From owner-freebsd-current@FreeBSD.ORG Mon Feb 11 10:52:12 2013 Return-Path: Delivered-To: current@FreeBSD.org Received: from mx1.freebsd.org (mx1.FreeBSD.org [8.8.178.115]) by hub.freebsd.org (Postfix) with ESMTP id CDB0E851; Mon, 11 Feb 2013 10:52:12 +0000 (UTC) (envelope-from freebsd-listen@fabiankeil.de) Received: from smtprelay06.ispgateway.de (smtprelay06.ispgateway.de [80.67.31.104]) by mx1.freebsd.org (Postfix) with ESMTP id 8DB931A61; Mon, 11 Feb 2013 10:52:12 +0000 (UTC) Received: from [87.79.249.155] (helo=fabiankeil.de) by smtprelay06.ispgateway.de with esmtpsa (SSLv3:AES128-SHA:128) (Exim 4.68) (envelope-from ) id 1U4qyD-0002Sx-02; Mon, 11 Feb 2013 11:50:45 +0100 Date: Mon, 11 Feb 2013 11:41:52 +0100 From: Fabian Keil To: Pawel Jakub Dawidek Subject: Re: geli(8) breaks after a couple hours of uptime Message-ID: <20130211114152.7da1d4a6@fabiankeil.de> In-Reply-To: <20130210154449.GI1375@garage.freebsd.pl> References: <20130207180153.GX35868@acme.spoerlein.net> <20130208095709.6ae61cff@fabiankeil.de> <20130208114825.GY35868@acme.spoerlein.net> <5114F390.4010302@FreeBSD.org> <20130209140733.0b753c60@fabiankeil.de> <51166580.4080603@FreeBSD.org> <511672B5.5080300@FreeBSD.org> <20130209233500.GH1375@garage.freebsd.pl> <51175162.3030401@FreeBSD.org> <20130210154449.GI1375@garage.freebsd.pl> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=PGP-SHA1; boundary="Sig_/FJored+Y1cbfkC5.k/EJO3Z"; protocol="application/pgp-signature" X-Df-Sender: Nzc1MDY3 Cc: current@FreeBSD.org X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Feb 2013 10:52:12 -0000 --Sig_/FJored+Y1cbfkC5.k/EJO3Z Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable Pawel Jakub Dawidek wrote: > On Sun, Feb 10, 2013 at 09:50:58AM +0200, Andriy Gapon wrote: =20 > > I think that PAGE_SIZE (or at most a small multiple of it) should be > > sufficient. I don't think that we currently have (or expect to see in > > the near future) algorithms where keys with more than 4096 size > > provide any additional security. >=20 > geli(8) deals just fine with files that are larger than buffers, so even > with smaller buffer it can read the data in few steps. >=20 > The proposed patch is here if someone would like to give it a try: >=20 > http://people.freebsd.org/~pjd/patches/geom_eli.c.patch Works for me, thanks a lot. I tested with a couple of geli providers ranging from v3 AES-CBC 128 bit to v7 AES-XTS 256 bit and didn't get any crashes. Fabian --Sig_/FJored+Y1cbfkC5.k/EJO3Z Content-Type: application/pgp-signature; name=signature.asc Content-Disposition: attachment; filename=signature.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (FreeBSD) iEYEARECAAYFAlEYyvMACgkQBYqIVf93VJ0+5wCfTKTMcizs0Ar6apZ5nD7AHwWZ U+gAn0UD1pRpg8lku8sVVlG4Y3F6uDTr =ONNF -----END PGP SIGNATURE----- --Sig_/FJored+Y1cbfkC5.k/EJO3Z--