Date: Thu, 09 Feb 2017 15:51:42 +0100 From: Mark Martinec <Mark.Martinec+freebsd@ijs.si> To: freebsd-stable@freebsd.org Subject: GELI with integrity verification on swap Message-ID: <76025e5011614a74cffeae62394a7cd4@ijs.si>
next in thread | raw e-mail | index | archive | help
After experiencing an unexplained restart on one host (11.0-RELEASE-p7), which could be tied to a problem with a swap device (swap on a dedicated gpt partition), I'm investigating options for adding some checksuming to swap storage. I understand that swap on ZFS is not a way to go, and that a gmirror does not provide any checksuming on data, it seems to me the only option is to use GELI with integrity verification (authentication) enabled (aalgo). Following advice in https://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/swap-encrypting.html I ended up with the following in /etc/fstab (on a different host, same OS): /dev/gpt/sw1.eli none swap sw,sectorsize=4096,aalgo=HMAC/SHA256 0 0 /dev/gpt/sw2.eli none swap sw,sectorsize=4096,aalgo=HMAC/SHA256 0 0 which seems to work fine, but spawns some questions: 1) On the first manual reboot after adding the above options, there was a kernel panic. Subsequent reboot(s) were successful. Is there any known problem with using integrity verification on GELI for swap? 2) During boot the log shows a short flurry of messages like: kernel: GEOM_ELI: Device gpt/sw1.eli created. kernel: GEOM_ELI: Encryption: AES-XTS 128 kernel: GEOM_ELI: Integrity: HMAC/SHA256 kernel: GEOM_ELI: Crypto: software kernel: GEOM_ELI: gpt/sw1.eli: Failed to authenticate 16384 bytes of data at offset 11452985344. kernel: GEOM_ELI: gpt/sw1.eli: Failed to authenticate 4096 bytes of data at offset 11453235200. kernel: GEOM_ELI: gpt/sw1.eli: Failed to authenticate 4096 bytes of data at offset 11453239296. kernel: GEOM_ELI: gpt/sw1.eli: Failed to authenticate 4096 bytes of data at offset 11453239296. kernel: GEOM_ELI: gpt/sw1.eli: Failed to authenticate 4096 bytes of data at offset 11453239296. kernel: GEOM_ELI: gpt/sw1.eli: Failed to authenticate 4096 bytes of data at offset 11453235200. kernel: GEOM_ELI: gpt/sw1.eli: Failed to authenticate 4096 bytes of data at offset 4096. kernel: GEOM_ELI: gpt/sw1.eli: Failed to authenticate 4096 bytes of data at offset 0. kernel: GEOM_ELI: gpt/sw1.eli: Failed to authenticate 4096 bytes of data at offset 11453239296. kernel: GEOM_ELI: gpt/sw1.eli: Failed to authenticate 8192 bytes of data at offset 65536. kernel: GEOM_ELI: gpt/sw1.eli: Failed to authenticate 8192 bytes of data at offset 8192. kernel: GEOM_ELI: gpt/sw1.eli: Failed to authenticate 8192 bytes of data at offset 0. which, according to geli(8) man page, could be normal, as these blocks were never written to beforehand and contain random stuff. As the geli swap device is supposed to be ephemeral (Flags: ONETIME, W-DETACH, AUTH, W-OPEN), there is no way to initialize blocks on a swap device on boot. So, are these messages really safe to be ignored? Which brings us another, perhaps more important question: what business does a kernel has to do READING from a swap device, blocks which never have been written to before by this incarnation of the kernel??? 3) Considering that the underlying device is a 4k sectored device, and that HMAC/SHA256 takes some space (like 11%) on its own, what does it mean that the provider (gpt/sw1.eli) as well as the consumer (gpt/sw1) both show sector size 4096 ? Does that mean that all 4k alignment efforts are wasted when one enables integrity verification on GELI? Geom name: gpt/sw1.eli State: ACTIVE EncryptionAlgorithm: AES-XTS KeyLength: 128 AuthenticationAlgorithm: HMAC/SHA256 Crypto: software Version: 7 Flags: ONETIME, W-DETACH, AUTH, W-OPEN KeysAllocated: 24 KeysTotal: 24 Providers: 1. Name: gpt/sw1.eli Mediasize: 11453243392 (11G) Sectorsize: 4096 Mode: r1w1e0 Consumers: 1. Name: gpt/sw1 Mediasize: 12884901888 (12G) Sectorsize: 512 Stripesize: 4096 Stripeoffset: 0 Mode: r1w1e1 Mark
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?76025e5011614a74cffeae62394a7cd4>