds is that storing a file in an archive and extracting it again would otherwise keep the mtime stamp /almost/ identical on file systems that have nanosecond resolution, but most of the time a comparison would indicate that the files are not the same. Unfortunately, the range of a 64-bit nanoseconds counter is still a bit limited (584 years, or half of that if we make it signed). While this is clearly enough for the uses in initramfs, it still has a similar problem: someone creating a fake timestamp a long time in the past or future on a file system would lose information after going though cpio. Arnd