Moving darkrose to separate repository

2025-08-30 18:25:30 +02:00 · 2025-08-30 18:25:30 +02:00 · aa669c9d0b
commit aa669c9d0b
parent d97c3b0625
3 changed files with 0 additions and 16 deletions
--- a/wirekits/darkrose/README.md
+++ b/wirekits/darkrose/README.md
--- a/wirekits/darkrose/main.cpp
+++ b/wirekits/darkrose/main.cpp
@ -1 +0,0 @@
-
--- a/wirekits/darkrose/plan.txt
+++ b/wirekits/darkrose/plan.txt
@ -1,15 +0,0 @@
-1. SecureFS class
-	1.1. In-memory cache for file-to-block mappings and directory structures
-	1.2. Callbacks for reading/writing blocks (including meta data)
-	1.3. Data loss prevention (every block is backed up as .swap before overwritten)
-	1.4. Block structure: 8B id (0 for fs root), IV, tag, timestamp, enc(next block), enc(data)
-2. Data unlocking
-	2.1. During wirekit_prepare, shell takes commands
-	2.2. "attach <directory>" unlocks a darkrose directory
-	2.3. "finish" actually starts program execution or the rewire shell
-3. Tracee data access
-	3.1. Create new user namespace (rewire process is root in there)
-	3.2. Create new mount namespace in the new user namespace (additive, still has access to system-wide files)
-	3.3. Mount ramfs in the new mount namespace (never swaps)
-	3.4. On open/openat, create plaintext version of file in ramfs and let tracee open it
-	3.5. On close, take plaintext data from ramfs and encrypt it via SecureFS