FUD about CGD and GBDE
Poul-Henning Kamp
phk at phk.freebsd.dk
Wed Mar 2 11:40:46 GMT 2005
In message <200503011537.j21FbcmA055696 at marlena.vvi.at>, "ALeine" writes:
>1. Introducing a sysctl variable to control how often (after how many writes)
>the random key is regenerated:
>
>kern.geom.bde.random_key_regeneration_cycle
>
>The way it works now would correspond to the value being 1 with
>regeneration happening on every write. Setting this higher would
>improve the performance and people could decide for themselves
>what value fits their needs.
I don't really think you would gain any performance, but I am open
to benchmarks proving me wrong.
>2. Backporting to 4.x - this has more or less come to the point that
>I would rather write the whole thing from scratch, similar to vncrypt
>(ports/security/vncrypt), only implementing the main principles found
>in GBDE.
I wouldn't bother. 4.x is nearing the EOL and you wouldn't get
much useful lifetime out of it. It wouldn't be too much work to
do it however.
--
Poul-Henning Kamp | UNIX since Zilog Zeus 3.20
phk at FreeBSD.ORG | TCP/IP since RFC 956
FreeBSD committer | BSD since 4.3-tahoe
Never attribute to malice what can adequately be explained by incompetence.
More information about the freebsd-hackers
mailing list