From: Satya Tangirala <satyat@google.com>
To: Eric Biggers <ebiggers@kernel.org>
Cc: "Theodore Y . Ts'o" <tytso@mit.edu>,
Jaegeuk Kim <jaegeuk@kernel.org>, Chao Yu <chao@kernel.org>,
linux-kernel@vger.kernel.org, linux-fscrypt@vger.kernel.org,
linux-f2fs-devel@lists.sourceforge.net
Subject: Re: [PATCH 0/3] add support for metadata encryption to F2FS
Date: Wed, 7 Oct 2020 22:05:00 +0000 [thread overview]
Message-ID: <20201007220500.GA2544297@google.com> (raw)
In-Reply-To: <20201007210040.GB1530638@gmail.com>
On Wed, Oct 07, 2020 at 02:00:40PM -0700, Eric Biggers wrote:
> On Mon, Oct 05, 2020 at 07:36:03AM +0000, Satya Tangirala wrote:
> > This patch series adds support for metadata encryption to F2FS using
> > blk-crypto.
>
> This patch series needs more explanation about what "metadata encryption" is,
> why people will want to use it (as opposed to either not using it, or using
> fscrypt + dm-crypt instead), and why this is the best implementation of it.
>
Sure, I'll add that in the next version
> > Patch 2 introduces some functions to fscrypt that help filesystems perform
> > metadata encryption. Any filesystem that wants to use metadata encryption
> > can call fscrypt_setup_metadata_encryption() with the super_block of the
> > filesystem, the encryption algorithm and the descriptor of the encryption
> > key. The descriptor is looked up in the logon keyring of the current
> > session with "fscrypt:" as the prefix of the descriptor.
>
> I notice this is missing the step I suggested to include the metadata encryption
> key in the HKDF application-specific info string when deriving subkeys from the
> fscrypt master keys.
>
> The same effect could also be achieved by adding an additional level to the key
> hierarchy: each HKDF key would be derived from a fscrypt master key and the
> metadata encryption key.
>
> We need one of those, to guarantee that the file contents encryption is at least
> as strong as the "metadata encryption".
>
Yes - I didn't get around to that in the first version, but I'll add
that too in the next version. I was going to go with the first approach
before I saw your comment - is there one method you'd recommend going
with over the other?
> - Eric
WARNING: multiple messages have this Message-ID (diff)
From: Satya Tangirala via Linux-f2fs-devel <linux-f2fs-devel@lists.sourceforge.net>
To: Eric Biggers <ebiggers@kernel.org>
Cc: "Theodore Y . Ts'o" <tytso@mit.edu>,
linux-kernel@vger.kernel.org,
linux-f2fs-devel@lists.sourceforge.net,
linux-fscrypt@vger.kernel.org, Jaegeuk Kim <jaegeuk@kernel.org>
Subject: Re: [f2fs-dev] [PATCH 0/3] add support for metadata encryption to F2FS
Date: Wed, 7 Oct 2020 22:05:00 +0000 [thread overview]
Message-ID: <20201007220500.GA2544297@google.com> (raw)
In-Reply-To: <20201007210040.GB1530638@gmail.com>
On Wed, Oct 07, 2020 at 02:00:40PM -0700, Eric Biggers wrote:
> On Mon, Oct 05, 2020 at 07:36:03AM +0000, Satya Tangirala wrote:
> > This patch series adds support for metadata encryption to F2FS using
> > blk-crypto.
>
> This patch series needs more explanation about what "metadata encryption" is,
> why people will want to use it (as opposed to either not using it, or using
> fscrypt + dm-crypt instead), and why this is the best implementation of it.
>
Sure, I'll add that in the next version
> > Patch 2 introduces some functions to fscrypt that help filesystems perform
> > metadata encryption. Any filesystem that wants to use metadata encryption
> > can call fscrypt_setup_metadata_encryption() with the super_block of the
> > filesystem, the encryption algorithm and the descriptor of the encryption
> > key. The descriptor is looked up in the logon keyring of the current
> > session with "fscrypt:" as the prefix of the descriptor.
>
> I notice this is missing the step I suggested to include the metadata encryption
> key in the HKDF application-specific info string when deriving subkeys from the
> fscrypt master keys.
>
> The same effect could also be achieved by adding an additional level to the key
> hierarchy: each HKDF key would be derived from a fscrypt master key and the
> metadata encryption key.
>
> We need one of those, to guarantee that the file contents encryption is at least
> as strong as the "metadata encryption".
>
Yes - I didn't get around to that in the first version, but I'll add
that too in the next version. I was going to go with the first approach
before I saw your comment - is there one method you'd recommend going
with over the other?
> - Eric
_______________________________________________
Linux-f2fs-devel mailing list
Linux-f2fs-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
next prev parent reply other threads:[~2020-10-07 22:05 UTC|newest]
Thread overview: 42+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-10-05 7:36 [PATCH 0/3] add support for metadata encryption to F2FS Satya Tangirala
2020-10-05 7:36 ` [f2fs-dev] " Satya Tangirala via Linux-f2fs-devel
2020-10-05 7:36 ` [PATCH 1/3] fscrypt, f2fs: replace fscrypt_get_devices with fscrypt_get_device Satya Tangirala
2020-10-05 7:36 ` [f2fs-dev] " Satya Tangirala via Linux-f2fs-devel
2020-10-05 7:36 ` [PATCH 2/3] fscrypt: Add metadata encryption support Satya Tangirala
2020-10-05 7:36 ` [f2fs-dev] " Satya Tangirala via Linux-f2fs-devel
2020-10-07 20:52 ` Eric Biggers
2020-10-07 20:52 ` [f2fs-dev] " Eric Biggers
2020-10-07 23:28 ` Satya Tangirala
2020-10-07 23:28 ` [f2fs-dev] " Satya Tangirala via Linux-f2fs-devel
2020-10-08 17:05 ` Eric Biggers
2020-10-08 17:05 ` [f2fs-dev] " Eric Biggers
2020-10-05 7:36 ` [PATCH 3/3] f2fs: " Satya Tangirala
2020-10-05 7:36 ` [f2fs-dev] " Satya Tangirala via Linux-f2fs-devel
2020-10-05 10:19 ` kernel test robot
2020-10-05 10:19 ` kernel test robot
2020-10-07 21:20 ` Eric Biggers
2020-10-07 21:20 ` [f2fs-dev] " Eric Biggers
2020-10-08 0:31 ` Satya Tangirala
2020-10-08 0:31 ` [f2fs-dev] " Satya Tangirala via Linux-f2fs-devel
2020-10-05 7:43 ` [PATCH 0/3] add support for metadata encryption to F2FS Satya Tangirala
2020-10-05 7:43 ` [f2fs-dev] " Satya Tangirala via Linux-f2fs-devel
2020-10-07 21:00 ` Eric Biggers
2020-10-07 21:00 ` [f2fs-dev] " Eric Biggers
2020-10-07 22:05 ` Satya Tangirala [this message]
2020-10-07 22:05 ` Satya Tangirala via Linux-f2fs-devel
2020-10-08 17:01 ` Eric Biggers
2020-10-08 17:01 ` [f2fs-dev] " Eric Biggers
2020-10-10 9:53 ` Chao Yu
2020-10-10 9:53 ` [f2fs-dev] " Chao Yu
2020-12-17 15:44 ` Satya Tangirala
2020-12-17 15:44 ` [f2fs-dev] " Satya Tangirala via Linux-f2fs-devel
2020-12-18 9:02 ` Chao Yu
2020-12-18 9:02 ` [f2fs-dev] " Chao Yu
2020-12-18 11:53 ` Satya Tangirala
2020-12-18 11:53 ` [f2fs-dev] " Satya Tangirala via Linux-f2fs-devel
2020-12-22 11:47 ` Chao Yu
2020-12-22 11:47 ` [f2fs-dev] " Chao Yu
2020-12-24 10:13 ` Satya Tangirala
2020-12-24 10:13 ` [f2fs-dev] " Satya Tangirala via Linux-f2fs-devel
2020-12-25 9:31 ` Chao Yu
2020-12-25 9:31 ` [f2fs-dev] " Chao Yu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20201007220500.GA2544297@google.com \
--to=satyat@google.com \
--cc=chao@kernel.org \
--cc=ebiggers@kernel.org \
--cc=jaegeuk@kernel.org \
--cc=linux-f2fs-devel@lists.sourceforge.net \
--cc=linux-fscrypt@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=tytso@mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.