Encryption

Moderators: jhartley, MSR734, nola

Encryption

Post by toddharvey » Sun Sep 16, 2012 3:23 pm

I read that the current implementation of ZEVO is based on: ZFS zpool version 28. I have also read that the pool must be upgraded to pool version 30 to allow encrypted ZFS file systems and volumes. (See http://hub.opensolaris.org/bin/view/Com ... tZFSdata3F). From this information, I reason that ZEVO does not offer native encryption.

My question is: Can ZEVO work with FileVault in Lion/Mountain Lion to provide whole disk encryption?
toddharvey Offline


 
Posts: 1
Joined: Sat Sep 15, 2012 11:37 am

How can ZFS be used with encryption on OS X?

Post by grahamperrin » Sun Sep 16, 2012 10:21 pm

How can ZFS be used with encryption on OS X? – Ask Different

My answer there uses an example where a single disk uses both HFS+ and ZEVO. There's a related question in the ZEVO area.
grahamperrin Offline

User avatar
 
Posts: 1596
Joined: Fri Sep 14, 2012 10:21 pm
Location: Brighton and Hove, United Kingdom

Re: Encryption

Post by bking » Wed Sep 19, 2012 5:30 pm

oracle is no longer sharing the code to solaris so if we want encryption built into zfs it will have to be coded by Don and company. that said I think under illumos we are going to much better served and that will ultimately help greenbytes and zevo. in the short term i have found that using encrypted sparse disk images residing on a ZFS pool works rather well and it allows for encryption but still having the benefits of ZFS... one more disk to mount but other than that works well
bking Offline


 
Posts: 2
Joined: Wed Sep 19, 2012 5:14 pm

CoreStorage or disk images for encryption: pros and cons

Post by grahamperrin » Thu Sep 20, 2012 12:21 am

CoreStorage or disk images for encryption: pros and cons

bking wrote:… encrypted sparse disk images residing on a ZFS pool …


I do that with a sparse bundle disk image for only one physical disk – an external, where I might want to write with Snow Leopard.

In general I prefer CoreStorage for encryption.

Each of the two approaches has pros and cons.

Disk images, zfs scrub and dealing with errors

If scrub reveals an error in the part of the dataset that stores a sparse disk image:

  • it may be difficult to identify the affected file(s) within the image.

If scrub reveals an error in the part of the dataset that stores a sparse bundle disk image:

  • we might identify an affected band, but it may be difficult to identify the affected file(s) within that band
  • if something other than a band is affected, difficulties may be greater.

Snapshots whilst a disk image is attached

If an image stored on ZFS is attached, I prefer to detach that image (unmount the volume, typically jhfs+) before creating a snapshot.

If not detached at snapshot time – and if it's later necessary to rollback to that snapshot – I assume that journaling and fsck_hfs will take care of file system inconsistencies. I have not actively tested this scenario so I'm a little cautious. (If my caution is bordering on tin foil, let me know!)

As with ZEVO Community Edition 1.1 we find ways to automate snapshots, so it may become less practical/desirable to detach disk images before snapshot time.

CoreStorage and sizes of logical volumes

Without CoreStorage:

  • a ZFS file system may be shrunk or grown without the need to re-partition underlying storage.

With CoreStorage:


Postscript

Part of this post is spun off – with additional thoughts – to a separate topic:

Last edited by grahamperrin on Mon Nov 12, 2012 1:16 am, edited 2 times in total.
grahamperrin Offline

User avatar
 
Posts: 1596
Joined: Fri Sep 14, 2012 10:21 pm
Location: Brighton and Hove, United Kingdom

encryption, ZFS, Oracle

Post by grahamperrin » Thu Sep 20, 2012 5:53 am

bking wrote:oracle is no longer sharing the code to solaris …


On one hand, yeah – in August 2012: "… when no water comes from the stream, it's not a stream … impossible for Oracle to be the upstream, given the current way they participate in the community. It's not that their participation is entirely absent – occasionally an Oracle employee will chime in … but never in the way of contributing code. So the upstream is de facto the illumos gate. …"

On the other hand, ZFS aside for a moment: the optimist in me is pleasantly surprised by outcomes of recent collaborative/cooperative work by Oracle.

It's in the communities' best interests to have not too many mutually incompatible approaches to encryption for something as highly respected as ZFS, so if people from Oracle are reading this: I'd encourage them to make encryption a focus area for tangible contributions to the ZFS Working Group.
grahamperrin Offline

User avatar
 
Posts: 1596
Joined: Fri Sep 14, 2012 10:21 pm
Location: Brighton and Hove, United Kingdom

CoreStorage, slices, latency and encryption

Post by grahamperrin » Thu Oct 18, 2012 8:38 pm

Until now, I thought of CoreStorage as not an ideal approach to encrypting ZFS on OS X, because (without reference to ZFS) I find it impossible to resize a logical volume in coreStorage world.

Since learning that it's not recommended to have an HFS Plus slice on a hard disk that's used for ZFS (doing so reduces performance – the latency issue), I should be more relaxed about the inflexibility of sizes of slices. In theory: be happy to give a whole disk to ZEVO, and assume that the future will include boot OS X from a ZFS volume.

So. For as long as ZFS platform communities are without a unified and open source approach to encryption:

  • is CoreStorage the best future direction for encryption with ZFS on OS X Lion and greater?

I guess that if Apple will allow a ZFS-oriented content hint (the Apple_HFS hint is a minor niggle) things will become easier.

Technical (on my list of things to read):

grahamperrin Offline

User avatar
 
Posts: 1596
Joined: Fri Sep 14, 2012 10:21 pm
Location: Brighton and Hove, United Kingdom

CoreStorage for Snow Leopard

Post by grahamperrin » Tue Nov 06, 2012 8:49 pm

grahamperrin wrote:CoreStorage or disk images for encryption: pros and cons


I omitted one of the cons against Apple CoreStorage:

  • not present in Snow Leopard.

Also I should have been more explicit about a project (related to the above, Cryptology ePrint Archive: Report 2012/374) with which a CoreStorage encrypted volume might be mounted with operating systems other than Lion or Mountain Lion:

libfvde

> Library and tools for reading FileVault Drive Encryption (FVDE) encrypted volumes.

From the introduction:

> There is support for the following back-ends: fuse OSXFuse
>
> ImDisk or Dokan support is on the to do list.

– that's FUSE for OS X, also known as OSXFUSE (Fuse4X is merging into the OSXFUSE project).

Open source. With some additional work, might libfvde become a foundation for writing to CoreStorage world on Snow Leopard? And on Windows? I wonder …
grahamperrin Offline

User avatar
 
Posts: 1596
Joined: Fri Sep 14, 2012 10:21 pm
Location: Brighton and Hove, United Kingdom

CoreStorage (not necessarily Apple) discussed in #illumos

Post by grahamperrin » Mon Nov 12, 2012 1:05 am

For the record, yesterday in irc://irc.freenode.net/#illumos:

[18:41:27] <alanc> there was a claim at one time that Oracle would release sources after S11 shipped, but that seems fairly well disproven now
[18:41:49] <alanc> though of course Oracle never officially comments on such things
[18:42:05] <grahamperrin> the optimist in me, re: encryption viewtopic.php?p=227#p227
[19:18:04] <grahamperrin> Or does the notion of combining two logical volume managers not fly?
[19:29:33] <unsound> grahamperrin: that wouldn't be ZFS-specific would it? I'm sure people are already using ZFS on top of various different encryption layers.
[19:30:08] <unsound> but an open implementation of CoreStorage would be quite useful in general, for interoperability I mean.
[19:42:06] <grahamperrin> unsound: +1 to a ZFS-specific (or -oriented) non-closed approach to encryption that can be taken with all implementations of ZFS
[19:44:19] <unsound> grahamperrin: just wondering... what benefit would using CoreStorage as a more general encryption layer for ZFS bring? what's the advantage compared to other layered solutions?
[20:00:12] <grahamperrin> unsound: on the plus side, it could be an approach that's shared across multiple implementations of ZFS (but not Solaris)
[20:00:52] <grahamperrin> downside: as currently implemented by Apple, CoreStorage is not nearly as flexible as ZFS for LV management.

http://echelog.com/logs/browse/openindiana/1352588400
grahamperrin Offline

User avatar
 
Posts: 1596
Joined: Fri Sep 14, 2012 10:21 pm
Location: Brighton and Hove, United Kingdom

FileVault Drive Encryption (FVDE) working document

Post by grahamperrin » Fri Feb 08, 2013 2:01 pm

Currently featured at the home page of the libfvde project, a working document. From the summary:

… This specification is based on available documentation and was enhanced by reverse engineering of the file format.

This document is intended as a working document for the FileVault Drive Encryption (FVDE) format specification. …


There's also an updated version of the library.
grahamperrin Offline

User avatar
 
Posts: 1596
Joined: Fri Sep 14, 2012 10:21 pm
Location: Brighton and Hove, United Kingdom

Cross reference

Post by grahamperrin » Wed Feb 20, 2013 12:12 am

Re: Encryption Suggestions Please

Core Storage for encryption

a) I guess not.

b) I guess so.

c) I guess that it's escapable but as Core Storage is so closed, the truth may be hard to discover.

d) exceptions to straightforward should include at least:

  • bugs in fsck_cs: "… does not perform an exhaustive validation, nor is it able to fix many of the inconsistencies that it does detect."
  • the mismatch between the content hint and the true content.

What might happen when closed source development progresses by Apple? And so on.

I do use Core Storage for encryption of my ZFS home directory but encryption is an area where I'd prefer a community approach, not closed source.
grahamperrin Offline

User avatar
 
Posts: 1596
Joined: Fri Sep 14, 2012 10:21 pm
Location: Brighton and Hove, United Kingdom

Next

Return to General Discussion

Who is online

Users browsing this forum: No registered users and 0 guests

cron