Kernel Level File Integrity Checker report #1

[Efstratios Karatzas]

The design of the integrity checker changed during community bonding
period. The old design from my proposal may be found in the project's wiki
page [1].

Major changes:

Simple hashes will be used but at the same time, we will require an already
encrypted filesystem so that two identical plaintext messages do not
produce identical hashes. I still wish to provide an integrity-only mode
for pefs with HMACs & different key for integrity; however, this
functionality won't be added during this summer.

pefs filename MACs will be used as unique file identifiers instead of inode
numbers. The gain is that when user dump/restores the filesystem, he won't
have to reconstruct the checksum file as filenames will not have changed.

Towards the end of GSoC, where design will be more crystal, I will write
developer's documentation for the project and upload it at the project's
wiki page. Until then, descriptions of svn commits serve as a great guide
of what is going on with the codebase.

During week #1:

* added command 'addchecksum' to sbin/pefs which generates .pefs.checksum
file. This file has the form of an indirect map which the kernel driver
will be able to use directly without having to reconstruct lookup tree
during filesystem mount.
For longer descriptions of the command and the internal structure of the
checksum file, please refer to the comment headers found in sbin/pefs_ctl.c
and sbin/pefs_checksum.c.

[1] http://wiki.freebsd.org/SummerOfCode2012/EfstratiosKaratzas

-- 

Efstratios "GPF" Karatzas