Actually I'm gonna correct myself there a bit, I'm pretty sure after more
reading that the thing that was too complex to have in dump code was not so
much computing Fletcher4 itself, as updating the actual pool structure and
committing a new txg (but hopefully someone who knows more about it will chime
in here and correct me!). I think that's why ZFS pre-allocates the blocks used
for dump and gives dump a list of LBAs to write to that have all checksumming
and parity turned off -- so dump can just write there without updating any of
the structure elsewhere in the pool.
So if that's true, it does seem plausible that maybe we can have something like
a fixed dump encryption key that we give to the dump subsystem in a similar
manner at the time we activate the dump device, and it has some very minimal
code that does a single mode of encryption (probably unauthenticated?) just for
this. It almost seems like a separate project though.
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
Powered by Topicbox: https://topicbox.com