From owner-freebsd-geom@FreeBSD.ORG  Sun Jun 16 14:47:27 2013
Return-Path: <owner-freebsd-geom@FreeBSD.ORG>
Delivered-To: freebsd-geom@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 by hub.freebsd.org (Postfix) with ESMTP id 4240D50E
 for <freebsd-geom@freebsd.org>; Sun, 16 Jun 2013 14:47:27 +0000 (UTC)
 (envelope-from a@carniajeu.com)
Received: from mail-qe0-f47.google.com (mail-qe0-f47.google.com
 [209.85.128.47]) by mx1.freebsd.org (Postfix) with ESMTP id 086081B27
 for <freebsd-geom@freebsd.org>; Sun, 16 Jun 2013 14:47:26 +0000 (UTC)
Received: by mail-qe0-f47.google.com with SMTP id 1so1192781qec.6
 for <freebsd-geom@freebsd.org>; Sun, 16 Jun 2013 07:47:20 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=google.com; s=20120113;
 h=mime-version:sender:x-originating-ip:in-reply-to:references:date
 :x-google-sender-auth:message-id:subject:from:cc:content-type
 :x-gm-message-state;
 bh=WRIFD/g62Jde3YCleSYCVAD8Pl4OmXcD5RT6vAZlZYM=;
 b=WE4k3WZPBPeab0yURMYQ0SXW/It97OABnlVFMGXS2oYj2XjDqIXkWc5uAVjPDIZfQ0
 Yu8Ee923by0RwhOP+OPm9QsHvovd5PRBeC6cSPQa9ZKO/EaIU81dnbZ/USd0mTOoFEKs
 FwgGhQGMj/+0/h1SAhxgdUYc5rKz9H21GSUXJ2vv8sWEiX3NRkRwjfKvpCYcFLji0X53
 YnzPUQ7bjDD7b9ed6ApUM+wdWbNbXxy+6ZtmXYN6F/rL2cnK33IPigjEBdg+L8WyCke/
 N/rDPJo/KQeuUjDjt3Z0Of6akm3hZkEnM/GkEXMM+kaMFVz315cAAKwMnGiIQKNim+di
 uGBw==
MIME-Version: 1.0
X-Received: by 10.224.179.77 with SMTP id bp13mr12221033qab.34.1371394039983; 
 Sun, 16 Jun 2013 07:47:19 -0700 (PDT)
Sender: a@carniajeu.com
Received: by 10.49.84.72 with HTTP; Sun, 16 Jun 2013 07:47:19 -0700 (PDT)
X-Originating-IP: [46.53.195.87]
In-Reply-To: <alpine.BSF.2.00.1306091442080.80438@badger.tharned.org>
References: <51B31D42.2010801@gmail.com>
 <20130609182457.GB2468@garage.freebsd.pl>
 <alpine.BSF.2.00.1306091442080.80438@badger.tharned.org>
Date: Sun, 16 Jun 2013 17:47:19 +0300
X-Google-Sender-Auth: X3Yy4DrtRkGqAjQcLfOPp-HB9wc
Message-ID: <CAHsZcQHLNsoKmffWVHn0DTZSjFAHRDwoOZXZ+XaFuh1KRLBH2w@mail.gmail.com>
Subject: Re: geli external header (metadata)
From: Alaksiej <ac@belngo.info>
Cc: freebsd-geom <freebsd-geom@freebsd.org>
Content-Type: text/plain; charset=ISO-8859-1
X-Gm-Message-State: ALoCoQkHVjv1EbCeaRtB8rSJkVVEMMuWOr56vOlh9Y5h7tY054SkolTtCtQRjk0u7yHb1lM65c5h
X-BeenThere: freebsd-geom@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: GEOM-specific discussions and implementations
 <freebsd-geom.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-geom>,
 <mailto:freebsd-geom-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-geom>
List-Post: <mailto:freebsd-geom@freebsd.org>
List-Help: <mailto:freebsd-geom-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-geom>,
 <mailto:freebsd-geom-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 16 Jun 2013 14:47:27 -0000

>I can't speak for Mr Romero, but I imagine what he's after is plausible >deniability.  The GELI metadata on a volume unambiguously declares it to >be encrypted data.

Agree. And I think this feature is in demand, taking into account
growing number of jurisdictions, where a person could be legally
obliged to surrender keys/passwords.

On Sun, Jun 9, 2013 at 10:51 PM, Greg Rivers
<gcr+freebsd-geom@tharned.org> wrote:
> On Sun, 9 Jun 2013, Pawel Jakub Dawidek wrote:
>
>> On Sat, Jun 08, 2013 at 03:02:10PM +0300, Andrew Romero wrote:
>> > Hi all
>> > I made a patch to support of external header (metadata) on GEOM ELI
>> > (geli)
>> > > System: FreeBSD 9-STABLE r250964 i386
>> > > geli patch - http://pastebin.com/UGpnMN19
>> > regresion patch - http://pastebin.com/hJVkTpJZ
>>
>> I don't mean to discourage you, but every additional complexity comes at
>> risk and it case of GELI this is security risk. What is missing in your work
>> is explanation how it that useful for the users? How do you use it? First I
>> need to understand and be convinced that this functionality is generally
>> useful and thus is worth additional complexity and risk.
>>
>
> I can't speak for Mr Romero, but I imagine what he's after is plausible
> deniability.  The GELI metadata on a volume unambiguously declares it to be
> encrypted data.
>
> Properly implemented, I think this could be a worthwhile enhancement for
> certain applications or circumstances where one may not wish to invite
> further scrutiny.
>
> --
> Greg Rivers
>
> _______________________________________________
> freebsd-geom@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-geom
> To unsubscribe, send any mail to "freebsd-geom-unsubscribe@freebsd.org"

From owner-freebsd-geom@FreeBSD.ORG  Mon Jun 17 11:06:44 2013
Return-Path: <owner-freebsd-geom@FreeBSD.ORG>
Delivered-To: freebsd-geom@FreeBSD.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by hub.freebsd.org (Postfix) with ESMTP id BE8921A4
 for <freebsd-geom@FreeBSD.org>; Mon, 17 Jun 2013 11:06:44 +0000 (UTC)
 (envelope-from owner-bugmaster@FreeBSD.org)
Received: from freefall.freebsd.org (freefall.freebsd.org
 [IPv6:2001:1900:2254:206c::16:87])
 by mx1.freebsd.org (Postfix) with ESMTP id A29291C07
 for <freebsd-geom@FreeBSD.org>; Mon, 17 Jun 2013 11:06:44 +0000 (UTC)
Received: from freefall.freebsd.org (localhost [127.0.0.1])
 by freefall.freebsd.org (8.14.7/8.14.7) with ESMTP id r5HB6iQs012713
 for <freebsd-geom@FreeBSD.org>; Mon, 17 Jun 2013 11:06:44 GMT
 (envelope-from owner-bugmaster@FreeBSD.org)
Received: (from gnats@localhost)
 by freefall.freebsd.org (8.14.7/8.14.7/Submit) id r5HB6it1012711
 for freebsd-geom@FreeBSD.org; Mon, 17 Jun 2013 11:06:44 GMT
 (envelope-from owner-bugmaster@FreeBSD.org)
Date: Mon, 17 Jun 2013 11:06:44 GMT
Message-Id: <201306171106.r5HB6it1012711@freefall.freebsd.org>
X-Authentication-Warning: freefall.freebsd.org: gnats set sender to
 owner-bugmaster@FreeBSD.org using -f
From: FreeBSD bugmaster <bugmaster@freebsd.org>
To: freebsd-geom@FreeBSD.org
Subject: Current problem reports assigned to freebsd-geom@FreeBSD.org
X-BeenThere: freebsd-geom@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: GEOM-specific discussions and implementations
 <freebsd-geom.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-geom>,
 <mailto:freebsd-geom-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-geom>
List-Post: <mailto:freebsd-geom@freebsd.org>
List-Help: <mailto:freebsd-geom-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-geom>,
 <mailto:freebsd-geom-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 17 Jun 2013 11:06:44 -0000

Note: to view an individual PR, use:
  http://www.freebsd.org/cgi/query-pr.cgi?pr=(number).

The following is a listing of current problems submitted by FreeBSD users.
These represent problem reports covering all versions including
experimental development code and obsolete releases.


S Tracker      Resp.      Description
--------------------------------------------------------------------------------
o kern/178684  geom       gpart(8) cannot get my GEOM tree
o kern/178359  geom       [geom] [patch] geom_eli: support external metadata
o kern/176744  geom       [geom] [patch] BIO_FLUSH not recorded by devstats
o kern/170038  geom       [geom] geom_mirror always starts degraded after reboot
o kern/169539  geom       [geom] [patch] fix ability to run gmirror on MSI MegaR
a bin/169077   geom       bsdinstall(8) does not use partition labels in /etc/fs
f kern/165745  geom       [geom] geom_multipath page fault on removed drive
o kern/165428  geom       [glabel][patch] Add xfs support to glabel
o kern/164254  geom       [geom] gjournal not stopping on GPT partitions
o kern/164252  geom       [geom] gjournal overflow
o kern/164143  geom       [geom] Partition table not recognized after upgrade R8
a kern/163020  geom       [geli] [patch] enable the Camellia-XTS on GEOM ELI
o kern/162690  geom       [geom] gpart label changes only take effect after a re
o kern/162010  geom       [geli] panic: Provider's error should be set (error=0)
o kern/161979  geom       [geom] glabel doesn't update after newfs, and glabel s
o kern/161752  geom       [geom] glabel(8) doesn't get gpt label change
o bin/161677   geom       gpart(8) Probably bug in gptboot
o kern/160409  geom       [geli] failed to attach provider
f kern/159595  geom       [geom] [panic] panic on gmirror unload in vbox [regres
f kern/159414  geom       [isp] isp(4)+gmultipath(8) : removing active fiber pat
p kern/158398  geom       [headers] [patch] <geom/geom.h> includes <sys/sbuf.h> 
o kern/158197  geom       [geom] geom_cache with size>1000 leads to panics
o kern/157879  geom       [libgeom] [regression] ABI change without version bump
o kern/157863  geom       [geli] kbdmux prevents geli passwords from being enter
o kern/157739  geom       [geom] GPT labels with geom_multipath
o kern/157724  geom       [geom] gpart(8) 'add' command must preserve gap for sc
o kern/157723  geom       [geom] GEOM should not process 'c' (raw) partitions fo
o kern/157108  geom       [gjournal] dumpon(8) fails on gjournal providers
o kern/155994  geom       [geom] Long "Suspend time" when reading large files fr
o kern/154226  geom       [geom] GEOM label does not change when you modify them
o kern/150858  geom       [geom] [geom_label] [patch] glabel(8) is not compatibl
o kern/150626  geom       [geom] [gjournal] gjournal(8) destroys label
o kern/150555  geom       [geom] gjournal unusable on GPT partitions
o kern/150334  geom       [geom] [udf] [patch] geom label does not support UDF
o kern/149762  geom       volume labels with rogue characters
o bin/149215   geom       [panic] [geom_part] gpart(8): Delete linux's slice via
o kern/147667  geom       [gmirror] Booting with one component of a gmirror, the
o kern/145818  geom       [geom] geom_stat_open showing cached information for n
o kern/145042  geom       [geom] System stops booting after printing message "GE
o kern/143455  geom       gstripe(8) in RELENG_8 (31st Jan 2010) broken
o kern/142563  geom       [geom] [hang] ioctl freeze in zpool
o kern/141740  geom       [geom] gjournal(8): g_journal_destroy concurrent error
o kern/140352  geom       [geom] gjournal + glabel not working
o kern/135898  geom       [geom] Severe filesystem corruption - large files or l
o kern/134113  geom       [geli] Problem setting secondary GELI key
o kern/133931  geom       [geli] [request] intentionally wrong password to destr
o bin/132845   geom       [geom] [patch] ggated(8) does not close files opened a
o bin/131415   geom       [geli] keystrokes are unregulary sent to Geli when typ
o kern/131353  geom       [geom] gjournal(8) kernel lock
o kern/129674  geom       [geom] gjournal root did not mount on boot
o kern/129645  geom       gjournal(8): GEOM_JOURNAL causes system to fail to boo
o kern/129245  geom       [geom] gcache is more suitable for suffix based provid
o kern/127420  geom       [geom] [gjournal] [panic] Journal overflow on gmirrore
o kern/124973  geom       [gjournal] [patch] boot order affects geom_journal con
o kern/124969  geom       gvinum(8): gvinum raid5 plex does not detect missing s
o kern/123962  geom       [panic] [gjournal] gjournal (455Gb data, 8Gb journal),
o kern/123122  geom       [geom] GEOM / gjournal kernel lock
o kern/122738  geom       [geom] gmirror list "losts consumers" after gmirror de
o kern/122067  geom       [geom] [panic] Geom crashed during boot
o kern/121364  geom       [gmirror] Removing all providers create a "zombie" mir
o kern/120091  geom       [geom] [geli] [gjournal] geli does not prompt for pass
o kern/115856  geom       [geli] ZFS thought it was degraded when it should have
o kern/115547  geom       [geom] [patch] [request] let GEOM Eli get password fro
o kern/113837  geom       [geom] unable to access 1024 sector size storage
o kern/113419  geom       [geom] geom fox multipathing not failing back
o kern/107707  geom       [geom] [patch] [request] add new class geom_xbox360 to
o kern/94632   geom       [geom] Kernel output resets input while GELI asks for 
o kern/90582   geom       [geom] [panic] Restore cause panic string (ffs_blkfree
o bin/90093    geom       fdisk(8) incapable of altering in-core geometry
o kern/87544   geom       [gbde] mmaping large files on a gbde filesystem deadlo
o bin/86388    geom       [geom] [geom_part] periodic(8) daily should backup gpa
o kern/84556   geom       [geom] [panic] GBDE-encrypted swap causes panic at shu
o kern/79251   geom       [2TB] newfs fails on 2.6TB gbde device
o kern/79035   geom       [vinum] gvinum unable to create a striped set of mirro
o bin/78131    geom       gbde(8) "destroy" not working.

75 problems total.


From owner-freebsd-geom@FreeBSD.ORG  Tue Jun 18 13:30:40 2013
Return-Path: <owner-freebsd-geom@FreeBSD.ORG>
Delivered-To: freebsd-geom@smarthost.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by hub.freebsd.org (Postfix) with ESMTP id 38B4C37E;
 Tue, 18 Jun 2013 13:30:40 +0000 (UTC) (envelope-from ae@FreeBSD.org)
Received: from freefall.freebsd.org (freefall.freebsd.org
 [IPv6:2001:1900:2254:206c::16:87])
 by mx1.freebsd.org (Postfix) with ESMTP id 1358519C3;
 Tue, 18 Jun 2013 13:30:40 +0000 (UTC)
Received: from freefall.freebsd.org (localhost [127.0.0.1])
 by freefall.freebsd.org (8.14.7/8.14.7) with ESMTP id r5IDUdth074013;
 Tue, 18 Jun 2013 13:30:39 GMT (envelope-from ae@freefall.freebsd.org)
Received: (from ae@localhost)
 by freefall.freebsd.org (8.14.7/8.14.7/Submit) id r5IDUdH7074012;
 Tue, 18 Jun 2013 13:30:39 GMT (envelope-from ae)
Date: Tue, 18 Jun 2013 13:30:39 GMT
Message-Id: <201306181330.r5IDUdH7074012@freefall.freebsd.org>
To: ae@FreeBSD.org, freebsd-bugs@FreeBSD.org, freebsd-geom@FreeBSD.org
From: ae@FreeBSD.org
Subject: Re: bin/175943: [PATCH] Add trim capability to gpart(8)
X-BeenThere: freebsd-geom@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: GEOM-specific discussions and implementations
 <freebsd-geom.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-geom>,
 <mailto:freebsd-geom-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-geom>
List-Post: <mailto:freebsd-geom@freebsd.org>
List-Help: <mailto:freebsd-geom-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-geom>,
 <mailto:freebsd-geom-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 18 Jun 2013 13:30:40 -0000

Synopsis: [PATCH] Add trim capability to gpart(8)

Responsible-Changed-From-To: freebsd-bugs->freebsd-geom
Responsible-Changed-By: ae
Responsible-Changed-When: Tue Jun 18 13:29:58 UTC 2013
Responsible-Changed-Why: 
Over to maintainer(s).

http://www.freebsd.org/cgi/query-pr.cgi?pr=175943

From owner-freebsd-geom@FreeBSD.ORG  Tue Jun 18 13:40:50 2013
Return-Path: <owner-freebsd-geom@FreeBSD.ORG>
Delivered-To: freebsd-geom@smarthost.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 by hub.freebsd.org (Postfix) with ESMTP id 860D5A51;
 Tue, 18 Jun 2013 13:40:50 +0000 (UTC) (envelope-from smh@FreeBSD.org)
Received: from freefall.freebsd.org (freefall.freebsd.org
 [IPv6:2001:1900:2254:206c::16:87])
 by mx1.freebsd.org (Postfix) with ESMTP id 5FBA11A5C;
 Tue, 18 Jun 2013 13:40:50 +0000 (UTC)
Received: from freefall.freebsd.org (localhost [127.0.0.1])
 by freefall.freebsd.org (8.14.7/8.14.7) with ESMTP id r5IDeoxq075781;
 Tue, 18 Jun 2013 13:40:50 GMT
 (envelope-from smh@freefall.freebsd.org)
Received: (from smh@localhost)
 by freefall.freebsd.org (8.14.7/8.14.7/Submit) id r5IDeoFC075780;
 Tue, 18 Jun 2013 13:40:50 GMT (envelope-from smh)
Date: Tue, 18 Jun 2013 13:40:50 GMT
Message-Id: <201306181340.r5IDeoFC075780@freefall.freebsd.org>
To: smh@FreeBSD.org, freebsd-geom@FreeBSD.org, smh@FreeBSD.org
From: smh@FreeBSD.org
Subject: Re: bin/175943: [PATCH] Add trim capability to gpart(8)
X-BeenThere: freebsd-geom@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: GEOM-specific discussions and implementations
 <freebsd-geom.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-geom>,
 <mailto:freebsd-geom-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-geom>
List-Post: <mailto:freebsd-geom@freebsd.org>
List-Help: <mailto:freebsd-geom-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-geom>,
 <mailto:freebsd-geom-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 18 Jun 2013 13:40:50 -0000

Synopsis: [PATCH] Add trim capability to gpart(8)

Responsible-Changed-From-To: freebsd-geom->smh
Responsible-Changed-By: smh
Responsible-Changed-When: Tue Jun 18 13:40:50 UTC 2013
Responsible-Changed-Why: 
I'll take it.

http://www.freebsd.org/cgi/query-pr.cgi?pr=175943

From owner-freebsd-geom@FreeBSD.ORG  Tue Jun 18 13:46:24 2013
Return-Path: <owner-freebsd-geom@FreeBSD.ORG>
Delivered-To: freebsd-geom@smarthost.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 by hub.freebsd.org (Postfix) with ESMTP id 6B7DED61;
 Tue, 18 Jun 2013 13:46:24 +0000 (UTC) (envelope-from ae@FreeBSD.org)
Received: from freefall.freebsd.org (freefall.freebsd.org
 [IPv6:2001:1900:2254:206c::16:87])
 by mx1.freebsd.org (Postfix) with ESMTP id 44B551AA4;
 Tue, 18 Jun 2013 13:46:24 +0000 (UTC)
Received: from freefall.freebsd.org (localhost [127.0.0.1])
 by freefall.freebsd.org (8.14.7/8.14.7) with ESMTP id r5IDkOxn075954;
 Tue, 18 Jun 2013 13:46:24 GMT (envelope-from ae@freefall.freebsd.org)
Received: (from ae@localhost)
 by freefall.freebsd.org (8.14.7/8.14.7/Submit) id r5IDkOGt075953;
 Tue, 18 Jun 2013 13:46:24 GMT (envelope-from ae)
Date: Tue, 18 Jun 2013 13:46:24 GMT
Message-Id: <201306181346.r5IDkOGt075953@freefall.freebsd.org>
To: ae@FreeBSD.org, freebsd-fs@FreeBSD.org, freebsd-geom@FreeBSD.org
From: ae@FreeBSD.org
Subject: Re: bin/161807: [patch] add option for explicitly specifying metadata
 version to geli(8)
X-BeenThere: freebsd-geom@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: GEOM-specific discussions and implementations
 <freebsd-geom.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-geom>,
 <mailto:freebsd-geom-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-geom>
List-Post: <mailto:freebsd-geom@freebsd.org>
List-Help: <mailto:freebsd-geom-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-geom>,
 <mailto:freebsd-geom-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 18 Jun 2013 13:46:24 -0000

Synopsis: [patch] add option for explicitly specifying metadata version to geli(8)

Responsible-Changed-From-To: freebsd-fs->freebsd-geom
Responsible-Changed-By: ae
Responsible-Changed-When: Tue Jun 18 13:45:52 UTC 2013
Responsible-Changed-Why: 
Reassign to geom team.

http://www.freebsd.org/cgi/query-pr.cgi?pr=161807

From owner-freebsd-geom@FreeBSD.ORG  Tue Jun 18 13:49:59 2013
Return-Path: <owner-freebsd-geom@FreeBSD.ORG>
Delivered-To: freebsd-geom@smarthost.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by hub.freebsd.org (Postfix) with ESMTP id EEB8C9F;
 Tue, 18 Jun 2013 13:49:59 +0000 (UTC) (envelope-from ae@FreeBSD.org)
Received: from freefall.freebsd.org (freefall.freebsd.org
 [IPv6:2001:1900:2254:206c::16:87])
 by mx1.freebsd.org (Postfix) with ESMTP id C72D71AE4;
 Tue, 18 Jun 2013 13:49:59 +0000 (UTC)
Received: from freefall.freebsd.org (localhost [127.0.0.1])
 by freefall.freebsd.org (8.14.7/8.14.7) with ESMTP id r5IDnxdO076026;
 Tue, 18 Jun 2013 13:49:59 GMT (envelope-from ae@freefall.freebsd.org)
Received: (from ae@localhost)
 by freefall.freebsd.org (8.14.7/8.14.7/Submit) id r5IDnxHs076025;
 Tue, 18 Jun 2013 13:49:59 GMT (envelope-from ae)
Date: Tue, 18 Jun 2013 13:49:59 GMT
Message-Id: <201306181349.r5IDnxHs076025@freefall.freebsd.org>
To: ae@FreeBSD.org, freebsd-bugs@FreeBSD.org, freebsd-geom@FreeBSD.org
From: ae@FreeBSD.org
Subject: Re: bin/154570: [patch] gvinum(8) can't be built as part of the
 kernel, but only as module
X-BeenThere: freebsd-geom@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: GEOM-specific discussions and implementations
 <freebsd-geom.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-geom>,
 <mailto:freebsd-geom-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-geom>
List-Post: <mailto:freebsd-geom@freebsd.org>
List-Help: <mailto:freebsd-geom-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-geom>,
 <mailto:freebsd-geom-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 18 Jun 2013 13:50:00 -0000

Synopsis: [patch] gvinum(8) can't be built as part of the kernel, but only as module

Responsible-Changed-From-To: freebsd-bugs->freebsd-geom
Responsible-Changed-By: ae
Responsible-Changed-When: Tue Jun 18 13:49:27 UTC 2013
Responsible-Changed-Why: 
Over to maintainer(s).

http://www.freebsd.org/cgi/query-pr.cgi?pr=154570

From owner-freebsd-geom@FreeBSD.ORG  Wed Jun 19 07:17:25 2013
Return-Path: <owner-freebsd-geom@FreeBSD.ORG>
Delivered-To: freebsd-geom@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by hub.freebsd.org (Postfix) with ESMTP id DBE46512
 for <freebsd-geom@freebsd.org>; Wed, 19 Jun 2013 07:17:25 +0000 (UTC)
 (envelope-from grarpamp@gmail.com)
Received: from mail-vb0-x232.google.com (mail-vb0-x232.google.com
 [IPv6:2607:f8b0:400c:c02::232])
 by mx1.freebsd.org (Postfix) with ESMTP id A171B1D8E
 for <freebsd-geom@freebsd.org>; Wed, 19 Jun 2013 07:17:25 +0000 (UTC)
Received: by mail-vb0-f50.google.com with SMTP id w16so3514324vbb.9
 for <freebsd-geom@freebsd.org>; Wed, 19 Jun 2013 00:17:25 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=mime-version:date:message-id:subject:from:to:content-type;
 bh=CN5Ah0rZB/UJsIm8pi9vmT6Z2hmcje0lDXWYM3/gYLY=;
 b=XbJodHlNPU2ZzJAscZFSUPJmx30vlF5ReVh52NJ9DlHuMsSll8O2pJznubXqoNV12g
 O+NhzunAjkgQsRqygtwnGy2Rzrb1GllP7ByareSqFf+bPp5a2D2S/28snmVqHXrFFle8
 lT2mNtH0C1tEGsVXEhysGneHbOm54AHKiY0/622BZmMp8JmHx+uEfPI+56rqoPDl44zo
 JL4ZCmAGKwWRKEWPhcKQN8P7d4NI8ZcTpJEAHJk+zwePhBmaoTxoteJgL9hCo2Hbnzzc
 fOxWpMkdBGfOH8pecGUcIj+O6Aj8GkfMT0XbO4xey/NZkiJbMkNbj/YnVc3G6IS3d3VC
 Wl2g==
MIME-Version: 1.0
X-Received: by 10.220.48.73 with SMTP id q9mr220593vcf.36.1371626245052; Wed,
 19 Jun 2013 00:17:25 -0700 (PDT)
Received: by 10.221.16.131 with HTTP; Wed, 19 Jun 2013 00:17:24 -0700 (PDT)
Date: Wed, 19 Jun 2013 03:17:24 -0400
Message-ID: <CAD2Ti2_8pBDz1__kKHhPgAMhP8JfKkh_4HMGMaUspkEjpQ7qOg@mail.gmail.com>
Subject: geli external header (metadata)
From: grarpamp <grarpamp@gmail.com>
To: freebsd-geom@freebsd.org
Content-Type: text/plain; charset=UTF-8
X-BeenThere: freebsd-geom@freebsd.org
X-Mailman-Version: 2.1.14
Precedence: list
List-Id: GEOM-specific discussions and implementations
 <freebsd-geom.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-geom>,
 <mailto:freebsd-geom-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-geom>
List-Post: <mailto:freebsd-geom@freebsd.org>
List-Help: <mailto:freebsd-geom-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-geom>,
 <mailto:freebsd-geom-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 19 Jun 2013 07:17:25 -0000

> I made a patch to support of external header (metadata) on GEOM ELI (geli)
> System: FreeBSD 9-STABLE r250964 i386
> geli patch - http://pastebin.com/UGpnMN19
> regresion patch - http://pastebin.com/hJVkTpJZ

It would be nice to see this option or some similar fix implemented.

It's plausible (perhaps even at to deniability), for someone to have
a disk full of random data if that is part of their disk testing
or wipe for reuse strategy as well as other applications where
random data is used.

But having a sector on that very same random media or system that
screams 'GELI' and matches g_eli.h would seem not a good idea at
all. GELI thereby earns a higher place on the list of cryptos tried
to find brute access, or to examine its implementation closely to
find a weak access. Much better to offer detachment of metadata for
those who prefer it and do not mind use of USB or other means to
store and associate passphrase, keyfile and metadata.

Simple detachment is good, but not an encrypted solution...
In the longer term, incorporating access to metadata after the
passphrase/keyfile entry process (under a new encrypted metadata
scheme) could be better. It would then appear random. And so even
if it was still placed alongside as a separate automatic sector for
the simplest end user model, it would not appear any different. It
may even be a useful option (depending on how the user expects to
use the main data, such as with some app that writes to the whole,
or most of the, extent every time) to have the encrypted metadata
change, such as by including a timestamp at attach/detach/some_kernel_time,
so that, if still alongside, it does not appear to an observer over
time to be a static blob, which could give away info about what the
extent is for.

Whether the data covers an entire device, slice, partition, file
or some other full or partial extent... it just does not seem good
at all to have this unencrypted bit there saying: 'Hello, I'm GELI'.


> I'd much prefer to have this implemented without the need of
> storing metadata outside.

If GELI presents a 1:1 crypt:clear device, there's no way to put
the metadata within those same number of presented sectors, it would
be obliterated. It would have to be outside, or accept all metadata
parameters by the command line, for which a separate metadata
file/sector is easier to manage. Then again, use of 'aalgo' presents
fewer sectors so there is maybe a method there.