tag:blogger.com,1999:blog-20765115956623558032024-02-07T06:52:06.986+03:00Gleb KurtsouGleb Kurtsouhttp://www.blogger.com/profile/05235148235254521396noreply@blogger.comBlogger17125tag:blogger.com,1999:blog-2076511595662355803.post-50870843648951688032012-12-28T22:29:00.001+03:002012-12-28T23:07:47.454+03:00New projects hostinggithub has recently disabled downloads feature sysutils/pefs-kmod port was relaying on. github downloads were frustrating but less hassle than hosting PEFS elsewhere and having to deal with two bug trackers, repositories, etc.
Downloads moved to code.google.com, but I intend to continue using github for bug tracking and as main source repository.
PEFS - code.google.com/p/pefs
ggateu -Gleb Kurtsouhttp://www.blogger.com/profile/05235148235254521396noreply@blogger.com1tag:blogger.com,1999:blog-2076511595662355803.post-60614956888549065512012-08-21T07:09:00.001+03:002012-08-21T21:09:24.611+03:00A sunday well spent
Two month ago I've decided to encrypt some personal files, which wasn't a big deal thanks to stacked crypto file system we have in FreeBSD :) This weekend I've realized that the worst thing that could possibly happen to encrypted data did actually happen -- I couldn't recall the password.
Decision was made to roll back ZFS transactions to recover deleted snapshot. Performing such dangerous Gleb Kurtsouhttp://www.blogger.com/profile/05235148235254521396noreply@blogger.com0tag:blogger.com,1999:blog-2076511595662355803.post-26026510293256755672012-04-10T17:46:00.000+03:002012-08-20T22:39:36.801+03:00Ancient code
Graphics mode in recently release links 2.6 changelog[1] sounded vaguely familiar. So I've started googling for my first non-trivial contribution to a open source project. It was in 2003 - nearly 9 years ago[2]. I wish I have that patch to look at :D
http://www.mailinglistarchive.com/elinks-dev@linuxfromscratch.org/msg01281.html
[1] http://www.opennet.ru/opennews/art.shtml?num=33567
[2] Gleb Kurtsouhttp://www.blogger.com/profile/05235148235254521396noreply@blogger.com1tag:blogger.com,1999:blog-2076511595662355803.post-18033034433871391982011-04-14T23:46:00.005+03:002011-04-15T03:01:07.581+03:00Secure backups for a lazy developerDeveloper is always afraid of loosing source code. As a rule after crash you'll be able restore all but several last revisions, or you'll get sources but have repository damaged. It doesn't happen often, but it's better to feel safe.
Backup of a central repository on server and personal project backup are two very different stories. Developers are too lazy to use server-like backup methodsUnknownnoreply@blogger.com1tag:blogger.com,1999:blog-2076511595662355803.post-5610399511639015332011-01-22T09:12:00.000+02:002011-01-22T09:12:15.055+02:00PEFS changelogPEFS changelog since September 2010:
Add AESNI hardware acceleration support.
Several rename fixes: vnode reference leak, incorrect locking, livelock, missing lookup(), always perform nfs-style dummy rename.
Skip directory entries with zero inode number (empty entry) (could result in reusing invalid entries).
Fix mounting ZFS snapshots (incorrect vn_fullpath locking).
Reduce possibility of free Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-2076511595662355803.post-66960729160853050602010-09-07T01:50:00.003+03:002010-09-07T01:52:23.488+03:00XTS support in pefsI've replaced CTR encryption mode with XTS. Salsa20 stream cipher was also removed. CTR mode was inappropriate design for a filesystem, and allowed encrypted data to be easily manipulated by attacker and could even reveal plantext in cases when previous encrypted data snapshots where available to attacker, i.e. filesystem level snapshots. There should be no visible performance degradation becauseUnknownnoreply@blogger.com0tag:blogger.com,1999:blog-2076511595662355803.post-35540511718224598992010-05-06T02:23:00.000+03:002010-05-06T02:23:21.064+03:00Projects statusThe oldest project l2filter is almost certainly doomed. Patch no longer apply after ipfw3 was imported to -CURRENT and then merged to 8-STABLE. It still applies to 7-STABLE, but I don't use 7-STABLE. Merging only support for layer2 filtering with pfil and pf should be rather trivial. I'd like to keep patches in sync with recent -CURRENT but.. no time, no testers.
pefs looks much better. I keep Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-2076511595662355803.post-34218843650879295362009-12-08T20:16:00.003+02:002010-01-16T21:03:00.775+02:00pefs and l2filter moved to githubI've just moved pefs and l2filter development to github. Hope it helps people to follow development.
pefs repository (github.com/glk/pefs) can be used to to compile and run pefs without applying any patches.
pefs changelog:
support running on msdosfs
enable dircache only on file systems that are known to support it
add man page
add pefs getkey command
intial implementation of pefs PAM module
Unknownnoreply@blogger.com4tag:blogger.com,1999:blog-2076511595662355803.post-46991721983003695212009-10-16T20:08:00.004+03:002010-01-16T20:19:10.982+02:00pefs dircache benchmarkI've recently added directory caching into pefs.Despite of being directory listing cache (like dirhash for ufs) it also acts as encrypted file name cache. So that there is no need to decrypt names for the same entries all the time. That was really big issue because directory listing has to be reread on almost every vnode lookup operation. It made operations on directories with 1000 and more filesUnknownnoreply@blogger.com0tag:blogger.com,1999:blog-2076511595662355803.post-6690749890334213992009-10-01T20:06:00.007+03:002010-01-16T21:10:13.104+02:00Encrypting private directory with pefspefs is a kernel level cryptographic filesystem. It works transparently on top of other filesystems and doesn't require root privileges. There is no need to allocate another partition and take additional care of backups, resizing partition when it fills up, etc.
After installing pefs create a new directory to encrypt. Let it be ~/Private:
% mkdir ~/Private
And mount pefs on top of it (root Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-2076511595662355803.post-77801411666411641722009-09-23T20:03:00.003+03:002010-09-07T18:19:13.080+03:00pefs crypto primitives (updated)Supported data encryption algorithms: AES and Camellia (with 128, 192 and 256 bits key sizes). Adding another block cipher with 128 block size should be trivial.
File names are always encrypted using AES-128 in CBC mode with zero IV. Encrypted file name consists of a unique per file tweak, checksum and name itself:
XBase64(checksum || E(tweak || filename))
Checksum is VMAC of encrypted tweak Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-2076511595662355803.post-83740436242554370882009-09-16T19:55:00.005+03:002010-01-16T20:03:07.274+02:00pefs benchmarkpefs is a stacked cryptographic filesystem for FreeBSD. It has started as a Goggle Summer of Code'2009.I've just come across performance comparison of eCryptfs against plain ext4 filesystem on Ubuntu, benchmark I was going to perform on my own.I run dbench benchmarks regularly while working on pefs. But use it mostly as a stress test tool. I haven't reached the point I can start working on Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-2076511595662355803.post-19028866565758580522009-03-24T19:48:00.003+02:002010-01-16T19:53:53.965+02:00Layer2 dummynetHaven't posted about progress with lyear2 filtering for a while. One notable improvement is addition of ethernet address masks to dummynet.Just configure a pipe. New masks available: src-ether and dst-ether (and a shortcut for specifying both of them: ether)# ipfw pipe 1 config bw 1Mb mask etherAnd use it:# ipfw add 1100 pipe 1 src-ether 00:11:11:11:11:11 dst-ether 00:22:22:22:22:22 out via Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-2076511595662355803.post-12822112716873587202008-11-23T19:47:00.001+02:002010-01-16T19:48:42.531+02:00ipfw: layer2 lookup tablesI had an opportunity to spend some extra time improving layer2 filtering.I've extended lookup tables in ipfw to support several layer2 addresses for a single layer3 address/mask. It means that it's possible to assign mac addresses to network (in case ip's are dynamically distributed by dhcp or whatever). Besides, wildcard ip address 'any' is supported, and entries with wildcard ip can be used forUnknownnoreply@blogger.com0tag:blogger.com,1999:blog-2076511595662355803.post-10606141047377023292008-07-30T19:39:00.003+03:002010-01-16T19:54:06.702+02:00Layer2 filtering with pfInstead of trying to describe all the changes regarding layer2 filtering in pf I'd better provide some examples.Ethernet address can be specified for host or interface name:pass in on bridge0 from 10.0.0.1 ether 00:11:11:11:11:11 to 10.0.0.2 ether 00:22:22:22:22:22pass in on bridge0 from ($int_if:network) ether 00:11:11:11:11:11 to anyEthernet addresses are supported in table entries:table <Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-2076511595662355803.post-16810576766060687552008-06-29T19:37:00.001+03:002010-01-16T19:54:19.049+02:00Filtering on bridgeThere used to be a flaw in using ipfw on bridge interface. It's impossible to distinguish incoming packets on member interface from incoming packets on bridge itself. For example consider two rules:add 1 allow ip from any to any in recv bridgeadd 2 allow ip from any to any in recv memberFirst rule will never match. The logic is ok here (if you are aware of ipfw's handling of interface options). Unknownnoreply@blogger.com0tag:blogger.com,1999:blog-2076511595662355803.post-29220609371967088922008-06-22T19:36:00.003+03:002010-01-16T19:54:33.668+02:00Incompatibility and some new featuresI've made some changes that break backward compatibility. But I've tried not to break anything intentionally but to do a cleanup work.First of all most of sysctl's responsible for layer2 filtering were replaced by per interface flags.net.link.ether.ipfw and net.link.bridge.ipfw are replaced by l2filter interface flag. So sysctl net.link.ether.ipfw=1 became ifconfig if1 Unknownnoreply@blogger.com0