From: Dale Amon <amon@vnl.com>
To: linux-kernel@vger.kernel.org
Subject: Re: Idea: Encryption plugin architecture for file-systems
Date: Mon, 23 Apr 2001 21:12:38 +0100 [thread overview]
Message-ID: <20010423211237.I26083@vnl.com> (raw)
In-Reply-To: <NFBBIDPOFIIFCBDDFGLEGEMICCAA.nagytam@rerecognition.com> <01042121404701.08246@antares>
In-Reply-To: <01042121404701.08246@antares>; from s-jaschke@t-online.de on Sat, Apr 21, 2001 at 09:40:47PM +0200
Talk about syncronicity... I had just last week asked
about the pro's and con's on this on the crypto list and
have heard nothing at all back. So I'll drop the body
of that message in here:
--
I've got a crypto loopback running directly on a /dev/md0
partition and then the file system on top of that. I'm
interested in what the feelings of others are on the
trade offs of doing it this way.
Is there something to be gained by adding a file system
layer between the /dev/md0 and the loopback file as far
as error recovery is concerned?
Do I actually gain performance (as I am guessing currently
that I do) by eliminating one layer?
It's just a plaything right now, but I'd be interested
in some feedback on the wisdom of it before I actually
use this on something important. So just to reiterated:
fs
fs c. loopback
c. loopback vs fs
raid1 raid1
disk disk disk disk
where fs = ext2 until this evening when I replace it
with reiserfs.
--
And update by saying I've got reiserfs working on top
of it with no problems. But I'm still just that wee
bit nervous about the approach even though it works.
What happens if I get one bad disk sector in a partition?
What is the difference in data loss between encrypting
on the bare partition versus having say, a reiserfs
under you?
(Obviously RAID doesn't save you. It will just merrily
reproduce the bad sector on the mirror disk)
--
------------------------------------------------------
Use Linux: A computer Dale Amon, CEO/MD
is a terrible thing Village Networking Ltd
to waste. Belfast, Northern Ireland
------------------------------------------------------
next prev parent reply other threads:[~2001-04-23 20:11 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2001-04-21 18:52 Idea: Encryption plugin architecture for file-systems Tamas Nagy
2001-04-21 19:10 ` Ian Stirling
2001-04-21 19:11 ` Alistair Riddell
2001-04-21 19:13 ` Bart Trojanowski
2001-04-21 19:21 ` Peter Makholm
2001-04-21 19:37 ` Andi Kleen
2001-04-21 20:26 ` Herbert Valerio Riedel
2001-04-21 22:50 ` Dan Hollis
2001-04-21 22:49 ` Dan Hollis
2001-04-22 9:42 ` Olaf Titz
2001-04-21 19:40 ` Stefan Jaschke
2001-04-23 20:12 ` Dale Amon [this message]
2001-04-24 2:54 ` David L. Nicol
2001-04-24 16:08 ` Dale Amon
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20010423211237.I26083@vnl.com \
--to=amon@vnl.com \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox