summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--sbin/geom/class/eli/geli.83
-rw-r--r--sys/geom/eli/g_eli_integrity.c7
2 files changed, 7 insertions, 3 deletions
diff --git a/sbin/geom/class/eli/geli.8 b/sbin/geom/class/eli/geli.8
index 43c0129..0803480 100644
--- a/sbin/geom/class/eli/geli.8
+++ b/sbin/geom/class/eli/geli.8
@@ -924,6 +924,9 @@ will not protect your data against replay attacks.
It is recommended to write to the whole provider before first use,
in order to make sure that all sectors and their corresponding
checksums are properly initialized into a consistent state.
+One can safely ignore data authentication errors that occur immediately
+after the first time a provider is attached and before it is
+initialized in this way.
.Sh SEE ALSO
.Xr crypto 4 ,
.Xr gbde 4 ,
diff --git a/sys/geom/eli/g_eli_integrity.c b/sys/geom/eli/g_eli_integrity.c
index 50f2a31..c029d8e 100644
--- a/sys/geom/eli/g_eli_integrity.c
+++ b/sys/geom/eli/g_eli_integrity.c
@@ -205,8 +205,8 @@ g_eli_auth_read_done(struct cryptop *crp)
* Report previous corruption if there was one.
*/
if (coroff != -1) {
- G_ELI_DEBUG(0, "%s: %jd bytes "
- "corrupted at offset %jd.",
+ G_ELI_DEBUG(0, "%s: Failed to authenticate %jd "
+ "bytes of data at offset %jd",
sc->sc_name, (intmax_t)corsize,
(intmax_t)coroff);
coroff = -1;
@@ -221,7 +221,8 @@ g_eli_auth_read_done(struct cryptop *crp)
}
/* Report previous corruption if there was one. */
if (coroff != -1) {
- G_ELI_DEBUG(0, "%s: %jd bytes corrupted at offset %jd.",
+ G_ELI_DEBUG(0, "%s: Failed to authenticate %jd "
+ "bytes of data at offset %jd",
sc->sc_name, (intmax_t)corsize, (intmax_t)coroff);
}
}
OpenPOWER on IntegriCloud