Date: Fri, 03 Dec 2010 11:46:55 -0800 From: Xin LI <delphij@delphij.net> To: =?ISO-8859-1?Q?Ulrich_Sp=F6rlein?= <uqs@spoerlein.net>, Xin LI <delphij@FreeBSD.org>, src-committers@FreeBSD.org, svn-src-all@FreeBSD.org, svn-src-head@FreeBSD.org Subject: Re: svn commit: r216147 - head/sbin/geom/class/eli Message-ID: <4CF9492F.8040301@delphij.net> In-Reply-To: <20101203171534.GE3256@acme.spoerlein.net> References: <201012031006.oB3A6J1S070688@svn.freebsd.org> <20101203171534.GE3256@acme.spoerlein.net>
next in thread | previous in thread | raw e-mail | index | archive | help
This is a multi-part message in MIME format. --------------040402050204020709080306 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 8bit -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 12/03/10 09:15, Ulrich Spörlein wrote: > On Fri, 03.12.2010 at 10:06:19 +0000, Xin LI wrote: >> Author: delphij >> Date: Fri Dec 3 10:06:19 2010 >> New Revision: 216147 >> URL: http://svn.freebsd.org/changeset/base/216147 >> >> Log: >> * Recommend a overwrite of whole geli provider before use. >> * Correct a typo while I'm there. >> >> Reviewed by: pjd >> MFC after: 2 weeks >> >> Modified: >> head/sbin/geom/class/eli/geli.8 >> >> Modified: head/sbin/geom/class/eli/geli.8 >> ============================================================================== >> --- head/sbin/geom/class/eli/geli.8 Fri Dec 3 09:26:56 2010 (r216146) >> +++ head/sbin/geom/class/eli/geli.8 Fri Dec 3 10:06:19 2010 (r216147) >> @@ -24,7 +24,7 @@ >> .\" >> .\" $FreeBSD$ >> .\" >> -.Dd October 20, 2010 >> +.Dd December 3, 2010 >> .Dt GELI 8 >> .Os >> .Sh NAME >> @@ -842,7 +842,7 @@ Enter passphrase: >> .Nm >> supports two encryption modes: >> .Nm XTS , >> -which was standarized as >> +which was standardized as >> .Nm IEE P1619 >> and >> .Nm CBC >> @@ -873,6 +873,10 @@ changes with the data he owns without no >> In other words >> .Nm >> will not protect your data against replay attacks. >> +.Pp >> +It is recommended to write the whole provider before the first use, >> +in order to make sure that all sectors and their corresponding >> +checksums are properly initialized into a consistent state. >> .Sh SEE ALSO >> .Xr crypto 4 , >> .Xr gbde 4 , > > I'm not sure this wording is very helpful. Why should there be a > "consistent" state? In fact, if you write all zeros to the partition > before creating the geom, then an attacker pretty much knows how much > data you have written to the provider. I'm not saying this weakens any > security, but I think the current phrasing will confuse the reader. What > needs to be consistent? What does writing to the provider mean? > > Or am I mixing up provider and consumer here? How would you like the attached patch? Cheers, - -- Xin LI <delphij@delphij.net> http://www.delphij.net/ FreeBSD - The Power to Serve! Live free or die -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.16 (FreeBSD) iQEcBAEBCAAGBQJM+UkvAAoJEATO+BI/yjfBP1oIANH6E0mTqQWc8b0WFd61YYTr t2YTiJGyUXa1bt9LnhQr8iasCYKx9AqAHO0sDMjezo94jYfpyW/C0jYD7vj+fuIP m84CWUfbKC079REhvv/j9t+mbcEFiQK3u4I3nG/ArNSbjXZUOvkav3c20rGHtwEy ncwGWwTB/5Z5zIT4hPS4e6hiUSR5afBQu+Ww0CqyK2S3w6cdY/kQyyFH8De4TbnX MBhJw/74Y6mRM0PjsIuISP59ZxV5OelWz/DZmcP6tNXmpv3ExW6TmD4ov9X/9eYS WRNi2ygNpGMKHx/8RqKtDOdQ1R0nz9lKUt3Zg5q8GhGS0Lce4GuoaRr0XWQD19I= =ipPy -----END PGP SIGNATURE----- --------------040402050204020709080306 Content-Type: text/plain; name="geli.8.diff" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="geli.8.diff" Index: geli.8 =================================================================== --- geli.8 (revision 216157) +++ geli.8 (working copy) @@ -24,7 +24,7 @@ .\" .\" $FreeBSD$ .\" -.Dd December 3, 2010 +.Dd December 4, 2010 .Dt GELI 8 .Os .Sh NAME @@ -874,7 +874,15 @@ .Nm will not protect your data against replay attacks. .Pp -It is recommended to write the whole provider before the first use, +The +.Nm +class does not distinguish whether data is written after its creation, +therefore, read from +.Dq uninitialized +area may result in false positives on data corruption. +It is recommended to write the whole provider +.Pq for instance, Pa /dev/ Ns Ao prov Ac Ns .eli +before its first use, ideally with random data, in order to make sure that all sectors and their corresponding checksums are properly initialized into a consistent state. .Sh SEE ALSO --------------040402050204020709080306--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4CF9492F.8040301>