[Cryptech Tech] Revised keystore API and keystore flash "filesystem"

Peter Stuge peter at stuge.se
Tue Sep 6 21:56:54 UTC 2016

Rob Austein wrote:
> how to make better use of the keystore flash
> We've talked about layering some kind of filesystem on top of the
> flash, whether that filesystem be something that understands flash
> wear leveling (eg, UFFS, YAFFS) or something that doesn't (eg, FATFS).

Wear leveling is important for NAND, but maybe not required for Alpha.

> a filesystem per se may not really be appropriate here in any case:
> what we really want is some kind of record storage
> Peter Gutmann advised us to look at PKCS #15

Looking at it is good, using it not so much. Let's try to do better.

> https://www.micron.com/~/media/documents/products/data-sheet/nor-flash/serial-nor/n25q/n25q_128mb_3v_65nm.pdf

Wear leveling isn't quite as important on NOR.

> So it occurred to me that if we really just need a record store, maybe
> we should just write that.
> not bother with a filesystem per se at all.


> subsector
> chain multiple sub-sectors
> a set of opaque attributes
> an in-memory index
> an in-memory bitvector
> allocated
> examining the flash at boot time
> subsector to start with a few header fields
> type code
> indicating whether this sub-sector is pristine
> distinguish between data under construction and data that was fully written
> index structures
> lookup
> insertion or deletion
> binary search
> hash buckets / balanced trees
> Comments?

..it sounds like you've just invented a file system.

Look at UBI, and maybe also UBIFS, but at least UBI. Granted, UBI
makes the most sense for NAND.


More information about the Tech mailing list