On Fri, Nov 18, 2011 at 06:36:18PM +0530, Abhijit Pawar wrote: > On 11/17/2011 08:19 PM, Greg KH wrote: > >On Thu, Nov 17, 2011 at 02:15:35PM +0530, Abhijit Pawar wrote: > >>Hi All, > >>I need to filter the data written/read to and from the USB storage > >>disk. > >Why? > I want to build a secure machine with data protection. I want to > have a security around the machine where anyone can attach a usb > disk and copy the data. but i want to make the copied data useless > unless it has the trust relation with the host to which its > connected. > So if one has copied data from one secured machine and get that usb > disk to other machine, he should see the encrypted garbage data. Interesting idea. > >What are you wanting to do at "filter" time? > I want to encrypt the write data packets and decrypt the read data packets. > >Why just USB disks? What makes them special? > They are the one which can be attached to the system easily. > >How are you going to determine if a disk is a USB device or not? You forgot to answer this question :) > >>Now the way USB is made known to OS is through SCSI and then > >>respective filesystem ( mostly usbfs). > >Not really, usbfs is only one way, and it has nothing to do with usb > >disks. > > > >>So is there any way I can intercept this stack and have my kernel module > >>invoked so that I will get the data. > >Not easily. > Even if its hard, can you please give details of how do I achieve this? > >>I have been thinking on two approaches: > >> > >>1. Use VFS and write a proxy filesystem for USB device which will filter > >>the data. > >>2. checking SCSI and any intercepting point. > >Again, what are you trying to "filter"? That will determine where you > >make changes. > thanks, greg k-h > So what choice do I have now for this? Lots of work, best of luck with this task, it will not be simple or easy. greg k-h _______________________________________________ Kernelnewbies mailing list Kernelnewbies@xxxxxxxxxxxxxxxxx http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies
