On Wed, 14 May 2003, Yoav Weiss wrote:
> On Tue, 13 May 2003, Ahmed Masud wrote:
>
> Yes, it sounds like an interesting project. Check out openbsd's paper
> about this: http://www.openbsd.org/papers/swapencrypt.ps
Thank you for this paper, it is a fun read. I do think however that a
few implementation differences should take place:
1. We should not enforce Rijndael as the only choice.
2. Every page should be encrypted iff it marked with some flag. This gives
a generic enough hook to create a swap_encrypt_policy type function to
determine whether it is desirable to encrypt a particular page or not.
2a. The above flag may also be set or cleared by the page-owner process on
a page-to-page basis (something a-kin to mlock()).
3. A slightly more sophisticated timeout framework should be created with
the ability to enforce expiry or request expiry extensions (upto some type
of a system hard limit?) on a per page.
Please comment.
This is an aside: should do we do anything about core dumps?
> Let me know when you get it rolling. I'll try to help where I can.
> I just hope it has a chance to be included.
I will start looking at it seriously within next couple of days actually.
I looked at the swap stuff in mm code yesterday for the first time and it
seems (eeriely) straightforward, and i know i am going to run into an
unseen brick wall :-).
I would suspect that somewhere between the io requst generated by
swap_readpage and swap_writepage cypto can be hooked in... haven't yet
determined where/when the key generations should take place.
Cheers,
Ahmed Masud.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Thu May 15 2003 - 22:00:51 EST