On Thu, Oct 7, 2021 at 02:44:43PM -0400, Robert Haas wrote: > > I think this whole discussion is about whether we need full page images > > for hint bit changes. I think we do if we use the LSN for the nonce (in > > the old patch), and probably need it for hint bit changes when using > > block cipher modes (XTS) if we feel basebackup could read only part of a > > 16-byte page change. > > I think all the encryption modes that we're still considering have the > (very desirable) property that changing a single bit of the > unencrypted page perturbs the entire output. But that just means that
Well, XTS perturbs the 16-byte block, while CBC changes the rest of the page. > encrypted clusters will have to run in the same mode as clusters with > checksums, or clusters with wal_log_hints=on, features which the > community has already accepted as having reasonable overhead. I have > in the past expressed skepticism about whether that overhead is really > small enough to be considered acceptable, but if I recall correctly, > the test results posted to the list suggest that you need a working > set just a little bit large than shared_buffers to make it really > sting. And that's not a super-common thing to do. Anyway, if people > aren't screaming about the overhead of that system now, they're not > likely to complain about applying it to some new situation either. Yes, agreed, good conclusions. -- Bruce Momjian <br...@momjian.us> https://momjian.us EDB https://enterprisedb.com If only the physical world exists, free will is an illusion.
