Page MenuHomeFreeBSD

geli init with multiple providers - fix init and fix -B "none"
ClosedPublic

Authored by woodsb02 on Sep 9 2018, 4:14 PM.
Tags
None
Referenced Files
F133253803: D17096.id47859.diff
Fri, Oct 24, 8:57 AM
Unknown Object (File)
Mon, Oct 20, 11:18 AM
Unknown Object (File)
Mon, Oct 20, 11:18 AM
Unknown Object (File)
Mon, Oct 20, 11:18 AM
Unknown Object (File)
Mon, Oct 20, 11:18 AM
Unknown Object (File)
Sun, Oct 19, 8:50 PM
Unknown Object (File)
Sun, Oct 19, 8:50 PM
Unknown Object (File)
Sun, Oct 19, 3:42 AM
Subscribers

Details

Summary

geli init with multiple providers - fix init and fix -B "none"

Apply some fixes post rS336659, which allowed multiple provders to be
initialized in a single command.

  • Fix issue where second and subsequent providers would fail init. This was due to the metadata struct being zeroed after the first provider init was completed, despite containing common data required for subsequent providers.
  • Fix issue where -B "none" would still result in the metadata being backed-up if multiple providers had been specified. This was due to the backupfile of "none" being incorrectly made unique for each provider by appending "-<prov>".
Test Plan

Tested using md(4) memory disks to confirm multiple providers can be initialized
in a single command using the same passphrase:

mdconfig -s 1m -u 0
mdconfig -s 1m -u 1
geli init -v -B none md0 md1   # set password to "test"
geli attach -v md0 md1         # enter password "test"
geli status
geli detach md0 md1
ls -lah /var/backups/md*
mdconfig -d -u 0
mdconfig -d -u 1

Expected output:

Enter new passphrase:
Reenter new passphrase:
Calculating number of iterations...
Done, using 2071395 iterations.
Metadata value stored on md0.
Metadata value stored on md1.
Done.

Enter passphrase:
Attached to md0.
Attached to md1.
Done.

      Name  Status  Components
   md0.eli  ACTIVE  md0
   md1.eli  ACTIVE  md1

ls: /var/backups/md3*: No such file or directory

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

These issues were found whilst preparing some Kyua tests for the new geli functionality.

asomers added inline comments.
lib/geom/eli/geom_eli.c
1004 ↗(On Diff #47838)

You should update this comment, but otherwise it all LGTM.

This revision is now accepted and ready to land.Sep 10 2018, 1:13 AM

Fix comment as per asomers recommendation.
Also fix other comments, optimise if ordering and bzero sensitive and provider specific metadata.

This revision now requires review to proceed.Sep 10 2018, 1:13 PM
lib/geom/eli/geom_eli.c
1007 ↗(On Diff #47859)

Isn't this redundant with line 903?

woodsb02 added inline comments.
lib/geom/eli/geom_eli.c
1007 ↗(On Diff #47859)

Not if any of the "goto out" commands on lines 870, 885, 895 come into effect.

lib/geom/eli/geom_eli.c
1007 ↗(On Diff #47859)

If execution hits one of those goto out statements, then it will explicit_bzero here at line 1007. If it doesn't, then it will explicit_bzero both at 903 and here. So that's redundant. Why not remove the explicit_bzero statements at 903?

woodsb02 marked an inline comment as done.

Move all explicit_bzero commands to end of the for loop for each provider, as per asomers comment.

This revision is now accepted and ready to land.Sep 10 2018, 2:40 PM
This revision was automatically updated to reflect the committed changes.