Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 28

Thread: Security Problem Discovered In Btrfs File-System

  1. #11
    Join Date
    Dec 2007
    Posts
    677

    Default

    This hashing attack isn't unique to btfs, is it? This was in the news earlier, unless protected, hashing algorithms seem to have a vunerability to the DDOS.

  2. #12
    Join Date
    Jan 2009
    Posts
    1,419

    Default

    Quote Originally Posted by Cthulhux View Post
    Good point, lsatenstein. Here's what you miss:
    http://rudd-o.com/linux-and-free-sof...ter-than-btrfs


    I don't know when that was written but it's a bit out of date. Btrfs has at least one of the features (send/receive) that he said they were only working on. Also, according to the btrfs wiki, they do use barriers for writes which is how that post claimed zfs achieved atomicity (I would think you'd need more than just barriers to support atomicity, but, at any rate, since btrfs is cow, atomicity shouldn't be so important).
    I would guess there's not a lot of substance to that post.

  3. #13
    Join Date
    Aug 2009
    Location
    Russe, Bulgaria
    Posts
    517

    Default

    I don't know what distribution CRC32 provides, but isn't a good thing for FS to refuse Collision files to be created after some small threshold. After all, collisions are not ment to be in big volume, and if they are this obviously is an attack.

  4. #14
    Join Date
    Apr 2010
    Posts
    1,946

    Default

    Quote Originally Posted by vertexSymphony View Post
    https://en.wikipedia.org/wiki/ZFS#Comparisons
    ┐Was that hard to even take a look at Wikipedia? Some other OS that have the porting underway are missing from there.
    Was that hard to even use Wikipedia properly?
    "ZFS was designed and implemented by a team at Sun led by Jeff Bonwick and Matthew Ahrens. It was announced on September 14, 2004,[5] but development started in 2001.[6] Source code for ZFS was integrated into the main trunk of Solaris development on October 31, 2005[7] and released as part of build 27 of OpenSolaris on November 16, 2005. Sun announced that ZFS was included in the 6/06 update to Solaris 10 in June 2006, one year after the opening of the OpenSolaris community."

    Is this hard to understand "ZFS was Solaris exclusive"? Can you distinguish "original platform" and "port platform"? I am sure you can.
    Sun made it. Sun was author of Solaris. This is very illogical,no?

    Quote Originally Posted by vertexSymphony View Post
    Please, back up your claims and dont make empty statements that revolves around "something" that isn't well stated and elaborated.
    Thank you.
    Ok sir, you asked for it, so better stand back.
    First - ZFS is Solaris exclusive and only ported to BSD.
    Second - ZFS inferior to BTRFS in many operations. Many times it looses because its just too complex. Other times it looses due to design. It is more polished, but it is different. Compare FAT32 with EXT4 in data ordered mode - you get equal numbers, EXT4 will loose. Is this bad? No.
    Third - ZFS is different and for different scale, many complexities are excessive for different systems. ZFS is meant for datacenters. You want to use ZFS only if you fear bit-rot, but the performance will be abysmal and most features will simply be outside of scope of desktop usage. Datacenters have plenty of raw performance, they need security, so they trade (excessive) performance for security.
    Four - Linux has ZFS port, just as BSD.
    Five - ZFS also had bugs. Its software.
    Six - ZFS also has limitations.
    Seven - ZFS developers very very rarely accept patches to improve its "desktop" usage.
    The only fact is that ZFS is purposely not compatible to GPL.
    Last edited by crazycheese; 12-15-2012 at 05:06 AM.

  5. #15
    Join Date
    Sep 2011
    Posts
    40

    Default

    It is very true that ZFS isn't very good for desktop usage.
    btrfs is much more universal.

  6. #16

    Default

    Quote Originally Posted by crazycheese View Post
    First - ZFS is Solaris exclusive and only ported to BSD.
    Solaris has the best implementation and FreeBSD has the best port, but ZFS is by no means Solaris-exclusive. There are dozens of operating systems that support it if you consider each distribution to be a different OS. In specific, the following major operating system families have some level of ZFS support:

    Darwin
    FreeBSD
    Linux
    NetBSD
    Solaris/Illumos
    Windows NT

    Quote Originally Posted by crazycheese View Post
    Second - ZFS inferior to BTRFS in many operations.
    Would you name some?

    Quote Originally Posted by crazycheese View Post
    Third - ZFS is different and for different scale, many complexities are excessive for different systems. ZFS is meant for datacenters.
    The same could be said for Linux, yet people who use Linux on desktops would disagree. Similarly, people who use ZFS on desktops (such as myself) would disagree. Having used ZFS on my desktop, I consider it to be the best filesystem available for systems that run mainstream Linux distributions and I strongly encourage its use.

    Quote Originally Posted by crazycheese View Post
    Six - ZFS also has limitations.
    Do these limitations include Denial of Service? I have managed to hang systems that use a combination of ext4, CFQ and discard. I have yet to hang a system using ZFS outside of situations that involve experimental patches.

    Quote Originally Posted by crazycheese View Post
    Seven - ZFS developers very very rarely accept patches to improve its "desktop" usage. See (3).
    Would you elaborate on that? I have written dozens of patches to improve the ZFS Linux port that resulted in changes to the upstream repository. All of them were developed on my desktop.

    Quote Originally Posted by crazycheese View Post
    The only fact is that ZFS is purposely not compatible to GPL.
    What is your point? The GPL is purposely incompatible with a wide range of licenses. In the case of the CDDL, the incompatibility only affects distribution of a kernel binary containing ZFS.

    Quote Originally Posted by pankkake View Post
    It is very true that ZFS isn't very good for desktop usage.
    Would you elaborate? People usually tell me that using ZFS as their rootfs makes their computers perform faster. That has been my experience.

    Quote Originally Posted by pankkake View Post
    btrfs is much more universal.
    How can btrfs be more universal than ZFS when it is limited to Linux?
    Last edited by ryao; 12-15-2012 at 03:10 PM.

  7. #17
    Join Date
    Feb 2012
    Posts
    111

    Default

    Quote Originally Posted by crazycheese View Post
    Was that hard to even use Wikipedia properly?
    "ZFS was designed and implemented by a team at Sun led by Jeff Bonwick and Matthew Ahrens. It was announced on September 14, 2004,[5] but development started in 2001.[6] Source code for ZFS was integrated into the main trunk of Solaris development on October 31, 2005[7] and released as part of build 27 of OpenSolaris on November 16, 2005. Sun announced that ZFS was included in the 6/06 update to Solaris 10 in June 2006, one year after the opening of the OpenSolaris community."

    Is this hard to understand "ZFS was Solaris exclusive"? Can you distinguish "original platform" and "port platform"? I am sure you can.
    Sun made it. Sun was author of Solaris. This is very illogical,no?
    Then make up your mind with this statement:

    Quote Originally Posted by crazycheese View Post
    First - ZFS is Solaris exclusive and only ported to BSD.
    Note: I added the bold/underline

    ZFS was conceived in Solaris (d'oh !), but not exclusive of this platform ... even if you "only ported to BSD" is still wrong, you say the opposite you said before with the "exclusive".

    I SEE WHAT YOU DID THERE

    First of all, Wikipedia is outdated in some areas regarding ZFS.
    Second → I'm sorry, but BSD is not an OS (I'll take it as a OS family) ... and again

    With only this, I invalidate your point → http://zfsonlinux.org/
    With this too → http://code.google.com/p/maczfs/
    Again, with this too → https://www.haiku-os.org/tags/zfs
    Also this → https://duckduckgo.com/?q=IllumOS

    Not counting the different *BSD systems.
    I prefer to talk about the community and free ZFS, not the Oracle's one ... ty very much

    Second - ZFS inferior to BTRFS in many operations. Many times it looses because its just too complex. Other times it looses due to design. It is more polished, but it is different. Compare FAT32 with EXT4 in data ordered mode - you get equal numbers, EXT4 will loose. Is this bad? No.
    First of all, citing a benchmark from Michael Larabel is something I always "take with tweezers"
    Michael is well known for his "well" and badly done benchmarks mostly because he had no formation on what he was benchmarking ... I remember a really horribly made benchmark (in fact, if my memory doesn't fail in one of the "benchmarks" he didn't use the same hardware) that ended up in a flame war in the mailing lists and this wiki page was born from that: http://wiki.freebsd.org/BenchmarkAdvice

    That article FROM 2010 lacks information about OS, configuration, specific filesystem configurations and some extra information to actually extract something meaninful from these numbers ... sorry, can't take that seriously, but those are cute colored graphs nonetheless
    When it comes to linux graphical stack benchs, some people here also remembers horribly done benchmarks ...

    Do you have anything with a little bit more substance?

    Third - ZFS is different and for different scale, many complexities are excessive for different systems. ZFS is meant for datacenters. You want to use ZFS only if you fear bit-rot, but the performance will be abysmal and most features will simply be outside of scope of desktop usage. Datacenters have plenty of raw performance, they need security, so they trade (excessive) performance for security.
    ┐Abysmal performance? Please, explain me that point because I recognize that the lack of block pointer rewrite is a hit on the performance (that's being worked out) on low space situations ... but tools like external ZIL or cache devices makes a worlds of difference in performance when you have multiple devices (SSDs included) in your hands.

    btrfs doesn't have anything like this (even if we ignore that we are talking about an unstable filesystem) ... if I'm mistaken, please provide me proper information.

    I use ZFS on my desktop, and I can assure you that my computer is not a datacenter ... some people use it even in lower end hardware and more constrained situation with no issues.
    Of course, you won't exploit the full potential of ZFS without proper gear; but that's another story that also applies to other filesystems

    Yes and no ... It's a port, correct.
    But platorm is properly abstracted and the "core" of the filesystem is VERY portable that's why the feature flags were introduced in the first place.

    http://svnweb.freebsd.org/base?view=...evision=236884

    Agreed.
    But we are talking about whole worlds of differences between btrfs and ZFS when it comes to testing.

    Yes ... it was conceived 11 years ago aprox.

    While the ZFS community may care about solving this problem, it's not the highest priority for Sun's customers and, therefore, for the ZFS team.
    That's something from the Sun era ... the development of ZFS changed a lot since that time.
    Have something more recent?

    Licensing discussions, don't really like them ... short story is YES, you're right.


    Regards

  8. #18
    Join Date
    Mar 2010
    Location
    Slovenia
    Posts
    390

    Default

    Quote Originally Posted by pankkake View Post
    It is very true that ZFS isn't very good for desktop usage.
    Why, because of memory usage?

  9. #19
    Join Date
    Apr 2010
    Posts
    1,946

    Default

    Quote Originally Posted by ryao View Post
    Solaris has the best implementation and FreeBSD has the best port, but ZFS is by no means Solaris-exclusive. There are dozens of operating systems that support it if you consider each distribution to be a different OS. In specific, the following major operating system families have some level of ZFS support:

    Darwin
    FreeBSD
    Linux
    NetBSD
    *** Edit: this one is wrong here **** Solaris/Illumos
    Windows NT
    These are PORTS.
    ZFS was developed for Solaris and so its Solaris exclusive FS, same as XFS to Iris. There are many PORTS of XFS, including port to Linux, but it communicates via interface, which is Iris specific. It is not rewritten FS for, say, Linux. Same ZFS.
    Original claim to post I answered was "Oh, Linux sucks because it doesn't have ZFS" [.. and BSD rocks because it has ZFS].
    The essence is that ZFS was developed for and is truly native only on Solaris. I have nothing against ports btw.

    Quote Originally Posted by ryao View Post
    Would you name some?
    Click the link in post please.

    Quote Originally Posted by ryao View Post
    Do these limitations include Denial of Service? I have managed to hang systems that use a combination of ext4, CFQ and discard. I have yet to hang a system using ZFS outside of situations that involve experimental patches.
    Never claimed that ZFS is DoS secure, nor stated that BTFS is riper that ZFS.

    Quote Originally Posted by ryao View Post
    The same could be said for Linux, yet people who use Linux on desktops would disagree. Similarly, people who use ZFS on desktops (such as myself) would disagree. Having used ZFS on my desktop, I consider it to be the best filesystem available for systems that run mainstream Linux distributions and I strongly encourage its use.
    How much hundred terrabytes your cluster has? Or you use it due to bit-rot protection? Whats the reason you prefer slower FS, compared to EXT4 and BTRFS with LZO?

    Quote Originally Posted by ryao View Post
    Would you elaborate on that? I have written dozens of patches to improve the ZFS Linux port that resulted in changes to the upstream repository. All of them were developed on my desktop.
    So you are ZFS port developer and this is your point to have ZFS on Linux? What is your view on ZFS license? Why don't you develop BTFS instead?

    Quote Originally Posted by ryao View Post
    What is your point? The GPL is purposely incompatible with a wide range of licenses. In the case of the CDDL, the incompatibility only affects distribution of a kernel binary containing ZFS.
    CDDL was designed to be incompatible with GPL. GPL is much older. There is no point in reinventing same license, but with just a small difference - exactly to be able to sabotage GPL ans claim GPL is incompatible.
    ZFS is ideal flagship for this. Once Sun went down, its stupid engineers decided to take revenge a la DirectX vs OpenGL and arm the ZFS with bomb license.
    If Sun really cared, they would dual-license or grant exception, but no - they purposely take revenge .. against own stupidity.

    Quote Originally Posted by ryao View Post
    Would you elaborate? People usually tell me that using ZFS as their rootfs makes their computers perform faster. That has been my experience.
    I have not tested ZFS vs BTRFS personally, because I am more than comfortable with EXT4.
    The only way to prove "faster" claim is to do PTS tests.

    Quote Originally Posted by ryao View Post
    How can btrfs be more universal than ZFS when it is limited to Linux?
    BTRFS is free to port away, just as ZFS, and it does not have stupid CDDL license. This makes it more universal.

  10. #20
    Join Date
    Jul 2010
    Posts
    593

    Default

    Quote Originally Posted by crazycheese View Post
    BTRFS is free to port away, just as ZFS, and it does not have stupid CDDL license. This makes it more universal.
    Please correct me if I'm wrong but to my understanding BTRFS is heavily tied to Linux. This is due to fact that it uses a lot of the already existing Linux specific functionality instead of implementing those itself. ZFS then again does almost everything itself and therefore is more easily portable. I doubt we will ever see BTRFS on any other operating system a side from Linux.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •