Date: Thu, 21 Oct 2004 06:35:18 -0400 From: Allan Fields <bsd@afields.ca> To: Greg Lewis <glewis@eyesbeyond.com> Cc: freebsd-security@freebsd.org Subject: Re: TCFS on FreeBSD Message-ID: <20041021103518.GD74820@afields.ca> In-Reply-To: <20041018172730.GA22441@misty.eyesbeyond.com> References: <Pine.LNX.4.44.0410171039160.2750-100000@selenium.cs.pitt.edu> <20041018172730.GA22441@misty.eyesbeyond.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--69pVuxX8awAiJ7fD Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Oct 18, 2004 at 11:27:31AM -0600, Greg Lewis wrote: > On Sun, Oct 17, 2004 at 10:41:14AM -0400, Yan Wang wrote: > > I tried to port Transparent Cryptographic File System > > (http://www.tcfs.it) OpenBSD version to FreeBSD 4.8, but failed. Has > > any one tried this before? How much modification is needed? Any info is > > appreciated. >=20 > I tried this a while ago. I got it to the point where the kernel compiled > but unfortunately it would panic on boot. I didn't have the time to track > down the problem unfortunately :(. >=20 > I can probably dig up the patches if there is any interest, but they may > need some forward porting (I think I was originally using 4.5). I'd be interested in this and would also like to take a look at the patches. Mind you my biggest constraint is also time. There is a lack of ports on FreeBSD of this type of crypt file system. While gbde offers a convenient device level approach, TCFS might be employed in other applications/to meet differing security requirements. Some have reported TCFS has/had problems on other platforms and porting would potentially require addressing these issues as well. Also see this effort for NetBSD: http://vaxn8.tripod.com/tcfs/ The author also was using various test tools. My approach would be to port to 5.x or HEAD, but if anyone is more interested in support on 4.x hosts given the relative lack of options, it makes sense to bring 4.x patches up to date as well. Remember of course 4.x users can still use good old cfs for the time being. It is in fact quite reliable from my tests but has several significant deficiencies including: - relatively dated security model/design - significantly bottlenecked I/O performance - lack of support for long filenames (you'll notice this almost immediately) - lack of support for extended characters: if I remember correctly, my tests had certain problems where files would be copied into the volume, but then become inaccessible, producing errors on each access and you'd have to work with the backing files to remove them (-- the very fact this can be done highlights another issue;) TCFS tries to address these problems in cfs, but I've wondered if it wouldn't be an idea to simply tweak aspects of cfs itself, but it'd still be inherently limited by the interface choice (NFS). Until something comprehensive comes along to deal with userside filesystem implementations, I'd assume that it will remain more efficient to implement as much as possible in the kernel which raises the idea of employing a vnode stacking approach such as cryptfs. > --=20 > Greg Lewis Email : glewis@eyesbeyond.com > Eyes Beyond Web : http://www.eyesbeyond.com > Information Technology FreeBSD : glewis@FreeBSD.org --=20 Allan Fields, AFRSL - http://afields.ca 2D4F 6806 D307 0889 6125 C31D F745 0D72 39B4 5541 --69pVuxX8awAiJ7fD Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (FreeBSD) iD8DBQFBd5Dl90UNcjm0VUERApyBAJ9Wjd5DNrELuZci6i3HvQUvZrihzQCfd3y6 Gr/Xz+EoIWFJk8kyJ4J34LE= =Tq9u -----END PGP SIGNATURE----- --69pVuxX8awAiJ7fD--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20041021103518.GD74820>