170
Bcachefs has been merged into Linux 6.7
(git.kernel.org)
From Wikipedia, the free encyclopedia
Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).
Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.
Community icon by Alpár-Etele Méder, licensed under CC BY 3.0
What are the actual differences between native encryption and dmcrypt? Like: Can it be booted? Does it leak more information about the fs? Is it faster?
Native encryption is when the filesystem driver does the decryption in addition to the regular decoding job. Dmcrypt is where encryption is done by a separate component that's part of the kernel. Dmcrypt decrypts the raw block device (partition) and creates an unencrypted virtual block device (usually in /dev/mapper/). The filesystem driver then decodes this virtual device to give the final data access. It's like having a filesystem within a filesystem.
Regular bootloaders like Grub can't decrypt anything. So the /boot device is usually on a separate unencrypted partition. You need the initramfs to be able to decrypt and decode the partition. That's not very complicated - most users don't even need to deal with it.
Dmcrypt is arguably more secure than native encryption, since you won't know the filesystem type until you decrypt the partition first. On the other hand, native encryption is likely to be faster and more flexible for complex filesystems like ZFS, Btrfs and BCachefs.