UBIFS Encryption

Richard Weinberger richard at nod.at
Tue Jun 14 03:10:06 PDT 2016


Hi!

Am 14.06.2016 um 11:51 schrieb Stefano Babic:
> Hi,
> 
> I have the necessity to encrypt UBIFS - I have read that there is some
> movement about this, for example here:
> 
> 	http://lists.infradead.org/pipermail/linux-mtd/2016-March/066277.html
> 
> and some years ago there was another attempt:
> 
> 	https://patchwork.ozlabs.org/patch/150160/

File level encryption for UBIFS did not materialize yet because my customer
decided against encryption and the project degraded to a "would be a nice to
have feature I'll do in my spare time when I'm bored" state.

That said, the feature was requested a few times but nobody was willing to do
a proper implementation nor fund it so far.

> It looks like from patchwork that the above patch was merged, but it is
> not. Anyway, this looks as a starting point to add encryption /
> decryption routine, for example using crypto hardware, to the compress /
> decompress functions. In my understanding (I have a i.MX6 with CAAM
> crypto hardware), this can be possible - but I am asking here if there
> are some progress and which could be the best long term solution.

Please use the VFS approach like ext4 and f2fs do. That way a lot of existing
infra structure can re-used. Think of key management.

Thanks,
//richard



More information about the linux-mtd mailing list