* inline deduplication security issues
@ 2022-01-22 18:42 Andrei Bacs
2022-01-23 19:18 ` Diego Calleja
0 siblings, 1 reply; 5+ messages in thread
From: Andrei Bacs @ 2022-01-22 18:42 UTC (permalink / raw)
To: linux-btrfs
Cc: cpu808694, Cristiano Giuffrida, Bos, H.J., Kaveh Razavi, Bacs, A.
[-- Attachment #1: Type: text/plain, Size: 443 bytes --]
Hi,
We have found security issues with inline deduplication in storage
systems, using ZFS and Btrfs and running examples. See the attached
paper for details.
The paper will be presented at FAST'22 and thus our findings will be
public by 23rd of February 2022.
Please let us know if you plan to deploy any defenses (such as the one
we describe in the paper) by 23rd of February 2022. If not, we can
make our findings public earlier.
Andrei
[-- Attachment #2: paper.pdf --]
[-- Type: application/pdf, Size: 269987 bytes --]
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: inline deduplication security issues
2022-01-22 18:42 inline deduplication security issues Andrei Bacs
@ 2022-01-23 19:18 ` Diego Calleja
2022-01-24 1:38 ` Su Yue
0 siblings, 1 reply; 5+ messages in thread
From: Diego Calleja @ 2022-01-23 19:18 UTC (permalink / raw)
To: linux-btrfs, Andrei Bacs
Cc: cpu808694, Cristiano Giuffrida, Bos, H.J., Kaveh Razavi, Bacs, A.
El sábado, 22 de enero de 2022 19:42:47 (CET) Andrei Bacs escribió:
> We have found security issues with inline deduplication in storage
> systems, using ZFS and Btrfs and running examples. See the attached
> paper for details.
(Not actually a btrfs developer here)
I am confused, Btrfs does not support inline deduplication. The inline
deduplication implementation used in that paper is pretty old and as far as I
know it's not maintained (people seem to be happy with out of band
deduplication).
You might want to contact the developer on the inline implementation: https://
lore.kernel.org/linux-btrfs/20181106064122.6154-1-lufq.fnst@cn.fujitsu.com/
Also, this is a public mailing list, so there is no point in waiting until
23rd of February 2022 to make things public.
Kind regards.
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: inline deduplication security issues
2022-01-23 19:18 ` Diego Calleja
@ 2022-01-24 1:38 ` Su Yue
2022-01-24 11:45 ` Qu Wenruo
0 siblings, 1 reply; 5+ messages in thread
From: Su Yue @ 2022-01-24 1:38 UTC (permalink / raw)
To: Diego Calleja
Cc: linux-btrfs, Andrei Bacs, cpu808694, Cristiano Giuffrida, Bos,
H.J., Kaveh Razavi, Bacs, A.
On Sun 23 Jan 2022 at 20:18, Diego Calleja <diegocg@gmail.com>
wrote:
> El sábado, 22 de enero de 2022 19:42:47 (CET) Andrei Bacs
> escribió:
>> We have found security issues with inline deduplication in
>> storage
>> systems, using ZFS and Btrfs and running examples. See the
>> attached
>> paper for details.
>
> (Not actually a btrfs developer here)
>
> I am confused, Btrfs does not support inline deduplication. The
> inline
> deduplication implementation used in that paper is pretty old
> and as far as I
> know it's not maintained (people seem to be happy with out of
> band
> deduplication).
>
> You might want to contact the developer on the inline
> implementation: https://
> lore.kernel.org/linux-btrfs/20181106064122.6154-1-lufq.fnst@cn.fujitsu.com/
>
AFAK, Fujitsu has no more plans about btrfs.
So there is no follow-up version of the inline deduplication
feature.
--
Su
> Also, this is a public mailing list, so there is no point in
> waiting until
> 23rd of February 2022 to make things public.
>
> Kind regards.
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: inline deduplication security issues
2022-01-24 1:38 ` Su Yue
@ 2022-01-24 11:45 ` Qu Wenruo
2022-01-24 16:17 ` David Sterba
0 siblings, 1 reply; 5+ messages in thread
From: Qu Wenruo @ 2022-01-24 11:45 UTC (permalink / raw)
To: Su Yue, Diego Calleja
Cc: linux-btrfs, Andrei Bacs, cpu808694, Cristiano Giuffrida, Bos,
H.J., Kaveh Razavi, Bacs, A.
On 2022/1/24 09:38, Su Yue wrote:
>
> On Sun 23 Jan 2022 at 20:18, Diego Calleja <diegocg@gmail.com> wrote:
>
>> El sábado, 22 de enero de 2022 19:42:47 (CET) Andrei Bacs escribió:
>>> We have found security issues with inline deduplication in storage
>>> systems, using ZFS and Btrfs and running examples. See the attached
>>> paper for details.
>>
>> (Not actually a btrfs developer here)
>>
>> I am confused, Btrfs does not support inline deduplication. The inline
>> deduplication implementation used in that paper is pretty old and as
>> far as I
>> know it's not maintained (people seem to be happy with out of band
>> deduplication).
>>
>> You might want to contact the developer on the inline implementation:
>> https://
>> lore.kernel.org/linux-btrfs/20181106064122.6154-1-lufq.fnst@cn.fujitsu.com/
>>
>>
> AFAK, Fujitsu has no more plans about btrfs.
> So there is no follow-up version of the inline deduplication feature.
To add more, as one of the original authors, I and my employer have no
interest to push write-time dedupe any more.
Furthermore, the original implementation has one limit, one extent must
be written to disk, before it can be utilized by write-time dedupe.
Thanks,
Qu
>
> --
> Su
>
>> Also, this is a public mailing list, so there is no point in waiting
>> until
>> 23rd of February 2022 to make things public.
>>
>> Kind regards.
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: inline deduplication security issues
2022-01-24 11:45 ` Qu Wenruo
@ 2022-01-24 16:17 ` David Sterba
0 siblings, 0 replies; 5+ messages in thread
From: David Sterba @ 2022-01-24 16:17 UTC (permalink / raw)
To: Qu Wenruo
Cc: Su Yue, Diego Calleja, linux-btrfs, Andrei Bacs, cpu808694,
Cristiano Giuffrida, Bos, H.J., Kaveh Razavi, Bacs, A.
On Mon, Jan 24, 2022 at 07:45:20PM +0800, Qu Wenruo wrote:
>
>
> On 2022/1/24 09:38, Su Yue wrote:
> >
> > On Sun 23 Jan 2022 at 20:18, Diego Calleja <diegocg@gmail.com> wrote:
> >
> >> El sábado, 22 de enero de 2022 19:42:47 (CET) Andrei Bacs escribió:
> >>> We have found security issues with inline deduplication in storage
> >>> systems, using ZFS and Btrfs and running examples. See the attached
> >>> paper for details.
> >>
> >> (Not actually a btrfs developer here)
> >>
> >> I am confused, Btrfs does not support inline deduplication. The inline
> >> deduplication implementation used in that paper is pretty old and as
> >> far as I
> >> know it's not maintained (people seem to be happy with out of band
> >> deduplication).
> >>
> >> You might want to contact the developer on the inline implementation:
> >> https://
> >> lore.kernel.org/linux-btrfs/20181106064122.6154-1-lufq.fnst@cn.fujitsu.com/
> >>
> > AFAK, Fujitsu has no more plans about btrfs.
> > So there is no follow-up version of the inline deduplication feature.
>
> To add more, as one of the original authors, I and my employer have no
> interest to push write-time dedupe any more.
>
> Furthermore, the original implementation has one limit, one extent must
> be written to disk, before it can be utilized by write-time dedupe.
The inline deduplication feature has been abandoned, the patches were
incomplete and overall the feature is very complex to be implemented in
kernel. The replacement should be a user space tool like BEES and the
kernel module provides ioctls to do the actual deduplication (or help in
another way). Many things are much easier in userspace, also with the
clear separation of kernel/userspace when in it comes to the complexity.
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2022-01-24 16:18 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-01-22 18:42 inline deduplication security issues Andrei Bacs
2022-01-23 19:18 ` Diego Calleja
2022-01-24 1:38 ` Su Yue
2022-01-24 11:45 ` Qu Wenruo
2022-01-24 16:17 ` David Sterba
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.