Re: F39 proposal: BiggerESP (Self-Contained Change proposal)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mi, 10.05.23 15:13, Lennart Poettering (mzerqung@xxxxxxxxxxx) wrote:

> > We're generally looking toward encrypting subvolumes individually
> > using the upcoming Btrfs native encryption capability rather than
> > using LUKS. That allows us to
>
> How do you establish trust in the underlying file system? The thing
> that kernel fs maintainers made very clear is that they do not
> consider Linux file systems safe regarding rogue offline
> modification. Hence you must establish trust somehow *before* you
> mount the fs, which pretty much means LUKS.
>
> Linux fs maintainers also made very clear that they generally consider
> alternative implementations of their file systems as unsupported, and
> a problem. The big relevant Linux file systems consider only the
> implementation in the Linux kernel as defining the format. Which means
> that anything like an alternative implementation of btrfs or xfs or
> ext4 in things like grub or EFI is expressly against the wishes of the
> people who maintain the file systems.
>
> Or in other words: what you are proposing appears like a very bad
> idea, and in fact even upstream Grub wants to get away from
> maintaining thei own fs drivers for Linux fs as I hear, because it's
> so untenable to them, too.
>
> Seriously, bury this idea.

So to add to this. I happen to be at LFSMMBPF at the moment, the Linux
File System summit (among other things) where all the Linux FS people
meet. I spoke to a couple of FS maintainers here, and well, let me
make this very clear: using any of the major Linux file systems with
drivers that are not the ones in the Linux kernel is a very bad idea,
and expressly not supported by them. [They actually used much harsher
words, that I'll not repeat here – this is the "friendly" version of
their take on your idea.]

So, unless you want to go against what the people who actually
maintain the file systems expressly say please just get this idea out
of your head that porting Linux file systems into EFI fs drivers was a
good, supportable idea.

And Neal, Chris, if you don't believe the above, then hey, I am happy
to open a thread with them in CC where they can tell you in person how
bad an idea that is.

Lennart

--
Lennart Poettering, Berlin
_______________________________________________
devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue




[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Users]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]

  Powered by Linux