From 58bd935b7274e6e390a3d858a84534798092708c Mon Sep 17 00:00:00 2001 From: eadler Date: Wed, 9 May 2012 17:26:52 +0000 Subject: Clarify error that geli generates when it finds corrupt data. PR: kern/165695 Submitted by: Robert Simmons Reviewed by: pjd Approved by: cperciva MFC after: 1 week --- sbin/geom/class/eli/geli.8 | 3 +++ sys/geom/eli/g_eli_integrity.c | 7 ++++--- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/sbin/geom/class/eli/geli.8 b/sbin/geom/class/eli/geli.8 index 43c0129..0803480 100644 --- a/sbin/geom/class/eli/geli.8 +++ b/sbin/geom/class/eli/geli.8 @@ -924,6 +924,9 @@ will not protect your data against replay attacks. It is recommended to write to the whole provider before first use, in order to make sure that all sectors and their corresponding checksums are properly initialized into a consistent state. +One can safely ignore data authentication errors that occur immediately +after the first time a provider is attached and before it is +initialized in this way. .Sh SEE ALSO .Xr crypto 4 , .Xr gbde 4 , diff --git a/sys/geom/eli/g_eli_integrity.c b/sys/geom/eli/g_eli_integrity.c index 50f2a31..c029d8e 100644 --- a/sys/geom/eli/g_eli_integrity.c +++ b/sys/geom/eli/g_eli_integrity.c @@ -205,8 +205,8 @@ g_eli_auth_read_done(struct cryptop *crp) * Report previous corruption if there was one. */ if (coroff != -1) { - G_ELI_DEBUG(0, "%s: %jd bytes " - "corrupted at offset %jd.", + G_ELI_DEBUG(0, "%s: Failed to authenticate %jd " + "bytes of data at offset %jd", sc->sc_name, (intmax_t)corsize, (intmax_t)coroff); coroff = -1; @@ -221,7 +221,8 @@ g_eli_auth_read_done(struct cryptop *crp) } /* Report previous corruption if there was one. */ if (coroff != -1) { - G_ELI_DEBUG(0, "%s: %jd bytes corrupted at offset %jd.", + G_ELI_DEBUG(0, "%s: Failed to authenticate %jd " + "bytes of data at offset %jd", sc->sc_name, (intmax_t)corsize, (intmax_t)coroff); } } -- cgit v1.1