On 5/22/19 3:00 PM, Hugo Mills wrote: > On Wed, May 22, 2019 at 09:46:42PM +0300, Cerem Cem ASLAN wrote: >> Could you confirm or disclaim the following explanation: >> https://unix.stackexchange.com/a/520063/65781 > > Well, the quoted comment at the top is accurate (although I haven't > looked for the IRC conversation in question). > > However, there are some inaccuracies in the detailed comment > below. These aren't particularly relevant to the argument addressing > your question, but do detract somewhat from the authority of the > answer. :) > > Specifically: Btrfs doesn't use Merkle trees. It uses CoW-friendly > B-trees -- there's no csum of tree contents. It also doesn't make a > complete copy of the tree (that would take a long time). Instead, > it'll only update the blocks in the tree that need updating, which > will bubble the changes up through the tree node path to the top > level.
There are csums of tree contents -- they're part of the header for every tree node and leaf. It doesn't currently function as a merkle tree, though, since there is no external reference to verify it. There are two potential solutions to this: 1) Change the tree nodes to contain checksums for each of the next blocks. 2) Use an hmac in each tree node and leaf, where the signature functions as the external reference. Either solution requires checksums be added to the superblock for the tree root, the chunk root, and the log tree root. -Jeff -- Jeff Mahoney SUSE Labs
signature.asc
Description: OpenPGP digital signature
