TCFS on FreeBSD

Allan Fields bsd at afields.ca
Thu Oct 21 03:35:41 PDT 2004 

On Mon, Oct 18, 2004 at 11:27:31AM -0600, Greg Lewis wrote:
> On Sun, Oct 17, 2004 at 10:41:14AM -0400, Yan Wang wrote:
> > I tried to port Transparent Cryptographic File System
> > (http://www.tcfs.it) OpenBSD version to FreeBSD 4.8, but failed. Has
> > any one tried this before? How much modification is needed? Any info is
> > appreciated.
> 
> I tried this a while ago.  I got it to the point where the kernel compiled
> but unfortunately it would panic on boot.  I didn't have the time to track
> down the problem unfortunately :(.
> 
> I can probably dig up the patches if there is any interest, but they may
> need some forward porting (I think I was originally using 4.5).

I'd be interested in this and would also like to take a look at the
patches.  Mind you my biggest constraint is also time.

There is a lack of ports on FreeBSD of this type of crypt file system.
While gbde offers a convenient device level approach, TCFS might
be employed in other applications/to meet differing security
requirements.  Some have reported TCFS has/had problems on other
platforms and porting would potentially require addressing these
issues as well.

Also see this effort for NetBSD: http://vaxn8.tripod.com/tcfs/
The author also was using various test tools.

My approach would be to port to 5.x or HEAD, but if anyone is more
interested in support on 4.x hosts given the relative lack of
options, it makes sense to bring 4.x patches up to date as well.

Remember of course 4.x users can still use good old cfs for the
time being.  It is in fact quite reliable from my tests but has
several significant deficiencies including:
	- relatively dated security model/design
	- significantly bottlenecked I/O performance
	- lack of support for long filenames (you'll notice this
	  almost immediately)
	- lack of support for extended characters: if I remember
	  correctly, my tests had certain problems where files would
	  be copied into the volume, but then become inaccessible,
	  producing errors on each access and you'd have to work
	  with the backing files to remove them (-- the very fact
	  this can be done highlights another issue;)

TCFS tries to address these problems in cfs, but I've wondered
if it wouldn't be an idea to simply tweak aspects of cfs itself,
but it'd still be inherently limited by the interface choice (NFS).

Until something comprehensive comes along to deal with userside
filesystem implementations, I'd assume that it will remain more
efficient to implement as much as possible in the kernel which
raises the idea of employing a vnode stacking approach such as
cryptfs.

> -- 
> Greg Lewis                          Email   : glewis at eyesbeyond.com
> Eyes Beyond                         Web     : http://www.eyesbeyond.com
> Information Technology              FreeBSD : glewis at FreeBSD.org

-- 
 Allan Fields, AFRSL - http://afields.ca
 2D4F 6806 D307 0889 6125  C31D F745 0D72 39B4 5541
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-fs/attachments/20041021/0fc40e06/attachment.bin

More information about the freebsd-fs mailing list