| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |
|
|
| |
initializing it.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Before this change if you wanted to suspend your laptop and be sure that your
encryption keys are safe, you had to stop all processes that use file system
stored on encrypted device, unmount the file system and detach geli provider.
This isn't very handy. If you are a lucky user of a laptop where suspend/resume
actually works with FreeBSD (I'm not!) you most likely want to suspend your
laptop, because you don't want to start everything over again when you turn
your laptop back on.
And this is where geli suspend/resume steps in. When you execute:
# geli suspend -a
geli will wait for all in-flight I/O requests, suspend new I/O requests, remove
all geli sensitive data from the kernel memory (like encryption keys) and will
wait for either 'geli resume' or 'geli detach'.
Now with no keys in memory you can suspend your laptop without stopping any
processes or unmounting any file systems.
When you resume your laptop you have to resume geli devices using 'geli resume'
command. You need to provide your passphrase, etc. again so the keys can be
restored and suspended I/O requests released.
Of course you need to remember that 'geli suspend' won't clear file system
cache and other places where data from your geli-encrypted file system might be
present. But to get rid of those stopping processes and unmounting file system
won't help either - you have to turn your laptop off. Be warned.
Also note, that suspending geli device which contains file system with geli
utility (or anything used by 'geli resume') is not very good idea, as you won't
be able to resume it - when you execute geli(8), the kernel will try to read it
and this read I/O request will be suspended.
|
| |
|
|
| |
- Make a comment consistent with others.
|
| |
|
|
|
|
| |
kern.geom.eli.debug sysctl to -1.
MFC after: 2 weeks
|
| |
|
|
| |
MFC after: 1 week
|
| |
|
|
| |
MFC after: 1 week
|
| |
|
|
|
|
|
| |
This ensures the same encryption key won't be used for more than
2^20 blocks (sectors). This will be the default now.
MFC after: 1 week
|
| |
|
|
| |
MFC after: 1 week
|
| |
|
|
|
|
|
|
| |
but because of a bug it was a no-op, so we were still using offsets in native
byte order for the host. Do it properly this time, bump version to 4 and set
the G_ELI_FLAG_NATIVE_BYTE_ORDER flag when version is under 4.
MFC after: 2 weeks
|
| |
|
|
|
|
| |
responsiveness under heavy GELI load.
MFC after: 3 days
|
| |
|
|
|
|
|
| |
to close properly.
Reported, reviewed and tested by: guido
MFC after: 1 week
|
| | |
|
| |
|
|
|
| |
upon last close. (needed for a gmirror to properly shutdown
upon reboot when a geli is on top the gmirror)
|
| | |
|
| |
|
|
| |
Submitted by: Fabian Keil <fk@fabiankeil.de> (a bit different version)
|
| |
|
|
|
|
|
|
|
|
|
| |
to kproc_xxx as they actually make whole processes.
Thos makes way for us to add REAL kthread_create() and friends
that actually make theads. it turns out that most of these
calls actually end up being moved back to the thread version
when it's added. but we need to make this cosmetic change first.
I'd LOVE to do this rename in 7.0 so that we can eventually MFC the
new kthread_xxx() calls.
|
| |
|
|
|
|
|
|
|
|
|
| |
- Use thread_lock() rather than sched_lock for per-thread scheduling
sychronization.
- Use the per-process spinlock rather than the sched_lock for per-process
scheduling synchronization.
Tested by: kris, current@
Tested on: i386, amd64, ULE, 4BSD, libthr, libkse, PREEMPTION, etc.
Discussed with: kris, attilio, kmacy, jhb, julian, bde (small parts each)
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
o make all crypto drivers have a device_t; pseudo drivers like the s/w
crypto driver synthesize one
o change the api between the crypto subsystem and drivers to use kobj;
cryptodev_if.m defines this api
o use the fact that all crypto drivers now have a device_t to add support
for specifying which of several potential devices to use when doing
crypto operations
o add new ioctls that allow user apps to select a specific crypto device
to use (previous ioctls maintained for compatibility)
o overhaul crypto subsystem code to eliminate lots of cruft and hide
implementation details from drivers
o bring in numerous fixes from Michale Richardson/hifn; mostly for
795x parts
o add an optional mechanism for mmap'ing the hifn 795x public key h/w
to user space for use by openssl (not enabled by default)
o update crypto test tools to use new ioctl's and add cmd line options
to specify a device to use for tests
These changes will also enable much future work on improving the core
crypto subsystem; including proper load balancing and interposing code
between the core and drivers to dispatch small operations to the s/w
driver as appropriate.
These changes were instigated by the work of Michael Richardson.
Reviewed by: pjd
Approved by: re
|
| |
|
|
|
| |
Submitted by: Hyo geol, Lee <hyogeollee@gmail.com>
MFC after: 1 week
|
| |
|
|
|
|
|
|
| |
We can't bind to a CPU which is not yet on-line, so add code that wait for
CPUs to go on-line before binding to them.
Reported by: Alin-Adrian Anton <aanton@spintech.ro>
MFC after: 2 weeks
|
| |
|
|
| |
Noticed by: ru
|
| |
|
|
|
|
|
|
|
|
| |
we won't be able to exit from the thread.
Function g_eli_cpu_is_disabled() stoled from kern_pmc.c.
PR: 104669
Reported by: Nikolay Mirin <nik@optim.com.ru>
MFC after: 1 week
|
| |
|
|
| |
Sponsored by: home.pl
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
This way one will be able to use provider encrypted on eg. i386 on
eg. sparc64. This doesn't really buy us much today, because UFS isn't
endian agnostic.
We retain backward compatibility by setting G_ELI_FLAG_NATIVE_BYTE_ORDER
flag on devices with version number less than 2 and not converting the
offset.
|
| |
|
|
|
| |
Initial patch from: vd
MFC after: 2 weeks
|
| |
|
|
|
|
|
| |
not KLD file names; and GELI module's name is g_eli, not geom_eli.
Approved by: pjd (silence)
MFC after: 5 days
|
| |
|
|
| |
Supported by: Wheel Sp. z o.o. (http://www.wheel.pl)
|
| | |
|
| |
|
|
| |
as HW crypto drivers don't support it.
|
| |
|
|
| |
MFC after: 1 week
|
| |
|
|
| |
MFC after: 1 week
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
An example entries for loader.conf to make it possible:
geli_da0_keyfile0_load="YES"
geli_da0_keyfile0_type="da0:geli_keyfile0"
geli_da0_keyfile0_name="/boot/keys/da0.key0"
geli_da0_keyfile1_load="YES"
geli_da0_keyfile1_type="da0:geli_keyfile1"
geli_da0_keyfile1_name="/boot/keys/da0.key1"
geli_da0_keyfile2_load="YES"
geli_da0_keyfile2_type="da0:geli_keyfile2"
geli_da0_keyfile2_name="/boot/keys/da0.key2"
geli_da1s3a_keyfile0_load="YES"
geli_da1s3a_keyfile0_type="da1s3a:geli_keyfile0"
geli_da1s3a_keyfile0_name="/boot/keys/da1s3a.key"
Thanks for jhb and kan who showed me the right direction.
MFC after: 3 days
|
| |
|
|
|
|
| |
boot. Other methods just don't work properly.
MFC after: 3 days
|
| |
|
|
|
| |
Approved by: pjd
MFC after: 3 days
|
| | |
|
| |
|
|
|
| |
Found by: Coverity Prevent(tm)
MFC after: 3 days
|
| |
|
|
|
| |
Found by: Coverity Prevent(tm)
MFC after: 3 days
|
| |
|
|
|
|
|
|
|
|
| |
o The only indication of error condition is NULL value returned by
the function;
o value pointed to by error argument is undefined in the case when
operation completes successfully.
Discussed with: phk
|
| |
|
|
| |
MFC after: 3 days
|
| |
|
|
|
| |
Reported by: Nick Evans <nevans@syphen.net>
MFC after: 3 days
|
| |
|
|
|
|
| |
as we have active CPUs and bind each thread to its own CPU.
MFC after: 3 days
|
| |
|
|
| |
MFC after: 3 days
|
| |
|
|
|
|
|
|
| |
There is no performance impact, but allows to allocate memory with
M_WAITOK flag.
As a side effect this simplify code a bit.
MFC after: 3 days
|
| | |
|
| |
|
|
|
|
|
|
| |
our callback will still be called, just to tell us that requested
failed...
Reported by: Mike Tancsa <mike@sentex.net>
MFC after: 3 days
|
| |
|
|
| |
MFC after: 3 days
|
