From owner-freebsd-current@freebsd.org Tue Jul 14 20:04:57 2015 Return-Path: Delivered-To: freebsd-current@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id BAE439A1525; Tue, 14 Jul 2015 20:04:57 +0000 (UTC) (envelope-from gnn@freebsd.org) Received: from smtp.hungerhost.com (smtp.hungerhost.com [216.38.53.177]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 904901A8E; Tue, 14 Jul 2015 20:04:57 +0000 (UTC) (envelope-from gnn@freebsd.org) Received: from [50.153.131.146] (port=12939 helo=[172.20.20.20]) by vps.hungerhost.com with esmtpsa (TLSv1:DHE-RSA-AES256-SHA:256) (Exim 4.85) (envelope-from ) id 1ZF6Rg-0003gS-VY; Tue, 14 Jul 2015 16:04:53 -0400 From: "George Neville-Neil" To: "O. Hartmann" Cc: "Fabian Keil" , freebsd-current@freebsd.org, "Matthew D. Fuller" , svn-src-head@freebsd.org Subject: Re: geli AES-XTS provider attachment broken after r285336 (was: svn commit: r285336 - in head/sys: netipsec opencrypto) Date: Tue, 14 Jul 2015 16:04:42 -0400 Message-ID: <79203CB8-850C-4CC7-AFA6-32A2505A7409@freebsd.org> In-Reply-To: <20150711212729.55815877.ohartman@zedat.fu-berlin.de> References: <201507091816.t69IGawf097288@repo.freebsd.org> <20150711044843.GG96394@over-yonder.net> <4308d5d9.790ffd96@fabiankeil.de> <20150711212729.55815877.ohartman@zedat.fu-berlin.de> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=_MailMate_A97807A3-8631-40DF-A13B-5B359F1DF609_="; micalg=pgp-sha1; protocol="application/pgp-signature" X-Mailer: MailMate (1.9.2r5107) X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - vps.hungerhost.com X-AntiAbuse: Original Domain - freebsd.org X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - freebsd.org X-Get-Message-Sender-Via: vps.hungerhost.com: authenticated_id: gnn@neville-neil.com X-Source: X-Source-Args: X-Source-Dir: X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 14 Jul 2015 20:04:57 -0000 This is an OpenPGP/MIME signed message (RFC 3156 and 4880). --=_MailMate_A97807A3-8631-40DF-A13B-5B359F1DF609_= Content-Type: text/plain On 11 Jul 2015, at 15:27, O. Hartmann wrote: > Am Sat, 11 Jul 2015 19:04:07 +0200 > Fabian Keil schrieb: > >> "Matthew D. Fuller" wrote: >> >>> On Thu, Jul 09, 2015 at 06:16:36PM +0000 I heard the voice of >>> George V. Neville-Neil, and lo! it spake thus: >>>> New Revision: 285336 >>>> URL: https://svnweb.freebsd.org/changeset/base/285336 >>>> >>>> Log: >>>> Add support for AES modes to IPSec. These modes work both in software only >>>> mode and with hardware support on systems that have AESNI instructions. >>> >>> With (apparently) this change, I can trigger a panic at will by >>> running >>> >>> % geli onetime -e AES-XTS -d /dev/ada0s1 >> >> Thanks for the heads-up. >> >> As it wasn't obvious to me: the commit broke attachment >> of AES-XTS providers in general. >> >> Reverting it lets my test system boot again. >> >> Fabian > > Running CURRENT on several Intel platforms, using swap.eli on all systems is usual to my > setups. On modern hardware, say >= Intel i7 architectures (with or without AES-NI), I > didn't recognize a panic at all but in one case a core i3 starts swapping dies > immediately. Another box, a dual core XEON Core2 Duo based architecture without AES-NI > fails booting immediately after I see the mounting and initialising of swap.eli. Maybe > this observation is of use. This was addressed by jmg@ in: 285526 Best, George --=_MailMate_A97807A3-8631-40DF-A13B-5B359F1DF609_= Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename=signature.asc Content-Type: application/pgp-signature; name=signature.asc -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org iEYEARECAAYFAlWla1oACgkQYdh2wUQKM9L1bgCg4ejUs3wWYCDoSyanxVzNa4nB ulUAn0nxPoYk78U8OaNRV6/xoHFVgyHr =RbDT -----END PGP SIGNATURE----- --=_MailMate_A97807A3-8631-40DF-A13B-5B359F1DF609_=--