Received: by 2002:a05:6358:c692:b0:131:369:b2a3 with SMTP id fe18csp3490247rwb; Sun, 30 Jul 2023 08:43:08 -0700 (PDT) X-Google-Smtp-Source: APBJJlHeQsaASzKJCUYXNoxbByS7SZGIwqM/bQr5hspexilZ1jQLI0KeUan6gmZdycvcG/ew7+0u X-Received: by 2002:a05:6a00:1388:b0:681:6169:e403 with SMTP id t8-20020a056a00138800b006816169e403mr9454093pfg.8.1690731788030; Sun, 30 Jul 2023 08:43:08 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1690731788; cv=none; d=google.com; s=arc-20160816; b=mdldcCVS+tzEcN2lEvkqUH/JDB5HpUcdRmXpfwxUybvQlSKdhOCQsD6YUDrIiMm5V6 HIOxuruY27yo7/PhdizzhrH3MpCa4sqvAO7YRswfm7KFNERplGn9vSOPzkwpXE6pdXvP jOO7qj/KmGt+O55huyKohoJk+uYEQG3dgGivNnwHr1Fu+gWaizCI+IcDmnO9uL2p1n+9 ftZTnnvAOu5MDunALRZXh++6Ktb1Z1puJpYf8QPsOfYqyr6BhlyB7MNUK6ubnt1U+QlX Q2jgFxY3p5B8rYdT5GbzleBiMsE3DzsURgtksGTEhYHEoEMwu+8ctSjTbiMN911fESGs q7Lw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-transfer-encoding :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature; bh=h/fb8ZyzXHtXvreA7dvtLy0sZ1PC2k7lMiUg1eDsTvw=; fh=9AnfzQ8rYYJUBYvQUXwIESW9oHJBHiazItpbbMS3yQ8=; b=g56/TpEcDIsZf5VqogaiAlFlE1ifjHVPgx4eqkPs9z0S25IRkY+5JvNdswETVnNUPF R1qrvViueoVvj+PsKwUJ+GoEglf+lKVK0fSdkGKPgkwEU0Nd53c/uOSONkDvJRZTBMrD FCMEa/6CU0xcIgd0iH4gbGkijSERxe6rwKLbqQFEvfxa/P623hq1M8Rflyzsn7PPT17X aRCBzfUCorqCAtpSUMG48kKxAy5BBrAD/qUs1+ex4zFWx0k4S1Is8vpd8N4l0Mcv8S2o /TPwDqWjdLVzUxDgnXI5j1MVZwwY865Y/kw4FtgArIfbjDv9G9wEM0duUnBCE6dJyyBM lqVg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@t-8ch.de header.s=mail header.b=KmRvWkSA; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id r26-20020a638f5a000000b00564438ef563si688284pgn.766.2023.07.30.08.42.55; Sun, 30 Jul 2023 08:43:08 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@t-8ch.de header.s=mail header.b=KmRvWkSA; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229786AbjG3O2Z (ORCPT + 99 others); Sun, 30 Jul 2023 10:28:25 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:41912 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229592AbjG3O2Y (ORCPT ); Sun, 30 Jul 2023 10:28:24 -0400 Received: from todd.t-8ch.de (todd.t-8ch.de [IPv6:2a01:4f8:c010:41de::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id B995CE59 for ; Sun, 30 Jul 2023 07:28:23 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=t-8ch.de; s=mail; t=1690727302; bh=Q02GOFmqhBP5l5HrvhTUt4jqdKin17tPNOiFpSZNQOI=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=KmRvWkSANTrCjEGvR7AR4mGzUOpDjzJr/DheRiUIJKWPVQ2Ok1FtGUDaHcKIquHJB 8clxGMmz2WsneMe67FRuwyMhS/j+ccN4hWSbje1WPi9B3XdF5y9BlX3kCTIjTQ2n6c IUlxocxakPSKGDPisNo/azQexoK22OgNeVYbY034= Date: Sun, 30 Jul 2023 16:28:21 +0200 From: Thomas =?utf-8?Q?Wei=C3=9Fschuh?= To: Gao Xiang Cc: Jingbo Xu , chao@kernel.org, huyue2@coolpad.com, linux-erofs@lists.ozlabs.org, linux-kernel@vger.kernel.org, Karel Zak Subject: Re: [PATCH v2] erofs: deprecate superblock checksum feature Message-ID: <9299dd4c-c2da-4ed1-8979-87fa44c68f77@t-8ch.de> References: <20230717112703.60130-1-jefflexu@linux.alibaba.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi Gao! On 2023-07-30 22:01:11+0800, Gao Xiang wrote: > On 2023/7/30 21:31, Thomas Weißschuh wrote: > > On 2023-07-17 19:27:03+0800, Jingbo Xu wrote: > > > Later we're going to try the self-contained image verification. > > > The current superblock checksum feature has quite limited > > > functionality, instead, merkle trees can provide better protection > > > for image integrity. > > > > The crc32c checksum is also used by libblkid to gain more confidence > > in its filesystem detection. > > I guess a merkle tree would be much harder to implement. > > > > This is for example used by the mount(8) cli program to allow mounting > > of devices without explicitly needing to specify a filesystem. > > > > Note: libblkid tests for EROFS_FEATURE_SB_CSUM so at least it won't > > break when the checksum is removed. > I'm not sure if we could switch EROFS_FEATURE_SB_CSUM to a simpler > checksum instead (e.g. just sum each byte up if both > EROFS_FEATURE_SB_CSUM and COMPAT_XATTR_FILTER bits are set, or > ignore checksums completely at least in the kernel) if the better > filesystem detection by using sb chksum is needed (not sure if other > filesystems have sb chksum or just do magic comparsion)? Overloading EROFS_FEATURE_SB_CSUM in combination with COMPAT_XATTR_FILTER would break all existing deployments of libblkid, so it's not an option. All other serious and halfway modern filesystems do have superblock checksums which are also checked by libblkid. > The main problem here is after xattr name filter feature is added > (xxhash is generally faster than crc32c), there could be two > hard-depended hashing algorithms, this increases more dependency > especially for embededed devices. From libblkid side nothing really speaks against a simpler checksum. XOR is easy to implement and xxhash is already part of libblkid for other filesystems. The drawbacks are: * It would need a completely new feature bit in erofs. * Old versions of libblkid could not validate checksums on newer filesystems.