Newsflash - Linux fscrypt reduces reliability of ext4, but Reliance Nitro is not compromised

Posted by: Thom Denholm

On Linux, the recently introduced fscrypt framework provides new file system encryption options, and this support will be required in future versions of Android. For developers who used the journal to make user data more reliable, fscrypt forces them to abandon that option. Fortunately, Reliance Nitro provides encryption and reliability in one package.

Reliability through data journaling

The default journal mode on ext4 is data=ordered. Data is written to the media, then metadata is committed to the journal.  Many developers concerned with reliability use another option, data=journal. User data is written to the journal prior to being written to the main file system. There is a substantial cost to performance and flash media lifetime (all data and metadata are written twice), but Linux experts agree this is the safest way of writing to the disk with ext4.

New fscrypt framework, and limitations

Recently introduced in Linux and supported on only a few file systems, the fscrypt framework will be the required encryption standard for future versions of Android. This security feature operates at the file system level rather than the block device level. If your design requires the ability to secure some files but not the entire volume, this is the type of encryption support you would likely choose.

Developers who have chosen fscrypt to protect the security of their data will not be able to use data=journal to protect it from corruption. Per the documentation, "the ext4 filesystem does not support data journaling with encrypted regular files. It will fall back to ordered data."

Both through Datalight

Fortunately, Datalight has recently introduced support for fscrypt into our power failsafe file system, Reliance Nitro. In addition to offering both security and reliability, Reliance Nitro also provides better performance and flash lifetime than data=journal ever could. Datalight offers a no-cost evaluation version of Reliance Nitro and our most recent release supports Linux kernel 5.0. Click the link below for even more information and be sure to subscribe to the blog for regular technology updates and information.

Learn more about Reliance Nitro

Comments (0)

Add a Comment

Allowed tags: <b><i><br>Add a new comment: