[systemd-devel] Authenticated Boot and Disk Encryption on Linux
Lennart Poettering
lennart at poettering.net
Thu Sep 30 08:27:05 UTC 2021
On Mi, 29.09.21 21:09, Łukasz Stelmach (stlman at poczta.fm) wrote:
> Hi, Lennart.
>
> I read your blog post and there is little I can add regarding
> encryption/authentication*. However, distributions need to address one
> more detail, I think. You've mentioned recovery scenarios, but even with
> an additional set of keys stored securely, there are enough moving parts
> in FDE that something may go wrong beyond what recovery keys could
> fix. To help users minimise the risk of data loss distributions should
> provide backup tools and help configure them securely.
>
> This is of course outside of the scope of your original post, but IMHO
> it is a good moment to mention this.
>
> * Well there is one tiny detail.
>
> You noted double encryption needs to be avoided in case of home
> directory images by storing them on a separate partition. Separating
> /home may be considered a slight inefficiency in storage usage, but
> using LVM to distribute storage space between the root(+/usr) and /home
> might help. However, to best of my knowledge (which I will be glad to
> update) there is no tool to dynamically and automatically manage storage
> space used by home images. In theory the code is there, but UX of
> resize2fs(8) and dd(1) is far from satisfying and I am not entirely sure
> what happens if one truncates (after resize2fs, which will work)
> a file containing a mounted image.
>
> The first solution that comes to my mind is to make systemd-homed resize
> home filesystem images according to some policy upon locking and
> unlocking. But it's not perfect as users would need to log out(?) to
> trigger allocation of more storage should they fill their home
> directory.
I have been working on code in homed to "balance" free space between
active home dirs in regular intervals (shorter intervals when disk
space is low, higher intervals when there's plenty). Also, right now
we already run FITRIM on home dirs on logout, to make sure all air is
removed then. I intend to also add logic to shrink to minimal size
then (and conversely grow on login again).
This will only really work in case btrfs is used inside the homedir
images, as only then we can both shrink and grow the fs whenever we
want to.
Lennart
--
Lennart Poettering, Berlin
More information about the systemd-devel
mailing list