Feature request: improved build-id generation

Andy Lutomirski luto@kernel.org
Thu Mar 15 03:23:00 GMT 2018

On Thu, Mar 15, 2018 at 1:46 AM, Linus Torvalds
<torvalds@linux-foundation.org> wrote:
> On Wed, Mar 14, 2018 at 6:01 PM, Alan Modra <amodra@gmail.com> wrote:
>> On Wed, Mar 14, 2018 at 04:40:25PM -0700, Andy Lutomirski wrote:
>>> I realize that the security issue here is barely relevant, but git’s use of SHA1 is *not* okay, and git is migrating away for a reason.
>> Hmm, that's news to me.  Heh, I've always been a bit suspicious of
>> git's reliability.  ;-)
> I'm afraid Andy has listened to a few too many hard-liner security
> people - the bad kind that don't know shades of gray, and the kind
> that aren't generally worth listening to.
> SHA1 with the known attack weakness fixed (aka "Hardened SHA1", the
> way git already does) in a non-certificate environment is fine.
> The fact is, data identification is different from some kind of
> security that depends on the key. I wouldn't use even hardened SHA1
> for some security certificate. But for file ID's? Andy is confused.

The construction used by git is not, to my knowledge, broken right now
by a practical attack.  What I'm saying here isn't that one should not
use SHA1 in a new design (of anything -- if speed is important, there
are *much* faster hashes, and if cryptographic security is important,
there are much stronger hashes, some of which are also faster than
SHA1).  And what I'm asking for in this email is a new design for
reasons that have nothing to do with cryptography.  So I think that
design should avoid SHA1.

(This is coming from Laura asking if the vDSO could accomodate the
totally ridiculous way that Fedora's RPM build scripts hack around the
missing ld feature, and my response was that Fedora's hack is too ugly
to even try to accomodate in the kernel and that the toolchain should
be fixed.)

More information about the Binutils mailing list