Kampani yowunikira chitetezo Kudelski Security yasindikiza chida chotchedwa Shufflecake chomwe chimakulolani kuti mupange mafayilo obisika amwazikana pa malo omwe alipo aulere pamagawo omwe alipo komanso osadziwika bwino ndi deta yotsalira mwachisawawa. Magawo amapangidwa m'njira yoti popanda kudziwa kiyi yolowera, zimakhala zovuta kutsimikizira kukhalapo kwawo ngakhale pofufuza zazamalamulo. Code of the utility (shufflecake-userland) ndi Linux kernel module (dm-sflc) zalembedwa mu C ndikugawidwa pansi pa laisensi ya GPLv3, zomwe zimapangitsa kuti zikhale zosatheka kuphatikiza gawo losindikizidwa la kernel mu kernel yayikulu ya Linux chifukwa chosagwirizana ndi layisensi ya GPLv2 yomwe kernel imaperekedwa.
Pulojekitiyi ili ngati yankho lapamwamba kwambiri kuposa Truecrypt ndi Veracrypt pobisala deta yomwe imafuna chitetezo, yomwe ili ndi chithandizo chamtundu wa Linux ndipo imakulolani kuti muyike magawo obisika a 15 pa chipangizocho, choyikidwa mkati mwa wina ndi mzake kuti asokoneze kusokoneza. za kukhalapo kwawo. Ngati kugwiritsidwa ntchito kwa Shufflecake sikuli chinsinsi, monga momwe tingaweruzire, mwachitsanzo, ndi kupezeka kwa zofunikira zogwirizana ndi dongosolo, ndiye kuti chiwerengero chonse cha magawo obisika omwe adapangidwa sichingadziwike. Magawo obisika omwe adapangidwa amatha kusinthidwa mwakufuna kwa wogwiritsa ntchito kuti agwirizane ndi mafayilo aliwonse, mwachitsanzo, ext4, xfs kapena btrfs. Gawo lililonse limatengedwa ngati chida chosiyana ndi chipika chokhala ndi kiyi yake yotsegula.
Kuti asokoneze zotsatirazo, akuyenera kugwiritsira ntchito chitsanzo cha khalidwe la "kukana kovomerezeka", chomwe chimapangitsa kuti deta yamtengo wapatali imabisika ngati zigawo zowonjezera m'magawo obisika omwe ali ndi deta yochepa kwambiri, kupanga mtundu wa magawo obisika. Pakanikizidwa, mwiniwake wa chipangizocho amatha kuwulula fungulo la magawo obisika, koma magawo ena (mpaka 15 milingo yokhala ndi zisa) akhoza kubisika mu gawo ili, ndipo kudziwa kukhalapo kwawo ndikutsimikizira kukhalapo kwawo kumakhala kovuta.
Kubisala kumatheka pomanga gawo lililonse ngati magawo obisika omwe amaikidwa pamalo okhazikika pa chipangizo chosungira. Kagawo kalikonse kamapangidwa mwamphamvu pamene malo owonjezera osungira akufunika mu magawo. Kuti kusanthula kukhale kovuta, magawo a magawo osiyanasiyana amasinthidwa, i.e. Magawo a Shufflecake samalumikizana ndi zigawo zolumikizana ndipo magawo a magawo onse amasakanikirana. Zambiri zokhudzana ndi magawo ogwiritsidwa ntchito komanso aulere zimasungidwa pamapu ogwirizana ndi gawo lililonse, lomwe limatanthauzidwa ndi mutu wobisika. Makhadi ndi mutuwo ndi encrypted ndipo, popanda kudziwa kiyi yofikira, sizimasiyanitsidwa ndi deta yachisawawa.
Mutuwo umagawidwa m'mipata, iliyonse yomwe imatanthawuza gawo lake ndi magawo ogwirizana nawo. Mipata yomwe ili pamutu imasungidwa ndikulumikizidwa mobwerezabwereza - malo omwe alipo pano ali ndi kiyi yosinthira magawo a gawo lapitalo muulamuliro (yobisika pang'ono), kulola mawu achinsinsi kuti agwiritsidwe ntchito kumasulira magawo onse obisika omwe amalumikizidwa ndi gawo losankhidwa. Chigawo chilichonse chocheperako chobisika chimachitira magawo a magawo omwe amakhalapo ngati aulere.
Mwachikhazikitso, magawo onse a Shufflecake ali ndi kukula kowoneka ngati gawo lapamwamba. Mwachitsanzo, ngati pali magawo atatu pa chipangizo cha 1 GB, chilichonse chidzawoneka ku dongosolo ngati gawo la 1 GB ndipo malo onse omwe alipo a disk adzagawidwa pakati pa magawo onse - ngati kukula kwa deta yosungidwa kupitirira. kukula kwenikweni kwa chipangizocho, chidzayambitsa cholakwika cha I / O chikuponyedwa.
Magawo okhala ndi zisa omwe sanatseguke satenga nawo gawo pakugawa malo, i.e. kuyesa kudzaza gawo lapamwamba kumapangitsa kuti deta iwonongeke m'magawo omwe ali ndi zisa, koma sizingatheke kuwonetsa kupezeka kwawo kupyolera mu kusanthula kukula kwa deta yomwe ingakhoze kuikidwa mu gawolo kulakwitsa kusanayambe (it. amaganiziridwa kuti magawo apamwamba ali ndi deta yosasinthika kuti asokoneze chidwi ndipo samagwiritsidwa ntchito padera, ndipo ntchito yokhazikika nthawi zonse imachitika ndi gawo laposachedwa kwambiri, chiwembucho chikutanthauza kuti ndikofunikira kwambiri kusunga chinsinsi cha kukhalapo kwa deta kuposa kutaya deta iyi).
M'malo mwake, magawo 15 a Shufflecake amapangidwa nthawi zonse - mawu achinsinsi amamangiriridwa ku magawo omwe amagwiritsidwa ntchito, ndipo magawo omwe sanagwiritsidwe ntchito amaperekedwa ndi mawu achinsinsi opangidwa mwachisawawa (ndizosatheka kumvetsetsa kuti ndi magawo angati omwe amagwiritsidwa ntchito). Magawo a Shufflecake akayambika, disk, partition, kapena chida cha block choperekedwa kuti chiyike chimadzaza ndi data yachisawawa, zomwe zimapangitsa kuti zisazindikire metadata ya Shufflecake ndi deta motsutsana ndi maziko onse.
Kukhazikitsa kwa Shufflecake kuli ndi magwiridwe antchito apamwamba, koma chifukwa cha kukhalapo kwapamwamba, kumakhala pang'onopang'ono kuwirikiza kawiri poyerekeza ndi kubisa kwa disk kutengera dongosolo la LUKS. Kugwiritsa ntchito Shufflecake kumabweretsanso ndalama zowonjezera za RAM ndi disk space posungira deta yautumiki. Kugwiritsa ntchito kukumbukira kumayerekezedwa pa 60 MB pagawo lililonse, ndi disk space pa 1% ya kukula konse. Poyerekeza, njira ya WORAM, yofanana ndi cholinga, imayambitsa kuchepa kwa 5 mpaka nthawi za 200 ndi 75% kutaya malo ogwiritsira ntchito disk.
Zida ndi gawo la kernel zayesedwa pa Debian ndi Ubuntu ndi maso 5.13 ndi 5.15 (zothandizidwa pa Ubuntu 22.04). Zikudziwika kuti polojekitiyi iyenera kuonedwa ngati chitsanzo chogwira ntchito, chomwe sichiyenera kugwiritsidwa ntchito kusunga deta yofunika. M'tsogolomu, tikukonzekera kukonza zina zowonjezera pakuchita, kudalirika ndi chitetezo, komanso kupereka mwayi woyambira kuchokera ku magawo a Shufflecake.
Source: opennet.ru