Date: Sat, 2 Oct 2004 09:36:15 -0400 From: Allan Fields <bsd@afields.ca> To: Stephan Fiebrandt <bsd@kuehlbox.de> Cc: freebsd-geom@freebsd.org Subject: Re: gbde with lesser than 4 keys and different start sectors Message-ID: <20041002133615.GB28121@afields.ca> In-Reply-To: <415DD535.1090902@kuehlbox.de> References: <415DD535.1090902@kuehlbox.de>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, Oct 02, 2004 at 12:07:49AM +0200, Stephan Fiebrandt wrote: > Hello everybody, > > i've read thru the list and found out, that there was a bug till > recently using gbde with lesser than 4 keys. > I started to use bde with a different sector start and 2 keys. > I am about to upgrade now to 5.3BETA6 since the pci solts on my new > mainboard that i spend to my server are not working proper on 5.2.1. > Well.. i ended up now with latest code at "incorrect superblock" when i > try to mount the fs on it. That's due to the recent patch changing sector mapping as phk has described. > Wanted to know what settings are "safe" to use in the future, since i am > testing a 300+ GB storage and its pretty anoying to dump and restore > that :). I agree it's best not to need to dump/restore large devices. However, I wouldn't rule out needing to do so, just in case another serious bug surfaces. I'd say at this point gbde is mature enough to avoid bugs like that absent any major reworking of sector mapping / layout. A thing to do is test and verify the proper operation before deploying which gives a better sense of safety. (Fill up full volume, detach and reattach, reboot, panic, try all the keys, etc.) > I was reading phk's nice doc about GBDE and how it works. But i am still > unsure.. if 2 or 4 keys would make a difference in the question of security. > For now i will stick with 4 keys, since i might boot 5.2.1. It's fine to use the default 4. > Greetz, > Stephan > _____________________________________ > a false sence of security is worse than insecurity -- Allan Fields, AFRSL - http://afields.ca 2D4F 6806 D307 0889 6125 C31D F745 0D72 39B4 5541
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20041002133615.GB28121>