PEFS Blog

Latest news on the project development

Release 2018.12.29

PEFS release 2018.12.29 fixes build issues in FreeBSD 13-CURRENT; workaround for LazyFPU security bug.

PEFS was negatively affected by LazyFPU remediation changes for a two month period in June – July of 2018. FreeBSD kernel issue was discovered by PEFS team and promptly addressed. Workaround was committed on July 19 before official FreeBSD security advisory publication.

Official FreeBSD security advisory FreeBSD-EN-18:08.lazyfpu.asc was published to address the issue:

As a result of fixing the issue described in SA-18:07.lazyfpu, a regression was introduced. FPU state manipulation did not sufficiently prevent context switches potentially allowing partially modified FPU context to be switched out. Upon returning the thread to a running state, stale FPU context could be reloaded.

Additionally, several build fixes were made earlier this year:

Release 2017.06.20

PEFS release 2017.06.20 adds support for 64-bit ino_t and related changes in 12-CURRENT.

  • Do not keep struct statfs on stack
  • Fix build on 11-STABLE PR 219914

Release 2016.06.11

Latest PEFS release (2016.06.11) includes a number of significant performance and stability improvements. Among them:

  • Shared vnode locking support which greatly improves performance
  • Refactored internal directory cache subsystem with improved performance
  • New configuration option for per file system hash table instead of global one
  • Fixed race condition in kernel FPU context allocation
  • Fixed buffer invalidation for inactive vnodes.

Shared vnode locking made it possible to fully utilize underling file system and “in real life” workloads, while previous PEFS versions did not support concurrent read access to files and directories. Dircache has also been refactored to eliminate lock contention and facilitate concurrent access. FPU races that could have potentially resulted in the cryptographic operations slowdown were fixed in current release. These improvements proved to be most useful in multi-user server environment.

PEFS website launch

Hello everyone,

We are excited to announce an official launch of PEFS website: pefs.io!

PEFS (Private Encrypted File System) is a kernel level stacked cryptographic file system for FreeBSD.

The purpose of the website is to provide our visitors with the most relevant and up-to-date information about PEFS project development, and promote PEFS beyond the open-source community.

In this blog, we are planning to publish the latest news about PEFS as well as our thoughts on secure data storage and cryptography topics.


Feel free to send your feedback to contact@pefs.io.

Thank you,
PEFS team