[Cryptech Tech] Revised keystore API and keystore flash "filesystem"

Rob Austein sra at hactrn.net
Tue Sep 6 21:27:47 UTC 2016

At Tue, 6 Sep 2016 21:56:54 +0000, Peter Stuge wrote:
> ..it sounds like you've just invented a file system.

More like a minimalistic database, which would otherwise be layered on
top of a filesystem.

Well, OK, I skipped over yet another option, which would be SQLite3
directly on raw flash, in theory that can be made to work, there's
even some hand-wavy doc on how one might do it, but it sounds painful
and more complex than we really want to embed on the HSM.

The current proposal is basically C data structures on top of flash.
If the hardware supported it, I'd have them mapped into memory for
direct read-only access (the most common case); since Fredrik tells me
the hardware won't support that, the driver has to do read calls as
well as write calls, oh well.

> Look at UBI, and maybe also UBIFS, but at least UBI. Granted, UBI
> makes the most sense for NAND.

Er, UBI appears to be a Linux kernel driver, not to mention GPL.
Am I missing something?

More information about the Tech mailing list