From mboxrd@z Thu Jan  1 00:00:00 1970
From: Sasha Levin <sasha.levin@oracle.com>
Subject: Re: [Lsf-pc] [LSF/MM TOPIC] ext4 Encryption Update: Policies, File
 Names, and Integrity
Date: Thu, 15 Jan 2015 13:56:43 -0500
Message-ID: <54B80D6B.8040400@oracle.com>
References: <20150115184310.GA3353@google.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: 7bit
Cc: linux-fsdevel@vger.kernel.org
To: Michael Halcrow <mhalcrow@google.com>,
	lsf-pc@lists.linux-foundation.org
Return-path: <linux-fsdevel-owner@vger.kernel.org>
Received: from userp1040.oracle.com ([156.151.31.81]:25189 "EHLO
	userp1040.oracle.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
	with ESMTP id S1755907AbbAOS4v (ORCPT
	<rfc822;linux-fsdevel@vger.kernel.org>);
	Thu, 15 Jan 2015 13:56:51 -0500
In-Reply-To: <20150115184310.GA3353@google.com>
Sender: linux-fsdevel-owner@vger.kernel.org
List-ID: <linux-fsdevel.vger.kernel.org>

On 01/15/2015 01:43 PM, Michael Halcrow wrote:
> I previously presented on ext4 encryption at the 2014 Linux Security
> Summit:
> 
> http://kernsec.org/wiki/index.php/Linux_Security_Summit_2014/Abstracts/Halcrow
> 
> http://kernsec.org/files/lss2014/Halcrow_EXT4_Encryption.pdf
> 
> Our first prototype implementation has been in Ted Ts'o's unstable git
> branch since November 2014. My team has made significant progress in
> the months since, developing encryption policy and file name
> encryption capabilities. We have completed the first major phase of
> development and are preparing a patchset to iterate on the prototype.
> 
> I will present our approach at applying different encryption policies
> to different segments of the file system via a policy inheritance
> scheme. I will discuss how file-granular policies can sythesize
> multiple keys to cryptographically protect files. For example, both
> logon credentials and off-device keys can together preclude access.
> This work represents efforts by Ildar Muslukhov.
> 
> I will also present the challenges involved in file name encryption on
> a multi-tenant system and will discuss novel solutions spearheaded by
> Uday Savagaonkar. This approach involves treating the user domain,
> HTree domain, and disk domains for the file names separately and
> applying different transformations depending upon whether or not the
> encryption keys for the file names are available.
> 
> Finally, I will discuss what our future plans are with respect to
> encryption with integrity, which will include leveraging ext4
> transactions to enforce cryptographic consistency while managing
> additional per-block authentication data.

Are there any controversial topics that require a discussion here? It really
sounds like just a presentation about ext4 encryption.


Thanks,
Sasha