On Thu, 2012-02-09 at 16:24 +0100, Joel Reardon wrote: > > Each data nodes includes a reference to a key in the KSA. This key is read and > used to decrypt the data. When a new data node is written, an unused key is > selected from the KSA and used to encrypt the data node. The reference to the > key is then included with the node. The keys in the KSA are written before > actually being used to encrypt data. To securely delete a data node, we simply > mark the corresponding key position as deleted, and during the next purging > operation the KSA erase block that contains the key is then updated to a > version that does not contain the key. Why do you need to have your '__u64 crypto_lookup' both in the data node and the index? Isn't it enough to have them only inside the data nodes? ubifs_branch anyway points to the data node and you can read your 'crypto_lookup' from there. -- Best Regards, Artem Bityutskiy
Attachment:
signature.asc
Description: This is a digitally signed message part