On Wed, 10 Jul 2013 21:32:22 +0800, <wuyaalan@xxxxxxxxx> said: > I wanna encrpto some data in kernel, and these encrypto data storage > on disk .i should decrypt data before system call trasmit to user mode. > then what should i do ? how to get encrypt data ? > I wanna intercept write function(kernel), when this function got > encrypt data i will decrypt. This will probably not end well, as crypto is a lot harder to get right than it looks. What threat model are you trying to defend against with the encrypted data? What data are you encrypting, and who are you trying to keep it away from? The biggest problem is the secure storage and management of crypto keys. You're almost certainly better off using the in-kernel keyring code instead of trying to do this yourself. Also see the various TPM support code. And it's possible that what you *really* wanted to use is the userspace cryptLUKS code or TrueCrypt or similar - it's hard to tell what you're trying to do.
Attachment:
pgpXbJWf93FZI.pgp
Description: PGP signature
_______________________________________________ Kernelnewbies mailing list Kernelnewbies@xxxxxxxxxxxxxxxxx http://lists.kernelnewbies.org/mailman/listinfo/kernelnewbies
