[gpfsug-discuss] GPFS, LTFS/EE and data-in-inode?
Jonathan Buzzard
jonathan at buzzard.me.uk
Mon Jul 24 15:57:13 BST 2017
On Mon, 2017-07-24 at 14:45 +0000, James Davis wrote:
> Hey all,
>
> On the documentation of encryption restrictions and encryption/HAWC
> interplay...
>
> The encryption documentation currently states:
>
> "Secure storage uses encryption to make data unreadable to anyone who
> does not possess the necessary encryption keys...Only data, not
> metadata, is encrypted."
>
> The HAWC restrictions include:
>
> "Encrypted data is never stored in the recovery log..."
>
> If this is unclear, I'm open to suggestions for improvements.
>
Just because *DATA* is stored in the metadata does not make it magically
metadata. It's still data so you could quite reasonably conclude that it
is encrypted.
We have now been disabused of this, but the documentation is not clear
and needs clarifying. Perhaps say metadata blocks are not encrypted. Or
just a simple data stored in inodes is not encrypted would suffice.
JAB.
--
Jonathan A. Buzzard Email: jonathan (at) buzzard.me.uk
Fife, United Kingdom.
More information about the gpfsug-discuss
mailing list