Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id ; Wed, 30 Oct 2002 16:14:15 -0500 Received: (majordomo@vger.kernel.org) by vger.kernel.org id ; Wed, 30 Oct 2002 16:14:15 -0500 Received: from d196069.dynamic.cmich.edu ([141.209.196.69]:53905 "EHLO euclid") by vger.kernel.org with ESMTP id convert rfc822-to-8bit; Wed, 30 Oct 2002 16:14:13 -0500 Content-Type: text/plain; charset=US-ASCII From: "Matthew J. Fanto" Reply-To: mattf@mattjf.com Organization: mattjf.com To: Lars Marowsky-Bree Subject: Re: The Ext3sj Filesystem Date: Wed, 30 Oct 2002 16:20:18 -0500 User-Agent: KMail/1.4.3 References: <200210301434.17901.mattf@mattjf.com> <20021030205652.GC22178@marowsky-bree.de> In-Reply-To: <20021030205652.GC22178@marowsky-bree.de> Cc: linux-kernel@vger.kernel.org MIME-Version: 1.0 Content-Transfer-Encoding: 7BIT Message-Id: <200210301620.18326.mattf@mattjf.com> Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1668 Lines: 36 On Wednesday 30 October 2002 03:56 pm, Lars Marowsky-Bree wrote: > Do you encrypt before the data has hit the data journal or after? Does that > work for mmap etc? I have not finished journaling support yet, but it will encrypt before it hits the journal. Yes, there should be no problem with mmap. > > This sounds like something you might want to abstract into a generic > architecture to be shared with the loop device code, or anything which > might need encryption in the kernel. Otherwise it is a PITA to maintain. I will be going over the cryptoAPI code tonight and seeing if I can change the crypto routines to use the cryptoAPI, as it would be much easier to maintain. > And I thought some of those algorithms were strictly signature / hash > algorithms, but you never stop learning ;-) The SHA algorithms, as well as MD5 are used for message digests (hashing). This is used to transform the key prior to passing the key off to the specific algorithms key setup functions. I have also thought about, albeit not too much, about using message digests/signatures as a file integreity mechanism. I should also mention that deletion of files on ext3sj will use DoD standards for secure file deletion by overwriting the data with all 0's, all 1's, and then random data. So, before you delete a file, make sure you really want to delete it, because there won't be a way to recover it. -Matthew J. Fanto - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/