RFC: pefs - stacked cryptographic filesystem
Kevin Oberman
oberman at es.net
Tue Sep 7 17:57:40 UTC 2010
On Mon, 6 Sep 2010, Gleb Kurtsou wrote:
> I would like to ask for feedback on a kernel level stacked cryptographic
> filesystem. It has started as Summer Of Code'2009 project and matured a lot
> since then. I've recently added support for sparse files and switched to XTS
> encryption mode.
>
> I've been using it to encrypt my home directory for almost a year already,
> and use fsx, dbench and blogbench for testing. So it should be fairly
> stable.
>
> Tested on top of ZFS, UFS and tmpfs on amd64 and i386; both 9-CURRENT and
> 8-STABLE supported.
>
> Please email me separately if you're willing to help testing on big endian
> machine, XTS code doesn't look endian correct.
>
> At this point all of the project goals complete and I'd like it to get wider
> coverage in terms of tests and reviews and hope to see it commited to HEAD
> soon.
I've got to ask a probably dumb question...how is this better then geli
encrypted objects? I've used them for sometime with excellent results.
Or does it provide functionality that geli does not?
--
R. Kevin Oberman, Network Engineer
Energy Sciences Network (ESnet)
Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab)
E-mail: oberman at es.net Phone: +1 510 486-8634
Key fingerprint:059B 2DDF 031C 9BA3 14A4 EADA 927D EBB3 987B 3751
More information about the freebsd-current
mailing list