Re: [RFC] LZO de/compression support - take 3

[Nitin Gupta]

Hi Michael,

On 5/23/07, Michael-Luke Jones <mlj28@xxxxxxxxx> wrote:
> On 23 May 2007, at 09:27, Nitin Gupta wrote:
>
> > This contains LZO1X-1 compressor and LZO1X decompressor (safe and
> > standard version).
>
> I understand that the 'safe' decompression code is 'somewhat slower'
> and that decompressor performance is a key feature of this algorithm.
> However, I am concerned about the safety implications of including
> the 'unsafe' standard version in-kernel when likely uses include
> compression of network data, memory objects and so-on, all of which
> could in theory be maliciously modified.

The 'unsafe' version is still included since in some scenarios we have
guarantee that compressed data has not been modified (for e.g. where
we keep compressed data in memory only). So, in those cases there is
no need to go for slower 'safe' version. So, the version of
decompressor selected should be left to the user (kernel dev) only -
he should make sure that he is using the right version.

Cheers,
Nitin
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/