Home > mailing lists

Re: WIP: Data at rest encryption - Mailing list pgsql-hackers

From	Shawn Wang
Subject	Re: WIP: Data at rest encryption
Date	September 4, 2019 12:23:01
Msg-id	16cfb959a6e.b5dff325147658.4740169799266484976@highgo.ca Whole thread Raw
In response to	Re: WIP: Data at rest encryption (Alvaro Herrera <alvherre@2ndquadrant.com>)
List	pgsql-hackers

Tree view

---- On Wed, 04 Sep 2019 00:56:15 +0800 Alvaro Herrera <alvherre@2ndquadrant.com> wrote ----

On 2019-Aug-02, Shawn Wang wrote:

> Hi Antonin,
> It is very glad to see the new patch. I used the public patches a long time ago.
> I did some tests like the stream replication, much data running, temporary files encryption.
> I found that there is an issue in the src/backend/storage/file/encryption.c. You should put block_size = EVP_CIPHER_CTX_block_size(ctx); under the #ifdef USE_ASSERT_CHECKING.
> There is some problem to merge your patches to the latest kernel in the pg_ctl.c.

Is a new, fixed version going to be posted soon? It's been a while.

Also, apologies if this has been asked before, but: how does this patch
relate to the stuff being discussed in
https://postgr.es/m/031401d3f41d$5c70ed90$1552c8b0$@lab.ntt.co.jp ?

Hi Álvaro,

Thank you for a reply.

I mainly said that the issues in the src/backend/storage/file/encryption.c. If somebody want to use these patches, I think Antonin need to fix it.

It does not relate to the stuff being discussed in TDE. As I know, some company use these patches to encrypt data, even if these issues don't matter.

Regards,

Shawn Wang

pgsql-hackers by date:

From: Andrey Borodin
Date: 04 September 2019, 12:22:20
Subject: Re: pglz performance

From: Sergei Kornilov
Date: 04 September 2019, 12:29:13
Subject: Re: pg_get_databasebyid(oid)

Re: WIP: Data at rest encryption - Mailing list pgsql-hackers

Previous

Next