Re: Transparent data encryption support as an extension
On Fri, Apr 12, 2019 at 6:34 PM Haribabu Kommi <[hidden email]> wrote:
> Hi Hackers,
> I read many mail discussions in supporting data at rest encryption support in
> I checked the discussions around full instance encryption or tablespace or
> table level encryption. In my observation, all the proposals are trying to modify
> the core code to support encryption.
> I am thinking of an approach of providing tablespace level encryption support
> including WAL using an extension instead of changing the core code by adding
> hooks in xlogwrite and xlogread flows, reorderbuffer flows and also by adding
> smgr plugin routines to support encryption and decryption of other pages.
> Definitely this approach does't work for full instance encryption.
> Any opinions/comments/problems in evaluating the encryption with an extesnion
The discussion of similar proposal might be worth to read. The
proposal was adding hook in BufferSync, although for differential