From: Chris Murphy <lists@colorremedies.com>
To: Kai Krakow <hurikhan77@gmail.com>
Cc: Btrfs BTRFS <linux-btrfs@vger.kernel.org>
Subject: Re: Use fast device only for metadata?
Date: Tue, 9 Feb 2016 15:02:11 -0700 [thread overview]
Message-ID: <CAJCQCtS9QN_xKeUe+v25Q6uMAknkoajsU8KKXmHej5fsuUPcUg@mail.gmail.com> (raw)
In-Reply-To: <20160209224341.5bfa20b7@jupiter.sol.kaishome.de>
On Tue, Feb 9, 2016 at 2:43 PM, Kai Krakow <hurikhan77@gmail.com> wrote:
> Wasn't there plans for integrating per-file encryption into btrfs (like
> there's already for ext4)? I think this could pretty well obsolete your
> plans - except you prefer full-device encryption.
https://btrfs.wiki.kernel.org/index.php/Project_ideas#Encryption
I don't know whether the ZFS strategy (it would be per subvolume on
Btrfs) or the per directory strategy of ext4 is simpler. The simpler
it is, the more viable it is, I feel.
Maybe it's too much of a tonka toy to only encrypt file data, not
metadata (?) a question for someone more security conscious, but I'd
rather have some level of integrated encryption rather than none. So I
wonder if encryption could be a compression option - that is, it'd fit
into the compression code path and instead of compressing, it'd
encrypt. I guess the bigger problem then is user space tools to manage
keys. For booting, there'd need to be a libbtrfs api or ioctl for
systemd+plymouth to get the passphrase from the user. And for home, it
actually can't be in the startup process at all, it has to be
integrated into the desktop, using the user login passphrase to unlock
a KEK, and from there the DEK. The whole point of per directory
encryption is, a bunch of stuff remains encrypted.
If it were treated as a variation on compression, specifically a
variant of forced compression, it means no key is needed to do
balance, scrub, device replace, etc, and even inline data gets
encrypted also. Open question if the metadata slot for compression is
big enough to include something like a key uuid, because each dir item
(at least) needs to point to the key needed to decrypt the data. Hmm,
or maybe a new tree to contain and track the encryption keys meant for
each dir item.
--
Chris Murphy
next prev parent reply other threads:[~2016-02-09 22:02 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-02-07 19:06 Use fast device only for metadata? Nikolaus Rath
2016-02-07 20:07 ` Kai Krakow
2016-02-07 20:59 ` Martin Steigerwald
2016-02-08 1:04 ` Duncan
2016-02-08 12:24 ` Austin S. Hemmelgarn
2016-02-08 13:20 ` Qu Wenruo
2016-02-08 13:29 ` Austin S. Hemmelgarn
2016-02-08 14:23 ` Qu Wenruo
2016-02-08 21:44 ` Nikolaus Rath
2016-02-08 22:12 ` Duncan
2016-02-09 7:29 ` Kai Krakow
2016-02-09 16:09 ` Nikolaus Rath
2016-02-09 21:43 ` Kai Krakow
2016-02-09 22:02 ` Chris Murphy [this message]
2016-02-09 22:38 ` Nikolaus Rath
2016-02-10 1:12 ` Henk Slager
2016-02-09 16:10 ` Nikolaus Rath
2016-02-09 21:29 ` Kai Krakow
2016-02-09 18:23 ` Henk Slager
2016-02-09 13:22 ` Austin S. Hemmelgarn
2016-02-10 4:08 ` Nikolaus Rath
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAJCQCtS9QN_xKeUe+v25Q6uMAknkoajsU8KKXmHej5fsuUPcUg@mail.gmail.com \
--to=lists@colorremedies.com \
--cc=hurikhan77@gmail.com \
--cc=linux-btrfs@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.