pefs status reports 6, 7
Gleb Kurtsou
gleb.kurtsou at gmail.com
Wed Jul 22 13:13:15 UTC 2009
It seems I've forgotten to submit status report last week. Actually too
much has changed during this time, here is short list of changes (from
commit logs):
- Add support for multiply keys per filesystem
- Replace sbin/mount_pefs with sbin/pefs (it also installs link to
/sbin/mount_pefs)
- Configuration utility is capable of mounting/unmounting filesystems,
adding/deleting keys
- Add initial support for other cipher implementations (next candidate is
skein, but most of stream ciphers based on hash function should fit)
- Use salsa20 for encryption
- Remove all cipher block alignment handling bloat
- Implement key generation function (using salsa20)
- Use uma zones for cryptographically sensitive info (to bzero memory
before free)
- Add transparent mode. Emulate read-only filesystem if no keys specified
- Add key reference counting and locking
- Support nodes without keys
Next item on my todo list is fixing readdir and adding key chaining.
More information about the soc-status
mailing list