Fix potential TOCTTOU bug in the geli tests

This change mostly reverts r293436, which introduced the bug due to a belief
that geli(8) would allocate md(4) devices by itself. However, that belief is
incorrect. Instead of using linear probing to find available md(4) numbers,
it's best to use the existing attach_md function.

Reviewed by:	ngie
MFC after:	2 weeks
Sponsored by:	Spectra Logic Corp
Differential Revision:	https://reviews.freebsd.org/D13666

tests/sys/geom/class/eli/attach_d_test.sh

@@ -6,30 +6,30 @@
 base=`basename $0`
 sectors=100
 keyfile=`mktemp $base.XXXXXX` || exit 1
-mdconfig -a -t malloc -s `expr $sectors + 1` -u $no || exit 1
+md=$(attach_md -t malloc -s `expr $sectors + 1`)
 
 echo "1..3"
 
 dd if=/dev/random of=${keyfile} bs=512 count=16 >/dev/null 2>&1
 
-geli init -B none -P -K $keyfile md${no}
-geli attach -d -p -k $keyfile md${no}
-if [ -c /dev/md${no}.eli ]; then
+geli init -B none -P -K $keyfile ${md}
+geli attach -d -p -k $keyfile ${md}
+if [ -c /dev/${md}.eli ]; then
 	echo "ok 1"
 else
 	echo "not ok 1"
 fi
 # Be sure it doesn't detach on read.
-dd if=/dev/md${no}.eli of=/dev/null 2>/dev/null
+dd if=/dev/${md}.eli of=/dev/null 2>/dev/null
 sleep 1
-if [ -c /dev/md${no}.eli ]; then
+if [ -c /dev/${md}.eli ]; then
 	echo "ok 2"
 else
 	echo "not ok 2"
 fi
-true > /dev/md${no}.eli
+true > /dev/${md}.eli
 sleep 1
-if [ ! -c /dev/md${no}.eli ]; then
+if [ ! -c /dev/${md}.eli ]; then
 	echo "ok 3"
 else
 	echo "not ok 3"

tests/sys/geom/class/eli/conf.sh

@@ -4,13 +4,6 @@
 class="eli"
 base=`basename $0`
 
-# We need to use linear probing in order to detect the first available md(4)
-# device instead of using mdconfig -a -t, because geli(8) attachs md(4) devices
-no=0
-while [ -c /dev/md$no ]; do
-	: $(( no += 1 ))
-done
-
 # Execute `func` for each combination of cipher, sectorsize, and hmac algo
 # `func` usage should be:
 # func <cipher> <aalgo> <secsize>
@@ -61,8 +54,14 @@ for_each_geli_config_nointegrity() {
 
 geli_test_cleanup()
 {
-	[ -c /dev/md${no}.eli ] && geli detach md${no}.eli
-	mdconfig -d -u $no
+	if [ -f "$TEST_MDS_FILE" ]; then
+		while read md; do
+			[ -c /dev/${md}.eli ] && \
+				geli detach $md.eli 2>/dev/null
+			mdconfig -d -u $md 2>/dev/null
+		done < $TEST_MDS_FILE
+	fi
+	rm -f "$TEST_MDS_FILE"
 }
 trap geli_test_cleanup ABRT EXIT INT TERM
 

tests/sys/geom/class/eli/configure_b_B_test.sh

@@ -5,123 +5,123 @@
 
 base=`basename $0`
 sectors=100
-mdconfig -a -t malloc -s `expr $sectors + 1` -u $no || exit 1
+md=$(attach_md -t malloc -s `expr $sectors + 1`)
 
 echo "1..17"
 
-geli init -B none -P -K /dev/null md${no}
+geli init -B none -P -K /dev/null ${md}
 if [ $? -eq 0 ]; then
 	echo "ok 1"
 else
 	echo "not ok 1"
 fi
 
-geli dump md${no} | egrep 'flags: 0x0$' >/dev/null
+geli dump ${md} | egrep 'flags: 0x0$' >/dev/null
 if [ $? -eq 0 ]; then
 	echo "ok 2"
 else
 	echo "not ok 2"
 fi
 
-geli init -B none -b -P -K /dev/null md${no}
+geli init -B none -b -P -K /dev/null ${md}
 if [ $? -eq 0 ]; then
 	echo "ok 3"
 else
 	echo "not ok 3"
 fi
 
-geli dump md${no} | egrep 'flags: 0x2$' >/dev/null
+geli dump ${md} | egrep 'flags: 0x2$' >/dev/null
 if [ $? -eq 0 ]; then
 	echo "ok 4"
 else
 	echo "not ok 4"
 fi
 
-geli configure -B md${no}
+geli configure -B ${md}
 if [ $? -eq 0 ]; then
 	echo "ok 5"
 else
 	echo "not ok 5"
 fi
 
-geli dump md${no} | egrep 'flags: 0x0$' >/dev/null
+geli dump ${md} | egrep 'flags: 0x0$' >/dev/null
 if [ $? -eq 0 ]; then
 	echo "ok 6"
 else
 	echo "not ok 6"
 fi
 
-geli configure -b md${no}
+geli configure -b ${md}
 if [ $? -eq 0 ]; then
 	echo "ok 7"
 else
 	echo "not ok 7"
 fi
 
-geli dump md${no} | egrep 'flags: 0x2$' >/dev/null
+geli dump ${md} | egrep 'flags: 0x2$' >/dev/null
 if [ $? -eq 0 ]; then
 	echo "ok 8"
 else
 	echo "not ok 8"
 fi
 
-geli attach -p -k /dev/null md${no}
+geli attach -p -k /dev/null ${md}
 if [ $? -eq 0 ]; then
 	echo "ok 9"
 else
 	echo "not ok 9"
 fi
 
-geli list md${no}.eli | egrep '^Flags: .*BOOT' >/dev/null
+geli list ${md}.eli | egrep '^Flags: .*BOOT' >/dev/null
 if [ $? -eq 0 ]; then
 	echo "ok 10"
 else
 	echo "not ok 10"
 fi
 
-geli configure -B md${no}
+geli configure -B ${md}
 if [ $? -eq 0 ]; then
 	echo "ok 11"
 else
 	echo "not ok 11"
 fi
 
-geli list md${no}.eli | egrep '^Flags: .*BOOT' >/dev/null
+geli list ${md}.eli | egrep '^Flags: .*BOOT' >/dev/null
 if [ $? -ne 0 ]; then
 	echo "ok 12"
 else
 	echo "not ok 12"
 fi
 
-geli dump md${no} | egrep 'flags: 0x0$' >/dev/null
+geli dump ${md} | egrep 'flags: 0x0$' >/dev/null
 if [ $? -eq 0 ]; then
 	echo "ok 13"
 else
 	echo "not ok 13"
 fi
 
-geli configure -b md${no}
+geli configure -b ${md}
 if [ $? -eq 0 ]; then
 	echo "ok 14"
 else
 	echo "not ok 14"
 fi
 
-geli list md${no}.eli | egrep '^Flags: .*BOOT' >/dev/null
+geli list ${md}.eli | egrep '^Flags: .*BOOT' >/dev/null
 if [ $? -eq 0 ]; then
 	echo "ok 15"
 else
 	echo "not ok 15"
 fi
 
-geli dump md${no} | egrep 'flags: 0x2$' >/dev/null
+geli dump ${md} | egrep 'flags: 0x2$' >/dev/null
 if [ $? -eq 0 ]; then
 	echo "ok 16"
 else
 	echo "not ok 16"
 fi
 
-geli detach md${no}
+geli detach ${md}
 if [ $? -eq 0 ]; then
 	echo "ok 17"
 else

tests/sys/geom/class/eli/delkey_test.sh

@@ -9,7 +9,7 @@ keyfile1=`mktemp $base.XXXXXX` || exit 1
 keyfile2=`mktemp $base.XXXXXX` || exit 1
 keyfile3=`mktemp $base.XXXXXX` || exit 1
 keyfile4=`mktemp $base.XXXXXX` || exit 1
-mdconfig -a -t malloc -s `expr $sectors + 1` -u $no || exit 1
+md=$(attach_md -t malloc -s `expr $sectors + 1`)
 
 echo "1..14"
 
@@ -18,21 +18,21 @@ dd if=/dev/random of=${keyfile2} bs=512 count=16 >/dev/null 2>&1
 dd if=/dev/random of=${keyfile3} bs=512 count=16 >/dev/null 2>&1
 dd if=/dev/random of=${keyfile4} bs=512 count=16 >/dev/null 2>&1
 
-geli init -B none -P -K $keyfile1 md${no}
-geli attach -p -k $keyfile1 md${no}
-geli setkey -n 1 -P -K $keyfile2 md${no}
+geli init -B none -P -K $keyfile1 ${md}
+geli attach -p -k $keyfile1 ${md}
+geli setkey -n 1 -P -K $keyfile2 ${md}
 
 # Remove key 0 for attached provider.
-geli delkey -n 0 md${no}
+geli delkey -n 0 ${md}
 if [ $? -eq 0 ]; then
 	echo "ok 1"
 else
 	echo "not ok 1"
 fi
-geli detach md${no}
+geli detach ${md}
 
 # We cannot use keyfile1 anymore.
-geli attach -p -k $keyfile1 md${no} 2>/dev/null
+geli attach -p -k $keyfile1 ${md} 2>/dev/null
 if [ $? -ne 0 ]; then
 	echo "ok 2"
 else
@@ -40,7 +40,7 @@ else
 fi
 
 # Attach with key 1.
-geli attach -p -k $keyfile2 md${no}
+geli attach -p -k $keyfile2 ${md}
 if [ $? -eq 0 ]; then
 	echo "ok 3"
 else
@@ -48,7 +48,7 @@ else
 fi
 
 # We cannot remove last key without -f option (for attached provider).
-geli delkey -n 1 md${no} 2>/dev/null
+geli delkey -n 1 ${md} 2>/dev/null
 if [ $? -ne 0 ]; then
 	echo "ok 4"
 else
@@ -56,7 +56,7 @@ else
 fi
 
 # Remove last key for attached provider.
-geli delkey -f -n 1 md${no}
+geli delkey -f -n 1 ${md}
 if [ $? -eq 0 ]; then
 	echo "ok 5"
 else
@@ -64,16 +64,16 @@ else
 fi
 
 # If there are no valid keys, but provider is attached, we can save situation.
-geli setkey -n 0 -P -K $keyfile3 md${no}
+geli setkey -n 0 -P -K $keyfile3 ${md}
 if [ $? -eq 0 ]; then
 	echo "ok 6"
 else
 	echo "not ok 6"
 fi
-geli detach md${no}
+geli detach ${md}
 
 # We cannot use keyfile2 anymore.
-geli attach -p -k $keyfile2 md${no} 2>/dev/null
+geli attach -p -k $keyfile2 ${md} 2>/dev/null
 if [ $? -ne 0 ]; then
 	echo "ok 7"
 else
@@ -81,7 +81,7 @@ else
 fi
 
 # Attach with key 0.
-geli attach -p -k $keyfile3 md${no}
+geli attach -p -k $keyfile3 ${md}
 if [ $? -eq 0 ]; then
 	echo "ok 8"
 else
@@ -89,16 +89,16 @@ else
 fi
 
 # Setup key 1.
-geli setkey -n 1 -P -K $keyfile4 md${no}
+geli setkey -n 1 -P -K $keyfile4 ${md}
 if [ $? -eq 0 ]; then
 	echo "ok 9"
 else
 	echo "not ok 9"
 fi
-geli detach md${no}
+geli detach ${md}
 
 # Remove key 1 for detached provider.
-geli delkey -n 1 md${no}
+geli delkey -n 1 ${md}
 if [ $? -eq 0 ]; then
 	echo "ok 10"
 else
@@ -106,7 +106,7 @@ else
 fi
 
 # We cannot use keyfile4 anymore.
-geli attach -p -k $keyfile4 md${no} 2>/dev/null
+geli attach -p -k $keyfile4 ${md} 2>/dev/null
 if [ $? -ne 0 ]; then
 	echo "ok 11"
 else
@@ -114,7 +114,7 @@ else
 fi
 
 # We cannot remove last key without -f option (for detached provider).
-geli delkey -n 0 md${no} 2>/dev/null
+geli delkey -n 0 ${md} 2>/dev/null
 if [ $? -ne 0 ]; then
 	echo "ok 12"
 else
@@ -122,7 +122,7 @@ else
 fi
 
 # Remove last key for detached provider.
-geli delkey -f -n 0 md${no}
+geli delkey -f -n 0 ${md}
 if [ $? -eq 0 ]; then
 	echo "ok 13"
 else
@@ -130,7 +130,7 @@ else
 fi
 
 # We cannot use keyfile3 anymore.
-geli attach -p -k $keyfile3 md${no} 2>/dev/null
+geli attach -p -k $keyfile3 ${md} 2>/dev/null
 if [ $? -ne 0 ]; then
 	echo "ok 14"
 else

tests/sys/geom/class/eli/detach_l_test.sh

@@ -6,36 +6,36 @@
 base=`basename $0`
 sectors=100
 keyfile=`mktemp $base.XXXXXX` || exit 1
-mdconfig -a -t malloc -s `expr $sectors + 1` -u $no || exit 1
+md=$(attach_md -t malloc -s `expr $sectors + 1`)
 
 echo "1..4"
 
 dd if=/dev/random of=${keyfile} bs=512 count=16 >/dev/null 2>&1
 
-geli init -B none -P -K $keyfile md${no}
-geli attach -p -k $keyfile md${no}
-if [ -c /dev/md${no}.eli ]; then
+geli init -B none -P -K $keyfile ${md}
+geli attach -p -k $keyfile ${md}
+if [ -c /dev/${md}.eli ]; then
 	echo "ok 1"
 else
 	echo "not ok 1"
 fi
 # Be sure it doesn't detach before 'detach -l'.
-dd if=/dev/md${no}.eli of=/dev/null 2>/dev/null
+dd if=/dev/${md}.eli of=/dev/null 2>/dev/null
 sleep 1
-if [ -c /dev/md${no}.eli ]; then
+if [ -c /dev/${md}.eli ]; then
 	echo "ok 2"
 else
 	echo "not ok 2"
 fi
-geli detach -l md${no}
-if [ -c /dev/md${no}.eli ]; then
+geli detach -l ${md}
+if [ -c /dev/${md}.eli ]; then
 	echo "ok 3"
 else
 	echo "not ok 3"
 fi
-dd if=/dev/md${no}.eli of=/dev/null 2>/dev/null
+dd if=/dev/${md}.eli of=/dev/null 2>/dev/null
 sleep 1
-if [ ! -c /dev/md${no}.eli ]; then
+if [ ! -c /dev/${md}.eli ]; then
 	echo "ok 4"
 else
 	echo "not ok 4"

tests/sys/geom/class/eli/init_B_test.sh

@@ -12,90 +12,90 @@ echo "1..13"
 
 dd if=/dev/random of=${keyfile} bs=512 count=16 >/dev/null 2>&1
 
-mdconfig -a -t malloc -s $sectors -u $no || exit 1
+md=$(attach_md -t malloc -s `expr $sectors`)
 
 # -B none
-rm -f /var/backups/md${no}.eli
-geli init -B none -P -K $keyfile md${no} 2>/dev/null
-if [ ! -f /var/backups/md${no}.eli ]; then
+rm -f /var/backups/${md}.eli
+geli init -B none -P -K $keyfile ${md} 2>/dev/null
+if [ ! -f /var/backups/${md}.eli ]; then
 	echo "ok 1 - -B none"
 else
 	echo "not ok 1 - -B none"
 fi
 
 # no -B
-rm -f /var/backups/md${no}.eli
-geli init -P -K $keyfile md${no} >/dev/null 2>&1
-if [ -f /var/backups/md${no}.eli ]; then
+rm -f /var/backups/${md}.eli
+geli init -P -K $keyfile ${md} >/dev/null 2>&1
+if [ -f /var/backups/${md}.eli ]; then
 	echo "ok 2 - no -B"
 else
 	echo "not ok 2 - no -B"
 fi
-geli clear md${no}
-geli attach -p -k $keyfile md${no} 2>/dev/null
+geli clear ${md}
+geli attach -p -k $keyfile ${md} 2>/dev/null
 if [ $? -ne 0 ]; then
 	echo "ok 3 - no -B"
 else
 	echo "not ok 3 - no -B"
 fi
-if [ ! -c /dev/md${no}.eli ]; then
+if [ ! -c /dev/${md}.eli ]; then
 	echo "ok 4 - no -B"
 else
 	echo "not ok 4 - no -B"
 fi
-geli restore /var/backups/md${no}.eli md${no}
+geli restore /var/backups/${md}.eli ${md}
 if [ $? -eq 0 ]; then
 	echo "ok 5 - no -B"
 else
 	echo "not ok 5 - no -B"
 fi
-geli attach -p -k $keyfile md${no} 2>/dev/null
+geli attach -p -k $keyfile ${md} 2>/dev/null
 if [ $? -eq 0 ]; then
 	echo "ok 6 - no -B"
 else
 	echo "not ok 6 - no -B"
 fi
-if [ -c /dev/md${no}.eli ]; then
+if [ -c /dev/${md}.eli ]; then
 	echo "ok 7 - no -B"
 else
 	echo "not ok 7 - no -B"
 fi
-geli detach md${no}
-rm -f /var/backups/md${no}.eli
+geli detach ${md}
+rm -f /var/backups/${md}.eli
 
 # -B file
 rm -f $backupfile
-geli init -B $backupfile -P -K $keyfile md${no} >/dev/null 2>&1
+geli init -B $backupfile -P -K $keyfile ${md} >/dev/null 2>&1
 if [ -f $backupfile ]; then
 	echo "ok 8 - -B file"
 else
 	echo "not ok 8 - -B file"
 fi
-geli clear md${no}
-geli attach -p -k $keyfile md${no} 2>/dev/null
+geli clear ${md}
+geli attach -p -k $keyfile ${md} 2>/dev/null
 if [ $? -ne 0 ]; then
 	echo "ok 9 - -B file"
 else
 	echo "not ok 9 - -B file"
 fi
-if [ ! -c /dev/md${no}.eli ]; then
+if [ ! -c /dev/${md}.eli ]; then
 	echo "ok 10 - -B file"
 else
 	echo "not ok 10 - -B file"
 fi
-geli restore $backupfile md${no}
+geli restore $backupfile ${md}
 if [ $? -eq 0 ]; then
 	echo "ok 11 - -B file"
 else
 	echo "not ok 11 - -B file"
 fi
-geli attach -p -k $keyfile md${no} 2>/dev/null
+geli attach -p -k $keyfile ${md} 2>/dev/null
 if [ $? -eq 0 ]; then
 	echo "ok 12 - -B file"
 else
 	echo "not ok 12 - -B file"
 fi
-if [ -c /dev/md${no}.eli ]; then
+if [ -c /dev/${md}.eli ]; then
 	echo "ok 13 - -B file"
 else
 	echo "not ok 13 - -B file"

tests/sys/geom/class/eli/init_J_test.sh

@@ -9,7 +9,7 @@ keyfile0=`mktemp $base.XXXXXX` || exit 1
 keyfile1=`mktemp $base.XXXXXX` || exit 1
 passfile0=`mktemp $base.XXXXXX` || exit 1
 passfile1=`mktemp $base.XXXXXX` || exit 1
-mdconfig -a -t malloc -s `expr $sectors + 1` -u $no || exit 1
+md=$(attach_md -t malloc -s `expr $sectors + 1`)
 
 echo "1..150"
 
@@ -20,106 +20,106 @@ dd if=/dev/random bs=512 count=16 2>/dev/null | sha1 > ${passfile1}
 
 i=1
 for iter in -1 0 64; do
-	geli init -i ${iter} -B none -J ${passfile0} -P md${no} 2>/dev/null && echo -n "not "
+	geli init -i ${iter} -B none -J ${passfile0} -P ${md} 2>/dev/null && echo -n "not "
 	echo "ok ${i}"; i=$((i+1))
-	geli init -i ${iter} -B none -J ${passfile0} -P -K ${keyfile0} md${no} 2>/dev/null && echo -n "not "
+	geli init -i ${iter} -B none -J ${passfile0} -P -K ${keyfile0} ${md} 2>/dev/null && echo -n "not "
 	echo "ok ${i}"; i=$((i+1))
-	geli init -i ${iter} -B none -J ${passfile0} -K ${keyfile0} md${no} 2>/dev/null || echo -n "not "
+	geli init -i ${iter} -B none -J ${passfile0} -K ${keyfile0} ${md} 2>/dev/null || echo -n "not "
 	echo "ok ${i}"; i=$((i+1))
-	geli attach -k ${keyfile0} -p md${no} 2>/dev/null && echo -n "not "
+	geli attach -k ${keyfile0} -p ${md} 2>/dev/null && echo -n "not "
 	echo "ok ${i}"; i=$((i+1))
-	geli attach -j ${passfile0} md${no} 2>/dev/null && echo -n "not "
+	geli attach -j ${passfile0} ${md} 2>/dev/null && echo -n "not "
 	echo "ok ${i}"; i=$((i+1))
-	geli attach -j ${keyfile0} md${no} 2>/dev/null && echo -n "not "
+	geli attach -j ${keyfile0} ${md} 2>/dev/null && echo -n "not "
 	echo "ok ${i}"; i=$((i+1))
-	geli attach -k ${passfile0} -p md${no} 2>/dev/null && echo -n "not "
+	geli attach -k ${passfile0} -p ${md} 2>/dev/null && echo -n "not "
 	echo "ok ${i}"; i=$((i+1))
-	geli attach -j ${keyfile0} -k ${passfile0} md${no} 2>/dev/null && echo -n "not "
+	geli attach -j ${keyfile0} -k ${passfile0} ${md} 2>/dev/null && echo -n "not "
 	echo "ok ${i}"; i=$((i+1))
-	geli attach -j ${keyfile0} -k ${keyfile0} md${no} 2>/dev/null && echo -n "not "
+	geli attach -j ${keyfile0} -k ${keyfile0} ${md} 2>/dev/null && echo -n "not "
 	echo "ok ${i}"; i=$((i+1))
-	geli attach -j ${passfile0} -k ${passfile0} md${no} 2>/dev/null && echo -n "not "
+	geli attach -j ${passfile0} -k ${passfile0} ${md} 2>/dev/null && echo -n "not "
 	echo "ok ${i}"; i=$((i+1))
-	geli attach -j ${passfile0} -k ${keyfile0} md${no} 2>/dev/null || echo -n "not "
+	geli attach -j ${passfile0} -k ${keyfile0} ${md} 2>/dev/null || echo -n "not "
 	echo "ok ${i}"; i=$((i+1))
-	geli detach md${no} || echo -n "not "
+	geli detach ${md} || echo -n "not "
 	echo "ok ${i}"; i=$((i+1))
-	cat ${keyfile0} | geli attach -j ${passfile0} -k - md${no} 2>/dev/null || echo -n "not "
+	cat ${keyfile0} | geli attach -j ${passfile0} -k - ${md} 2>/dev/null || echo -n "not "
 	echo "ok ${i}"; i=$((i+1))
-	geli detach md${no} || echo -n "not "
+	geli detach ${md} || echo -n "not "
 	echo "ok ${i}"; i=$((i+1))
-	cat ${passfile0} | geli attach -j - -k ${keyfile0} md${no} 2>/dev/null || echo -n "not "
+	cat ${passfile0} | geli attach -j - -k ${keyfile0} ${md} 2>/dev/null || echo -n "not "
 	echo "ok ${i}"; i=$((i+1))
-	geli detach md${no} || echo -n "not "
+	geli detach ${md} || echo -n "not "
 	echo "ok ${i}"; i=$((i+1))
 
-	geli init -i ${iter} -B none -J ${passfile0} -J ${passfile1} -P md${no} 2>/dev/null && echo -n "not "
+	geli init -i ${iter} -B none -J ${passfile0} -J ${passfile1} -P ${md} 2>/dev/null && echo -n "not "
 	echo "ok ${i}"; i=$((i+1))
-	geli init -i ${iter} -B none -J ${passfile0} -J ${passfile1} -P -K ${keyfile0} -K ${keyfile1} md${no} 2>/dev/null && echo -n "not "
+	geli init -i ${iter} -B none -J ${passfile0} -J ${passfile1} -P -K ${keyfile0} -K ${keyfile1} ${md} 2>/dev/null && echo -n "not "
 	echo "ok ${i}"; i=$((i+1))
-	geli init -i ${iter} -B none -J ${passfile0} -J ${passfile1} -K ${keyfile0} -K ${keyfile1} md${no} 2>/dev/null || echo -n "not "
+	geli init -i ${iter} -B none -J ${passfile0} -J ${passfile1} -K ${keyfile0} -K ${keyfile1} ${md} 2>/dev/null || echo -n "not "
 	echo "ok ${i}"; i=$((i+1))
-	geli attach -k ${keyfile0} -p md${no} 2>/dev/null && echo -n "not "
+	geli attach -k ${keyfile0} -p ${md} 2>/dev/null && echo -n "not "
 	echo "ok ${i}"; i=$((i+1))
-	geli attach -k ${keyfile1} -p md${no} 2>/dev/null && echo -n "not "
+	geli attach -k ${keyfile1} -p ${md} 2>/dev/null && echo -n "not "
 	echo "ok ${i}"; i=$((i+1))
-	geli attach -j ${passfile0} md${no} 2>/dev/null && echo -n "not "
+	geli attach -j ${passfile0} ${md} 2>/dev/null && echo -n "not "
 	echo "ok ${i}"; i=$((i+1))
-	geli attach -j ${passfile1} md${no} 2>/dev/null && echo -n "not "
+	geli attach -j ${passfile1} ${md} 2>/dev/null && echo -n "not "
 	echo "ok ${i}"; i=$((i+1))
-	geli attach -k ${keyfile0} -k ${keyfile1} -p md${no} 2>/dev/null && echo -n "not "
+	geli attach -k ${keyfile0} -k ${keyfile1} -p ${md} 2>/dev/null && echo -n "not "
 	echo "ok ${i}"; i=$((i+1))
-	geli attach -j ${passfile0} -j ${passfile1} md${no} 2>/dev/null && echo -n "not "
+	geli attach -j ${passfile0} -j ${passfile1} ${md} 2>/dev/null && echo -n "not "
 	echo "ok ${i}"; i=$((i+1))
-	geli attach -k ${keyfile0} -j ${passfile0} md${no} 2>/dev/null && echo -n "not "
+	geli attach -k ${keyfile0} -j ${passfile0} ${md} 2>/dev/null && echo -n "not "
 	echo "ok ${i}"; i=$((i+1))
-	geli attach -k ${keyfile0} -j ${passfile1} md${no} 2>/dev/null && echo -n "not "
+	geli attach -k ${keyfile0} -j ${passfile1} ${md} 2>/dev/null && echo -n "not "
 	echo "ok ${i}"; i=$((i+1))
-	geli attach -k ${keyfile1} -j ${passfile0} md${no} 2>/dev/null && echo -n "not "
+	geli attach -k ${keyfile1} -j ${passfile0} ${md} 2>/dev/null && echo -n "not "
 	echo "ok ${i}"; i=$((i+1))
-	geli attach -k ${keyfile1} -j ${passfile1} md${no} 2>/dev/null && echo -n "not "
+	geli attach -k ${keyfile1} -j ${passfile1} ${md} 2>/dev/null && echo -n "not "
 	echo "ok ${i}"; i=$((i+1))
-	geli attach -k ${keyfile0} -j ${passfile0} -j ${passfile1} md${no} 2>/dev/null && echo -n "not "
+	geli attach -k ${keyfile0} -j ${passfile0} -j ${passfile1} ${md} 2>/dev/null && echo -n "not "
 	echo "ok ${i}"; i=$((i+1))
-	geli attach -k ${keyfile1} -j ${passfile0} -j ${passfile1} md${no} 2>/dev/null && echo -n "not "
+	geli attach -k ${keyfile1} -j ${passfile0} -j ${passfile1} ${md} 2>/dev/null && echo -n "not "
 	echo "ok ${i}"; i=$((i+1))
-	geli attach -k ${keyfile0} -k ${keyfile1} -j ${passfile0} md${no} 2>/dev/null && echo -n "not "
+	geli attach -k ${keyfile0} -k ${keyfile1} -j ${passfile0} ${md} 2>/dev/null && echo -n "not "
 	echo "ok ${i}"; i=$((i+1))
-	geli attach -k ${keyfile0} -k ${keyfile1} -j ${passfile1} md${no} 2>/dev/null && echo -n "not "
+	geli attach -k ${keyfile0} -k ${keyfile1} -j ${passfile1} ${md} 2>/dev/null && echo -n "not "
 	echo "ok ${i}"; i=$((i+1))
-	geli attach -k ${keyfile1} -k ${keyfile0} -j ${passfile0} -j ${passfile1} md${no} 2>/dev/null && echo -n "not "
+	geli attach -k ${keyfile1} -k ${keyfile0} -j ${passfile0} -j ${passfile1} ${md} 2>/dev/null && echo -n "not "
 	echo "ok ${i}"; i=$((i+1))
-	geli attach -k ${keyfile0} -k ${keyfile1} -j ${passfile1} -j ${passfile0} md${no} 2>/dev/null && echo -n "not "
+	geli attach -k ${keyfile0} -k ${keyfile1} -j ${passfile1} -j ${passfile0} ${md} 2>/dev/null && echo -n "not "
 	echo "ok ${i}"; i=$((i+1))
-	geli attach -k ${keyfile1} -k ${keyfile0} -j ${passfile1} -j ${passfile0} md${no} 2>/dev/null && echo -n "not "
+	geli attach -k ${keyfile1} -k ${keyfile0} -j ${passfile1} -j ${passfile0} ${md} 2>/dev/null && echo -n "not "
 	echo "ok ${i}"; i=$((i+1))
-	geli attach -j ${passfile0} -j ${passfile1} -k ${keyfile0} -k ${keyfile1} md${no} 2>/dev/null || echo -n "not "
+	geli attach -j ${passfile0} -j ${passfile1} -k ${keyfile0} -k ${keyfile1} ${md} 2>/dev/null || echo -n "not "
 	echo "ok ${i}"; i=$((i+1))
-	geli detach md${no} || echo -n "not "
+	geli detach ${md} || echo -n "not "
 	echo "ok ${i}"; i=$((i+1))
-	cat ${passfile0} | geli attach -j - -j ${passfile1} -k ${keyfile0} -k ${keyfile1} md${no} 2>/dev/null || echo -n "not "
+	cat ${passfile0} | geli attach -j - -j ${passfile1} -k ${keyfile0} -k ${keyfile1} ${md} 2>/dev/null || echo -n "not "
 	echo "ok ${i}"; i=$((i+1))
-	geli detach md${no} || echo -n "not "
+	geli detach ${md} || echo -n "not "
 	echo "ok ${i}"; i=$((i+1))
-	cat ${passfile1} | geli attach -j ${passfile0} -j - -k ${keyfile0} -k ${keyfile1} md${no} 2>/dev/null || echo -n "not "
+	cat ${passfile1} | geli attach -j ${passfile0} -j - -k ${keyfile0} -k ${keyfile1} ${md} 2>/dev/null || echo -n "not "
 	echo "ok ${i}"; i=$((i+1))
-	geli detach md${no} || echo -n "not "
+	geli detach ${md} || echo -n "not "
 	echo "ok ${i}"; i=$((i+1))
-	cat ${keyfile0} | geli attach -j ${passfile0} -j ${passfile1} -k - -k ${keyfile1} md${no} 2>/dev/null || echo -n "not "
+	cat ${keyfile0} | geli attach -j ${passfile0} -j ${passfile1} -k - -k ${keyfile1} ${md} 2>/dev/null || echo -n "not "
 	echo "ok ${i}"; i=$((i+1))
-	geli detach md${no} || echo -n "not "
+	geli detach ${md} || echo -n "not "
 	echo "ok ${i}"; i=$((i+1))
-	cat ${keyfile1} | geli attach -j ${passfile0} -j ${passfile1} -k ${keyfile0} -k - md${no} 2>/dev/null || echo -n "not "
+	cat ${keyfile1} | geli attach -j ${passfile0} -j ${passfile1} -k ${keyfile0} -k - ${md} 2>/dev/null || echo -n "not "
 	echo "ok ${i}"; i=$((i+1))
-	geli detach md${no} || echo -n "not "
+	geli detach ${md} || echo -n "not "
 	echo "ok ${i}"; i=$((i+1))
-	cat ${keyfile0} ${keyfile1} | geli attach -j ${passfile0} -j ${passfile1} -k - md${no} 2>/dev/null || echo -n "not "
+	cat ${keyfile0} ${keyfile1} | geli attach -j ${passfile0} -j ${passfile1} -k - ${md} 2>/dev/null || echo -n "not "
 	echo "ok ${i}"; i=$((i+1))
-	geli detach md${no} || echo -n "not "
+	geli detach ${md} || echo -n "not "
 	echo "ok ${i}"; i=$((i+1))
-	cat ${passfile0} ${passfile1} | awk '{printf "%s", $0}' | geli attach -j - -k ${keyfile0} -k ${keyfile1} md${no} 2>/dev/null || echo -n "not "
+	cat ${passfile0} ${passfile1} | awk '{printf "%s", $0}' | geli attach -j - -k ${keyfile0} -k ${keyfile1} ${md} 2>/dev/null || echo -n "not "
 	echo "ok ${i}"; i=$((i+1))
-	geli detach md${no} || echo -n "not "
+	geli detach ${md} || echo -n "not "
 	echo "ok ${i}"; i=$((i+1))
 done
 

tests/sys/geom/class/eli/init_a_test.sh

@@ -15,16 +15,16 @@ do_test() {
 	ealgo=${cipher%%:*}
 	keylen=${cipher##*:}
 
-	mdconfig -a -t malloc -s `expr $secsize \* $sectors + 512`b -u $no || exit 1
-	geli init -B none -a $aalgo -e $ealgo -l $keylen -P -K $keyfile -s $secsize md${no} 2>/dev/null
-	geli attach -p -k $keyfile md${no}
+	md=$(attach_md -t malloc -s `expr $secsize \* $sectors + 512`b)
+	geli init -B none -a $aalgo -e $ealgo -l $keylen -P -K $keyfile -s $secsize ${md} 2>/dev/null
+	geli attach -p -k $keyfile ${md}
 
-	secs=`diskinfo /dev/md${no}.eli | awk '{print $4}'`
+	secs=`diskinfo /dev/${md}.eli | awk '{print $4}'`
 
-	dd if=${rnd} of=/dev/md${no}.eli bs=${secsize} count=${secs} 2>/dev/null
+	dd if=${rnd} of=/dev/${md}.eli bs=${secsize} count=${secs} 2>/dev/null
 
 	md_rnd=`dd if=${rnd} bs=${secsize} count=${secs} 2>/dev/null | md5`
-	md_ddev=`dd if=/dev/md${no}.eli bs=${secsize} count=${secs} 2>/dev/null | md5`
+	md_ddev=`dd if=/dev/${md}.eli bs=${secsize} count=${secs} 2>/dev/null | md5`
 
 	if [ ${md_rnd} = ${md_ddev} ]; then
 		echo "ok $i - aalgo=${aalgo} ealgo=${ealgo} keylen=${keylen} sec=${secsize}"
@@ -33,8 +33,8 @@ do_test() {
 	fi
 	i=$((i+1))
 
-	geli detach md${no}
-	mdconfig -d -u $no
+	geli detach ${md}
+	mdconfig -d -u ${md}
 }
 
 echo "1..600"

tests/sys/geom/class/eli/init_alias_test.sh

@@ -15,10 +15,10 @@ do_test() {
 	expected_ealgo=$3
 	expected_keylen=$4
 
-	geli init -B none -e $ealgo -l $keylen -P -K $keyfile md${no} 2>/dev/null
-	geli attach -p -k $keyfile md${no}
-	real_ealgo=`geli list md${no}.eli | awk '/EncryptionAlgorithm/ {print $2}'`
-	real_keylen=`geli list md${no}.eli | awk '/KeyLength/ {print $2}'`
+	geli init -B none -e $ealgo -l $keylen -P -K $keyfile ${md} 2>/dev/null
+	geli attach -p -k $keyfile ${md}
+	real_ealgo=`geli list ${md}.eli | awk '/EncryptionAlgorithm/ {print $2}'`
+	real_keylen=`geli list ${md}.eli | awk '/KeyLength/ {print $2}'`
 
 	if [ ${real_ealgo} = ${expected_ealgo} ]; then
 		echo "ok $i - ${ealgo} aliased to ${real_ealgo}"
@@ -34,12 +34,12 @@ do_test() {
 	fi
 	i=$((i+1))
 
-	geli detach md${no}
+	geli detach ${md}
 }
 
 echo "1..38"
 i=1
-mdconfig -a -t malloc -s 1024k -u $no || exit 1
+md=$(attach_md -t malloc -s 1024k)
 dd if=/dev/random of=${keyfile} bs=512 count=16 >/dev/null 2>&1
 
 for spec in aes:0:AES-XTS:128 aes:128:AES-XTS:128 aes:256:AES-XTS:256 \

tests/sys/geom/class/eli/init_i_P_test.sh

@@ -6,13 +6,13 @@
 base=`basename $0`
 sectors=100
 keyfile=`mktemp $base.XXXXXX` || exit 1
-mdconfig -a -t malloc -s `expr $sectors + 1` -u $no || exit 1
+md=$(attach_md -t malloc -s `expr $sectors + 1`)
 
 echo "1..1"
 
 dd if=/dev/random of=${keyfile} bs=512 count=16 >/dev/null 2>&1
 
-geli init -B none -i 64 -P -K ${keyfile} md${no} 2>/dev/null
+geli init -B none -i 64 -P -K ${keyfile} ${md} 2>/dev/null
 if [ $? -ne 0 ]; then
 	echo "ok 1"
 else

tests/sys/geom/class/eli/init_test.sh

@@ -16,19 +16,19 @@ do_test() {
 	ealgo=${cipher%%:*}
 	keylen=${cipher##*:}
 
-	mdconfig -a -t malloc -s `expr $secsize \* $sectors + 512`b -u $no || exit 1
+	md=$(attach_md -t malloc -s `expr $secsize \* $sectors + 512`b)
 
-	geli init -B none -e $ealgo -l $keylen -P -K $keyfile -s $secsize md${no} 2>/dev/null
-	geli attach -p -k $keyfile md${no}
+	geli init -B none -e $ealgo -l $keylen -P -K $keyfile -s $secsize ${md} 2>/dev/null
+	geli attach -p -k $keyfile ${md}
 
-	secs=`diskinfo /dev/md${no}.eli | awk '{print $4}'`
+	secs=`diskinfo /dev/${md}.eli | awk '{print $4}'`
 
 	dd if=/dev/random of=${rnd} bs=${secsize} count=${secs} >/dev/null 2>&1
-	dd if=${rnd} of=/dev/md${no}.eli bs=${secsize} count=${secs} 2>/dev/null
+	dd if=${rnd} of=/dev/${md}.eli bs=${secsize} count=${secs} 2>/dev/null
 
 	md_rnd=`dd if=${rnd} bs=${secsize} count=${secs} 2>/dev/null | md5`
-	md_ddev=`dd if=/dev/md${no}.eli bs=${secsize} count=${secs} 2>/dev/null | md5`
-	md_edev=`dd if=/dev/md${no} bs=${secsize} count=${secs} 2>/dev/null | md5`
+	md_ddev=`dd if=/dev/${md}.eli bs=${secsize} count=${secs} 2>/dev/null | md5`
+	md_edev=`dd if=/dev/${md} bs=${secsize} count=${secs} 2>/dev/null | md5`
 
 	if [ ${md_rnd} = ${md_ddev} ]; then
 		echo "ok $i - ealgo=${ealgo} keylen=${keylen} sec=${secsize}"
@@ -43,8 +43,8 @@ do_test() {
 	fi
 	i=$((i+1))
 
-	geli detach md${no}
-	mdconfig -d -u $no
+	geli detach ${md}
+	mdconfig -d -u ${md}
 }
 
 i=1

tests/sys/geom/class/eli/integrity_copy_test.sh

@@ -16,13 +16,13 @@ do_test() {
 	ealgo=${cipher%%:*}
 	keylen=${cipher##*:}
 
-	mdconfig -a -t malloc -s `expr $secsize \* 2 + 512`b -u $no || exit 1
-	geli init -B none -a $aalgo -e $ealgo -l $keylen -P -K $keyfile -s $secsize md${no} 2>/dev/null
-	geli attach -p -k $keyfile md${no}
+	md=$(attach_md -t malloc -s `expr $secsize \* 2 + 512`b)
+	geli init -B none -a $aalgo -e $ealgo -l $keylen -P -K $keyfile -s $secsize ${md} 2>/dev/null
+	geli attach -p -k $keyfile ${md}
 
-	dd if=/dev/random of=/dev/md${no}.eli bs=${secsize} count=1 >/dev/null 2>&1
+	dd if=/dev/random of=/dev/${md}.eli bs=${secsize} count=1 >/dev/null 2>&1
 
-	dd if=/dev/md${no}.eli bs=${secsize} count=1 >/dev/null 2>&1
+	dd if=/dev/${md}.eli bs=${secsize} count=1 >/dev/null 2>&1
 	if [ $? -eq 0 ]; then
 		echo "ok $i - small 1 aalgo=${aalgo} ealgo=${ealgo} keylen=${keylen} sec=${secsize}"
 	else
@@ -30,14 +30,14 @@ do_test() {
 	fi
 	i=$((i+1))
 
-	geli detach md${no}
+	geli detach ${md}
 	# Copy first small sector to the second small sector.
 	# This should be detected as corruption.
-	dd if=/dev/md${no} of=${sector} bs=512 count=1 >/dev/null 2>&1
-	dd if=${sector} of=/dev/md${no} bs=512 count=1 seek=1 >/dev/null 2>&1
-	geli attach -p -k $keyfile md${no}
+	dd if=/dev/${md} of=${sector} bs=512 count=1 >/dev/null 2>&1
+	dd if=${sector} of=/dev/${md} bs=512 count=1 seek=1 >/dev/null 2>&1
+	geli attach -p -k $keyfile ${md}
 
-	dd if=/dev/md${no}.eli of=/dev/null bs=${secsize} count=1 >/dev/null 2>&1
+	dd if=/dev/${md}.eli of=/dev/null bs=${secsize} count=1 >/dev/null 2>&1
 	if [ $? -ne 0 ]; then
 		echo "ok $i - small 2 aalgo=${aalgo} ealgo=${ealgo} keylen=${keylen} sec=${secsize}"
 	else
@@ -45,14 +45,14 @@ do_test() {
 	fi
 	i=$((i+1))
 
-	ms=`diskinfo /dev/md${no} | awk '{print $3 - 512}'`
-	ns=`diskinfo /dev/md${no}.eli | awk '{print $4}'`
+	ms=`diskinfo /dev/${md} | awk '{print $3 - 512}'`
+	ns=`diskinfo /dev/${md}.eli | awk '{print $4}'`
 	usecsize=`echo "($ms / $ns) - (($ms / $ns) % 512)" | bc`
 
 	# Fix the corruption
-	dd if=/dev/random of=/dev/md${no}.eli bs=${secsize} count=2 >/dev/null 2>&1
+	dd if=/dev/random of=/dev/${md}.eli bs=${secsize} count=2 >/dev/null 2>&1
 
-	dd if=/dev/md${no}.eli bs=${secsize} count=2 >/dev/null 2>&1
+	dd if=/dev/${md}.eli bs=${secsize} count=2 >/dev/null 2>&1
 	if [ $? -eq 0 ]; then
 		echo "ok $i - big 1 aalgo=${aalgo} ealgo=${ealgo} keylen=${keylen} sec=${secsize}"
 	else
@@ -60,14 +60,14 @@ do_test() {
 	fi
 	i=$((i+1))
 
-	geli detach md${no}
+	geli detach ${md}
 	# Copy first big sector to the second big sector.
 	# This should be detected as corruption.
-	dd if=/dev/md${no} of=${sector} bs=${usecsize} count=1 >/dev/null 2>&1
-	dd if=${sector} of=/dev/md${no} bs=${usecsize} count=1 seek=1 >/dev/null 2>&1
-	geli attach -p -k $keyfile md${no}
+	dd if=/dev/${md} of=${sector} bs=${usecsize} count=1 >/dev/null 2>&1
+	dd if=${sector} of=/dev/${md} bs=${usecsize} count=1 seek=1 >/dev/null 2>&1
+	geli attach -p -k $keyfile ${md}
 
-	dd if=/dev/md${no}.eli of=/dev/null bs=${secsize} count=2 >/dev/null 2>&1
+	dd if=/dev/${md}.eli of=/dev/null bs=${secsize} count=2 >/dev/null 2>&1
 	if [ $? -ne 0 ]; then
 		echo "ok $i - big 2 aalgo=${aalgo} ealgo=${ealgo} keylen=${keylen} sec=${secsize}"
 	else
@@ -75,8 +75,8 @@ do_test() {
 	fi
 	i=$((i+1))
 
-	geli detach md${no}
-	mdconfig -d -u $no
+	geli detach ${md}
+	mdconfig -d -u ${md}
 }
 
 

tests/sys/geom/class/eli/integrity_data_test.sh

@@ -16,16 +16,16 @@ do_test() {
 	ealgo=${cipher%%:*}
 	keylen=${cipher##*:}
 
-	mdconfig -a -t malloc -s `expr $secsize \* 2 + 512`b -u $no || exit 1
-	geli init -B none -a $aalgo -e $ealgo -l $keylen -P -K $keyfile -s $secsize md${no} 2>/dev/null
+	md=$(attach_md -t malloc -s `expr $secsize \* 2 + 512`b)
+	geli init -B none -a $aalgo -e $ealgo -l $keylen -P -K $keyfile -s $secsize ${md} 2>/dev/null
 
 	# Corrupt 8 bytes of data.
-	dd if=/dev/md${no} of=${sector} bs=512 count=1 >/dev/null 2>&1
+	dd if=/dev/${md} of=${sector} bs=512 count=1 >/dev/null 2>&1
 	dd if=/dev/random of=${sector} bs=1 count=8 seek=64 conv=notrunc >/dev/null 2>&1
-	dd if=${sector} of=/dev/md${no} bs=512 count=1 >/dev/null 2>&1
-	geli attach -p -k $keyfile md${no}
+	dd if=${sector} of=/dev/${md} bs=512 count=1 >/dev/null 2>&1
+	geli attach -p -k $keyfile ${md}
 
-	dd if=/dev/md${no}.eli of=/dev/null bs=${secsize} count=1 >/dev/null 2>&1
+	dd if=/dev/${md}.eli of=/dev/null bs=${secsize} count=1 >/dev/null 2>&1
 	if [ $? -ne 0 ]; then
 		echo "ok $i - aalgo=${aalgo} ealgo=${ealgo} keylen=${keylen} sec=${secsize}"
 	else
@@ -33,8 +33,8 @@ do_test() {
 	fi
 	i=$((i+1))
 
-	geli detach md${no}
-	mdconfig -d -u $no
+	geli detach ${md}
+	mdconfig -d -u ${md}
 }
 
 i=1

tests/sys/geom/class/eli/integrity_hmac_test.sh

@@ -16,16 +16,16 @@ do_test() {
 	ealgo=${cipher%%:*}
 	keylen=${cipher##*:}
 
-	mdconfig -a -t malloc -s `expr $secsize \* 2 + 512`b -u $no || exit 2
-	geli init -B none -a $aalgo -e $ealgo -l $keylen -P -K $keyfile -s $secsize md${no} 2>/dev/null
+	md=$(attach_md -t malloc -s `expr $secsize \* 2 + 512`b)
+	geli init -B none -a $aalgo -e $ealgo -l $keylen -P -K $keyfile -s $secsize ${md} 2>/dev/null
 
 	# Corrupt 8 bytes of HMAC.
-	dd if=/dev/md${no} of=${sector} bs=512 count=1 >/dev/null 2>&1
+	dd if=/dev/${md} of=${sector} bs=512 count=1 >/dev/null 2>&1
 	dd if=/dev/random of=${sector} bs=1 count=16 conv=notrunc >/dev/null 2>&1
-	dd if=${sector} of=/dev/md${no} bs=512 count=1 >/dev/null 2>&1
-	geli attach -p -k $keyfile md${no}
+	dd if=${sector} of=/dev/${md} bs=512 count=1 >/dev/null 2>&1
+	geli attach -p -k $keyfile ${md}
 
-	dd if=/dev/md${no}.eli bs=${secsize} count=1 >/dev/null 2>&1
+	dd if=/dev/${md}.eli bs=${secsize} count=1 >/dev/null 2>&1
 	if [ $? -ne 0 ]; then
 		echo "ok $i - aalgo=${aalgo} ealgo=${ealgo} keylen=${keylen} sec=${secsize}"
 	else
@@ -33,8 +33,8 @@ do_test() {
 	fi
 	i=$((i+1))
 
-	geli detach md${no}
-	mdconfig -d -u $no
+	geli detach ${md}
+	mdconfig -d -u ${md}
 }
 
 

tests/sys/geom/class/eli/kill_test.sh

@@ -7,19 +7,19 @@ base=`basename $0`
 sectors=100
 keyfile1=`mktemp $base.XXXXXX` || exit 1
 keyfile2=`mktemp $base.XXXXXX` || exit 1
-mdconfig -a -t malloc -s `expr $sectors + 1` -u $no || exit 1
+md=$(attach_md -t malloc -s `expr $sectors + 1`)
 
 echo "1..9"
 
 dd if=/dev/random of=${keyfile1} bs=512 count=16 >/dev/null 2>&1
 dd if=/dev/random of=${keyfile2} bs=512 count=16 >/dev/null 2>&1
 
-geli init -B none -P -K $keyfile1 md${no}
-geli attach -p -k $keyfile1 md${no}
-geli setkey -n 1 -P -K $keyfile2 md${no}
+geli init -B none -P -K $keyfile1 ${md}
+geli attach -p -k $keyfile1 ${md}
+geli setkey -n 1 -P -K $keyfile2 ${md}
 
 # Kill attached provider.
-geli kill md${no}
+geli kill ${md}
 if [ $? -eq 0 ]; then
 	echo "ok 1"
 else
@@ -27,14 +27,14 @@ else
 fi
 sleep 1
 # Provider should be automatically detached.
-if [ ! -c /dev/md{$no}.eli ]; then
+if [ ! -c /dev/${md}.eli ]; then
 	echo "ok 2"
 else
 	echo "not ok 2"
 fi
 
 # We cannot use keyfile1 anymore.
-geli attach -p -k $keyfile1 md${no} 2>/dev/null
+geli attach -p -k $keyfile1 ${md} 2>/dev/null
 if [ $? -ne 0 ]; then
 	echo "ok 3"
 else
@@ -42,36 +42,36 @@ else
 fi
 
 # We cannot use keyfile2 anymore.
-geli attach -p -k $keyfile2 md${no} 2>/dev/null
+geli attach -p -k $keyfile2 ${md} 2>/dev/null
 if [ $? -ne 0 ]; then
 	echo "ok 4"
 else
 	echo "not ok 4"
 fi
 
-geli init -B none -P -K $keyfile1 md${no}
-geli setkey -n 1 -p -k $keyfile1 -P -K $keyfile2 md${no}
+geli init -B none -P -K $keyfile1 ${md}
+geli setkey -n 1 -p -k $keyfile1 -P -K $keyfile2 ${md}
 
 # Should be possible to attach with keyfile1.
-geli attach -p -k $keyfile1 md${no}
+geli attach -p -k $keyfile1 ${md}
 if [ $? -eq 0 ]; then
 	echo "ok 5"
 else
 	echo "not ok 5"
 fi
-geli detach md${no}
+geli detach ${md}
 
 # Should be possible to attach with keyfile2.
-geli attach -p -k $keyfile2 md${no}
+geli attach -p -k $keyfile2 ${md}
 if [ $? -eq 0 ]; then
 	echo "ok 6"
 else
 	echo "not ok 6"
 fi
-geli detach md${no}
+geli detach ${md}
 
 # Kill detached provider.
-geli kill md${no}
+geli kill ${md}
 if [ $? -eq 0 ]; then
 	echo "ok 7"
 else
@@ -79,7 +79,7 @@ else
 fi
 
 # We cannot use keyfile1 anymore.
-geli attach -p -k $keyfile1 md${no} 2>/dev/null
+geli attach -p -k $keyfile1 ${md} 2>/dev/null
 if [ $? -ne 0 ]; then
 	echo "ok 8"
 else
@@ -87,7 +87,7 @@ else
 fi
 
 # We cannot use keyfile2 anymore.
-geli attach -p -k $keyfile2 md${no} 2>/dev/null
+geli attach -p -k $keyfile2 ${md} 2>/dev/null
 if [ $? -ne 0 ]; then
 	echo "ok 9"
 else

tests/sys/geom/class/eli/nokey_test.sh

@@ -6,11 +6,11 @@
 base=`basename $0`
 sectors=100
 keyfile=`mktemp $base.XXXXXX` || exit 1
-mdconfig -a -t malloc -s `expr $sectors + 1` -u $no || exit 1
+md=$(attach_md -t malloc -s `expr $sectors + 1`)
 
 echo "1..8"
 
-geli init -B none -P md${no} 2>/dev/null
+geli init -B none -P ${md} 2>/dev/null
 if [ $? -ne 0 ]; then
 	echo "ok 1"
 else
@@ -19,43 +19,43 @@ fi
 
 dd if=/dev/random of=${keyfile} bs=512 count=16 >/dev/null 2>&1
 
-geli init -B none -P -K ${keyfile} md${no} 2>/dev/null
+geli init -B none -P -K ${keyfile} ${md} 2>/dev/null
 if [ $? -eq 0 ]; then
 	echo "ok 2"
 else
 	echo "not ok 2"
 fi
-geli attach -p md${no} 2>/dev/null
+geli attach -p ${md} 2>/dev/null
 if [ $? -ne 0 ]; then
 	echo "ok 3"
 else
 	echo "not ok 3"
 fi
-geli attach -p -k ${keyfile} md${no} 2>/dev/null
+geli attach -p -k ${keyfile} ${md} 2>/dev/null
 if [ $? -eq 0 ]; then
 	echo "ok 4"
 else
 	echo "not ok 4"
 fi
-geli setkey -n 0 -P md${no} 2>/dev/null
+geli setkey -n 0 -P ${md} 2>/dev/null
 if [ $? -ne 0 ]; then
 	echo "ok 5"
 else
 	echo "not ok 5"
 fi
-geli detach md${no} 2>/dev/null
+geli detach ${md} 2>/dev/null
 if [ $? -eq 0 ]; then
 	echo "ok 6"
 else
 	echo "not ok 6"
 fi
-geli setkey -n 0 -p -P -K ${keyfile} md${no} 2>/dev/null
+geli setkey -n 0 -p -P -K ${keyfile} ${md} 2>/dev/null
 if [ $? -ne 0 ]; then
 	echo "ok 7"
 else
 	echo "not ok 7"
 fi
-geli setkey -n 0 -p -k ${keyfile} -P md${no} 2>/dev/null
+geli setkey -n 0 -p -k ${keyfile} -P ${md} 2>/dev/null
 if [ $? -ne 0 ]; then
 	echo "ok 8"
 else

tests/sys/geom/class/eli/onetime_a_test.sh

@@ -16,15 +16,15 @@ do_test() {
 	ealgo=${cipher%%:*}
 	keylen=${cipher##*:}
 
-	mdconfig -a -t malloc -s `expr $secsize \* $sectors + 512`b -u $no || exit 1
-	geli onetime -a $aalgo -e $ealgo -l $keylen -s $secsize md${no} 2>/dev/null
+	md=$(attach_md -t malloc -s `expr $secsize \* $sectors + 512`b)
+	geli onetime -a $aalgo -e $ealgo -l $keylen -s $secsize ${md} 2>/dev/null
 
-	secs=`diskinfo /dev/md${no}.eli | awk '{print $4}'`
+	secs=`diskinfo /dev/${md}.eli | awk '{print $4}'`
 
-	dd if=${rnd} of=/dev/md${no}.eli bs=${secsize} count=${secs} 2>/dev/null
+	dd if=${rnd} of=/dev/${md}.eli bs=${secsize} count=${secs} 2>/dev/null
 
 	md_rnd=`dd if=${rnd} bs=${secsize} count=${secs} 2>/dev/null | md5`
-	md_ddev=`dd if=/dev/md${no}.eli bs=${secsize} count=${secs} 2>/dev/null | md5`
+	md_ddev=`dd if=/dev/${md}.eli bs=${secsize} count=${secs} 2>/dev/null | md5`
 
 	if [ ${md_rnd} = ${md_ddev} ]; then
 		echo "ok $i - aalgo=${aalgo} ealgo=${ealgo} keylen=${keylen} sec=${secsize}"
@@ -33,8 +33,8 @@ do_test() {
 	fi
 	i=$((i+1))
 
-	geli detach md${no}
-	mdconfig -d -u $no
+	geli detach ${md}
+	mdconfig -d -u ${md}
 }
 
 i=1

tests/sys/geom/class/eli/onetime_d_test.sh

@@ -5,30 +5,30 @@
 
 base=`basename $0`
 sectors=100
-mdconfig -a -t malloc -s $sectors -u $no || exit 1
+md=$(attach_md -t malloc -s $sectors)
 
 echo "1..3"
 
-geli onetime -d md${no}
-if [ -c /dev/md${no}.eli ]; then
+geli onetime -d ${md}
+if [ -c /dev/${md}.eli ]; then
 	echo "ok 1"
 else
 	echo "not ok 1"
 fi
 # Be sure it doesn't detach on read.
-dd if=/dev/md${no}.eli of=/dev/null 2>/dev/null
+dd if=/dev/${md}.eli of=/dev/null 2>/dev/null
 sleep 1
-if [ -c /dev/md${no}.eli ]; then
+if [ -c /dev/${md}.eli ]; then
 	echo "ok 2"
 else
 	echo "not ok 2"
 fi
-true > /dev/md${no}.eli
+true > /dev/${md}.eli
 sleep 1
-if [ ! -c /dev/md${no}.eli ]; then
+if [ ! -c /dev/${md}.eli ]; then
 	echo "ok 3"
 else
 	echo "not ok 3"
 fi
 
-mdconfig -d -u $no
+mdconfig -d -u ${md}

tests/sys/geom/class/eli/onetime_test.sh

@@ -15,18 +15,18 @@ do_test() {
 	keylen=${cipher##*:}
 
 	rnd=`mktemp $base.XXXXXX` || exit 1
-	mdconfig -a -t malloc -s `expr $secsize \* $sectors`b -u $no || exit 1
+	md=$(attach_md -t malloc -s `expr $secsize \* $sectors`b)
 
-	geli onetime -e $ealgo -l $keylen -s $secsize md${no} 2>/dev/null
+	geli onetime -e $ealgo -l $keylen -s $secsize ${md} 2>/dev/null
 
-	secs=`diskinfo /dev/md${no}.eli | awk '{print $4}'`
+	secs=`diskinfo /dev/${md}.eli | awk '{print $4}'`
 
 	dd if=/dev/random of=${rnd} bs=${secsize} count=${secs} >/dev/null 2>&1
-	dd if=${rnd} of=/dev/md${no}.eli bs=${secsize} count=${secs} 2>/dev/null
+	dd if=${rnd} of=/dev/${md}.eli bs=${secsize} count=${secs} 2>/dev/null
 
 	md_rnd=`dd if=${rnd} bs=${secsize} count=${secs} 2>/dev/null | md5`
-	md_ddev=`dd if=/dev/md${no}.eli bs=${secsize} count=${secs} 2>/dev/null | md5`
-	md_edev=`dd if=/dev/md${no} bs=${secsize} count=${secs} 2>/dev/null | md5`
+	md_ddev=`dd if=/dev/${md}.eli bs=${secsize} count=${secs} 2>/dev/null | md5`
+	md_edev=`dd if=/dev/${md} bs=${secsize} count=${secs} 2>/dev/null | md5`
 
 	if [ ${md_rnd} = ${md_ddev} ]; then
 		echo "ok $i - ealgo=${ealgo} keylen=${keylen} sec=${secsize}"
@@ -41,9 +41,9 @@ do_test() {
 	fi
 	i=$((i+1))
 
-	geli detach md${no}
+	geli detach ${md}
 	rm -f $rnd
-	mdconfig -d -u $no
+	mdconfig -d -u ${md}
 }
 
 i=1

tests/sys/geom/class/eli/readonly_test.sh

@@ -6,34 +6,34 @@
 base=`basename $0`
 sectors=100
 keyfile=`mktemp $base.XXXXXX` || exit 1
-mdconfig -a -t malloc -s `expr $sectors + 1` -u $no || exit 1
+md=$(attach_md -t malloc -s `expr $sectors + 1`)
 
 echo "1..11"
 
 dd if=/dev/random of=${keyfile} bs=512 count=16 >/dev/null 2>&1
 
-geli init -B none -P -K $keyfile md${no}
+geli init -B none -P -K $keyfile ${md}
 if [ $? -eq 0 ]; then
 	echo "ok 1"
 else
 	echo "not ok 1"
 fi
 
-geli attach -r -p -k $keyfile md${no}
+geli attach -r -p -k $keyfile ${md}
 if [ $? -eq 0 ]; then
 	echo "ok 2"
 else
 	echo "not ok 2"
 fi
 
-sh -c "true >/dev/md${no}.eli" 2>/dev/null
+sh -c "true >/dev/${md}.eli" 2>/dev/null
 if [ $? -ne 0 ]; then
 	echo "ok 3"
 else
 	echo "not ok 3"
 fi
 
-geli kill md${no}
+geli kill ${md}
 if [ $? -eq 0 ]; then
 	echo "ok 4"
 else
@@ -41,54 +41,54 @@ else
 fi
 
 # kill should detach provider...
-if [ ! -c /dev/md{$no}.eli ]; then
+if [ ! -c /dev/${md}.eli ]; then
 	echo "ok 5"
 else
 	echo "not ok 5"
 fi
 
 # ...but not destroy the metadata.
-geli attach -r -p -k $keyfile md${no}
+geli attach -r -p -k $keyfile ${md}
 if [ $? -eq 0 ]; then
 	echo "ok 6"
 else
 	echo "not ok 6"
 fi
 
-geli setkey -n 1 -P -K /dev/null md${no} 2>/dev/null
+geli setkey -n 1 -P -K /dev/null ${md} 2>/dev/null
 if [ $? -ne 0 ]; then
 	echo "ok 7"
 else
 	echo "not ok 7"
 fi
 
-geli delkey -n 0 md${no} 2>/dev/null
+geli delkey -n 0 ${md} 2>/dev/null
 if [ $? -ne 0 ]; then
 	echo "ok 8"
 else
 	echo "not ok 8"
 fi
 
-geli delkey -f -n 0 md${no} 2>/dev/null
+geli delkey -f -n 0 ${md} 2>/dev/null
 if [ $? -ne 0 ]; then
 	echo "ok 9"
 else
 	echo "not ok 9"
 fi
 
-geli list md${no}.eli | egrep '^Flags: .*READ-ONLY' >/dev/null
+geli list ${md}.eli | egrep '^Flags: .*READ-ONLY' >/dev/null
 if [ $? -eq 0 ]; then
 	echo "ok 10"
 else
 	echo "not ok 10"
 fi
 
-geli detach md${no}
+geli detach ${md}
 if [ $? -eq 0 ]; then
 	echo "ok 11"
 else
 	echo "not ok 11"
 fi
 
-mdconfig -d -u $no
+mdconfig -d -u ${md}
 rm -f $keyfile

tests/sys/geom/class/eli/resize_test.sh

@@ -8,8 +8,7 @@ echo 1..27
 BLK=512
 BLKS_PER_MB=2048
 
-md=$(mdconfig -s40m) || exit 1
-unit=${md#md}
+md=$(attach_md -t malloc -s40m)
 i=1
 
 fsck_md()

tests/sys/geom/class/eli/setkey_test.sh

@@ -11,7 +11,7 @@ keyfile2=`mktemp $base.XXXXXX` || exit 1
 keyfile3=`mktemp $base.XXXXXX` || exit 1
 keyfile4=`mktemp $base.XXXXXX` || exit 1
 keyfile5=`mktemp $base.XXXXXX` || exit 1
-mdconfig -a -t malloc -s `expr $sectors + 1` -u $no || exit 1
+md=$(attach_md -t malloc -s `expr $sectors + 1`)
 
 echo "1..16"
 
@@ -23,24 +23,24 @@ dd if=/dev/random of=${keyfile3} bs=512 count=16 >/dev/null 2>&1
 dd if=/dev/random of=${keyfile4} bs=512 count=16 >/dev/null 2>&1
 dd if=/dev/random of=${keyfile5} bs=512 count=16 >/dev/null 2>&1
 
-geli init -B none -P -K $keyfile1 md${no}
-geli attach -p -k $keyfile1 md${no}
+geli init -B none -P -K $keyfile1 ${md}
+geli attach -p -k $keyfile1 ${md}
 
-dd if=${rnd} of=/dev/md${no}.eli bs=512 count=${sectors} 2>/dev/null
+dd if=${rnd} of=/dev/${md}.eli bs=512 count=${sectors} 2>/dev/null
 rm -f $rnd
-hash2=`dd if=/dev/md${no}.eli bs=512 count=${sectors} 2>/dev/null | md5`
+hash2=`dd if=/dev/${md}.eli bs=512 count=${sectors} 2>/dev/null | md5`
 
 # Change current key (0) for attached provider.
-geli setkey -P -K $keyfile2 md${no}
+geli setkey -P -K $keyfile2 ${md}
 if [ $? -eq 0 ]; then
 	echo "ok 1"
 else
 	echo "not ok 1"
 fi
-geli detach md${no}
+geli detach ${md}
 
 # We cannot use keyfile1 anymore.
-geli attach -p -k $keyfile1 md${no} 2>/dev/null
+geli attach -p -k $keyfile1 ${md} 2>/dev/null
 if [ $? -ne 0 ]; then
 	echo "ok 2"
 else
@@ -48,35 +48,35 @@ else
 fi
 
 # Attach with new key.
-geli attach -p -k $keyfile2 md${no}
+geli attach -p -k $keyfile2 ${md}
 if [ $? -eq 0 ]; then
 	echo "ok 3"
 else
 	echo "not ok 3"
 fi
-hash3=`dd if=/dev/md${no}.eli bs=512 count=${sectors} 2>/dev/null | md5`
+hash3=`dd if=/dev/${md}.eli bs=512 count=${sectors} 2>/dev/null | md5`
 
 # Change key 1 for attached provider.
-geli setkey -n 1 -P -K $keyfile3 md${no}
+geli setkey -n 1 -P -K $keyfile3 ${md}
 if [ $? -eq 0 ]; then
 	echo "ok 4"
 else
 	echo "not ok 4"
 fi
-geli detach md${no}
+geli detach ${md}
 
 # Attach with key 1.
-geli attach -p -k $keyfile3 md${no}
+geli attach -p -k $keyfile3 ${md}
 if [ $? -eq 0 ]; then
 	echo "ok 5"
 else
 	echo "not ok 5"
 fi
-hash4=`dd if=/dev/md${no}.eli bs=512 count=${sectors} 2>/dev/null | md5`
-geli detach md${no}
+hash4=`dd if=/dev/${md}.eli bs=512 count=${sectors} 2>/dev/null | md5`
+geli detach ${md}
 
 # Change current (1) key for detached provider.
-geli setkey -p -k $keyfile3 -P -K $keyfile4 md${no}
+geli setkey -p -k $keyfile3 -P -K $keyfile4 ${md}
 if [ $? -eq 0 ]; then
 	echo "ok 6"
 else
@@ -84,7 +84,7 @@ else
 fi
 
 # We cannot use keyfile3 anymore.
-geli attach -p -k $keyfile3 md${no} 2>/dev/null
+geli attach -p -k $keyfile3 ${md} 2>/dev/null
 if [ $? -ne 0 ]; then
 	echo "ok 7"
 else
@@ -92,17 +92,17 @@ else
 fi
 
 # Attach with key 1.
-geli attach -p -k $keyfile4 md${no}
+geli attach -p -k $keyfile4 ${md}
 if [ $? -eq 0 ]; then
 	echo "ok 8"
 else
 	echo "not ok 8"
 fi
-hash5=`dd if=/dev/md${no}.eli bs=512 count=${sectors} 2>/dev/null | md5`
-geli detach md${no}
+hash5=`dd if=/dev/${md}.eli bs=512 count=${sectors} 2>/dev/null | md5`
+geli detach ${md}
 
 # Change key 0 for detached provider.
-geli setkey -n 0 -p -k $keyfile4 -P -K $keyfile5 md${no}
+geli setkey -n 0 -p -k $keyfile4 -P -K $keyfile5 ${md}
 if [ $? -eq 0 ]; then
 	echo "ok 9"
 else
@@ -110,7 +110,7 @@ else
 fi
 
 # We cannot use keyfile2 anymore.
-geli attach -p -k $keyfile2 md${no} 2>/dev/null
+geli attach -p -k $keyfile2 ${md} 2>/dev/null
 if [ $? -ne 0 ]; then
 	echo "ok 10"
 else
@@ -118,14 +118,14 @@ else
 fi
 
 # Attach with key 0.
-geli attach -p -k $keyfile5 md${no}
+geli attach -p -k $keyfile5 ${md}
 if [ $? -eq 0 ]; then
 	echo "ok 11"
 else
 	echo "not ok 11"
 fi
-hash6=`dd if=/dev/md${no}.eli bs=512 count=${sectors} 2>/dev/null | md5`
-geli detach md${no}
+hash6=`dd if=/dev/${md}.eli bs=512 count=${sectors} 2>/dev/null | md5`
+geli detach ${md}
 
 if [ ${hash1} = ${hash2} ]; then
 	echo "ok 12"