forked from zfsrogue/freebsd-crypto
Der-Jan/freebsd-crypto
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Folders and files
Name | Name | Last commit message | Last commit date | |
---|---|---|---|---|
Repository files navigation
Welcome to the unofficial zfs-crypto branch. To make it clear, this branch has nothing to do with Sun, Oracle, ZFSOnLinux, OpenSolaris, IllumOS, OpenIndiana, SmartOS, FreeBSD etc. There are new files, zcrypt.c zcrypt.h zio_crypt.c zio_crypt.h dsl_crypto.c dsl_crypto.h libzfs_crypto.c zcrypt_common.c which are kept "as is" as much as possible, including (possibly irrelevant) headers. The crypto/api/ header files are from OpenSolaris. The crypto/api implementation is brand new, and supports "bare minimum" features as needed by ZFS only. All ciphers (CCM, GCM, CTR) are currently working, and compatible with the Linux ZOL implementation. * Key needs to be CK_AES prepared, better than current * All "// FIXME" should be inspected. In particular, known areas which differ are PROP_ALIAS, PROP_INHERIT, crypto vs userquota, * Removed KEY methods "https URI" (requires curl) and pkcs11 types. * The pool version is now 5000, and added feature flag "feature@encryption". * feature@encryption goes active if any ZFS are created with encryption=on. * Allow for readonly import of active feature@encryption, so that the non- encrypted filesystems could be recovered. Example: ``` # zfs create -o encryption=aes-256-gcm mypool/BOOM Enter passphrase for 'mypool/BOOM': Enter again: # zfs list NAME USED AVAIL REFER MOUNTPOINT mypool 142K 984M 31K /mypool mypool/BOOM 31K 984M 31K /mypool/BOOM # zpool get all mypool mypool feature@async_destroy enabled local mypool feature@encryption active local ``` zfs/rogue
About
FreeBSD with ZFS-Crypto patches
Resources
Stars
Watchers
Forks
Releases
No releases published
Packages 0
No packages published