On Mi, 10.05.23 15:13, Lennart Poettering (mzerqung@xxxxxxxxxxx) wrote: > > We're generally looking toward encrypting subvolumes individually > > using the upcoming Btrfs native encryption capability rather than > > using LUKS. That allows us to > > How do you establish trust in the underlying file system? The thing > that kernel fs maintainers made very clear is that they do not > consider Linux file systems safe regarding rogue offline > modification. Hence you must establish trust somehow *before* you > mount the fs, which pretty much means LUKS. > > Linux fs maintainers also made very clear that they generally consider > alternative implementations of their file systems as unsupported, and > a problem. The big relevant Linux file systems consider only the > implementation in the Linux kernel as defining the format. Which means > that anything like an alternative implementation of btrfs or xfs or > ext4 in things like grub or EFI is expressly against the wishes of the > people who maintain the file systems. > > Or in other words: what you are proposing appears like a very bad > idea, and in fact even upstream Grub wants to get away from > maintaining thei own fs drivers for Linux fs as I hear, because it's > so untenable to them, too. > > Seriously, bury this idea. So to add to this. I happen to be at LFSMMBPF at the moment, the Linux File System summit (among other things) where all the Linux FS people meet. I spoke to a couple of FS maintainers here, and well, let me make this very clear: using any of the major Linux file systems with drivers that are not the ones in the Linux kernel is a very bad idea, and expressly not supported by them. [They actually used much harsher words, that I'll not repeat here – this is the "friendly" version of their take on your idea.] So, unless you want to go against what the people who actually maintain the file systems expressly say please just get this idea out of your head that porting Linux file systems into EFI fs drivers was a good, supportable idea. And Neal, Chris, if you don't believe the above, then hey, I am happy to open a thread with them in CC where they can tell you in person how bad an idea that is. Lennart -- Lennart Poettering, Berlin _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue