lofi(7D) compression support [PSARC/2007/569 FastTrack timeout 10/08/2007]
Nicolas Williams
Nicolas.Williams at sun.com
Tue Oct 2 08:50:57 PDT 2007
On Tue, Oct 02, 2007 at 04:47:08PM +0100, Darren J Moffat wrote:
> Nicolas Williams wrote:
> >Since compression is a one-time task for a read-only lofi file, then so
> >should encryption be a one-time task to be done along with (after)
> >compression:
>
> but that isn't how lofi encryption is designed to work, and making it
> work like that completely defeat the whole purpose of why do are doing
> encryption in lofi. It also creates a window where the data is stored
> on disk in the clear - which is exactly what we don't want.
Yes, it doesn't seem worthwhile to support one-time compression +
encryption in lofi.
The crucial thing though is that compressed lofi images are read-only.
> It would
> also mean we couldn't use lofi with encryption to swap on (which we need
> until we get a proper encrypting VM system).
Well, you couldn't compress swap using this case because the compression
step is a one-time step and lofiadm -a of compressed images results in
read-only devices!
Nico
--
More information about the opensolaris-arc
mailing list