Re: Encrypted Filesystem - Jean-Luc Cooke

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Jean-Luc Cooke <jlcooke@certainkey.com>
To: linux-kernel@vger.kernel.org
Subject: Re: Encrypted Filesystem
Date: Tue, 27 Jan 2004 17:16:58 -0500	[thread overview]
Message-ID: <20040127221658.GB16413@certainkey.com> (raw)
In-Reply-To: <20040127220153.GA4992@delft.aura.cs.cmu.edu>

Ah, can someone explain why encrypted loopback doesn't solve this?

JLC

On Tue, Jan 27, 2004 at 05:01:54PM -0500, Jan Harkes wrote:
> On Tue, Jan 27, 2004 at 12:43:21AM +0000, Adam Sampson wrote:
> > Michael A Halcrow <mahalcro@us.ibm.com> writes:
> > 
> > >  - Userland filesystem-based (EncFS+FUSE, CryptoFS+LUFS)
> > 
> > Going off on a tangent...
> > 
> > There are all sorts of potentially-interesting things that could be
> > done if Linux had a userspace filesystem mechanism included in the
> > standard kernel -- as well as encryption, there's also network
> > filesystems, various sorts of specialised caching (such as Zero
> > Install), automounter-like systems, prototyping and so on.
> > 
> > Is there a technical reason that none of the userspace filesystem
> > layers have been included in the stock kernel, or is it just that
> > nobody's submitted any of them for inclusion yet?
> 
> Ehh, Coda's kernel module does just that. It is used by the userspace
> cache manager of the Coda Distributed File System.
> 
>     http://www.coda.cs.cmu.edu/
> 
> But several other projects seem to be using it,
> 
>     http://uservfs.sourceforge.net/
>     http://dav.sourceforge.net/
> 
> The interface to userspace a bit clumsy to work with, but there are
> kernel modules for FreeBSD/NetBSD/Solaris and an experimental one for
> Windows 2000/NT/XP, which makes any significant changes a bit of a pain.
> 
> It does have it's pecularities, reads and writes are not passed up to
> userspace, only the open and close VFS calls. This makes the module
> reasonably quite simple as it doesn't have to deal with VM issues and it
> isn't susceptible to deadlocks,
> 
>    app wants to read data from a file ->
>    userspace application requires memory allocation to provide this data ->
>    VM tries to write out dirty data associated with the Coda mountpoint ==
>    deadlock
> 
> So whole file caching keeps the kernel module more portable and
> simplifies the userspace code. But it makes things like streaming
> reads/writes or quotas impossible. If you want to provide encryption
> there you would have to store an unencrypted copy of every open file
> somewhere on disk or in ramfs/tmpfs and incur the cost of (de)crypting
> (and (de)compressing) whenever it is opened or closed.
> 
> Jan
> 
> -
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html
> Please read the FAQ at  http://www.tux.org/lkml/

-- 
http://www.certainkey.com
Suite 4560 CTTC
1125 Colonel By Dr.
Ottawa ON, K1S 5B6

next prev parent reply	other threads:[~2004-01-27 22:20 UTC|newest]

Thread overview: 21+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2004-01-26 17:46 Encrypted Filesystem Michael A Halcrow
2004-01-26 19:06 ` Mark Borgerding
2004-01-26 21:04   ` Felipe Alfaro Solana
2004-01-30 17:01     ` Pavel Machek
2004-01-27  0:06 ` jw schultz
2004-01-27  0:43 ` Adam Sampson
2004-01-27  1:42   ` Andy Isaacson
2004-01-27 22:01   ` Jan Harkes
2004-01-27 22:16     ` Jean-Luc Cooke [this message]
2004-01-28 13:50   ` Userspace filesystems (WAS: Encrypted Filesystem) Miklos Szeredi
2004-01-30 17:06     ` Pavel Machek
2004-02-02  9:42       ` Miklos Szeredi
2004-02-02 15:19         ` Pavel Machek
2004-02-02 15:36           ` Nikita Danilov
     [not found] <16405.24299.945548.174085@laputa.namesys.com>
2004-01-26 19:02 ` Encrypted Filesystem Hans Reiser
2004-01-27 18:56   ` Edward Shishkin
2004-01-27 21:25     ` Michael Halcrow
2004-01-27 21:51       ` Hans Reiser
     [not found] <OFA97B290B.67DE842E-ON87256E27.0061728C-86256E27.0061BB0E@us.ibm.com.suse.lists.linux.kernel>
2004-01-27 16:13 ` Andi Kleen
2004-01-27 18:17   ` Jari Ruusu
2004-01-27 18:44     ` Andi Kleen

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20040127221658.GB16413@certainkey.com \
    --to=jlcooke@certainkey.com \
    --cc=linux-kernel@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.