-------- Original Message -------- Subject: Re: [Fwd: Re: Restarting PSARC/2007/001 lofi(7d) crypto support] Date: Thu, 03 Jan 2008 15:38:05 -0500 (EST) From: Alok Aggarwal <[email protected]> To: Dina <dina.nimeh at sun.com> CC: Darren J Moffat <Darren.Moffat at Sun.COM> References: <476BB401.6010508 at Sun.COM> <476BED32.4020002 at sun.com>
On Fri, 21 Dec 2007, Dina wrote: > Seems I'm not getting any opensolaris loficc emails, will fix later. > Very irritating.... > > > Alok, > > Let me take care of your question in the immediate, I will followup > on opensolaris later. > > The two features are mutually exclusive, unless I misunderstand your > word "interaction", there is none. The user determines on the command > line what he will be doing -C/-U for compression, and a bunch of other > command line flags for encryption -c/-k/-T/-e. At command line parse > time, there is one level of weeding out when creating the lofi. > > The other level of checking became necessary when we committed to > adding the metadata section for encryption. For example, when the > lofi image is mapped, then the first block needs to be read to see > what's in those first bytes ... which I think you were calling the > file signature. Based on what's there, the code needs to determine > if it's compressed or encrypted and then branch off to do the right > thing depending on what's found in those first few bytes. And there > is also some distinction that happens in the strategy function. The code also needs to prevent encryption of a file compressed with lofi and vice versa. We want to prevent this because, like you point out, the two features are mutually exclusive and they add their own headers. The fact that the two features are disjoint and encryption and compression can't be in play at the same time needs to be mentioned in the ARC case. > (So as of this moment, I'm still in merge-surgery ;) to get it all > right. I try to spend as little time debugging as I can, so some > things take me a bit longer on the front end.) > > For the other questions of yours, yep, "Options" instead of the old > self-centered "Encrypted" is in there, and based on the comment about > breaking existing scripts, the order is being changed so it's added > after, not before. Thanks for that one. The man pages need to be updated as well to reflect the change. > > Alok, does that answer the questions for you? Have any others? Not at the moment. > I'll post this on the discussion site too, just swamped for now. That would be good. Alok -- Darren J Moffat
