On Mi, 10.05.23 15:13, Lennart Poettering (mzerqung(a)0pointer.de) wrote:
> We're generally looking toward encrypting subvolumes
individually
> using the upcoming Btrfs native encryption capability rather than
> using LUKS. That allows us to
How do you establish trust in the underlying file system? The thing
that kernel fs maintainers made very clear is that they do not
consider Linux file systems safe regarding rogue offline
modification. Hence you must establish trust somehow *before* you
mount the fs, which pretty much means LUKS.
Linux fs maintainers also made very clear that they generally consider
alternative implementations of their file systems as unsupported, and
a problem. The big relevant Linux file systems consider only the
implementation in the Linux kernel as defining the format. Which means
that anything like an alternative implementation of btrfs or xfs or
ext4 in things like grub or EFI is expressly against the wishes of the
people who maintain the file systems.
Or in other words: what you are proposing appears like a very bad
idea, and in fact even upstream Grub wants to get away from
maintaining thei own fs drivers for Linux fs as I hear, because it's
so untenable to them, too.
Seriously, bury this idea.
So to add to this. I happen to be at LFSMMBPF at the moment, the Linux
File System summit (among other things) where all the Linux FS people
meet. I spoke to a couple of FS maintainers here, and well, let me
make this very clear: using any of the major Linux file systems with
drivers that are not the ones in the Linux kernel is a very bad idea,
and expressly not supported by them. [They actually used much harsher
words, that I'll not repeat here – this is the "friendly" version of
their take on your idea.]
So, unless you want to go against what the people who actually
maintain the file systems expressly say please just get this idea out
of your head that porting Linux file systems into EFI fs drivers was a
good, supportable idea.
And Neal, Chris, if you don't believe the above, then hey, I am happy
to open a thread with them in CC where they can tell you in person how
bad an idea that is.
Lennart
--
Lennart Poettering, Berlin