Secure deletion for UBIFS

[Artem Bityutskiy]

On Tue, 2012-01-24 at 12:31 +0100, Joel Reardon wrote:
> This patch provides efficient secure deletion for UBIFS. In short, every 
> data node is stored encrypted on the flash memory, each with a different 
> key. Encryption/decryption are handled in the compression/decompression 

Hi Joel,

I think this idea is clever. Sorry for delays, I am realy swamped and
cannot do a detailed review. But let me provide a minimum feed back so
far to have this moving. I am looking forward to see your work upstream
and I hope you'll be persistent enough to make sure this happens. This
partially depends on me, but mostly on you, because I do not have time
to help you much :-)

Could you please stare with the following.

1. Inline the patch instead of attaching it. This way people will be
able to answer and cite the relevant bits.

2. Provide a bit more detailed design explanation.

3. CC LKML: linux-kernel at vger.kernel.org

4. CC the fs-devel mailing list: linux-fsdevel at vger.kernel.org

5. Provide information how you tested the patch

I also noticed that you changed on-flash data structures (struct
ubifs_branch) and make incompatible changes. This is a serious change
and at very least needs introduction of new format. UBIFS has only one
on-flash format, but it has some provisioned mechanisms for supporting
new formats. Also, this needs some testing: check that old formats
refuse mounting new ones, check that new UBIFS supports both formats,
etc.

-- 
Best Regards,
Artem Bityutskiy
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part
URL: <http://lists.infradead.org/pipermail/linux-mtd/attachments/20120202/7689a556/attachment.sig>