Ext4 encryption
Ext4 encryption
Posted Apr 10, 2015 12:50 UTC (Fri) by robbe (guest, #16131)Parent article: Ext4 encryption
Me, I'm staying with dm-crypt. The performance downsides [citation appreciated] of it seem to apply mainly to the hand-held form factor.
Posted Apr 10, 2015 13:41 UTC (Fri)
by cesarb (subscriber, #6266)
[Link] (2 responses)
If your CPU doesn't have AESNI or equivalent, it uses lots of CPU when doing an I/O heavy operation (like a full backup). The performance difference when going from a CPU without AESNI to a CPU with AESNI is noticeable.
AFAIK, that was precisely the problem with Android: a lot of phones didn't have the AESNI equivalent enabled because reasons.
Posted Apr 10, 2015 20:40 UTC (Fri)
by kleptog (subscriber, #1183)
[Link]
Ouch, yes, the difference is huge. At one point we had a server which was going dog-slow, while an apparently identical server next to it had no problems. After much searching it turned out that for some reason on this server the aesni_intel module was not getting loaded. An extra line in /etc/modules and a reboot later everything back to normal.
If the goal of this patch it to make as much of the filesystem usable without invoking any encryption then it explains some of the choices, but it's definitely a feature aimed at embedded processors.
Posted Apr 13, 2015 19:53 UTC (Mon)
by robbe (guest, #16131)
[Link]
Posted Apr 11, 2015 1:39 UTC (Sat)
by mhalcrow (guest, #17371)
[Link]
eCryptfs is a layer that should never have happened without proper stacking support in the MM/VFS.
Ext4 encryption
Ext4 encryption
Ext4 encryption
Ext4 encryption