Date: Tue, 14 Jul 2015 16:04:42 -0400 From: "George Neville-Neil" <gnn@freebsd.org> To: "O. Hartmann" <ohartman@zedat.fu-berlin.de> Cc: "Fabian Keil" <freebsd-listen@fabiankeil.de>, freebsd-current@freebsd.org, "Matthew D. Fuller" <fullermd@over-yonder.net>, svn-src-head@freebsd.org Subject: Re: geli AES-XTS provider attachment broken after r285336 (was: svn commit: r285336 - in head/sys: netipsec opencrypto) Message-ID: <79203CB8-850C-4CC7-AFA6-32A2505A7409@freebsd.org> In-Reply-To: <20150711212729.55815877.ohartman@zedat.fu-berlin.de> References: <201507091816.t69IGawf097288@repo.freebsd.org> <20150711044843.GG96394@over-yonder.net> <4308d5d9.790ffd96@fabiankeil.de> <20150711212729.55815877.ohartman@zedat.fu-berlin.de>
next in thread | previous in thread | raw e-mail | index | archive | help
This is an OpenPGP/MIME signed message (RFC 3156 and 4880). --=_MailMate_A97807A3-8631-40DF-A13B-5B359F1DF609_= Content-Type: text/plain On 11 Jul 2015, at 15:27, O. Hartmann wrote: > Am Sat, 11 Jul 2015 19:04:07 +0200 > Fabian Keil <freebsd-listen@fabiankeil.de> schrieb: > >> "Matthew D. Fuller" <fullermd@over-yonder.net> wrote: >> >>> On Thu, Jul 09, 2015 at 06:16:36PM +0000 I heard the voice of >>> George V. Neville-Neil, and lo! it spake thus: >>>> New Revision: 285336 >>>> URL: https://svnweb.freebsd.org/changeset/base/285336 >>>> >>>> Log: >>>> Add support for AES modes to IPSec. These modes work both in software only >>>> mode and with hardware support on systems that have AESNI instructions. >>> >>> With (apparently) this change, I can trigger a panic at will by >>> running >>> >>> % geli onetime -e AES-XTS -d /dev/ada0s1 >> >> Thanks for the heads-up. >> >> As it wasn't obvious to me: the commit broke attachment >> of AES-XTS providers in general. >> >> Reverting it lets my test system boot again. >> >> Fabian > > Running CURRENT on several Intel platforms, using swap.eli on all systems is usual to my > setups. On modern hardware, say >= Intel i7 architectures (with or without AES-NI), I > didn't recognize a panic at all but in one case a core i3 starts swapping dies > immediately. Another box, a dual core XEON Core2 Duo based architecture without AES-NI > fails booting immediately after I see the mounting and initialising of swap.eli. Maybe > this observation is of use. This was addressed by jmg@ in: 285526 Best, George --=_MailMate_A97807A3-8631-40DF-A13B-5B359F1DF609_= Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename=signature.asc Content-Type: application/pgp-signature; name=signature.asc -----BEGIN PGP SIGNATURE----- Comment: GPGTools - http://gpgtools.org iEYEARECAAYFAlWla1oACgkQYdh2wUQKM9L1bgCg4ejUs3wWYCDoSyanxVzNa4nB ulUAn0nxPoYk78U8OaNRV6/xoHFVgyHr =RbDT -----END PGP SIGNATURE----- --=_MailMate_A97807A3-8631-40DF-A13B-5B359F1DF609_=--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?79203CB8-850C-4CC7-AFA6-32A2505A7409>