#
348588 |
|
03-Jun-2019 |
jhb |
MFC 348206,348231,348454: GELI crypto deprecation warnings.
348206: Add deprecation warnings for weaker algorithms to geli(4).
- Triple DES has been formally deprecated in Kerberos (RFC 8429) and is soon to be deprecated in IPsec (RFC 8221). - Blowfish is deprecated. FreeBSD doesn't support its successor (Twofish). - MD5 is generally considered a weak digest that has known attacks.
geli refuses to create new volumes using these algorithms via 'geli init'. It also warns when attaching to existing volumes or creating temporary volumes via 'geli onetime' . The plan is to fully remove support for these algorithms in FreeBSD 13.
Note that none of these algorithms have ever been the default algorithm used by geli(8). Users would have had to explicitly select these algorithms when creating volumes in the past.
348231: Correct the argument passed to g_eli_algo2str()
348454: Remove tests for the deprecated algorithms in r348206
The tests are failing because the return value and output have changed, but before test code structure adjusted, removing these test cases help people be able to focus on more important cases.
Approved by: re (gjb) Relnotes: yes
|
#
344397 |
|
20-Feb-2019 |
kevans |
MFC r316312, r332361, r333438-r333439, r339804: GELI dry-run
r316312: sys/geom/eli: Switch bzero() to explicit_bzero() for sensitive data
In GELI, anywhere we are zeroing out possibly sensitive data, like the metadata struct, the metadata sector (both contain the encrypted master key), the user key, or the master key, use explicit_bzero.
Didn't touch the bzero() used to initialize structs.
r332361: Introduce dry run option for attaching the device. This will allow us to verify if passphrase and key is valid without decrypting whole device.
r333438: Change option dry-run from 'n' to 'C' in geli attach command.
'n' is used in other commands to define the key index. We should be consistent with that. 'C' option is used by patch(1) to perform dryrun so lets use that.
r333439: Introduce the 'n' flag for the geli attach command.
If the 'n' flag is provided the provided key number will be used to decrypt device. This can be used combined with dryrun to verify if the key is set correctly. This can be also used to determine which key slot we want to change on already attached device.
r339804: Restore backward compatibility for "attach" verb.
In r332361 and r333439, two new parameters were added to geli attach verb using gctl_get_paraml, which requires the value to be present. This would prevent old geli(8) binary from attaching geli(4) device as they have no knowledge about the new parameters.
Restore backward compatibility by treating the absense of these two values as seeing the default value supplied by userland.
|
#
332522 |
|
16-Apr-2018 |
kevans |
MFC r308137, r316312, r332361
r308137: Fix alignment issues on MIPS: align the pointers properly.
All the 5520 GEOM_ELI tests passed successfully on MIPS64EB.
r316312: sys/geom/eli: Switch bzero() to explicit_bzero() for sensitive data
In GELI, anywhere we are zeroing out possibly sensitive data, like the metadata struct, the metadata sector (both contain the encrypted master key), the user key, or the master key, use explicit_bzero.
Didn't touch the bzero() used to initialize structs.
r332361: Introduce dry run option for attaching the device. This will allow us to verify if passphrase and key is valid without decrypting whole device.
|
#
330449 |
|
05-Mar-2018 |
eadler |
MFC r326276:
various: general adoption of SPDX licensing ID tags.
Mainly focus on files that use BSD 2-Clause license, however the tool I was using misidentified many licenses so this was mostly a manual - error prone - task.
The Software Package Data Exchange (SPDX) group provides a specification to make it easier for automated tools to detect and summarize well known opensource licenses. We are gradually adopting the specification, noting that the tags are considered only advisory and do not, in any way, superceed or replace the license texts.
No functional change intended.
|
#
329114 |
|
11-Feb-2018 |
kevans |
MFC Loader Fixes 2017q3: r320547,r320553,r321621,r321844,r321969,r321991, r322037,r322038,r322039,r322040,r322056,r322074,r322542,r322592,r322593, r322896,r322923,r323671,r322930,r322931,r322932,r322933,r322934,r322935, r322936,r322937,r322938,r322939,r322941,r323062,r323063,r323064,r323065, r323100,r323131,r323174,r323258,r323261,r323272,r323367,r323379,r323389, r323407,r323428,r323436,r323494,r323496,r323497,r323541,r323554,r323589, r323707,r323867,r323885,r323886,r323895,r323896,r323897,r323905,r323906, r323907,r323908,r323909,r323952,r323991,r324099,r324558,r326445,r326609, r326610
This batch includes a special kludge to fix powerpc loader build; <stdlib.h> was included after <stand.h> there, causing problems with DEBUG_MALLOC bits. Include <stdlib.h> a little bit earlier to fix the build with the intention of removing this when eventually libsa silently replaces stdlib.h with stand.h.
r320547: Link EFI/uboot loaders with -znotext
r320553: Integer underflow in efipart_realstrategy when I/O starts after end of disk
r321621: Always set the receive mask in loader.efi.
r321844: Clean up style in print_state(..) and pager_printf(..)
r321969: Fix the return types for printf and putchar to match their libc
r321991: Revert r321969
r322037: Add stpcpy and stpncpy to libstand
r322038: Add definitions and utilities for EFI drivers
r322039: Move EFI ZFS functions to libefi
r322040: Add EFI utility functions to libefi
r322056: Move EFI fmtdev functionality to libefi
r322074: libefi/time.c cstyle cleanup
r322542: loader.efi: repace XXX with real comments in trap.c
r322592: Remove unused defines.
r322593: Define proposed GUID for FreeBSD boot loader variables.
r322896: Make spinconsole platform independent and hook it up into EFI loader
r322923: Hide length of geli passphrase during boot.
r323671: Fix language used in the r322923.
r322930: Move efi_main into efi/loader
r322931: Cleanup efi_main return type
r322932: Use the loader.efi conventions for the various EFI tables.
r322933: No need for MK_ZFS around these: they are by their nature only active when MK_ZFS is true.
r322934: _STAND is sometimes defined on the command line. Make the define here match.
r322935: Fix warnings due to type mismatch.
r322936: Remove useless 'static' for an enum definition.
r322937: Forward declare struct dsk to avoid warnings when building libi386.
r322938: Link in libefi for boot1
r322939: Use efi_devpath_str for debug path info.
r322941: Eliminate redunant device path matching.
r323062: Make efichar.c routines available to libefi.
r323063: boot1.efi: print more info about where boot1.efi is loaded from
r323064: Exit rather than panic for most errors.
r323065: Save where we're booted from
r323100: libstand: nfs_readlink() should return proper return code
r323131: Revert r322941: Eliminate redundant device matching functions
r323174: Fix loader bug causing too many pages allocation when bootloader is U-Boot
r323258: ucs2len
r323261: Fix armv6 build
r323272: Be consistent and do return (1);
r323367: Mark init_chroot and init_script variables as deprecated.
r323379: It's been pointed out that init_script at least is useful w/o
r323389: loader.efi: chain loader should provide proper device handle
r323407: boot1 generate-fat: generate all templates at once
r323428: r323389 breaks the kernel build when WITHOUT_ZFS is defined in src.conf
r323436: boot1: remove BOOT1_MAXSIZE default value
r323494: loader should support large_dnode
r323496: libstand: tftp_open() can leak pkt on error
r323497: libefi: efipart_open should check the status from disk_open
r323541: libefi: efipart_realstrategy rsize pointer may be NULL
r323554: Increase EFI boot file size frok 128k to 384k
r323589: loader: biosmem.c cstyle cleanup
r323707: loader: biosmem allocate heap just below 4GB
r323867: libefi: devicename.c cleanups
r323885: libefi: efi_devpath_match() should return bool
r323886: libefi: efipart.c should use calloc()
r323895: libefi: efi_devpath_match local len should be unsigned
r323896: r323885 did miss efilib.h update
r323897: efilib.h: typo in structure member description
r323905: libefi: pdinfo_t pd_unit and pd_open should be unsigned
r323906: libefi: efipart_strategy() should return ENXIO when there is no media
r323907: libefi: efipart.c cstyle fix for efipart_print_common()
r323908: libefi: efipart_hdinfo_add_filepath should check strtol result
r323909: libefi: define EISA PNP constants
r323952: After the r317886 support for TFTP and NFS can be enable simultaneously.
r323991: libefi: efipart_floppy() will should not pass acpi pointer if the HID test fails
r324099: Compile loader as Little-Endian on PPC64/POWER8
r324558: Define prototype for exit and ensure references
r326445: Fix random() and srandom() prototypes to match the standard.
r326609: Make putenv and getenv match the userland definition
r326610: Fix random() prototype to match the system.
PR: 219000 221001 222215 Relnotes: yes ("The length of the geli passphrase is hidden during boot")
|
#
317858 |
|
06-May-2017 |
mav |
MFC r317246: Always allow setting number of iterations for the first time.
Before this change it was impossible to set number of PKCS#5v2 iterations, required to set passphrase, if it has two keys and never had any passphrase. Due to present metadata format limitations there are still cases when number of iterations can not be changed, but now it works in cases when it can.
PR: 218512 Sponsored by: iXsystems, Inc.
|
#
302408 |
|
07-Jul-2016 |
gjb |
Copy head@r302406 to stable/11 as part of the 11.0-RELEASE cycle. Prune svn:mergeinfo from the new branch, as nothing has been merged here.
Additional commits post-branch will follow.
Approved by: re (implicit) Sponsored by: The FreeBSD Foundation |
#
297691 |
|
07-Apr-2016 |
allanjude |
Create the GELIBOOT GEOM_ELI flag
This flag indicates that the user wishes to use the GELIBOOT feature to boot from a fully encrypted root file system. Currently, GELIBOOT does not support key files, and in the future when it does, they will be loaded differently. Due to the design of GELI, and the desire for secrecy, the GELI metadata does not know if key files are used or not, it just adds the key material (if any) to the HMAC before the optional passphrase, so there is no way to tell if a GELI partition requires key files or not.
Since the GELIBOOT code in boot2 and the loader does not support keys, they will now only attempt to attach if this flag is set. This will stop GELIBOOT from prompting for passwords to GELIs that it cannot decrypt, disrupting the boot process
PR: 208251 Reviewed by: ed, oshogbo, wblock Sponsored by: ScaleEngine Inc. Differential Revision: https://reviews.freebsd.org/D5867
|
#
286444 |
|
08-Aug-2015 |
pjd |
Enable BIO_DELETE passthru in GELI, so TRIM/UNMAP can work as expected when GELI is used on a SSD or inside virtual machine, so that guest can tell host that it is no longer using some of the storage.
Enabling BIO_DELETE passthru comes with a small security consequence - an attacker can tell how much space is being really used on encrypted device and has less data no analyse then. This is why the -T option can be given to the init subcommand to turn off this behaviour and -t/T options for the configure subcommand can be used to adjust this setting later.
PR: 198863 Submitted by: Matthew D. Fuller fullermd at over-yonder dot net
This commit also includes a fix from Fabian Keil freebsd-listen at fabiankeil.de for 'configure' on onetime providers which is not strictly related, but is entangled in the same code, so would cause conflicts if separated out.
|
#
284250 |
|
10-Jun-2015 |
brueffer |
Consistently use trailing whitespace in passphrase prompts.
PR: 193496 Submitted by: Fabian Keil MFC after: 1 week
|
#
260254 |
|
04-Jan-2014 |
pjd |
Don't allow to create GELI providers with a sector size, which is no a power of 2.
Noticed by: rwatson MFC after: 3 days
|
#
248475 |
|
18-Mar-2013 |
pjd |
Reduce stack usage.
|
#
246622 |
|
10-Feb-2013 |
pjd |
Fix minor memory leak.
|
#
246621 |
|
10-Feb-2013 |
pjd |
Assert that if we are not dealing with keyfile we are dealing with passfile.
|
#
246620 |
|
10-Feb-2013 |
pjd |
Use arc4random_buf(3) instead of reimplementing it.
|
#
226733 |
|
25-Oct-2011 |
pjd |
Add support for creating GELI devices with older metadata version for use with older FreeBSD versions: - Add -V option to 'geli init' to specify version number. If no -V is given the most recent version is used. - If -V is given don't allow to use features not supported by this version. - Print version in 'geli list' output. - Update manual page and add table describing which GELI version is supported by which FreeBSD version, so one can use it when preparing GELI device for older FreeBSD version.
Inspired by: Garrett Cooper <yanegomi@gmail.com> MFC after: 3 days
|
#
226723 |
|
25-Oct-2011 |
pjd |
Add 'geli version' subcommand, which will print GELI metadata version of each given GEOM provider or if not providers are given it will print versions supported by userland geli(8) utility and by ELI GEOM class.
MFC after: 3 days
|
#
226722 |
|
25-Oct-2011 |
pjd |
When we detect GELI metadata version that is newer than the highest we support, inform the user about that instead of 'MD5 hash mismatch'.
Suggested by: Garrett Cooper <yanegomi@gmail.com> MFC after: 3 days
|
#
226720 |
|
25-Oct-2011 |
pjd |
Simplify eli_resize() function.
MFC after: 3 days
|
#
226719 |
|
25-Oct-2011 |
pjd |
Simplify eli_dump() function and allow to dump metadata stored in backup file.
MFC after: 3 days
|
#
226717 |
|
25-Oct-2011 |
pjd |
Simplify eli_is_attached() function and make it return boot instead of int.
MFC after: 3 days
|
#
226716 |
|
25-Oct-2011 |
pjd |
Simplify eli_backup_create() and eli_backup_restore() functions. As a side-effect it is now possible to backup unsupported (newer) GELI metadata versions.
MFC after: 3 days
|
#
226715 |
|
25-Oct-2011 |
pjd |
Sort includes.
MFC after: 3 days
|
#
215704 |
|
22-Nov-2010 |
brucec |
Fix some more warnings found by clang.
|
#
214404 |
|
26-Oct-2010 |
pjd |
Use fprintf(stderr) instead of gctl_error() to print a warning about too big sector size. When gctl error is set gctl_has_param() always returns 'false', which prevents geli(8) from finding some arguments and also masks an error, which is generates in such case.
MFC after: 3 days
|
#
214118 |
|
20-Oct-2010 |
pjd |
Bring in geli suspend/resume functionality (finally).
Before this change if you wanted to suspend your laptop and be sure that your encryption keys are safe, you had to stop all processes that use file system stored on encrypted device, unmount the file system and detach geli provider.
This isn't very handy. If you are a lucky user of a laptop where suspend/resume actually works with FreeBSD (I'm not!) you most likely want to suspend your laptop, because you don't want to start everything over again when you turn your laptop back on.
And this is where geli suspend/resume steps in. When you execute:
# geli suspend -a
geli will wait for all in-flight I/O requests, suspend new I/O requests, remove all geli sensitive data from the kernel memory (like encryption keys) and will wait for either 'geli resume' or 'geli detach'.
Now with no keys in memory you can suspend your laptop without stopping any processes or unmounting any file systems.
When you resume your laptop you have to resume geli devices using 'geli resume' command. You need to provide your passphrase, etc. again so the keys can be restored and suspended I/O requests released.
Of course you need to remember that 'geli suspend' won't clear file system cache and other places where data from your geli-encrypted file system might be present. But to get rid of those stopping processes and unmounting file system won't help either - you have to turn your laptop off. Be warned.
Also note, that suspending geli device which contains file system with geli utility (or anything used by 'geli resume') is not very good idea, as you won't be able to resume it - when you execute geli(8), the kernel will try to read it and this read I/O request will be suspended.
|
#
213662 |
|
09-Oct-2010 |
ae |
Replace strlen(_PATH_DEV) with sizeof(_PATH_DEV) - 1.
Suggested by: kib Approved by: kib (mentor) MFC after: 5 days
|
#
213172 |
|
25-Sep-2010 |
pjd |
- Add support for loading passphrase from a file (-J and -j options). This is especially useful for things like installers, where regular geli prompt can't be used. - Add support for specifing multiple -K or -k options, so there is no need to cat all keyfiles and read them from standard input.
Requested by: Kris Moore <kris@pcbsd.org>, thompsa MFC after: 2 weeks
|
#
213073 |
|
23-Sep-2010 |
pjd |
Update copyright years.
MFC after: 1 week
|
#
213060 |
|
23-Sep-2010 |
pjd |
- When trashing metadata, repeat overwrite kern.geom.eli.overwrites times. - Flush write cache after each write.
MFC after: 1 week
|
#
213059 |
|
23-Sep-2010 |
pjd |
- Use g_*() API when doing backups. - fsync() created filed.
MFC after: 1 week
|
#
213058 |
|
23-Sep-2010 |
pjd |
Because we first write metadata into new place and then trash old place we don't want situation where old size is equal to new size, as we will trash newly written metadata.
MFC after: 1 week
|
#
213057 |
|
23-Sep-2010 |
pjd |
- Make use of g_*() API. - Flush cache after writing metadata.
MFC after: 1 week
|
#
213056 |
|
23-Sep-2010 |
pjd |
Simplify code a bit by using g_*() API from libgeom.
MFC after: 1 week
|
#
212934 |
|
20-Sep-2010 |
brian |
Add a geli resize subcommand to resize encrypted filesystems prior to growing the filesystem.
Refuse to attach providers where the metadata provider size is wrong. This makes post-boot attaches behave consistently with pre-boot attaches. Also refuse to restore metadata to a provider of the wrong size without the new -f switch. The new -f switch forces the metadata restoration despite the provider size, and updates the provider size in the restored metadata to the correct value.
Helped by: pjd Reviewed by: pjd
|
#
212554 |
|
13-Sep-2010 |
pjd |
- Remove gc_argname field. It was introduced for gpart(8), but if I understand everything correctly, we don't really need it. - Provide default numeric value as strings. This allows to simplify a lot of code. - Bump version number.
|
#
212547 |
|
13-Sep-2010 |
pjd |
- Allow to specify value as const pointers. - Make optional string values always an empty string.
|
#
182452 |
|
29-Aug-2008 |
pjd |
By default backup geli metadata to a file. It is quite critical 512 bytes, once it is lost, all data is gone.
Option '-B none' can by used to prevent backup. Option '-B path' can be used to backup metadata to a different file than the default, which is /var/backups/<prov>.eli.
The 'geli init' command also prints backup file location and gives short procedure how to restore metadata.
The 'geli setkey' command now warns that even after passphrase change or keys update there could be version of the master key encrypted with old keys/passphrase in the backup file.
Add regression tests to verify that new functionality works as expected.
Update other regression tests so they don't create backup files.
Reviewed by: keramida, rink Dedicated to: a friend who lost 400GB of his live by accidentally overwritting geli metadata MFC after: 2 weeks
|
#
181639 |
|
12-Aug-2008 |
pjd |
geli onetime command can take only one GEOM provider at a time.
|
#
169586 |
|
15-May-2007 |
marcel |
Add gpart(8).
In order to support gpart(8), geom(8) needs to support a named argument. Also, optional string parameters are a requirement. Both have been added to the infrastructure. The former required all existing classes to be adjusted.
|
#
169312 |
|
06-May-2007 |
pjd |
Correct some typos.
|
#
169193 |
|
01-May-2007 |
pjd |
Do some cleanups (like freeing memory and closing file descriptors) before leaving the functions.
|
#
167229 |
|
05-Mar-2007 |
pjd |
Warn when user use sectorsize bigger than the page size, which will lead to problems when the geli device is used with file system or as a swap.
Hopefully will prevent problems like kern/98742 in the future.
MFC after: 1 week
|
#
166892 |
|
22-Feb-2007 |
pjd |
Correct typo.
Spotted by: Tomasz Dudzisz
|
#
166216 |
|
25-Jan-2007 |
pjd |
When the following conditions are meet: - First configured key is based only on keyfile (no passphrase). - Device is attached. - User changes first key (setkey) from keyfile to passphrase and doesn't specify number of iterations (with -i option). ...geli(8) won't store calculated number of iterations in metadata. This result in device beeing unaccesable after detach.
One can recover from this situation by guessing number of iterations generated, storing it in metadata and trying to attach device. Recovery procedure isn't nice, but one's data is not lost.
Reported by: Thomas Nickl <T.Nickl@gmx.net> MFC after: 1 week
|
#
162868 |
|
30-Sep-2006 |
pjd |
MFp4: G_TYPE_BOOL sounds much better than G_TYPE_NONE.
Changes: 98722
|
#
162356 |
|
16-Sep-2006 |
pjd |
Fix copy&paste mistake.
Submitted by: Matthias Lederhofer <matled@gmx.net>
|
#
162353 |
|
16-Sep-2006 |
pjd |
Add 'configure' subcommand which for now only allows setting and removing of the BOOT flag. It can be performed on both attached and detached providers.
Requested by: Matthias Lederhofer <matled@gmx.net> MFC after: 1 week
|
#
162347 |
|
16-Sep-2006 |
pjd |
First kill detached providers, because of two reasons: - after killing all attached providers, all providers are then detached and operation is repeated for those who were attached, - we don't want to remove keys for read-only attached providers, we only want to detach them.
MFC after: 1 week
|
#
161127 |
|
09-Aug-2006 |
pjd |
Allow geli to operate on read-only providers.
Initial patch from: vd MFC after: 2 weeks
|
#
161052 |
|
07-Aug-2006 |
pjd |
Add missing #.
|
#
159361 |
|
06-Jun-2006 |
pjd |
Allow to use the old -a option to specify an encryption algorithm to use (for backward compatibility), but print a warning to inform about the change.
|
#
159308 |
|
05-Jun-2006 |
pjd |
Userland bits of geli(8) data authentication. Now, encryption algorithm is given using '-e' option, not '-a'. The '-a' option is now used to specify authentication algorithm.
Supported by: Wheel Sp. z o.o. (http://www.wheel.pl)
|
#
158214 |
|
01-May-2006 |
pjd |
Correct error messages.
MFC after: 2 weeks
|
#
155536 |
|
11-Feb-2006 |
pjd |
- Allow to use -b without passphrase or with keyfiles as it will be supported for a moment. - Don't allow to use -i when no passphrase is given. Now if iterations is equal to -1 (not set), we know that we should not ask for the passphrase on boot. It still doesn't handle situation when one key is protected with passphrase and the other is not. There is no quick fix for this. The complete solution will be to make number of iterations a per-key value. Because this need metadata format change and is only needed for devices attached on boot, I'll leave it as it is for now.
MFC after: 3 days
|
#
155183 |
|
01-Feb-2006 |
pjd |
Deny init/attach/setkey subcommands when no key components are given.
MFC after: 3 days Tested with: prove /usr/src/tools/regression/geom_eli
|
#
155175 |
|
01-Feb-2006 |
pjd |
Remove trailing spaces.
|
#
155101 |
|
31-Jan-2006 |
pjd |
Remove unused argument.
MFC after: 3 days
|
#
153190 |
|
06-Dec-2005 |
pjd |
- The geom(8) utility only uses three types of arguments: string (char *), value (intmax_t) and boolean (int). Based on that provide three functions: - gctl_get_ascii() - gctl_get_int() - gctl_get_intmax() - Hide gctl_get_param() function, as it is only used internally in subr.c. - Allow to provide argument name as (fmt, ...). - Assert geom(8) bugs (missing argument is a geom(8) bug).
- Clean-up and simplify the code by using new functions and assumtions (no more checking for missing argument).
Tested by: regression tests
|
#
149928 |
|
10-Sep-2005 |
pjd |
Even if there are no valid keys in metadata, but provider is attached we can still use setkey subcommand.
MFC after: 3 days Found by: regression tests
|
#
149304 |
|
19-Aug-2005 |
pjd |
Allow to change number of iterations for PKCS#5v2. It can only be used when there is only one key set.
MFC after: 3 days
|
#
149047 |
|
14-Aug-2005 |
pjd |
When keys were configured without passphrase, number of iterations in metadata is equal to -1. if we then wanted to attach provider (or change keys) and forget about '-p' flag it failed on assertion (quite ok, without assertion it could call PKCS#5v2 with 4294967295 iterations).
Instead of failing on assertion, remind about '-p' flag.
MFC after: 3 days
|
#
148456 |
|
27-Jul-2005 |
pjd |
Add GEOM_ELI class which provides GEOM providers encryption. For features list and usage see manual page: geli(8).
Sponsored by: Wheel Sp. z o.o. http://www.wheel.pl MFC after: 1 week
|