Actually I'm gonna correct myself there a bit, I'm pretty sure after more reading that the thing that was too complex to have in dump code was not so much computing Fletcher4 itself, as updating the actual pool structure and committing a new txg (but hopefully someone who knows more about it will chime in here and correct me!). I think that's why ZFS pre-allocates the blocks used for dump and gives dump a list of LBAs to write to that have all checksumming and parity turned off -- so dump can just write there without updating any of the structure elsewhere in the pool.
So if that's true, it does seem plausible that maybe we can have something like a fixed dump encryption key that we give to the dump subsystem in a similar manner at the time we activate the dump device, and it has some very minimal code that does a single mode of encryption (probably unauthenticated?) just for this. It almost seems like a separate project though. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/openzfs/openzfs/pull/124#issuecomment-321308336 ------------------------------------------ openzfs-developer Archives: https://openzfs.topicbox.com/groups/developer/discussions/T1625245905c55186-M8888ba46b9174e31611d54d3 Powered by Topicbox: https://topicbox.com
