Darren J Moffat
2007-Aug-02 15:50 UTC
[zfs-crypto-discuss] When does blkptr_t->blk_birth get filled in ? (IV generation for crypto)
I''ve been hoping to use elements of the blkptr_t as the initalisation vector (IV) for the AES crypto algorithms - specifically the offset and blk_birth. When do these get filled in ? I was expecting them to be filled in by the time we reached the ZIO_WRITE_ENCRYPT_STAGE (after compression but before checksum), but it appears that only blk_props is filled in at this point. So maybe I should be looking at io_txg instead. I need an IV that is guaranteed unique over the life time of the pool that is also unique per encryption key (which for phase 1 of zfs-crypto means unique per dataset). Since there could be multiple blocks being encrypted for the same dataset in a given transaction group (highly likely in fact) the txg alone is not enough. -- Darren J Moffat
George Wilson
2007-Aug-02 16:12 UTC
[zfs-crypto-discuss] [zfs-code] When does blkptr_t->blk_birth get filled in ? (IV generation for crypto)
Darren J Moffat wrote:> I''ve been hoping to use elements of the blkptr_t as the initalisation > vector (IV) for the AES crypto algorithms - specifically the offset and > blk_birth. When do these get filled in ?This happens during the allocate phase of the pipeline (either zio_dva_allocate or zio_write_allocate_gang_members). The value will be set to whatever zio->io_txg holds.> > I was expecting them to be filled in by the time we reached the > ZIO_WRITE_ENCRYPT_STAGE (after compression but before checksum), but it > appears that only blk_props is filled in at this point. > > So maybe I should be looking at io_txg instead.Should work.> > I need an IV that is guaranteed unique over the life time of the pool > that is also unique per encryption key (which for phase 1 of zfs-crypto > means unique per dataset). Since there could be multiple blocks being > encrypted for the same dataset in a given transaction group (highly > likely in fact) the txg alone is not enough. >
Darren J Moffat
2007-Aug-03 09:14 UTC
[zfs-crypto-discuss] [zfs-code] When does blkptr_t->blk_birth get filled in ? (IV generation for crypto)
George Wilson wrote:> > Darren J Moffat wrote: >> I''ve been hoping to use elements of the blkptr_t as the initalisation >> vector (IV) for the AES crypto algorithms - specifically the offset and >> blk_birth. When do these get filled in ? > > This happens during the allocate phase of the pipeline (either > zio_dva_allocate or zio_write_allocate_gang_members). The value will be > set to whatever zio->io_txg holds.Are there any possible cases where the blk_birth will not be io_txg once it is written out to disk ? -- Darren J Moffat
George Wilson
2007-Aug-03 15:17 UTC
[zfs-crypto-discuss] [zfs-code] When does blkptr_t->blk_birth get filled in ? (IV generation for crypto)
Darren, I believe the exception would be zil blocks. Thanks, George Darren J Moffat wrote:> George Wilson wrote: >> >> Darren J Moffat wrote: >>> I''ve been hoping to use elements of the blkptr_t as the initalisation >>> vector (IV) for the AES crypto algorithms - specifically the offset >>> and blk_birth. When do these get filled in ? >> >> This happens during the allocate phase of the pipeline (either >> zio_dva_allocate or zio_write_allocate_gang_members). The value will >> be set to whatever zio->io_txg holds. > > Are there any possible cases where the blk_birth will not be io_txg once > it is written out to disk ? >