Re: [HACKERS] WIP: Data at rest encryption - Mailing list pgsql-hackers

From Bruce Momjian
Subject Re: [HACKERS] WIP: Data at rest encryption
Date
Msg-id 20170616000805.GG11450@momjian.us
Whole thread Raw
In response to Re: [HACKERS] WIP: Data at rest encryption  (Andres Freund <andres@anarazel.de>)
Responses Re: [HACKERS] WIP: Data at rest encryption
Re: [HACKERS] WIP: Data at rest encryption
Re: [HACKERS] WIP: Data at rest encryption
List pgsql-hackers
On Thu, Jun 15, 2017 at 04:56:36PM -0700, Andres Freund wrote:
> On 2017-06-15 19:44:43 -0400, Bruce Momjian wrote:
> > Understood, but now you are promoting a feature with an admittedly-poor
> > API, duplication of an OS feature, and perhaps an invasive change to the
> > code.
> 
> *Perhaps* an invasive change to the code?  To me it's pretty evident
> that this'll be a pretty costly feature from that angle. We've quite a
> few places that manipulate on-disk files, and they'll all have to be
> manipulated. Several of those are essentially critical sections, adding
> memory allocations to them wouldn't be good, so we'll need
> pre-allocation APIs.
> 
> I've only skimmed the discussion, but based on that I'm very surprised
> how few concerns about this feature's complexity / maintainability
> impact have been raised.

Yeah, I guess we will just have to wait to see it since other people are
excited about it.  My concern is code complexity and usability
challenges, vs punting the problem to the operating system, though
admittedly there are some cases where that is not possible.

--  Bruce Momjian  <bruce@momjian.us>        http://momjian.us EnterpriseDB
http://enterprisedb.com

+ As you are, so once was I.  As I am, so you will be. +
+                      Ancient Roman grave inscription +



pgsql-hackers by date:

Previous
From: Andres Freund
Date:
Subject: Re: [HACKERS] WIP: Data at rest encryption
Next
From: "Tsunakawa, Takayuki"
Date:
Subject: Re: [HACKERS] Huge pages support on Windows