Date: Wed, 02 Mar 2005 12:40:40 +0100 From: "Poul-Henning Kamp" <phk@phk.freebsd.dk> To: "ALeine" <aleine@austrosearch.net> Cc: hackers@freebsd.org Subject: Re: FUD about CGD and GBDE Message-ID: <69008.1109763640@critter.freebsd.dk> In-Reply-To: Your message of "Tue, 01 Mar 2005 07:37:38 PST." <200503011537.j21FbcmA055696@marlena.vvi.at>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <200503011537.j21FbcmA055696@marlena.vvi.at>, "ALeine" writes: >1. Introducing a sysctl variable to control how often (after how many writes) >the random key is regenerated: > >kern.geom.bde.random_key_regeneration_cycle > >The way it works now would correspond to the value being 1 with >regeneration happening on every write. Setting this higher would >improve the performance and people could decide for themselves >what value fits their needs. I don't really think you would gain any performance, but I am open to benchmarks proving me wrong. >2. Backporting to 4.x - this has more or less come to the point that >I would rather write the whole thing from scratch, similar to vncrypt >(ports/security/vncrypt), only implementing the main principles found >in GBDE. I wouldn't bother. 4.x is nearing the EOL and you wouldn't get much useful lifetime out of it. It wouldn't be too much work to do it however. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?69008.1109763640>