Google Is Adding Support For Metadata Encryption To F2FS
Written by Michael Larabel in Linux Storage on 6 October 2020 at 06:30 AM EDT. 9 Comments
LINUX STORAGE --
F2FS as the Flash-Friendly File-System has long supported transparent file-system encryption via Linux's FSCRYPT framework but now Google engineers are working on allowing the file-system metadata to also be encrypted.

With F2FS continuing to see an uptick in usage on Android devices, Google engineers have been working on allowing metadata encryption for this file-system.

Patches sent out on Monday allow for encrypting of all F2FS metadata besides the superblock itself. The metadata encryption is then controlled via the metadata_crypt_key= mount option for specifying the encryption key to use from the logon keyring. In turn all blocks besides the superblock on the file-system are encrypted. The only other apparent caveat with this metadata encryption is direct I/O not being supported but will fallback to buffered I/O.

These proposed patches for further beefing up the security of data on F2FS file-systems can be found via the kernel mailing list.
Related News
About The Author
Author picture

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter or contacted via MichaelLarabel.com.

Popular News This Week