Subject: Re: enabling cgd by default
To: Alistair Crooks <agc@pkgsrc.org>
From: David Brownlee <abs@NetBSD.org>
List: tech-kern
Date: 08/07/2007 18:06:34
On Tue, 7 Aug 2007, Alistair Crooks wrote:

> On Tue, Aug 07, 2007 at 12:26:44PM +0200, Alan Barrett wrote:
>> None of our GENERIC* or INSTALL* kernels include support for cgd (the
>> encrypted disk driver).  What is the reason for this (e.g. legal
>> concerns, kernel size concerns, software quality concerns, nobody has
>> got around to enabling it yet)?  I have been using cgd for several years
>> with no problems, and the absence of cgd is the biggest reason why I am
>> unable to use a GENERIC_LAPTOP kernel.
>>
>> I would like to add "pseudo-device cgd 4" to all those GENERIC-like
>> and INSTALL-like kernel configurations that don't have tight size
>> constraints.  I propose to use the presence of "pseudo-device raid" as
>> an indicator for the absence of tight size constraints.
>
> In the past, it's been because we don't ship crypto by default,
> just in case it makes it to one of the proscribed countries I
> suppose.
>
> I have other reasons for requiring custom kernels, but I would
> like to see cgd in there by default. I'd also think that raidframe
> in GENERIC_LAPTOP is probably overkill, but I'd also echo Greg's
> remarks - raidframe is actually quite a lean beast, and I do not
> know what I'd do without it. Just not on my lappy.

 	External USB/firewire disks? :)

 	But consider this support for cgd in all non space constrained
 	kernels, and raidframe in as many, (or almost as many if
 	we must :)

-- 
 		David/absolute       -- www.NetBSD.org: No hype required --