Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1750909AbWEDDR5 (ORCPT ); Wed, 3 May 2006 23:17:57 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S1750917AbWEDDR5 (ORCPT ); Wed, 3 May 2006 23:17:57 -0400 Received: from c-67-177-57-20.hsd1.ut.comcast.net ([67.177.57.20]:52216 "EHLO sshock.homelinux.net") by vger.kernel.org with ESMTP id S1750909AbWEDDR4 (ORCPT ); Wed, 3 May 2006 23:17:56 -0400 Date: Wed, 3 May 2006 21:17:55 -0600 From: Phillip Hellewell To: Andrew Morton Cc: linux-kernel@vger.kernel.org, linux-fsdevel@vger.kernel.org, viro@ftp.linux.org.uk, mike@halcrow.us, mhalcrow@us.ibm.com, mcthomps@us.ibm.com, toml@us.ibm.com, yoder1@us.ibm.com, James Morris , "Stephen C. Tweedie" , Phillip Hellewell , Erez Zadok , David Howells Subject: [PATCH 0/12: eCryptfs] eCryptfs version 0.1.6 Message-ID: <20060504031755.GA28257@hellewell.homeip.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline X-URL: http://hellewell.homeip.net/ User-Agent: Mutt/1.5.9i Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 2037 Lines: 41 This patch set constitutes the 0.1.6 release of the eCryptfs cryptographic filesystem: http://ecryptfs.sourceforge.net/ eCryptfs is a kernel-native stacked cryptographic filesystem for Linux. It is derived from Erez Zadok's Cryptfs, implemented through the FiST framework for generating stacked filesystems. eCryptfs extends Cryptfs to provide a framework for advanced key management and policy features. The initial release includes support for mount-wide passphrase only. eCryptfs stores cryptographic metadata in the header of each file written, so that encrypted files can be copied between the lower filesystems of hosts; the file will be decryptable through eCryptfs with the proper key, and there is no need to keep track of any additional information aside from what is already in the encrypted file itself. We think of eCryptfs as a sort of ``pgpfs.'' This patch set implements the design reflected in the document sent to the LKML on March 24th (subject ``eCryptfs Design Document''), with two modifications per responses to that document. The first modification is that extents are fixed to 4096-byte regions rather than whatever the page size of the host happens to be. In cases where the page size is larger than 4096 bytes and where the pages are not aligned, eCryptfs crosses page boundaries in the lower file while processing the 4096-byte extents. The second modification is that the header region occupies either 8192 bytes or the page size of the host on which the file is created, whichever is larger. This maximizes the probability that pages will be aligned between the unencrypted and encrypted data, which is not a requirement, but it helps with performance. This patch set was produced and tested against the 2.6.17-rc3-mm1 release of the kernel. Thanks, Phillip - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/