From owner-freebsd-security Thu Dec 30 11:18:59 1999 Delivered-To: freebsd-security@freebsd.org Received: from apollo.backplane.com (apollo.backplane.com [216.240.41.2]) by hub.freebsd.org (Postfix) with ESMTP id 42A051538C for ; Thu, 30 Dec 1999 11:18:55 -0800 (PST) (envelope-from dillon@apollo.backplane.com) Received: (from dillon@localhost) by apollo.backplane.com (8.9.3/8.9.1) id LAA76495; Thu, 30 Dec 1999 11:18:49 -0800 (PST) (envelope-from dillon) Date: Thu, 30 Dec 1999 11:18:49 -0800 (PST) From: Matthew Dillon Message-Id: <199912301918.LAA76495@apollo.backplane.com> To: Warner Losh Cc: freebsd-security@FreeBSD.ORG Subject: Re: Niels Provos: CVS: cvs.openbsd.org: src References: <199912301852.LAA11820@harmony.village.org> Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org :This just went into OpenBSD and looks way cool. :-) Anybody with lots :of spare time wanna port it :-) : :Warner Hmm. Looks VERY interesting, though I shudder at the overhead. It would not be too hard to do w/ FreeBSD but in order to avoid low-memory deadlocks we would have to encrypt the page in-place and then free it after the pageout (or de-encrypt it in place after the pageout to retain the page). The tie-ins are trivial. We could add a flags field to the swblock structure and then simply tie-in to swstrategy(). I would like to see a general cryptographic VFS layer - instead of having a specific cryptfs we instead should have a VFS layer that we can stack on any filesystem and enable with a mount option, kinda like how union mounts work now except easier since we need only overlay the VOP_READ/WRITE/GETPAGES/PUTPAGES functions. Imagine: mount -o crypt=KEY /dev/sd0d /mnt -Matt To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message