I read recently that the v5.0 Linux kernel will incorporate Google's Adiantum storage encryption construction. I think that Adiantum would be a really useful addition to GELI and perhaps ZoF. Anyone else agree with me?
pfSense is a derivative, and this decision is theirs, it's not mandated by FreeBSD. FreeBSD has no control whatsoever over derivative projects. Whatever a derivative project decides to support or not is their prerogative.The next version of pfSense will have a mandatory requirement for AES-NI. This is the first example I can think of for a FreeBSD based system forcing obsolescence of a perfectly usable 64-bit machine architecture (X86_64 non AES-NI).
It should be added to the crypto(9) framework. That way it's not only GELI that could benefit from it.I agree that Adiantum in GELI should be a low priority, particularly compared to modern wifi. GELI already supports more than just AES so without looking at the existing code it might not actually be a big problem to do.
Existing 32-bit CPUs are perfectly capable of performing 64-bit operations, just a bit slowly, and not atomically. The atomicity can be fixed by appropriate locking, which uses some extra CPU cycles. And timestamp operations are so rare that the performance impact (even with locking) is not a big deal. The 32-bit hardware does not prevent Unix from going to a timestamp format that continues to work after 2038. If there is any problem there, it's software, and traditional APIs.'Thins' can be repurposed with FreeBSD for as long as 32-bit is still supported or until 2038 when the 32-bit unsigned integer date rollover occurs.
My server at home is exactly that: a 1 GHz 4-core Atom. I don't use software-based disk encryption on it, but I do use ZFS, which keeps checksums. Performance is adequate for home use; I get at least 50 MByte/s out of my file systems reading or writing, and since my network hardware within the house is only gigabit or WiFi, that's sufficient. Similar to your setup....
but anything with an older intel Atom or a 'mobile' variant of a desktop cpu wont. For these machines, encrypton is an expensive cpu cycle luxury.
Do you happen to have numbers from the Pi of AES versus Adiantum when used in the disk layer?I have a Raspberry Pi 4 (aarch64), and I use it to run a non-exit Tor relay. The project recommends AES-NI, but the SoC on the Pi doesn't have it. Adiantum adds a significant improvement in speed, so it would be nice to have that in FreeBSD.
The RPI forums have a few conversations about Adiantum. It seems it was enabled back in 2021 for RPI OS.Do you happen to have numbers from the Pi of AES versus Adiantum when used in the disk layer?