Client-side file data encryption

This ticket is a place-holder to describe work to be done for client-side encryption.

The high-level requirements are the following:

• encrypt file content
• encrypt file name
• have a master key for encryption
  • per-file encryption key derived from master key
  • file data is no longer accessible after file is deleted
• able to change the user key without re-encrypting files
• deny access to encrypted data when master key is removed from memory on the client
• work in "batch scheduler" mode

We are proposing to address these requirements by:

• conforming to fscrypt kernel API
  • https://git.kernel.org/pub/scm/linux/kernel/git/tytso/fscrypt.git/tree/Documentation/filesystems/fscrypt.rst
  • https://git.kernel.org/pub/scm/linux/kernel/git/tytso/fscrypt.git/tree/fs/crypto
  • current users are ext4, F2FS, and UBIFS
  • https://git.kernel.org/pub/scm/linux/kernel/git/tytso/fscrypt.git/tree/include/linux/fscrypt.h
  • need to use newly pushed policy v2
  • https://patchwork.kernel.org/patch/10806461/
  • https://www.spinics.net/lists/linux-fscrypt/msg01357.html
• relying on ext4 encryption principles
  • file system block size = system page size
  • each filesystem block is encrypted independently in a separate block
  • pages in the page cache always contain clear text data
• mutualizing code infrastructure with compression work
  • same kind of operations, at same code locations

So the workflow would be the following:

• applications see clear text
• data is encrypted before being sent to servers
  • then remain untouched
• data is decrypted upon receipt from servers
  • untouched before that
• servers only see encrypted data
  • but do not need to be aware of it
• only client nodes have access to encryption keys

Further details will be added as the feature design makes progress.