Clarify error that geli generates

when it finds corrupt data. PR: kern/165695 Submitted by: Robert Simmons <rsimmons0@gmail.com> Reviewed by: pjd Approved by: cperciva MFC after: 1 week
2012-05-09 17:26:52 +00:00 · 2012-05-09 17:26:52 +00:00 · af23b88b5c
commit af23b88b5c
parent b04b94d332
2 changed files with 7 additions and 3 deletions
--- a/sbin/geom/class/eli/geli.8
+++ b/sbin/geom/class/eli/geli.8
@ -924,6 +924,9 @@ will not protect your data against replay attacks.
 It is recommended to write to the whole provider before first use,
 in order to make sure that all sectors and their corresponding
 checksums are properly initialized into a consistent state.
+One can safely ignore data authentication errors that occur immediately
+after the first time a provider is attached and before it is
+initialized in this way.
 .Sh SEE ALSO
 .Xr crypto 4 ,
 .Xr gbde 4 ,
--- a/sys/geom/eli/g_eli_integrity.c
+++ b/sys/geom/eli/g_eli_integrity.c
@ -205,8 +205,8 @@ g_eli_auth_read_done(struct cryptop *crp)
 				 * Report previous corruption if there was one.
 				 */
 				if (coroff != -1) {
-					G_ELI_DEBUG(0, "%s: %jd bytes "
-					    "corrupted at offset %jd.",
+					G_ELI_DEBUG(0, "%s: Failed to authenticate %jd "
+					    "bytes of data at offset %jd",
 					    sc->sc_name, (intmax_t)corsize,
 					    (intmax_t)coroff);
 					coroff = -1;
@ -221,7 +221,8 @@ g_eli_auth_read_done(struct cryptop *crp)
 		}
 		/* Report previous corruption if there was one. */
 		if (coroff != -1) {
-			G_ELI_DEBUG(0, "%s: %jd bytes corrupted at offset %jd.",
+			G_ELI_DEBUG(0, "%s: Failed to authenticate %jd "
+			    "bytes of data at offset %jd",
 			    sc->sc_name, (intmax_t)corsize, (intmax_t)coroff);
 		}
 	}