Re: btrfs native encryption
On Mon, Jun 12, 2017 at 02:40:38PM +0200, David Sterba wrote: > On Fri, Jun 09, 2017 at 08:50:12AM -0700, Filip Bystricky wrote: > > Dear btrfs maintainers, > > Google is evaluating btrfs for its potential use in android, but > > currently the lack of native file-based encryption unfortunately makes > > it a nonstarter. > > The file-based encryption is covered by the fscrypt API, that's > implemented in ext4/f2fs, so implementing that in btrfs could allow you > to start evaluating btrfs. For reference I'll add it here, https://github.com/asj/linux-btrfs-fscryptv1 seems to implement it, I've only scrolled through it so I don't know how usable is it in this state. -- To unsubscribe from this list: send the line "unsubscribe linux-btrfs" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: btrfs native encryption
On Fri, Jun 09, 2017 at 08:50:12AM -0700, Filip Bystricky wrote: > Dear btrfs maintainers, > Google is evaluating btrfs for its potential use in android, but > currently the lack of native file-based encryption unfortunately makes > it a nonstarter. The file-based encryption is covered by the fscrypt API, that's implemented in ext4/f2fs, so implementing that in btrfs could allow you to start evaluating btrfs. As other pointed, the usecases with snapshots and reflinks need to be reviewed. > According to the FAQ (specifically the answer to > "Does btrfs support encryption"), nobody is currently working on this. > How up-to-date is that answer, and are there any new plans to add > native FBE in the future? Wiki is a snapshot of status, knowledge and best practices from mixed times, so not everything is up to date or accurate. That no one is working on encryption is partially true, as we've seen some proposed patches that received objections and from my perspective are not close to being considered for merging. The fscrypt functionality has been designed and the API defined, so it's a matter of implementation on the btrfs side. Anything else is in the phase of design and prototyping. -- To unsubscribe from this list: send the line "unsubscribe linux-btrfs" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: btrfs native encryption
dealing with inheritance of encryption when making snapshots, and dealing with reflinks. Right. To address this, there is a proposal to bring encryption down to the extent level, it solves these limitations. Thanks, Anand -- To unsubscribe from this list: send the line "unsubscribe linux-btrfs" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: btrfs native encryption
For phase-1 the idea was to make btrfs encryption inline with fs/crytpo which wasn't available when it started, so certainly there are things which could straight away filter out after its known what went into fs/crypto from ext4, especially the cryptography part. Now, 4.10 kernel based, btrfs encryption using fs/crypto is here [1]. It has under gone limited testing by me and yet to arrive at a conclusion on the file-name encryption, though its discussions are here [2], and patches aren't sent out to the BTRFS ML yet. [1] Phase-1. Progs: https://github.com/asj/btrfs-progs-fscryptv1 Kernel: https://github.com/asj/linux-btrfs-fscryptv1 [2] File name encryption discussions are here: (I don't see some of the emails I have in the google search, so instead I have listed the subject for your search). On the ext4 ML: Sub: fs/crypto: file-name encryption, optional ? Sub: fs/crypto: root read-access without key Thanks, Anand -- To unsubscribe from this list: send the line "unsubscribe linux-btrfs" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: btrfs native encryption
On Fri, Jun 9, 2017 at 9:50 AM, Filip Bystrickywrote: > Dear btrfs maintainers, > Google is evaluating btrfs for its potential use in android, but > currently the lack of native file-based encryption unfortunately makes > it a nonstarter. According to the FAQ (specifically the answer to > "Does btrfs support encryption"), nobody is currently working on this. > How up-to-date is that answer, and are there any new plans to add > native FBE in the future? The ext4 and f2fs encryption implementations were moved to the VFS, so in theory it can be used for XFS and Btrfs. A usability gotcha that probably is manageable on Android is dealing with inheritance of encryption when making snapshots, and dealing with reflinks. https://lwn.net/Articles/677620/ -- Chris Murphy -- To unsubscribe from this list: send the line "unsubscribe linux-btrfs" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Re: btrfs native encryption
On Fri, Jun 09, 2017 at 08:50:12AM -0700, Filip Bystricky wrote: > Dear btrfs maintainers, > Google is evaluating btrfs for its potential use in android, but > currently the lack of native file-based encryption unfortunately makes > it a nonstarter. According to the FAQ (specifically the answer to > "Does btrfs support encryption"), nobody is currently working on this. > How up-to-date is that answer, and are there any new plans to add > native FBE in the future? There were initial patches from Anand Jain back in September, but they weren't well-received in terms of the (lack of) cryptography design. IIRC, the patches provided file-level data encryption without encrypting metadata. I haven't seen anything since then (although Anand was planning on doing a session on btrfs encryption at LSF/MM in March -- I don't know if that happened, or what the outcome was). So, there's some interest in a fairly minimal implementation, but progress doesn't seem to be particularly fast. Hugo. -- Hugo Mills | "Are you the man who rules the Universe?" "Well, I hugo@... carfax.org.uk | try not to." http://carfax.org.uk/ | PGP: E2AB1DE4 |Life, the Universe and Everything. signature.asc Description: Digital signature
btrfs native encryption
Dear btrfs maintainers, Google is evaluating btrfs for its potential use in android, but currently the lack of native file-based encryption unfortunately makes it a nonstarter. According to the FAQ (specifically the answer to "Does btrfs support encryption"), nobody is currently working on this. How up-to-date is that answer, and are there any new plans to add native FBE in the future? Thanks, Filip Bystricky -- To unsubscribe from this list: send the line "unsubscribe linux-btrfs" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html