Received: by 10.223.176.46 with SMTP id f43csp2607157wra;
        Thu, 25 Jan 2018 12:28:26 -0800 (PST)
X-Google-Smtp-Source: AH8x227fdwvrz2uSYQTyITIdN6BlFzdHs5ZKBRZh6tKJrmY+L94qGANn6esog+miwLZEtYxMFpSh
X-Received: by 2002:a17:902:7046:: with SMTP id h6-v6mr11487513plt.157.1516912106670;
        Thu, 25 Jan 2018 12:28:26 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1516912106; cv=none;
        d=google.com; s=arc-20160816;
        b=H3l5ITWx9wu7br7YFd/DhYol47nAR3VNsGwHLAcG9GOwUBYyiH9FZ2IfPj5zDUW7D/
         o1Sz0IkqLZTNZ2P+h5wWzrkvF2z0sfDCGJ0Neih489gyAsVxyMgEqRLmyOlB8tnkq4Lo
         GAfsLz5tqQmjK327oXoUPtnK+caXXno97Tonr7qQyDla0i1ndg315wBKS6xC773C5NC/
         X9PRFQmJ+M65sdJ1BbXv4eaqv00wv4i91fokQrIO1P2Jx5MqQgpDBl2vrw6LHywctdQI
         TRdKeJ+TVG33zBklhLgODGdz1U8kB17+e48jO527xIVlAc8ExKlRdsiQ75B/2gk0HEow
         hfNQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:date:subject:user-agent:message-id
         :references:cc:in-reply-to:from:to:content-transfer-encoding
         :mime-version:dkim-signature:arc-authentication-results;
        bh=5Vx/V/L4Sln56JujCfJEjJOHy7deaKgsJ5UTeR+dYy4=;
        b=OeX1GBn3UZE7O+L9A+f1LKqwrD5L0MDhQbcgYwy6blUhhpuAieLa+abQfhTyyvVuyp
         cLH5f9YtsZ3BD3mH4t3GKiFDCt5T8vw4GIIWUGc9ehAdd3s5xEVsSEcEV7uLsdrQnm3q
         mK995buAITlaf+EQhN2m4IVMxLQTOFTK79PGY1veqUZaHcXDPz5Mz4Oo57ZLK44pqVd/
         f1yJIrEAnRn7wBuW1APeN0Q7oDJq19biwiosrhvaxcOjhHN1SyN3hrBmwZB9Wqd3Z+3G
         fTG3Tzb95Yqj7WfPdNEZ9TLmqoQbpZgNpvCJDU+HaL0Q4p3U/f8lvfXu7l5VgAD0BivR
         z6uA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@cisco.com header.s=iport header.b=md3xigow;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=cisco.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id p1-v6si1795029plb.733.2018.01.25.12.28.10;
        Thu, 25 Jan 2018 12:28:26 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@cisco.com header.s=iport header.b=md3xigow;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=cisco.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1751380AbeAYU0w (ORCPT <rfc822;zffurovfq63@gmail.com>
        + 99 others); Thu, 25 Jan 2018 15:26:52 -0500
Received: from alln-iport-4.cisco.com ([173.37.142.91]:53996 "EHLO
        alln-iport-4.cisco.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1751227AbeAYU0u (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 25 Jan 2018 15:26:50 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
  d=cisco.com; i=@cisco.com; l=2259; q=dns/txt; s=iport;
  t=1516912010; x=1518121610;
  h=mime-version:content-transfer-encoding:to:from:
   in-reply-to:cc:references:message-id:subject:date;
  bh=26SXFoo7dqnXv4bmUCbGLpmwbMK9MeujDTDVLx2rX2w=;
  b=md3xigowwJBYiCLU18ZKTC4lPaMbEckDpN1zx8OHX6xpsPuqxw+pjtjx
   JDsXMcR8J+NRj3KFdwpygdqvlBEpJykjoIP8Ts6jFso28nwZdo1QNqh6C
   cNyHB0TddDvOTQBUNxLfiTnMWwgMRdTJm96fEvwLg7FskLVh57MZ+JYLY
   c=;
X-IronPort-AV: E=Sophos;i="5.46,413,1511827200"; 
   d="scan'208";a="61713563"
Received: from alln-core-6.cisco.com ([173.36.13.139])
  by alln-iport-4.cisco.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 25 Jan 2018 20:26:49 +0000
Received: from localhost ([10.156.154.35])
        by alln-core-6.cisco.com (8.14.5/8.14.5) with ESMTP id w0PKQncN010682;
        Thu, 25 Jan 2018 20:26:49 GMT
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
To:     Arnd Bergmann <arnd@arndb.de>
From:   Taras Kondratiuk <takondra@cisco.com>
In-Reply-To: <CAK8P3a2FqEcq44-sRQrsgJ=_DOanC-qgJ3yFr=J6UrOKO0_3uw@mail.gmail.com>
Cc:     "H. Peter Anvin" <hpa@zytor.com>,
        Al Viro <viro@zeniv.linux.org.uk>,
        Rob Landley <rob@landley.net>,
        Mimi Zohar <zohar@linux.vnet.ibm.com>,
        Jonathan Corbet <corbet@lwn.net>,
        James McMechan <james.w.mcmechan@gmail.com>,
        initramfs@vger.kernel.org, Victor Kamensky <kamensky@cisco.com>,
        linux-doc@vger.kernel.org,
        Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
        LSM List <linux-security-module@vger.kernel.org>,
        xe-linux-external@cisco.com
References: <1516850875-25066-1-git-send-email-takondra@cisco.com>
 <1516850875-25066-2-git-send-email-takondra@cisco.com>
 <CAK8P3a2FqEcq44-sRQrsgJ=_DOanC-qgJ3yFr=J6UrOKO0_3uw@mail.gmail.com>
Message-ID: <151691200536.5378.11544479301138437367@takondra-t460s>
User-Agent: alot/0.6
Subject: Re: [PATCH v2 01/15] Documentation: add newcx initramfs format description
Date:   Thu, 25 Jan 2018 12:26:45 -0800
X-Auto-Response-Suppress: DR, OOF, AutoReply
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Quoting Arnd Bergmann (2018-01-25 01:29:12)
> On Thu, Jan 25, 2018 at 4:27 AM, Taras Kondratiuk <takondra@cisco.com> wr=
ote:
> > Many of the Linux security/integrity features are dependent on file
> > metadata, stored as extended attributes (xattrs), for making decisions.
> > These features need to be initialized during initcall and enabled as
> > early as possible for complete security coverage.
> >
> > Initramfs (tmpfs) supports xattrs, but newc CPIO archive format does not
> > support including them into the archive.
> >
> > This patch describes "extended" newc format (newcx) that is based on
> > newc and has following changes:
> > - extended attributes support
> > - increased size of filesize to support files >4GB.
> > - increased mtime field size to have usec precision and more than
> >   32-bit of seconds.
> > - removed unused checksum field.
> >
> > Signed-off-by: Taras Kondratiuk <takondra@cisco.com>
> > Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
> > Signed-off-by: Victor Kamensky <kamensky@cisco.com>
> =

> Ah nice, I like the extension of the time handling, that certainly
> addresses one of the issues with y2038 that we have previously
> hacked around in an ugly way (interpreting the 32-bit
> number as unsigned).
> =

> However, if this is to become a generally supported format
> for cpio files, could we make it use nanosecond resolution
> instead? The issue that I see with microseconds is that
> storing a file in an archive and extracting it again would
> otherwise keep the mtime stamp /almost/ identical on file
> systems that have nanosecond resolution, but most of
> the time a comparison would indicate that the files are
> not the same.
> =

> Unfortunately, the range of a 64-bit nanoseconds counter
> is still a bit limited (584 years, or half of that if we make it
> signed). While this is clearly enough for the uses in
> initramfs, it still has a similar problem: someone creating
> a fake timestamp a long time in the past or future on
> a file system would lose information after going though
> cpio.

We can match statx(2) by having 64 bits for seconds plus 32 bits for
nanoseconds. For initramfs nanoseconds field can be ignored during
unpacking.