Compared to btrfs it’s claimed to be faster and having working RAID support.
Its unique feature is using a fast device as cache to speed up access to slower, larger disks, I think.
What are the actual differences between native encryption and dmcrypt?
Like: Can it be booted? Does it leak more information about the fs? Is it faster?
Native encryption is when the filesystem driver does the decryption in addition to the regular decoding job. Dmcrypt is where encryption is done by a separate component that’s part of the kernel. Dmcrypt decrypts the raw block device (partition) and creates an unencrypted virtual block device (usually in /dev/mapper/). The filesystem driver then decodes this virtual device to give the final data access. It’s like having a filesystem within a filesystem.
Regular bootloaders like Grub can’t decrypt anything. So the /boot device is usually on a separate unencrypted partition. You need the initramfs to be able to decrypt and decode the partition. That’s not very complicated - most users don’t even need to deal with it.
Dmcrypt is arguably more secure than native encryption, since you won’t know the filesystem type until you decrypt the partition first. On the other hand, native encryption is likely to be faster and more flexible for complex filesystems like ZFS, Btrfs and BCachefs.
Compared to ZFS, it’s a sideways movement except for being in the kernel. ZFS has a lot more enterprise level features and an excellent track record. Its used widely for some pretty big installations, and still can be used by the homelabber quite nicely. Things like fs send and native encryption are big.
Compared to BTRFS, well, it’s definitely an improvement in many areas for a driver that’s in the kernel.
I only read the wiki article and honestly, I can’t tell what makes that different from other “advanced” FSs like BTRFS and ZFS.
Could someone get me up to speed here?
Compared to btrfs it’s claimed to be faster and having working RAID support. Its unique feature is using a fast device as cache to speed up access to slower, larger disks, I think.
Compared to btrfs, it has native encryption too - though it’s said to be unaudited at the moment. Btrfs needs dmcrypt for encryption support.
What are the actual differences between native encryption and dmcrypt? Like: Can it be booted? Does it leak more information about the fs? Is it faster?
Native encryption is when the filesystem driver does the decryption in addition to the regular decoding job. Dmcrypt is where encryption is done by a separate component that’s part of the kernel. Dmcrypt decrypts the raw block device (partition) and creates an unencrypted virtual block device (usually in /dev/mapper/). The filesystem driver then decodes this virtual device to give the final data access. It’s like having a filesystem within a filesystem.
Regular bootloaders like Grub can’t decrypt anything. So the /boot device is usually on a separate unencrypted partition. You need the initramfs to be able to decrypt and decode the partition. That’s not very complicated - most users don’t even need to deal with it.
Dmcrypt is arguably more secure than native encryption, since you won’t know the filesystem type until you decrypt the partition first. On the other hand, native encryption is likely to be faster and more flexible for complex filesystems like ZFS, Btrfs and BCachefs.
Compared to ZFS, it’s a sideways movement except for being in the kernel. ZFS has a lot more enterprise level features and an excellent track record. Its used widely for some pretty big installations, and still can be used by the homelabber quite nicely. Things like
fs sendand native encryption are big.Compared to BTRFS, well, it’s definitely an improvement in many areas for a driver that’s in the kernel.