RE: encrypt ramdisk

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Well, I've asked questions about executable on ramdisk on this mailing
list and got a lot of useful information here. Most say that since code
is already in RAM (as it is in ramdisk), it will be mapped to process
address space (text segment) and run in place. This seems very
reasonable to me -- kernel will optimize the ram usage and should
prevent duplicate copy of code in ram. 

Now I am very confused about loopback device and block device and ....,
could anyone please tell me what I should read or where I should refer
to so that I can get a better understanding as how this all works
inside? I've been searching around and it seems that all the documents
are about how to use a loopback device, none of them (as far as I can
see) include a good description as how it actually works and what the
kernel does to make it work.

Thanks very much! Really appreciate any help.
Lei

-----Original Message-----
From: Jan Hudec [mailto:bulb@xxxxxxxxxxxxxxxxxx]On Behalf Of Jan Hudec
Sent: Monday, July 19, 2004 7:23 PM
To: Lei Yang
Cc: kernelnewbies@xxxxxxxxxxxx
Subject: Re: encrypt ramdisk


On Mon, Jul 19, 2004 at 11:51:43 -0400, Lei Yang wrote:
> Hello,
> 
> Can I set up a ramdisk and use loopback encryption to encrypt it?
> As far as I understand, the OS will keep data encrypted on the hard 
> disk at all times and decrypts it in RAM only as it's read. So an
encrypted 
> executable on physical hard disk will be decrypted page by page upon
> reading to RAM. But what happens to an executable sitting in ramdisk?
> Can I also encrypt it? Since the code is in RAM, it should be running
in place,
> how do kernel deal with encrypted code and run? 

A code on ramdisk will NOT be running inplace. A code on tmpfs will --
and you can't mount that over loopback.

There are two layers -- a block device and a filesystem. The block
device reads and writes blocks -- and from filesystem's point of view,
it does not matter where they are stored in the end.

A ramdisk is a block device. The filesystem talks to it as if it was
a real disk.

The loopback is a virtual block device implemented in terms of something
able to read and write -- which might be another block device or a file.
Even if ramdisk was optimized to not copy the data (I really don't know
whether it is), it wouldn't affect it's behaviour. The loopback reads
the data, filters them and passes them on to the filesystem, copying
them in the process.

On the other hand tmpfs is a filesystem that does not use block device.
It keeps the data in cache. So they are executed and mmapped in place,
but there is no place to put a crypto loop in.

> Any comments?
> 
> Thanks in advance!
> Lei
> 
> --
> Kernelnewbies: Help each other learn about the Linux kernel.
> Archive:       http://mail.nl.linux.org/kernelnewbies/
> FAQ:           http://kernelnewbies.org/faq/
> 
------------------------------------------------------------------------
-------
						 Jan 'Bulb' Hudec
<bulb@xxxxxx>

--
Kernelnewbies: Help each other learn about the Linux kernel.
Archive:       http://mail.nl.linux.org/kernelnewbies/
FAQ:           http://kernelnewbies.org/faq/



[Index of Archives]     [Newbies FAQ]     [Linux Kernel Mentors]     [Linux Kernel Development]     [IETF Annouce]     [Git]     [Networking]     [Security]     [Bugtraq]     [Yosemite]     [MIPS Linux]     [ARM Linux]     [Linux RAID]     [Linux SCSI]     [Linux ACPI]
  Powered by Linux