Date: Tue, 30 Jun 2009 15:35:26 +0300 From: Gleb Kurtsou <gleb.kurtsou@gmail.com> To: soc-status@freebsd.org Cc: Stanislav Sedov <stas@FreeBSD.org> Subject: pefs status report 4 Message-ID: <20090630123526.GA2699@tops.skynet.lt>
next in thread | raw e-mail | index | archive | help
Last week I've implemented correct lookup operation. Encrypted file name can't be constructed solely from plain text name, because encrypted name contains random tweak value and checksum. I've change code no to use vop_bypass, as it was used only in a few places anyway, and there was need to add additional argument to pefs_bypass -- encrypted component name. I've disabled node recycling in vop_inactive, as pefs_node structure is not used to store lower vnode address anymore but also contains encryption keys. It allowed enabling of cached lookups and doesn't force recreation of vnodes for every operation. This week I'm planing to finish basic infrastructure work left: introduce minimal key management and use real encryption to verify correctness.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20090630123526.GA2699>