#
344397 |
|
20-Feb-2019 |
kevans |
MFC r316312, r332361, r333438-r333439, r339804: GELI dry-run
r316312: sys/geom/eli: Switch bzero() to explicit_bzero() for sensitive data
In GELI, anywhere we are zeroing out possibly sensitive data, like the metadata struct, the metadata sector (both contain the encrypted master key), the user key, or the master key, use explicit_bzero.
Didn't touch the bzero() used to initialize structs.
r332361: Introduce dry run option for attaching the device. This will allow us to verify if passphrase and key is valid without decrypting whole device.
r333438: Change option dry-run from 'n' to 'C' in geli attach command.
'n' is used in other commands to define the key index. We should be consistent with that. 'C' option is used by patch(1) to perform dryrun so lets use that.
r333439: Introduce the 'n' flag for the geli attach command.
If the 'n' flag is provided the provided key number will be used to decrypt device. This can be used combined with dryrun to verify if the key is set correctly. This can be also used to determine which key slot we want to change on already attached device.
r339804: Restore backward compatibility for "attach" verb.
In r332361 and r333439, two new parameters were added to geli attach verb using gctl_get_paraml, which requires the value to be present. This would prevent old geli(8) binary from attaching geli(4) device as they have no knowledge about the new parameters.
Restore backward compatibility by treating the absense of these two values as seeing the default value supplied by userland.
|
#
220922 |
|
21-Apr-2011 |
pjd |
Instead of allocating memory for all the keys at device attach, create reasonably large cache for the keys that is filled when needed. The previous version was problematic for very large providers (hundreds of terabytes or serval petabytes). Every terabyte of data needs around 256kB for keys. Make the default cache limit big enough to fit all the keys needed for 4TB providers, which will eat at most 1MB of memory.
MFC after: 2 weeks
|