linux-fsdevel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Dustin Kirkland <kirkland-Z7WLFzj8eWMS+FvcfC7Uqw@public.gmane.org>
To: James Morris <jmorris-gx6/JNMH7DfYtjvyW6yDsg@public.gmane.org>
Cc: Trond Myklebust
	<trond.myklebust-41N18TsMXrtuMpJDpNschA@public.gmane.org>,
	Peter Staubach <staubach-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>,
	Tom Haynes <tdh-8AdZ+HgO7noAvxtiuMwx3w@public.gmane.org>,
	"J. Bruce Fields"
	<bfields-uC3wQj2KruNg9hUCZPvPmw@public.gmane.org>,
	"linux-nfs-u79uwXL29TY76Z2rM5mHXA@public.gmane.org"
	<linux-nfs-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>,
	Christoph Hellwig <hch-wEGCiKHe2LqWVfeAwA7xHQ@public.gmane.org>,
	Casey Schaufler <casey-iSGtlc1asvQWG2LlvL+J4A@public.gmane.org>,
	"linux-fsdevel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org"
	<linux-fsdevel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>,
	David Patrick Quigley
	<dpquigl-+05T5uksL2qpZYMLLGbcSA@public.gmane.org>,
	Tyler Hicks
	<tyhicks-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
Subject: Re: [PATCH 0/4][RFC] NFSv3: implement extended attribute (XATTR) protocol
Date: Tue, 13 Oct 2009 23:56:13 -0500	[thread overview]
Message-ID: <1255496173.21570.142.camel@x200> (raw)
In-Reply-To: <alpine.LRH.2.00.0910141134410.4671-CK9fWmtY32x9JUWOpEiw7w@public.gmane.org>

[-- Attachment #1: Type: text/plain, Size: 1103 bytes --]

On Wed, 2009-10-14 at 11:48 +1100, James Morris wrote:
> I wonder how to handle ecryptfs -- it strikes me as a special case
> where the semantics are always local i.e. files can always be
> decrypted locally because of the crypto metatdata stored with them.

Hi James-

Yes, ecryptfs-on-NFS has long been a holy grail for the eCryptfs
project.  More generally, getting ecryptfs working on top of *any*
network filesystem (NFS, Samba, sshfs) would be brilliant.

As you say, the beauty is that the decryption happens locally, on your
CPU, and the storage server would just dutifully and agnosticly write
your encrypted bits, and would never see any keys.

We've hit a number of roadblocks, though, most of them of the
filesystems-don't-layer-on-top-of-NFS-well variety.

I don't suppose your present discussion gets us any closer to solving
those?

Regarding metadata, ecryptfs typically stores the metadata in the file
headers, rather than XATTRs.

Cheers,
-- 
:-Dustin

Dustin Kirkland
Canonical, LTD
kirkland-Z7WLFzj8eWMS+FvcfC7Uqw@public.gmane.org
GPG: 1024D/83A61194

[-- Attachment #2: This is a digitally signed message part --]
[-- Type: application/pgp-signature, Size: 197 bytes --]

  parent reply	other threads:[~2009-10-14  4:56 UTC|newest]

Thread overview: 31+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2009-09-19 15:09 [PATCH 0/4][RFC] NFSv3: implement extended attribute (XATTR) protocol James Morris
2009-09-19 15:11 ` [PATCH 1/4] NFSv3: convert client to generic xattr API James Morris
2009-09-19 15:12 ` [PATCH 2/4] NFSv3: add xattr API config option for client James Morris
2009-09-19 15:13 ` [PATCH 3/4] NFSv3: add client implementation of XATTR protocol James Morris
2009-09-19 15:14 ` [PATCH 4/4] NFSv3: add server " James Morris
     [not found] ` <alpine.LRH.2.00.0909200020360.31818-CK9fWmtY32x9JUWOpEiw7w@public.gmane.org>
2009-09-19 17:30   ` [PATCH 0/4][RFC] NFSv3: implement extended attribute (XATTR) protocol Casey Schaufler
     [not found]     ` <4AB51538.7060201-iSGtlc1asvQWG2LlvL+J4A@public.gmane.org>
2009-09-20  5:13       ` James Morris
2009-09-22 12:47         ` Christoph Hellwig
2009-09-22 13:03           ` James Morris
     [not found]             ` <alpine.LRH.2.00.0909222253470.21052-CK9fWmtY32x9JUWOpEiw7w@public.gmane.org>
2009-09-22 13:07               ` Christoph Hellwig
2009-10-06 15:18   ` Peter Staubach
     [not found]     ` <4ACB5FC0.7060307-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2009-10-09  0:39       ` James Morris
     [not found]         ` <alpine.LRH.2.00.0910091132130.32154-CK9fWmtY32x9JUWOpEiw7w@public.gmane.org>
2009-10-09 23:14           ` Christoph Hellwig
2009-10-12 17:50           ` Peter Staubach
2009-10-12 19:26             ` Tom Haynes
     [not found]               ` <CA06CB5C-6084-45AA-B185-FBDA7E3B9754-8AdZ+HgO7noAvxtiuMwx3w@public.gmane.org>
2009-10-12 19:34                 ` Peter Staubach
2009-10-12 22:55                   ` Trond Myklebust
     [not found]                     ` <1255388158.3711.57.camel-rJ7iovZKK19ZJLDQqaL3InhyD016LWXt@public.gmane.org>
2009-10-12 23:08                       ` J. Bruce Fields
2009-10-13  7:02                     ` James Morris
     [not found]                       ` <alpine.LRH.2.00.0910131733070.28896-CK9fWmtY32x9JUWOpEiw7w@public.gmane.org>
2009-10-13 18:27                         ` Trond Myklebust
     [not found]                           ` <1255458444.3711.113.camel-rJ7iovZKK19ZJLDQqaL3InhyD016LWXt@public.gmane.org>
2009-10-14  0:48                             ` James Morris
     [not found]                               ` <alpine.LRH.2.00.0910141134410.4671-CK9fWmtY32x9JUWOpEiw7w@public.gmane.org>
2009-10-14  2:05                                 ` Casey Schaufler
2009-10-14  4:30                                   ` James Morris
     [not found]                                     ` <alpine.LRH.2.00.0910141526530.5279-CK9fWmtY32x9JUWOpEiw7w@public.gmane.org>
2009-10-14  4:50                                       ` Casey Schaufler
     [not found]                                         ` <4AD55879.2060207-iSGtlc1asvQWG2LlvL+J4A@public.gmane.org>
2009-10-14 12:46                                           ` Peter Staubach
2009-10-14  4:56                                 ` Dustin Kirkland [this message]
2009-10-14  6:02                                   ` James Morris
2009-10-14 15:05                               ` Tyler Hicks
     [not found] ` <bf63d7240910080919nf1bf6d0rd94f671d0645f674@mail.gmail.com>
2009-10-08 17:21   ` J. Bruce Fields
2009-10-09  0:31     ` James Morris
2009-10-08 17:22   ` J. Bruce Fields

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1255496173.21570.142.camel@x200 \
    --to=kirkland-z7wlfzj8ewms+fvcfc7uqw@public.gmane.org \
    --cc=bfields-uC3wQj2KruNg9hUCZPvPmw@public.gmane.org \
    --cc=casey-iSGtlc1asvQWG2LlvL+J4A@public.gmane.org \
    --cc=dpquigl-+05T5uksL2qpZYMLLGbcSA@public.gmane.org \
    --cc=hch-wEGCiKHe2LqWVfeAwA7xHQ@public.gmane.org \
    --cc=jmorris-gx6/JNMH7DfYtjvyW6yDsg@public.gmane.org \
    --cc=linux-fsdevel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
    --cc=linux-nfs-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
    --cc=staubach-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org \
    --cc=tdh-8AdZ+HgO7noAvxtiuMwx3w@public.gmane.org \
    --cc=trond.myklebust-41N18TsMXrtuMpJDpNschA@public.gmane.org \
    --cc=tyhicks-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).