From owner-freebsd-current@FreeBSD.ORG  Mon Oct  7 16:53:18 2013
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Delivered-To: freebsd-current@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTP id 4F2EB121;
 Mon,  7 Oct 2013 16:53:18 +0000 (UTC)
 (envelope-from lifanov@mail.lifanov.com)
Received: from mail.lifanov.com (mail.lifanov.com [206.125.175.12])
 (using TLSv1 with cipher ADH-CAMELLIA256-SHA (256/256 bits))
 (No client certificate requested)
 by mx1.freebsd.org (Postfix) with ESMTPS id 3821E2173;
 Mon,  7 Oct 2013 16:53:18 +0000 (UTC)
Received: from [10.1.3.5] (cnet520-windstream.mcclatchyinteractive.com
 [166.108.16.2])
 (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits))
 (No client certificate requested)
 by mail.lifanov.com (Postfix) with ESMTPSA id F38DE1A281C;
 Mon,  7 Oct 2013 12:53:11 -0400 (EDT)
Message-ID: <5252E6F6.80009@mail.lifanov.com>
Date: Mon, 07 Oct 2013 12:53:10 -0400
From: Nikolai Lifanov <lifanov@mail.lifanov.com>
User-Agent: Mozilla/5.0 (X11; FreeBSD amd64;
 rv:24.0) Gecko/20100101 Thunderbird/24.0
MIME-Version: 1.0
To: Gleb Kurtsou <gleb@freebsd.org>
Subject: Re: Committing PEFS to CURRENT
References: <20131007163111.GB1590@reks.swifttest.com>
In-Reply-To: <20131007163111.GB1590@reks.swifttest.com>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Cc: "freebsd-current@freebsd.org" <freebsd-current@freebsd.org>
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
 <freebsd-current.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-current>, 
 <mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
 <mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 07 Oct 2013 16:53:18 -0000

On 10/07/13 12:31, Gleb Kurtsou wrote:
> Hello,
> 
> I would like to ask everybody's opinion regarding committing PEFS to
> CURRENT.
> 
> PEFS is a stacked cryptographic file system for FreeBSD. Development
> started as Google Summer of Code project in 2009. It has been in ports
> since Sept 2011. I maintain the project.
> 
> Conceptually PEFS is similar to nullfs adding encryption layer on top of
> it. But it differs technically by not using vop_bypass. Another popular
> stacked cryptographic file systems include eCryptfs (linux) and encfs
> (fuse). There is also pam_pefs pam module to allow user authentication
> with their PEFS-encrypted home directory password.
> 
> For those interested in high level introduction I would highly recommend
> article by Kris Moore in the BSD Magazine Issue 09/2013(50) -
> http://bsdmag.org/magazine/1848-day-to-day-bsd-administration
> 
> We are very close to branching 10-STABLE now, but patch is
> non-intrusive, it only adds new functionality, enabling PEFS for i386
> and amd64 (platforms it's known to work on). Patch passes make universe.
> 
> Patch is available here:
> https://github.com/glk/freebsd-head/commit/b4d2c4a5f42f88fdd07cb75feba3467e4d4c043c.patch
> 
> Pros/cons:
> 
> - Having PEFS in base would be a huge maintenance help for PCBSD/TrueOS
>   who are already committed to use PEFS in next product releases, e.g.
>   PCBSD provides encrypted home directories.
> 
> - There is steady interest in the project from users (emails, etc).
>   Many of them note that file system is not well known yet.  Moving PEFS
>   to base would greatly increase its exposure.
> 
> - Committing PEFS to base would also simplify maintenance by keeping it
>   in sync with other subsystems, e.g. it will be updated on large scale
>   changes like VM locking.
> 
> - There are no bugs known at the moment. I've been using it to encrypt
>   home directory since day one. pho@ ran stress test suite on it a
>   while back, number of bugs was fixed.
> 
> - PEFS is known to work on amd64 and i386 only. Big endian system and
>   systems with page size larger than 4k are not tested.
> 
> - NOTE! There has been no cryptography review.  I'd like to suggest to
>   add warning about file system and crypto used is experimental and hasn't
>   undergone professional review. Similar to one we had in tmpfs.
> 
> 
> BSD Magazine article:
> http://bsdmag.org/magazine/1848-day-to-day-bsd-administration
> 
> Port:
> http://www.freshports.org/sysutils/pefs-kmod/
> 
> Source code repository:
> https://github.com/glk/pefs
> 
> FreeBSD DevSummit'2011 - pefs presentation slides:
> https://pefs.googlecode.com/files/pefs-devsummit.pdf
> 
> FreeBSD wiki page:
> https://wiki.freebsd.org/PEFS
> 
> 
> I would really appreciate any comments or suggestions.
> 
> 
> Thank you,
> Gleb.

Just a personal note: I hoped that you would commit pefs to base
someday. It works well, and is the type of a core functionality that
would be nice to have as early as the install ISO, before skel is copied
over for the first user. I would be happy if this happened.

- Nikolai Lifanov