[gpfsug-discuss] GPFS, LTFS/EE and data-in-inode?

IBM Spectrum Scale scale at us.ibm.com
Sun Jul 30 04:22:25 BST 2017


Jonathan, all,

We'll be introducing some clarification into the publications to highlight 
that data is not stored in the inode for encrypted files.



Regards, The Spectrum Scale (GPFS) team

------------------------------------------------------------------------------------------------------------------
If you feel that your question can benefit other users of  Spectrum Scale 
(GPFS), then please post it to the public IBM developerWroks Forum at 
https://www.ibm.com/developerworks/community/forums/html/forum?id=11111111-0000-0000-0000-000000000479
. 

If your query concerns a potential software error in Spectrum Scale (GPFS) 
and you have an IBM software maintenance contract please contact 
1-800-237-5511 in the United States or your local IBM Service Center in 
other countries. 

The forum is informally monitored as time permits and should not be used 
for priority messages to the Spectrum Scale (GPFS) team.



From:   Jonathan Buzzard <jonathan at buzzard.me.uk>
To:     gpfsug main discussion list <gpfsug-discuss at spectrumscale.org>
Date:   07/24/2017 10:57 AM
Subject:        Re: [gpfsug-discuss] GPFS, LTFS/EE and data-in-inode?
Sent by:        gpfsug-discuss-bounces at spectrumscale.org



On Mon, 2017-07-24 at 14:45 +0000, James Davis wrote:
> Hey all,
> 
> On the documentation of encryption restrictions and encryption/HAWC
> interplay...
> 
> The encryption documentation currently states:
> 
> "Secure storage uses encryption to make data unreadable to anyone who
> does not possess the necessary encryption keys...Only data, not
> metadata, is encrypted."
> 
> The HAWC restrictions include:
> 
> "Encrypted data is never stored in the recovery log..."
> 
> If this is unclear, I'm open to suggestions for improvements.
> 

Just because *DATA* is stored in the metadata does not make it magically
metadata. It's still data so you could quite reasonably conclude that it
is encrypted.

We have now been disabused of this, but the documentation is not clear
and needs clarifying. Perhaps say metadata blocks are not encrypted. Or
just a simple data stored in inodes is not encrypted would suffice.

JAB.

-- 
Jonathan A. Buzzard                 Email: jonathan (at) buzzard.me.uk
Fife, United Kingdom.

_______________________________________________
gpfsug-discuss mailing list
gpfsug-discuss at spectrumscale.org
http://gpfsug.org/mailman/listinfo/gpfsug-discuss




-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://gpfsug.org/pipermail/gpfsug-discuss_gpfsug.org/attachments/20170729/553410cd/attachment-0002.htm>


More information about the gpfsug-discuss mailing list