Commit Graph

347 Commits

Author SHA1 Message Date
Xin LI
62ad217a9b * Recommend a overwrite of whole geli provider before use.
* Correct a typo while I'm there.

Reviewed by:	pjd
MFC after:	2 weeks
2010-12-03 10:06:19 +00:00
Rebecca Cran
1161d4202c Fix some more warnings found by clang. 2010-11-22 20:10:48 +00:00
Andrey V. Elsukov
68f7502341 Add SIGINT handler to gpart restore action.
MFC after:	1 week
2010-11-22 11:24:11 +00:00
Andrey V. Elsukov
80085938d4 Always dump partition labels with gpart backup, but gpart restore
does restore them only when -l option is specified [1]. Make number of
entries field in backup format optional. Document -l and -r options of
`gpart show` action.

Suggested by:	pjd [1]
MFC after:	1 week
2010-11-22 10:08:33 +00:00
Andrey V. Elsukov
9fe175f914 Add to gpart(8) an ability to backup partition table and
restore it from given backup.

Discussed with:	geom@
Approved by:	kib (mentor)
MFC after:	1 week
2010-11-20 16:03:53 +00:00
Pawel Jakub Dawidek
240dd5b5aa Use fprintf(stderr) instead of gctl_error() to print a warning about too
big sector size. When gctl error is set gctl_has_param() always returns
'false', which prevents geli(8) from finding some arguments and also masks
an error, which is generates in such case.

MFC after:	3 days
2010-10-26 22:46:15 +00:00
Andrey V. Elsukov
e7926a3703 Reimplemented "gpart destroy -F". Now it does all work in kernel.
This was needed for recover implementation.

Implement the recover command for GPT. Now GPT will marked as
corrupt when any of three types of corruption will be detected:
1. Damaged primary GPT header or table
2. Damaged secondary GPT header or table
3. Secondary header is not located in the last LBA
Marked GPT becomes read-only. Any changes with corrupt table
are prohibited. Only "destroy" and "recover" commands are allowed.

Discussed with:	geom@ (mostly silence)
Tested by:	Ilya A. Arhipov
Approved by:	mav (mentor)
MFC after:	2 weeks
2010-10-25 16:23:35 +00:00
Pawel Jakub Dawidek
5ad4a7c74a Bring in geli suspend/resume functionality (finally).
Before this change if you wanted to suspend your laptop and be sure that your
encryption keys are safe, you had to stop all processes that use file system
stored on encrypted device, unmount the file system and detach geli provider.

This isn't very handy. If you are a lucky user of a laptop where suspend/resume
actually works with FreeBSD (I'm not!) you most likely want to suspend your
laptop, because you don't want to start everything over again when you turn
your laptop back on.

And this is where geli suspend/resume steps in. When you execute:

	# geli suspend -a

geli will wait for all in-flight I/O requests, suspend new I/O requests, remove
all geli sensitive data from the kernel memory (like encryption keys) and will
wait for either 'geli resume' or 'geli detach'.

Now with no keys in memory you can suspend your laptop without stopping any
processes or unmounting any file systems.

When you resume your laptop you have to resume geli devices using 'geli resume'
command. You need to provide your passphrase, etc. again so the keys can be
restored and suspended I/O requests released.

Of course you need to remember that 'geli suspend' won't clear file system
cache and other places where data from your geli-encrypted file system might be
present. But to get rid of those stopping processes and unmounting file system
won't help either - you have to turn your laptop off. Be warned.

Also note, that suspending geli device which contains file system with geli
utility (or anything used by 'geli resume') is not very good idea, as you won't
be able to resume it - when you execute geli(8), the kernel will try to read it
and this read I/O request will be suspended.
2010-10-20 20:50:55 +00:00
Andrey V. Elsukov
21bf062e7e Replace strlen(_PATH_DEV) with sizeof(_PATH_DEV) - 1.
Suggested by:	kib
Approved by:	kib (mentor)
MFC after:	5 days
2010-10-09 20:20:27 +00:00
Ulrich Spörlein
0d9deed52c mdoc: drop redundant .Pp and .LP calls
They have no effect when coming in pairs, or before .Bl/.Bd
2010-10-08 12:40:16 +00:00
Pawel Jakub Dawidek
15d98d9738 Document recently added GPT attributes (bootme, bootonce, bootfailed) and
list other schemes attributes.

Reviewed by:	simon, rpaulo
MFC after:	2 weeks
2010-09-28 09:07:00 +00:00
Andrey V. Elsukov
6259ffb455 Remove superfluous word from "gpart bootcode" usage message.
Approved by:	kib (mentor)
2010-09-26 21:48:32 +00:00
Pawel Jakub Dawidek
1cf3d5ee99 - Add support for loading passphrase from a file (-J and -j options).
This is especially useful for things like installers, where regular
  geli prompt can't be used.
- Add support for specifing multiple -K or -k options, so there is no
  need to cat all keyfiles and read them from standard input.

Requested by:	Kris Moore <kris@pcbsd.org>, thompsa
MFC after:	2 weeks
2010-09-25 17:38:57 +00:00
Andrey V. Elsukov
6305a96c20 Implement "force" (-F) option for gpart destroy verb.
This option doesn't passed to kernel and handled in user-space.
With -F option gpart creates new "delete" request for each
partition in table. Each request has flags="X" that disables
auto-commit feature. Last request is the original "destroy" request.
It has own flags and can have disabled or enabled auto-commit feature.
If error is occurred when deleting partitions, then new "undo" request
is created and all changes will be rolled back.

Approved by:	kib (mentor)
2010-09-24 08:40:43 +00:00
Pawel Jakub Dawidek
7157a8ad7d - Simplify code by using g_*() API.
- Don't use u_char and u_int in userland.
- Change 'unsigned' to 'unsigned int'.
- Update copyright years.

MFC after:	1 week
2010-09-23 12:04:12 +00:00
Pawel Jakub Dawidek
cdf8ab6198 Update copyright years.
MFC after:	1 week
2010-09-23 12:02:42 +00:00
Pawel Jakub Dawidek
07f1d01429 Document AES-XTS.
MFC after:	1 week
2010-09-23 12:00:40 +00:00
Pawel Jakub Dawidek
d2ac2ff105 - When trashing metadata, repeat overwrite kern.geom.eli.overwrites times.
- Flush write cache after each write.

MFC after:	1 week
2010-09-23 11:18:02 +00:00
Pawel Jakub Dawidek
488186c304 - Use g_*() API when doing backups.
- fsync() created filed.

MFC after:	1 week
2010-09-23 11:04:50 +00:00
Pawel Jakub Dawidek
2ecb2a01e7 Because we first write metadata into new place and then trash old place we
don't want situation where old size is equal to new size, as we will trash
newly written metadata.

MFC after:	1 week
2010-09-23 10:58:13 +00:00
Pawel Jakub Dawidek
429cf66400 - Make use of g_*() API.
- Flush cache after writing metadata.

MFC after:	1 week
2010-09-23 10:55:45 +00:00
Pawel Jakub Dawidek
5cd61a1fb7 Simplify code a bit by using g_*() API from libgeom.
MFC after:	1 week
2010-09-23 10:50:17 +00:00
Brian Somers
044bf69fd5 Add a geli resize subcommand to resize encrypted filesystems prior
to growing the filesystem.

Refuse to attach providers where the metadata provider size is
wrong.  This makes post-boot attaches behave consistently with
pre-boot attaches.  Also refuse to restore metadata to a provider
of the wrong size without the new -f switch.  The new -f switch
forces the metadata restoration despite the provider size, and
updates the provider size in the restored metadata to the correct
value.

Helped by:	pjd
Reviewed by:	pjd
2010-09-20 22:04:59 +00:00
Pawel Jakub Dawidek
e38060039e Fix indent. 2010-09-19 10:51:55 +00:00
Pawel Jakub Dawidek
b5b293e37a GPART_PARAM_INDEX is now G_TYPE_NUMBER. 2010-09-15 21:37:26 +00:00
Pawel Jakub Dawidek
628ec6d344 Remove dead code. 2010-09-14 20:54:22 +00:00
Pawel Jakub Dawidek
fa5383a260 Remove now unused G_TYPE_ASCNUM. 2010-09-14 16:22:22 +00:00
Pawel Jakub Dawidek
8107ecf892 - Change all places where G_TYPE_ASCNUM is used to G_TYPE_NUMBER.
It turns out the new type wasn't really needed.
- Reorganize code a little bit.
2010-09-14 16:21:13 +00:00
Pawel Jakub Dawidek
56382b5f76 Update two last places where "arg0" should be used instead of "geom". 2010-09-14 16:19:09 +00:00
Pawel Jakub Dawidek
d1db39d90e All gpart(8) subcommands apart from the 'bootcode' subcommand handle
given geom/provider names with and without /dev/ prefix. Teach the
'bootcode' subcommand to handle /dev/<foo> names as well.
2010-09-14 11:36:26 +00:00
Pawel Jakub Dawidek
f104beb787 Remove dot which shouldn't be here, as err(3) will attach error message
at the end of the string.
2010-09-14 11:19:21 +00:00
Pawel Jakub Dawidek
7648b1e9c0 Introduce special G_VAL_OPTIONAL define, which when given in value field
tells geom(8) to ignore it when it is not given and don't try to obtain
default value.
2010-09-14 11:13:46 +00:00
Pawel Jakub Dawidek
315fcbf7db Add G_TYPE_MULTI flag, which when set for the given option, will
allow the option to be specified multiple times. This will help to
implement things like passing multiple keyfiles to geli(8) instead of
cat(1)ing them all into stdin and reading from there using one '-k -'
option.
2010-09-13 13:59:28 +00:00
Pawel Jakub Dawidek
946e2f3595 - Remove gc_argname field. It was introduced for gpart(8), but if I
understand everything correctly, we don't really need it.
- Provide default numeric value as strings. This allows to simplify
  a lot of code.
- Bump version number.
2010-09-13 13:48:18 +00:00
Pawel Jakub Dawidek
a478ea7490 - Allow to specify value as const pointers.
- Make optional string values always an empty string.
2010-09-13 08:56:07 +00:00
Maxim Konovalov
2888756701 o List MOUNTVER and SCHED classes. X-ref gsched(8). Bump Dd.
PR:		docs/149925
Submitted by:	arundel
2010-09-01 08:32:40 +00:00
Ulrich Spörlein
b2d89ed701 gsched(8): fix example usage, mdoc nits
- ad0 was referred to as da0
- wrong parameter -s instead of -a in example
- use double quotes consistently

PR:            docs/150082
Submitted by:  N.J. Mann <njm@njm.me.uk>
MFC after:     2 weeks
2010-08-29 11:32:41 +00:00
Dag-Erling Smørgrav
35efcc8b69 expand_number(3) takes a uint64_t * now; intmax_t was never correct
except by accident.

MFC after:	3 weeks
2010-08-19 11:20:24 +00:00
Joel Dahl
c2025a7660 Fix typos, spelling, formatting and mdoc mistakes found by Nobuyuki while
translating these manual pages.  Minor corrections by me.

Submitted by:	Nobuyuki Koganemaru <n-kogane@syd.odn.ne.jp>
2010-08-16 15:18:30 +00:00
Matt Jacob
e02616caf0 Avoid a memory leak.
Submitted by:	Dmitry Luhtionov via Alexander Motin
MFC after:	1 week
2010-08-13 15:17:19 +00:00
Joel Dahl
f6ac23919b Fix typos and spelling mistakes. 2010-08-06 14:33:42 +00:00
Ulrich Spörlein
06d85cc61f gsched(8) was first released with FreeBSD 8.1
MFC after:	3 days
2010-07-30 12:56:34 +00:00
Benedict Reuschling
629ce700d5 Small typo fix: s/ommited/omitted
PR:             docs/148977
Submitted by:   Warren Block (wblock at wonkity dot com)
MFC after:      4 days
2010-07-27 17:23:40 +00:00
Andrey V. Elsukov
959059ef9e Document that SI unit suffixes are supported for -b and -s options
of add verb. Mention about maximum size limit for "freebsd-boot"
partition. It should be smaller than 545 KB (hardcoded in pmbr).
Show usage of SI unit suffixes in example.

Approved by:	mav (mentor)
MFC after:	1 week
2010-07-23 11:00:43 +00:00
Alexander Motin
bb160d3d4b Do not bzero() NULL pointer on malloc() error.
Submitted by:	Dmitry Luhtionov
2010-07-14 15:14:00 +00:00
Matt Jacob
5d8d4137df Fix the clear function which has been broken for a bit.
MFC after:	1 week
2010-07-04 22:17:56 +00:00
Andrey V. Elsukov
02fc66090b Check for overflow before it occurs. Also add check for
negative numbers.

Suggested by:	ache
Approved by:	kib (mentor)
2010-06-21 12:50:54 +00:00
Andrey V. Elsukov
79d89bb0ab Remove G_TYPE_ASCLBA type and replace it with G_TYPE_STRING in gpart.
Move code that converts params from humanized numbers to sectors count
to subr.c and adjust comment.
Add post-processing for "size" and "start offset" params in gpart,
now they are properly converted to sectors count with known sector size
that can be greater that 512 bytes.
Also replace "unsigned long long" type to "off_t" for unify code since
it used for medium size in libgeom(3) and DIOCGMEDIASIZE ioctl.

PR:		bin/146277
Reviewed by:	marcel (previous version)
Approved by:	kib (mentor)
MFC after:	1 month
2010-06-21 08:24:50 +00:00
Ulrich Spörlein
9eecb5528b mdoc nitpicking for gsched.8
- remove stray argument [1]
- remove stray whitespace
- use canonical wording for the HISTORY section

PR:		docs/147119 [1]
Submitted by:	Alexander Best <alexbestms@wwu.de> [1]
MFC after:	1 week
2010-06-19 18:52:37 +00:00
Andrey V. Elsukov
24609c49ca bgeom(3) does strdup of param name.
Don't leak memory when deleting param from gctl_req.

Reviewed by:	marcel
Approved by:	mav (mentor)
MFC after:	2 weeks
2010-06-07 07:41:41 +00:00