system/freebsd-src
system/freebsd-src
1
0
Fork 0
mirror of https://github.com/freebsd/freebsd-src synced 2024-10-19 23:03:55 +00:00
Code Issues Packages Projects Releases Wiki Activity
126816 commits 77 branches 139 tags 3.4 GiB
Commit graph

169 commits

Author SHA1 Message Date
Pawel Jakub Dawidek 1650d24936 Fix copy&paste mistake. 
Submitted by:	Matthias Lederhofer <matled@gmx.net>
 2006-09-16 10:47:30 +00:00
Pawel Jakub Dawidek 8abd1ad101 Add 'configure' subcommand which for now only allows setting and removing 
of the BOOT flag. It can be performed on both attached and detached
providers.

Requested by:	Matthias Lederhofer <matled@gmx.net>
MFC after:	1 week
 2006-09-16 10:43:17 +00:00
Pawel Jakub Dawidek 7330b46e36 Note that we don't destroy keys on read-only attached providers. 
MFC after:	1 week
 2006-09-16 09:27:54 +00:00
Pawel Jakub Dawidek 301b9004a9 First kill detached providers, because of two reasons: 
- after killing all attached providers, all providers are then detached
  and operation is repeated for those who were attached,
- we don't want to remove keys for read-only attached providers, we only
  want to detach them.

MFC after:	1 week
 2006-09-16 09:26:57 +00:00
Pawel Jakub Dawidek 6a146a1989 - Split failure probability configuration into read failure probability and 
write failure probability.
- Allow to specify an error number to return of failure.

MFC after:	3 days
 2006-09-08 09:21:21 +00:00
Maxim Konovalov 939b8dd67a o Spell. 
Submitted by:	ru
 2006-08-10 01:13:38 +00:00
Maxim Konovalov 5c5effc42f o Strip eol whitespaces. 2006-08-09 19:41:34 +00:00
Maxim Konovalov cc163b19c0 o New sentence, new line. 
o Touch Dd for -r.
 2006-08-09 18:35:31 +00:00
Pawel Jakub Dawidek 850590166f Allow geli to operate on read-only providers. 
Initial patch from:	vd
MFC after:		2 weeks
 2006-08-09 18:11:14 +00:00
Pawel Jakub Dawidek 7fd26f86d1 Add missing #. 2006-08-07 20:09:09 +00:00
Pawel Jakub Dawidek c84efdca04 Allow to use the old -a option to specify an encryption algorithm to use 
(for backward compatibility), but print a warning to inform about the
change.
 2006-06-06 22:06:24 +00:00
Christian Brueffer 6f36bcfc77 Clarify and merge two sentences. 
Discussed with:		pjd
 2006-06-06 19:03:51 +00:00
Christian Brueffer b47c8c10c3 Mdoc cleanup and some wording improvements. 2006-06-06 14:02:13 +00:00
Pawel Jakub Dawidek ba0b146814 Remove section committed by mistake. It is not yet ready. 2006-06-06 07:10:42 +00:00
Pawel Jakub Dawidek 198eeec116 Document geli(8) data authentication. 
Supported by:	Wheel Sp. z o.o. (http://www.wheel.pl)
 2006-06-05 21:43:51 +00:00
Pawel Jakub Dawidek 7fe923a866 Userland bits of geli(8) data authentication. 
Now, encryption algorithm is given using '-e' option, not '-a'.
The '-a' option is now used to specify authentication algorithm.

Supported by:	Wheel Sp. z o.o. (http://www.wheel.pl)
 2006-06-05 21:40:54 +00:00
Pawel Jakub Dawidek 8134d91329 Correct error messages. 
MFC after:	2 weeks
 2006-05-01 12:05:45 +00:00
Pawel Jakub Dawidek cb94ab3088 Allocate memory for NUL-termination as well. 
MFC after:	2 days
 2006-04-07 15:33:04 +00:00
Ruslan Ermilov e1fe3dba5c Reimplementation of world/kernel build options. For details, see: 
http://lists.freebsd.org/pipermail/freebsd-current/2006-March/061725.html

The src.conf(5) manpage is to follow in a few days.

Brought to you by:	imp, jhb, kris, phk, ru (all bugs are mine)
 2006-03-17 18:54:44 +00:00
Pawel Jakub Dawidek 67bcd64670 Add some notes how to properly dump kernel onto gmirror provider. 
Reviewed and corrected by:	brueffer
MFC after:	3 days
 2006-03-08 08:50:52 +00:00
Wojciech A. Koszek 98213e5c70 Print "clear" and "dump" only once. 
Reviewed by:	pjd
Approved by:	cognet (mentor)
MFC after:	3 days
 2006-03-03 21:35:57 +00:00
Pawel Jakub Dawidek 17f4ac945f Add an example how to use keyfiles for encrypted providers which should be 
attached before the root file system is mounted.

MFC after:	3 days
 2006-02-11 13:18:47 +00:00
Pawel Jakub Dawidek f2aa80d883 - Allow to use -b without passphrase or with keyfiles as it will be 
supported for a moment.
- Don't allow to use -i when no passphrase is given. Now if iterations is
  equal to -1 (not set), we know that we should not ask for the passphrase
  on boot.
  It still doesn't handle situation when one key is protected with
  passphrase and the other is not. There is no quick fix for this.
  The complete solution will be to make number of iterations a per-key
  value. Because this need metadata format change and is only needed for
  devices attached on boot, I'll leave it as it is for now.

MFC after:	3 days
 2006-02-11 13:04:10 +00:00
Pawel Jakub Dawidek f1650f412f Deny init/attach/setkey subcommands when no key components are given. 
MFC after:	3 days
Tested with:	prove /usr/src/tools/regression/geom_eli
 2006-02-01 15:01:55 +00:00
Joel Dahl fbf9b468d5 Expand contractions. 2006-02-01 14:33:14 +00:00
Pawel Jakub Dawidek 66aa222e60 Remove trailing spaces. 2006-02-01 12:11:37 +00:00
Pawel Jakub Dawidek 4ca64f1db6 Remove unused argument. 
MFC after:	3 days
 2006-01-31 15:55:52 +00:00
Pawel Jakub Dawidek aaf8e1867b Allow to specify only one disk. This is helpful when we want to extend 
our concatenated device later.

MFC after:	1 week
 2006-01-30 22:47:07 +00:00
Pawel Jakub Dawidek 343c20a85e Add a reference to geli(8). 
MFC after:	3 days
 2006-01-29 00:32:40 +00:00
Pawel Jakub Dawidek df3d5a19fc Teach NOP GEOM class how to gather the following statistics: 
- number of read I/O requests,
- number of write I/O requests,
- number of read bytes,
- number of written bytes.
Add 'reset' subcommand for resetting statistics.
 2005-12-08 23:00:31 +00:00
Pawel Jakub Dawidek f13942a746 - The geom(8) utility only uses three types of arguments: string (char *), 
value (intmax_t) and boolean (int).
  Based on that provide three functions:
        - gctl_get_ascii()
        - gctl_get_int()
        - gctl_get_intmax()
- Hide gctl_get_param() function, as it is only used internally in
  subr.c.
- Allow to provide argument name as (fmt, ...).
- Assert geom(8) bugs (missing argument is a geom(8) bug).

- Clean-up and simplify the code by using new functions and assumtions
  (no more checking for missing argument).

Tested by:	regression tests
 2005-12-07 01:38:27 +00:00
Joel Dahl 19797b2256 s/5.5/6.0/ in HISTORY section. 
Discussed with:	ru
 2005-11-24 09:25:10 +00:00
Ceri Davies dd7337fc3a gmirror.8: 
Note the default balancing algorithm and stripe size.

geom_mirror.c:
  Slightly friendlier error message.

Reviewed by:	pjd
 2005-10-25 13:45:07 +00:00
Pawel Jakub Dawidek 0896d83c56 Add a note in example as well, that last sector is used for metadata, 
so it don't provoke confusions.

Noticed by:	Victor Sudakov <sudakov@sibptus.tomsk.ru>
MFC after:	2 days
 2005-09-29 08:56:15 +00:00
Pawel Jakub Dawidek df7eabb059 Even if there are no valid keys in metadata, but provider is attached 
we can still use setkey subcommand.

MFC after:	3 days
Found by:	regression tests
 2005-09-10 07:43:03 +00:00
Marius Strobl 52a7b796a4 As with NO_CRYPT, don't try to compile geli(8) when NO_OPENSSL is defined 
either.

MFC after:	1 week
 2005-08-27 20:51:12 +00:00
Takanori Watanabe cf5a7ef8d1 Update Document. 2005-08-26 11:39:38 +00:00
Pawel Jakub Dawidek dd549194ae By default, when doing crypto work in software, start as many threads 
as we have active CPUs and bind each thread to its own CPU.

MFC after:	3 days
 2005-08-21 18:12:51 +00:00
Pawel Jakub Dawidek 7a5c26fcbd Allow to change number of iterations for PKCS#5v2. It can only be used 
when there is only one key set.

MFC after:	3 days
 2005-08-19 22:19:25 +00:00
Pawel Jakub Dawidek 829781048d Move function for calculating number of bits into more central place. 
I want to use it so more.

MFC after:	3 days
 2005-08-19 22:13:09 +00:00
Pawel Jakub Dawidek 4cb6ca7622 Update manual page (now dedicated kernel thread is always started). 
MFC after:	3 days
 2005-08-17 15:27:23 +00:00
Pawel Jakub Dawidek a73148d28d Unfortunately dlerror(3) returns string, so there is no clean way to 
ignore "no such file" errors only, which I wanted to do.
Because of this I ignored all other errors on dlopen(3) failure as well,
which isn't good.
Fix this situation by calling access(2) on library file first and ignore
only ENOENT error. This allows to report all the rest of dlopen(3) errors.

MFC after:	3 days
 2005-08-14 21:55:18 +00:00
Pawel Jakub Dawidek 5b5a030fa4 When keys were configured without passphrase, number of iterations in 
metadata is equal to -1. if we then wanted to attach provider (or change
keys) and forget about '-p' flag it failed on assertion (quite ok, without
assertion it could call PKCS#5v2 with 4294967295 iterations).

Instead of failing on assertion, remind about '-p' flag.

MFC after:	3 days
 2005-08-14 14:13:07 +00:00
Pawel Jakub Dawidek 325319eb3d GELI doesn't need cryptodev. 
MFC after:	2 days
 2005-08-12 07:44:42 +00:00
Pawel Jakub Dawidek 9417a618d1 Add code for Ext2FS and ReiserFS labels recognition. 
Submitted by:	Stanislav Sedov <stas@310.ru>
PR:		kern/84638
MFC after:	1 week
 2005-08-12 00:27:45 +00:00
Ruslan Ermilov a5de1230a9 Add missing check for the NO_CRYPT build option. 
Reported by:	Alexander Polakov
 2005-08-02 20:12:30 +00:00
Christian Brueffer acc79971c2 Misc cleanup (spelling, grammar, mdoc, style, cut >80 char lines). 2005-07-30 13:27:15 +00:00
Pawel Jakub Dawidek fd833a6a19 I actually do need libmd. 2005-07-29 10:06:57 +00:00
Pawel Jakub Dawidek a05fe8d0e5 I think I found the problem, reconnect geli to the build. 2005-07-27 23:56:32 +00:00
Pawel Jakub Dawidek 0ee6653d31 - Reduce WARNS level to 3, so it will be compilabe on alpha. 
- Don't link libmd, it is not needed.
- Connect manual page to the build.

MFC after:	1 week
 2005-07-27 23:56:01 +00:00