On Tue, Jun 14, 2022 at 1:43 PM Peter Geoghegan <pg@bowt.ie> wrote:
> There is no doubt that it's not worth breaking on-disk compatibility
> just for pg_filedump. The important principle here is that
> high-context page formats are bad, and should be avoided whenever
> possible.
I agree.
> Why isn't it possible to avoid it here? We have all the bits we need
> for it in the page header, and then some. Why should we assume that
> it'll never be useful to apply encryption selectively, perhaps at the
> relation level?
We can have anything we want here, but we can't have everything we
want at the same time. There are irreducible engineering trade-offs
here. If all pages in a given cluster are the same, backends can
compute the values of things that are currently compile-time constants
upon startup and continue to use them for the lifetime of the backend.
If pages can vary, some encrypted or checksummed and others not, then
you have to recompute those values for every page. That's bound to
have some cost. It is also more flexible.
--
Robert Haas
EDB: http://www.enterprisedb.com