Page MenuHomeFreeBSD
Differential D36081

zfskeys: if location is prompt then prompt during boot
ClosedPublic
Actions

Authored by ambrisko on Aug 8 2022, 6:42 PM.
Tags
None
Referenced Files
F156743344: D36081.id109018.diff
Sat, May 16, 1:36 AM
Unknown Object (File)
Wed, May 6, 1:09 AM
Unknown Object (File)
Thu, Apr 30, 5:53 PM
Unknown Object (File)
Mon, Apr 27, 7:46 PM
Unknown Object (File)
Tue, Apr 21, 2:03 PM
Unknown Object (File)
Fri, Apr 17, 2:09 AM
Unknown Object (File)
Apr 11 2026, 7:59 PM
Unknown Object (File)
Apr 11 2026, 8:19 AM
View All Files
Subscribers
grahamperrin
imp
monwarez_mailoo.org
Contributor Reviews (src)

Details

Reviewers
allanjude
0mp
jhb
Commits
rG408087f128fe: zfskeys: allow prompt to entered during boot up
Summary

Sometimes, prompting for the key is needed. If the ZFS key is to be
entered during boot, then prompt and accept the key during boot.

Test Plan

Tested with a ZFS encryption using a file for key and another test to prompt for key.

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Passed
Unit
No Test Coverage
Build Status
Buildable 46790
Build 43679: arc lint + arc unit

Event Timeline

ambrisko created this revision.Aug 8 2022, 6:42 PM
Herald added subscribers: Contributor Reviews (src), imp. · View Herald TranscriptAug 8 2022, 6:42 PM
ambrisko requested review of this revision.Aug 8 2022, 6:42 PM
Harbormaster completed remote builds in B46790: Diff 109018.Aug 8 2022, 6:42 PM
ambrisko edited the test plan for this revision. (Show Details)Aug 8 2022, 6:46 PM
ambrisko added a reviewer: allanjude.
imp added a comment.Aug 19 2022, 9:07 PM

Do docs need to be updated?
Otherwise, I like it.

libexec/rc/rc.d/zfskeys
51

kl == prompt, so why obfuscate by expanding it here?

allanjude added a reviewer: 0mp.Aug 20 2022, 2:19 AM
0mp requested changes to this revision.Sep 16 2022, 12:14 PM
In D36081#823478, @imp wrote:

Do docs need to be updated?

The rc.conf manual page does not document any of that at the moment. We probably should reference zfs-load-key(8) somewhere at least. This is not part of this revision though I'd say.

Otherwise, I like it.

I'm not sure if I don't understand the purpose of the /dev/tty redirects. Could you explain a bit the reason behind that construct?

Otherwise, seems OK as well

libexec/rc/rc.d/zfskeys
51

What's the reason for < /dev/tty > /dev/tty 2>/dev/tty?

This revision now requires changes to proceed.Sep 16 2022, 12:14 PM
ambrisko added inline comments.Sep 16 2022, 10:40 PM
libexec/rc/rc.d/zfskeys
51

Combining both questions.

I don't understand the "kl == prompt" question, if the key was set to prompt then we need to read the key from console. If is in not prompt mode then read the key from a file like the original code did. So when the ZFS key is set in prompt mode then it needs to read from /dev/tty etc. or it dies:

ZFS filesystem version: 5
ZFS storage pool version: features support (5000)
Key prompt for hdd_zfs_data_1/encrypted.
Key load error: encryption failure
 Key failed to load for hdd_zfs_data_1/encrypted.
    ....
Mounting /etc/fstab filesystems failed, startup aborted
ERROR: ABORTING BOOT (sending SIGTERM to parent)!

with /dev/tty:

ZFS filesystem version: 5
ZFS storage pool version: features support (5000)
Key prompt for hdd_zfs_data_1/encrypted.
Enter passphrase for 'hdd_zfs_data_1/encrypted':
<ZFS password entered>
Key loaded for hdd_zfs_data_1/encrypted.
Starting file system checks:
  ....
FreeBSD/amd64 (p15s) (ttyu0)

login:

/dev/tty makes it read and write to the console so the key can be entered.

jhb accepted this revision.Apr 18 2023, 10:08 PM
grahamperrin added a subscriber: grahamperrin.Apr 22 2023, 3:05 PM
This revision was not accepted when it landed; it landed in state Needs Revision.Sep 12 2024, 4:35 PM
Closed by commit rG408087f128fe: zfskeys: allow prompt to entered during boot up (authored by ambrisko). · Explain Why
This revision was automatically updated to reflect the committed changes.
ambrisko added a commit: rG408087f128fe: zfskeys: allow prompt to entered during boot up.
monwarez_mailoo.org added a subscriber: monwarez_mailoo.org.EditedFri, May 15, 2:22 PM

Does nobody here have server on a remote location that requires the user to ssh-in in order to unlock their encrypted dataset ?
This will break a lot of people setup, how can this be disabled before upgrading to 15 ?
This also break the most used setup where an user encrypt its dataset with a key, and send it encrypted raw to another FreeBSD server. With this patch, the other server would need the user key which is very bad.

Revision Contents
Changeset List

PathSize
libexec/
rc/
rc.d/
10 lines

Diff 109018

View Options

libexec/rc/rc.d/zfskeys

Loading...