From owner-freebsd-geom@FreeBSD.ORG Sun Aug 21 02:43:13 2011 Return-Path: Delivered-To: freebsd-geom@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 699961065746 for ; Sun, 21 Aug 2011 02:43:13 +0000 (UTC) (envelope-from leonleon77@gmail.com) Received: from mail-iy0-f172.google.com (mail-iy0-f172.google.com [209.85.210.172]) by mx1.freebsd.org (Postfix) with ESMTP id 3B8A88FC0C for ; Sun, 21 Aug 2011 02:43:12 +0000 (UTC) Received: by iye7 with SMTP id 7so15387732iye.17 for ; Sat, 20 Aug 2011 19:43:12 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type; bh=Z70Lz7bMivxJa2p5J3eXruUaHoR0SLlTpbmP6fGUxcQ=; b=JIzH5i/1gONbR+K4N6Ia51j0HCUOGqtpNI2jjLZfNNS0qeb1AsB59PW6PGvqRDH5Cm REueaQOGjPynC7wKNocw/zzJms6RLl6StMt3AlCg+ZoH7GRQ5Hu1QWZz5UbKLIgeyozZ 7cub2VUtmvlaWnIbNYY+zFVyLf+HyveUPvAKY= MIME-Version: 1.0 Received: by 10.42.29.193 with SMTP id s1mr981322icc.439.1313893033244; Sat, 20 Aug 2011 19:17:13 -0700 (PDT) Received: by 10.231.154.148 with HTTP; Sat, 20 Aug 2011 19:17:13 -0700 (PDT) Date: Sun, 21 Aug 2011 12:17:13 +1000 Message-ID: From: leon zadorin To: freebsd-geom@freebsd.org Content-Type: text/plain; charset=ISO-8859-1 Subject: potential problem with gpart, glabel and geli when using "ask for a passphrase on boot" option X-BeenThere: freebsd-geom@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: GEOM-specific discussions and implementations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 21 Aug 2011 02:43:13 -0000 Hello everyone, There appears to be a problem with how geli geom module treats "ask for a passphrase on boot" option when the system is booting (or I probably don't know the right way of doing this...) on 8.2-release branch. Essentially, I have a disk, for illustration purposes let's call it "/dev/aaa", which is first labeled permanently (with glabel) as let's say "/dev/label/ccc" and then setup with gpart to use gpt partition scheme. So far so good... I then initialize one of the gpt partitions (/dev/label/cccp2) to be used by a geli encryption module with "ask for a passphrase on boot" option... something like this: geli init -b -v -a hmac/sha256 -B none /dev/label/cccp2 the problem is that when the system boots, it asks for a passphrase on *multiple* devices/partitions: /dev/aaap2 /dev/gpt/bbb (where bbb is guid of the gpt partition in question) /dev/label/cccp2 Clearly -- since I had applied the 'geli init -b' to /dev/label/cccp2 only, it would be ideal if geli was asking for the passphrase only for 1 device/partition: /dev/label/cccp2 It would appear however that geli might be using some sort of value/data written to a partition to indicate that it may need to ask for passphrase on boot (?), and since each of /dev/aaap2, /dev/gpt/bbb, /dev/label/cccp2 are synonymous w.r.t. such a data -- it decides to ask for passphrase everytime a given "/dev/...." entry gets attached? Any way around this? Am I doing something wrong here? Or is there some way in 'loader.conf' to tell geli geom provider to ignore certain "/dev/..." entries? Best regards Leon. From owner-freebsd-geom@FreeBSD.ORG Mon Aug 22 11:07:02 2011 Return-Path: Delivered-To: freebsd-geom@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 0584A1065687 for ; Mon, 22 Aug 2011 11:07:02 +0000 (UTC) (envelope-from owner-bugmaster@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id E80478FC18 for ; Mon, 22 Aug 2011 11:07:01 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.4/8.14.4) with ESMTP id p7MB71Pq097135 for ; Mon, 22 Aug 2011 11:07:01 GMT (envelope-from owner-bugmaster@FreeBSD.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.4/8.14.4/Submit) id p7MB710u097133 for freebsd-geom@FreeBSD.org; Mon, 22 Aug 2011 11:07:01 GMT (envelope-from owner-bugmaster@FreeBSD.org) Date: Mon, 22 Aug 2011 11:07:01 GMT Message-Id: <201108221107.p7MB710u097133@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: gnats set sender to owner-bugmaster@FreeBSD.org using -f From: FreeBSD bugmaster To: freebsd-geom@FreeBSD.org Cc: Subject: Current problem reports assigned to freebsd-geom@FreeBSD.org X-BeenThere: freebsd-geom@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: GEOM-specific discussions and implementations List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 22 Aug 2011 11:07:02 -0000 Note: to view an individual PR, use: http://www.freebsd.org/cgi/query-pr.cgi?pr=(number). The following is a listing of current problems submitted by FreeBSD users. These represent problem reports covering all versions including experimental development code and obsolete releases. S Tracker Resp. Description -------------------------------------------------------------------------------- o kern/159595 geom [geom] [panic] panic on gmirror unload in vbox [regres o kern/159091 geom [geom] GEOM fails to scan nested partitions to create p kern/158398 geom [headers] [patch] includes o kern/158197 geom [geom] geom_cache with size>1000 leads to panics o kern/157879 geom [libgeom] ABI change without version bump in 8.2 o kern/157863 geom [geli] kbdmux prevents geli passwords from being enter o kern/157739 geom [geom] GPT labels with geom_multipath o kern/157724 geom [geom] gpart(8) 'add' command must preserve gap for sc o kern/157723 geom [geom] GEOM should not process 'c' (raw) partitions fo o kern/157108 geom [gjournal] dumpon(8) fails on gjournal providers o kern/155994 geom [geom] Long "Suspend time" when reading large files fr o kern/154226 geom [geom] GEOM label does not change when you modify them o kern/150858 geom [geom] [geom_label] [patch] glabel(8) is not compatibl o kern/150626 geom [geom] [gjournal] gjournal(8) destroys label o kern/150555 geom [geom] gjournal unusable on GPT partitions o kern/150334 geom [geom] [udf] [patch] geom label does not support UDF o kern/149762 geom volume labels with rogue characters o bin/149215 geom [panic] [geom_part] gpart(8): Delete linux's slice via o kern/147667 geom [gmirror] Booting with one component of a gmirror, the o kern/145818 geom [geom] geom_stat_open showing cached information for n o kern/145042 geom [geom] System stops booting after printing message "GE o kern/144905 geom [geom][geom_part] panic in gpart_ctlreq when unpluggin o kern/143455 geom gstripe(8) in RELENG_8 (31st Jan 2010) broken o kern/142563 geom [geom] [hang] ioctl freeze in zpool o kern/141740 geom [geom] gjournal(8): g_journal_destroy concurrent error o kern/140352 geom [geom] gjournal + glabel not working o kern/135898 geom [geom] Severe filesystem corruption - large files or l o kern/134922 geom [gmirror] [panic] kernel panic when use fdisk on disk o kern/134113 geom [geli] Problem setting secondary GELI key o kern/133931 geom [geli] [request] intentionally wrong password to destr o bin/132845 geom [geom] [patch] ggated(8) does not close files opened a o bin/131415 geom [geli] keystrokes are unregulary sent to Geli when typ o kern/131353 geom [geom] gjournal(8) kernel lock o kern/129674 geom [geom] gjournal root did not mount on boot o kern/129645 geom gjournal(8): GEOM_JOURNAL causes system to fail to boo o kern/129245 geom [geom] gcache is more suitable for suffix based provid f kern/128276 geom [gmirror] machine lock up when gmirror module is used o kern/127420 geom [geom] [gjournal] [panic] Journal overflow on gmirrore o kern/124973 geom [gjournal] [patch] boot order affects geom_journal con o kern/124969 geom gvinum(8): gvinum raid5 plex does not detect missing s o kern/123962 geom [panic] [gjournal] gjournal (455Gb data, 8Gb journal), o kern/123122 geom [geom] GEOM / gjournal kernel lock o kern/122738 geom [geom] gmirror list "losts consumers" after gmirror de o kern/122067 geom [geom] [panic] Geom crashed during boot o kern/121364 geom [gmirror] Removing all providers create a "zombie" mir o kern/120091 geom [geom] [geli] [gjournal] geli does not prompt for pass o kern/115856 geom [geli] ZFS thought it was degraded when it should have o kern/115547 geom [geom] [patch] [request] let GEOM Eli get password fro o kern/114532 geom [geom] GEOM_MIRROR shows up in kldstat even if compile f kern/113957 geom [gmirror] gmirror is intermittently reporting a degrad o kern/113837 geom [geom] unable to access 1024 sector size storage o kern/113419 geom [geom] geom fox multipathing not failing back o kern/107707 geom [geom] [patch] [request] add new class geom_xbox360 to o kern/94632 geom [geom] Kernel output resets input while GELI asks for o kern/90582 geom [geom] [panic] Restore cause panic string (ffs_blkfree o bin/90093 geom fdisk(8) incapable of altering in-core geometry o kern/87544 geom [gbde] mmaping large files on a gbde filesystem deadlo o bin/86388 geom [geom] [geom_part] periodic(8) daily should backup gpa o kern/84556 geom [geom] [panic] GBDE-encrypted swap causes panic at shu o kern/79251 geom [2TB] newfs fails on 2.6TB gbde device o kern/79035 geom [vinum] gvinum unable to create a striped set of mirro o bin/78131 geom gbde(8) "destroy" not working. 62 problems total.