d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
5ad4a7c74a
freebsd-dev/sbin
History
Pawel Jakub Dawidek 5ad4a7c74a Bring in geli suspend/resume functionality (finally). 
Before this change if you wanted to suspend your laptop and be sure that your
encryption keys are safe, you had to stop all processes that use file system
stored on encrypted device, unmount the file system and detach geli provider.

This isn't very handy. If you are a lucky user of a laptop where suspend/resume
actually works with FreeBSD (I'm not!) you most likely want to suspend your
laptop, because you don't want to start everything over again when you turn
your laptop back on.

And this is where geli suspend/resume steps in. When you execute:

	# geli suspend -a

geli will wait for all in-flight I/O requests, suspend new I/O requests, remove
all geli sensitive data from the kernel memory (like encryption keys) and will
wait for either 'geli resume' or 'geli detach'.

Now with no keys in memory you can suspend your laptop without stopping any
processes or unmounting any file systems.

When you resume your laptop you have to resume geli devices using 'geli resume'
command. You need to provide your passphrase, etc. again so the keys can be
restored and suspended I/O requests released.

Of course you need to remember that 'geli suspend' won't clear file system
cache and other places where data from your geli-encrypted file system might be
present. But to get rid of those stopping processes and unmounting file system
won't help either - you have to turn your laptop off. Be warned.

Also note, that suspending geli device which contains file system with geli
utility (or anything used by 'geli resume') is not very good idea, as you won't
be able to resume it - when you execute geli(8), the kernel will try to read it
and this read I/O request will be suspended.
2010-10-20 20:50:55 +00:00
..
adjkerntz Raise WARNS for various tools where possible. 2010-01-17 21:56:27 +00:00
atacontrol Improve output for controllers that doesn't report SATA speed. 2010-02-22 10:45:40 +00:00
atm MFtbemd: 2010-08-23 22:24:11 +00:00
badsect Switch the default WARNS level for sbin/ to 6. 2009-10-19 16:00:24 +00:00
bsdlabel Don't attempt to write label with GEOM_BSD based method if the class is 2010-08-27 11:08:11 +00:00
camcontrol Stop disallowing device nodes to be passed to camcontrol(8) since libcam 2010-10-19 20:05:25 +00:00
ccdconfig mdoc: drop redundant .Pp and .LP calls 2010-10-08 12:40:16 +00:00
clri Switch the default WARNS level for sbin/ to 6. 2009-10-19 16:00:24 +00:00
comcontrol ANSIfy almost all applications that use WARNS=6. 2009-12-29 22:53:27 +00:00
conscontrol Switch the default WARNS level for sbin/ to 6. 2009-10-19 16:00:24 +00:00
ddb Always assign WARNS using ?= 2010-03-02 16:58:04 +00:00
devd Allow the kernel to generate more spacy things and still have devd 2010-10-09 07:29:13 +00:00
devfs Document the interaction between /etc/devfs.conf and 2010-02-21 10:29:45 +00:00
dhclient Document dhclient-enter-hooks and dhclient-exit-hooks and mention 2010-09-06 09:59:10 +00:00
dmesg Switch the default WARNS level for sbin/ to 6. 2009-10-19 16:00:24 +00:00
dump Plug two memory leaks in error case. 2010-02-03 23:56:12 +00:00
dumpfs - Merge soft-updates journaling from projects/suj/head into head. This 2010-04-24 07:05:35 +00:00
dumpon Switch the default WARNS level for sbin/ to 6. 2009-10-19 16:00:24 +00:00
fdisk Add support for identifying a journaled root filesystem. 2010-09-16 08:16:53 +00:00
fdisk_pc98 Use the common PC98_SID_ACTIVE define instead of a local define. 2009-03-19 12:31:59 +00:00
ffsinfo Bump WARNS where possible. 2010-02-15 14:07:40 +00:00
fsck Fix typos and spelling mistakes. 2010-08-06 14:33:42 +00:00
fsck_ffs Fix typos, spelling, formatting and mdoc mistakes found by Nobuyuki while 2010-08-16 15:18:30 +00:00
fsck_msdosfs Fix some style(9), although there's a lot more issues here. 2010-06-20 09:40:54 +00:00
fsdb - Merge soft-updates journaling from projects/suj/head into head. This 2010-04-24 07:05:35 +00:00
fsirand fsirand(8): make WARNS=3 clean 2010-05-14 14:26:49 +00:00
gbde MFtbemd: 2010-08-23 22:24:11 +00:00
geom Bring in geli suspend/resume functionality (finally). 2010-10-20 20:50:55 +00:00
ggate Please welcome HAST - Highly Avalable Storage. 2010-02-18 23:16:19 +00:00
growfs Unbreak the build on strong-aligned architectures (arm, ia64). 2010-09-20 04:20:55 +00:00
gvinum Initialize variables before usage. 2010-06-11 17:02:57 +00:00
hastctl Fix typos, spelling, formatting and mdoc mistakes found by Nobuyuki while 2010-08-16 15:18:30 +00:00
hastd Log correct connection when canceling half-open connection. 2010-10-17 15:47:27 +00:00
ifconfig Fix typos, spelling, formatting and mdoc mistakes found by Nobuyuki while 2010-08-16 15:18:30 +00:00
init Remove stale inclusion of <ulog.h>. 2010-01-27 20:32:58 +00:00
ipf Always assign WARNS using ?= 2010-03-02 16:58:04 +00:00
ipfw document logging through bpf 2010-10-13 22:07:57 +00:00
iscontrol - Add full support for header / data digests. 2010-08-09 12:36:36 +00:00
kldconfig Raise WARNS for various tools where possible. 2010-01-17 21:56:27 +00:00
kldload Make flags in usage() and SYNOPSYS more style(9)-ish. 2010-08-30 07:29:27 +00:00
kldstat Casting size_t to uintmax_t is not necessary anymore. This also 2010-05-12 15:47:43 +00:00
kldunload Switch the default WARNS level for sbin/ to 6. 2009-10-19 16:00:24 +00:00
ldconfig ANSIfy ldconfig and the aout bits it still uses from rtld-aout. 2009-12-29 21:07:17 +00:00
mca sysctlbyname() returns -1 on error and sets errno. It does 2010-07-03 22:02:29 +00:00
md5 Switch the default WARNS level for sbin/ to 6. 2009-10-19 16:00:24 +00:00
mdconfig Make mdconfig(8) WARNS=6 clean: 2010-01-22 08:51:58 +00:00
mdmfs Switch the default WARNS level for sbin/ to 6. 2009-10-19 16:00:24 +00:00
mknod mdoc: drop redundant .Pp and .LP calls 2010-10-08 12:40:16 +00:00
mksnap_ffs - Print the nmount(2) provided error message only when it is set. 2010-10-10 09:24:19 +00:00
mount Fix printing of the "rw" mount option in fstab(5) format (-p option). 2010-09-30 13:31:35 +00:00
mount_autofs Switch the default WARNS level for sbin/ to 6. 2009-10-19 16:00:24 +00:00
mount_cd9660 Fix minor memory leak in a function. 2009-11-20 15:28:38 +00:00
mount_ext2fs Switch the default WARNS level for sbin/ to 6. 2009-10-19 16:00:24 +00:00
mount_hpfs mdoc: consistently spell our email addresses <foo@FreeBSD.org> 2010-05-19 08:57:53 +00:00
mount_msdosfs mdoc: move CAVEATS, BUGS and SECURITY CONSIDERATIONS sections to the 2010-05-13 12:07:55 +00:00
mount_nfs Shut the compiler up; initializes the sotype variable to zero in 2010-09-04 08:42:19 +00:00
mount_ntfs mdoc: move CAVEATS, BUGS and SECURITY CONSIDERATIONS sections to the 2010-05-13 12:07:55 +00:00
mount_nullfs ANSIfy almost all applications that use WARNS=6. 2009-12-29 22:53:27 +00:00
mount_reiserfs mdoc: move CAVEATS, BUGS and SECURITY CONSIDERATIONS sections to the 2010-05-13 12:07:55 +00:00
mount_std mdoc: move CAVEATS, BUGS and SECURITY CONSIDERATIONS sections to the 2010-05-13 12:07:55 +00:00
mount_udf style.Makefile(5): Remove -Wall from CFLAGS. 2006-07-17 20:53:25 +00:00
mount_unionfs Add a notice to the man page that batteries should be installed. 2010-09-21 08:25:00 +00:00
natd Raise WARNS for various tools where possible. 2010-01-17 21:56:27 +00:00
newfs Reported problem: 2010-09-24 19:08:56 +00:00
newfs_msdos MFtbemd: 2010-08-23 22:24:11 +00:00
nfsiod - Display current settings when run without options. 2009-12-26 08:36:02 +00:00
nos-tun nos-tun(8): make WARNS=3 clean 2010-03-10 18:51:13 +00:00
pfctl Switch the default WARNS level for sbin/ to 6. 2009-10-19 16:00:24 +00:00
pflogd Let pflogd's Makefile just use WARNS instead of changing CFLAGS. 2009-04-23 09:11:37 +00:00
ping Small style fixes: 2010-06-20 12:52:33 +00:00
ping6 Fix typos and spelling mistakes. 2010-08-06 14:33:42 +00:00
quotacheck Update to current version of head. 2010-04-28 05:33:59 +00:00
rcorder mdoc: move CAVEATS, BUGS and SECURITY CONSIDERATIONS sections to the 2010-05-13 12:07:55 +00:00
reboot Remove stale reference to wtmp(5). 2010-10-11 20:17:23 +00:00
recoverdisk Switch the default WARNS level for sbin/ to 6. 2009-10-19 16:00:24 +00:00
restore Fix grammar in a line of output. 2010-05-12 20:21:44 +00:00
route route(8): make WARNS=3 clean 2010-02-27 10:18:33 +00:00
routed mdoc: drop even more redundant .Pp calls 2010-10-19 12:35:40 +00:00
rtsol rtsol(8)/rtsold(8): make WARNS=3 clean 2010-02-27 10:19:39 +00:00
savecore Switch the default WARNS level for sbin/ to 6. 2009-10-19 16:00:24 +00:00
sconfig Switch the default WARNS level for sbin/ to 6. 2009-10-19 16:00:24 +00:00
setkey mdoc: drop even more redundant .Pp calls 2010-10-19 12:35:40 +00:00
shutdown Add missing `void' for functions without arguments. 2009-12-29 08:49:43 +00:00
spppcontrol mdoc: order prologue macros consistently by Dd/Dt/Os 2010-04-14 19:08:06 +00:00
sunlabel mdoc: drop even more redundant .Pp calls 2010-10-19 12:35:40 +00:00
swapon Raise WARNS for various tools where possible. 2010-01-17 21:56:27 +00:00
sysctl Make the format of "Real Memory" and "Virtual Memory" lines more 2010-09-16 10:53:01 +00:00
tunefs - Round up the journal size to the block size so we don't confuse fsck. 2010-05-18 01:45:28 +00:00
umount Introduce '[ipaddr]:path' notation. 2010-02-04 15:17:49 +00:00
Makefile MF tbemd: Move to using Makefile.arch to select what to build. 2010-09-13 02:25:21 +00:00
Makefile.amd64 MF tbemd: Move to using Makefile.arch to select what to build. 2010-09-13 02:25:21 +00:00
Makefile.arm MF tbemd: Move to using Makefile.arch to select what to build. 2010-09-13 02:25:21 +00:00
Makefile.i386 MF tbemd: Move to using Makefile.arch to select what to build. 2010-09-13 02:25:21 +00:00
Makefile.ia64 MF tbemd: Move to using Makefile.arch to select what to build. 2010-09-13 02:25:21 +00:00
Makefile.inc Switch the default WARNS level for sbin/ to 6. 2009-10-19 16:00:24 +00:00
Makefile.mips MF tbemd: Move to using Makefile.arch to select what to build. 2010-09-13 02:25:21 +00:00
Makefile.pc98 MF tbemd: Move to using Makefile.arch to select what to build. 2010-09-13 02:25:21 +00:00
Makefile.sparc64 MF tbemd: Move to using Makefile.arch to select what to build. 2010-09-13 02:25:21 +00:00