From owner-freebsd-geom@FreeBSD.ORG  Tue Mar 15 08:14:53 2005
Return-Path: <owner-freebsd-geom@FreeBSD.ORG>
Delivered-To: freebsd-geom@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id 085F016A4CE; Tue, 15 Mar 2005 08:14:53 +0000 (GMT)
Received: from critter.freebsd.dk (f170.freebsd.dk [212.242.86.170])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id 2580643D1D; Tue, 15 Mar 2005 08:14:52 +0000 (GMT)
	(envelope-from phk@critter.freebsd.dk)
Received: from critter.freebsd.dk (localhost [127.0.0.1])
	by critter.freebsd.dk (8.13.1/8.13.1) with ESMTP id j2F8EohX008782;
	Tue, 15 Mar 2005 09:14:50 +0100 (CET)
	(envelope-from phk@critter.freebsd.dk)
To: Pawel Jakub Dawidek <pjd@freebsd.org>
From: "Poul-Henning Kamp" <phk@phk.freebsd.dk>
In-Reply-To: Your message of "Tue, 15 Mar 2005 09:10:38 +0100."
             <20050315081038.GD9291@darkness.comp.waw.pl> 
Date: Tue, 15 Mar 2005 09:14:50 +0100
Message-ID: <8781.1110874490@critter.freebsd.dk>
Sender: phk@critter.freebsd.dk
cc: freebsd-geom@freebsd.org
Subject: Re: GBDE and write_sector-shutdown-write_keys race. 
X-BeenThere: freebsd-geom@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: GEOM-specific discussions and implementations
	<freebsd-geom.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-geom>,
	<mailto:freebsd-geom-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-geom>
List-Post: <mailto:freebsd-geom@freebsd.org>
List-Help: <mailto:freebsd-geom-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-geom>,
	<mailto:freebsd-geom-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 15 Mar 2005 08:14:53 -0000

In message <20050315081038.GD9291@darkness.comp.waw.pl>, Pawel Jakub Dawidek wr
ites:

>Now, there can be a race like this:
>
>	write sector data
>	               <- power failure here
>	write new sector keys

Guys,  I've said it before and I'll say it again:  My hardware, even
the cheapest of it, is far more reliable than OpenOffice.

I am not going to do anything of the sort which Pawel proposes because
_if_ I wanted to handle this issue, I would do it with journaling which
would also bring a lot of cryptographic benefit.

But again, I'm not even planing on touching this one in the first place.

If you want to write your own disk encryption, by all means go for it.

-- 
Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.