Not sure what cryptfs is, but I have used Matt Blaze's cfs (ciphertext
in some filesystem, plaintext available via nfs loopback).  I had to
patch it in two ways: open readonly when reading (cfs had opened RW
all the time) close cached filehandle periodically.

These changes have to do with two deviations of coda from unix
filesystem semantics:
  a file opened for writing which is _not_ written to and then closed
    unix: no modification occurs
    coda: "Store" provoked on close
  file modified but not yet closed
    unix: other programs see changes before file is closed
    coda: file is not pushed back to server until closed

I don't mean to complain about the second part of coda behavior.  The
changes above address the two problems, and I've been using cfs/coda
ok for a few weeks, but not very heavily.

I think that the first difference - a file getting modified when
opened rw but not written, is arguably a coda bug (even though it's a
cfs bug to do this).  I think this probably could be fixed by having
venus keep a written-to flag, and only storing on close if the flag is
set.  I believe that venus still has to (when connected) obtain a RW
lock on the file, not just R, and it would have to relinquish the RW
lock when done by a means other than Store.  I don't really understand
all the implications here, or if there is some other good reason why
open(RW);close() has to invoke Store and get a new VV etc.  (Actually,
I'm not sure I've tried this recently.)

The reason this is problematic with cfs is that it turns reads into
writes, so that if you read something on two places (including when
disconnected) you get write/write conflicts.

Also, be aware that a simple write into cfs generates multiple coda
operations.  I think some of this could be avoided but have not looked
into it deeply.  Part of it is unavoidable (symlink with the IV), but
some of it looks redundant.


        Greg Troxel <gdt_at_ir.bbn.com>

--- cfs_fh.c.~1~	Wed Mar 20 12:57:56 1996
+++ cfs_fh.c	Mon Nov  8 11:19:22 1999
@@ -543,7 +543,9 @@
 		openfd=NULL;
 	}
 
+#if 0
 	if (mode==0) { mode=CFS_WRITE; }
+#endif
 	/* Phil Karn's hack for R/O file systems */
 	if ((fd=open(f->name,mode,0))<0 && errno == EROFS) {
 		mode = CFS_READ;        /* Force read and try again */


Plus, add closeall() to the grimreaper periodic process, so that if
you write one file with cfs it will get closed eventually.