different cache

NTFSD
1

Hi

I was thinking something, it may be stupid, but I would appreciate your
comments.

As a FS filter driver, I would like to act like there is another stream for
given file and initialize cache manager with default stream info (size and
everything). Basically this is to have two different cache. One is clear for
regular user, another is encrypted for backup user. If I can do this, how
can I sync with default stream?

Thanks
Ramaraj

2

Doing it on a user basis is a little problematic… For example, how
would you detect system files? You would not want system files to be
ciphered when loaded by the OS; Windows would never boot.

You should do it on a file-by-file basis.

One possible solution would be to detect the backup user in the create
handler (Backup privileges, and BACKUP_INTENT flag set) and create some
sort of context record for the file. When you get a read request from
this handle, encrypt the content before returning to the user; your
algorithm will have to have some sort of alignment boundaries for the
cipher; cluster based would work. You would have to read the clusters
occupying the range and then cipher it and return to the user the
cipher-text for the byte range requested.

This does incur an allocation of memory (PP is OK) and a memcopy;
fortunately, this will ONLY effect the backup application/user and does
not incur the overhead of maintaining two cache paths for the same file.

Of course, this may be over-kill since the OS provides similar
functionality. A backup user can backup files that are not owned by the
user and if the files are ciphered with EFS, they are not decrypted when
read by a backup user who does not own the files.

Another great idea shot to hell :slight_smile:

Jamey

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Ramaraj Pandian
Sent: Thursday, May 01, 2003 3:46 PM
To: File Systems Developers
Subject: [ntfsd] different cache

Hi

I was thinking something, it may be stupid, but I would appreciate your
comments.

As a FS filter driver, I would like to act like there is another stream
for
given file and initialize cache manager with default stream info (size
and
everything). Basically this is to have two different cache. One is clear
for
regular user, another is encrypted for backup user. If I can do this,
how
can I sync with default stream?

Thanks
Ramaraj

You are currently subscribed to ntfsd as: xxxxx@storagecraft.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

3

Thanks Jamey for your reply and Ideas.

Is it possible that backup user can open a file as memory mapped? If it is,
how do we handle that.

Thanks
Ramaraj

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com]On Behalf Of Jamey Kirby
Sent: Thursday, May 01, 2003 4:52 PM
To: File Systems Developers
Subject: [ntfsd] RE: different cache

Doing it on a user basis is a little problematic… For example, how
would you detect system files? You would not want system files to be
ciphered when loaded by the OS; Windows would never boot.

You should do it on a file-by-file basis.

One possible solution would be to detect the backup user in the create
handler (Backup privileges, and BACKUP_INTENT flag set) and create some
sort of context record for the file. When you get a read request from
this handle, encrypt the content before returning to the user; your
algorithm will have to have some sort of alignment boundaries for the
cipher; cluster based would work. You would have to read the clusters
occupying the range and then cipher it and return to the user the
cipher-text for the byte range requested.

This does incur an allocation of memory (PP is OK) and a memcopy;
fortunately, this will ONLY effect the backup application/user and does
not incur the overhead of maintaining two cache paths for the same file.

Of course, this may be over-kill since the OS provides similar
functionality. A backup user can backup files that are not owned by the
user and if the files are ciphered with EFS, they are not decrypted when
read by a backup user who does not own the files.

Another great idea shot to hell :slight_smile:

Jamey

-----Original Message-----
From: xxxxx@lists.osr.com
[mailto:xxxxx@lists.osr.com] On Behalf Of Ramaraj Pandian
Sent: Thursday, May 01, 2003 3:46 PM
To: File Systems Developers
Subject: [ntfsd] different cache

Hi

I was thinking something, it may be stupid, but I would appreciate your
comments.

As a FS filter driver, I would like to act like there is another stream
for
given file and initialize cache manager with default stream info (size
and
everything). Basically this is to have two different cache. One is clear
for
regular user, another is encrypted for backup user. If I can do this,
how
can I sync with default stream?

Thanks
Ramaraj

You are currently subscribed to ntfsd as: xxxxx@storagecraft.com
To unsubscribe send a blank email to xxxxx@lists.osr.com

You are currently subscribed to ntfsd as: xxxxx@vormetric.com
To unsubscribe send a blank email to xxxxx@lists.osr.com