encryption and newer zpool versions

Brian Behlendorf behlendorf1 at llnl.gov
Mon May 23 14:58:31 EDT 2011


I'd love to see encryption on the Linux ZFS road map.

But frankly, it's not up to me.  Oracle has not released any updated ZFS
code with encryption support.  This could be reimplemented outside
Oracle since there are white papers which describe how it was done. 
However, that would obviously be a lot of work.  Getting it exactly
right would also be critical since even small flaws in the
implementation could render the whole thing pointless.

We could consider going down this road once the current port fully
implements all the existing ZFS features.  Until then I suggest you just
layer ZFS on top of Linux dm-crypt block devices.  This works fine and
the encryption implementation is already proven to be quite good.

-- 
Thanks,
Brian 

On Sat, 2011-05-21 at 09:40 -0700, devsk wrote:
> Brian,
> 
> Is there a planned roadmap to bring in newer code from the build 150
> of solaris to support pool version 130 (and 131)?
> 
> pool version 130 brings encryption and I think that's a huge feature
> to have. Personally, I am looking fwd to that.
> 
> Thanks,
> -devsk



More information about the zfs-discuss mailing list