From owner-freebsd-current@FreeBSD.ORG  Sun Jul 27 13:32:52 2003
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Delivered-To: freebsd-current@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 0B42237B401
	for <freebsd-current@freebsd.org>;
	Sun, 27 Jul 2003 13:32:52 -0700 (PDT)
Received: from phk.freebsd.dk (phk.freebsd.dk [212.242.86.175])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 0D73243FA3
	for <freebsd-current@freebsd.org>;
	Sun, 27 Jul 2003 13:32:51 -0700 (PDT)
	(envelope-from phk@phk.freebsd.dk)
Received: from critter.freebsd.dk (critter.freebsd.dk [212.242.86.163])
	by phk.freebsd.dk (8.12.8/8.12.8) with ESMTP id h6RKWnV3030848;
	Sun, 27 Jul 2003 20:32:49 GMT
	(envelope-from phk@phk.freebsd.dk)
Received: from critter.freebsd.dk (localhost [127.0.0.1])
	by critter.freebsd.dk (8.12.9/8.12.9) with ESMTP id h6RKWm5H066006;
	Sun, 27 Jul 2003 22:32:49 +0200 (CEST)
	(envelope-from phk@phk.freebsd.dk)
To: John Stockdale <jstockdale@stanford.edu>
From: "Poul-Henning Kamp" <phk@phk.freebsd.dk>
In-Reply-To: Your message of "Sun, 27 Jul 2003 17:56:23 +1200."
             <0D8BEE11-BFF7-11D7-B8B6-000393A6EB58@stanford.edu> 
Date: Sun, 27 Jul 2003 22:32:48 +0200
Message-ID: <66005.1059337968@critter.freebsd.dk>
cc: freebsd-current@freebsd.org
Subject: Re: Feasibility/Practicality of using GBDE to facilitate encrypted
	swap, md, /tmp, filesystems 
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
	<freebsd-current.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 27 Jul 2003 20:32:52 -0000

In message <0D8BEE11-BFF7-11D7-B8B6-000393A6EB58@stanford.edu>, John Stockdale 
writes:
>Hopefully PHK has a chance to look this one over, but if anyone else 
>has any thoughts I'll take any opinions I can get. ;)

I have a number of operations I plan to add to the gbde tool, but
some of them has be a bit worried about their foot-shooting potential
so I'm still thinking about them, and rather than go over the program
twice, I'm holding on to the easy ones until I'm ready to do them
all.

The one operation which is a no-brainer so to speak is the "one
time attach" where the gbde device is init'ed and attached but the
master key and lock sector is never written to the device.  This
is the mode you want to use for paging devices.

-- 
Poul-Henning Kamp       | UNIX since Zilog Zeus 3.20
phk@FreeBSD.ORG         | TCP/IP since RFC 956
FreeBSD committer       | BSD since 4.3-tahoe    
Never attribute to malice what can adequately be explained by incompetence.