d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

MFC r266107,r266108,r266109:

Browse Source 
Here is a patch for the bsdinstall root-on-zfs stuff that adds optional
encryption for swap, and optional gmirror for swap (which can be combined)

Updates to the datasets created by zfsboot.

Set compress=lz4 for the entire pool, removing it from the individual
datasets

Remove exec=no from /usr/src, breaks the test suite.

Fix the "disks" variable reuse.

It starts off being used to track the grammar for the number of disks
(singular vs plural) and then it is reused as the list of available disks.

Replace the variable with disks_grammar and move 'disk' and 'disks' to
msg_ vars so they can be translated in the future.

Submitted by:	Allan Jude <freebsd@allanjude.com>
Reviewed by:	roberto
Sponsored by:	ScaleEngine Inc.
This commit is contained in:
roberto 2014-06-04 14:58:51 +00:00
parent b421df8fef
commit 912232c83b
1 changed files with 108 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

135
usr.sbin/bsdinstall/scripts/zfsboot
View File

@ -107,6 +107,16 @@ f_include $BSDCFG_SHARE/variable.subr
#
: ${ZFSBOOT_SWAP_SIZE:=2g}
#
# Should we use geli(8) to encrypt the swap?
#
: ${ZFSBOOT_SWAP_ENCRYPTION=}
#
# Should we use gmirror(8) to mirror the swap?
#
: ${ZFSBOOT_SWAP_MIRROR=}
#
# Default ZFS datasets for root zpool
#
@ -121,7 +131,7 @@ f_isset ZFSBOOT_DATASETS || ZFSBOOT_DATASETS="
/$ZFSBOOT_BEROOT_NAME/$ZFSBOOT_BOOTFS_NAME mountpoint=/
# Compress /tmp, allow exec but not setuid
/tmp mountpoint=/tmp,compression=lz4,exec=on,setuid=off
/tmp mountpoint=/tmp,exec=on,setuid=off
# Don't mount /usr so that 'base' files go to the BEROOT
/usr mountpoint=/usr,canmount=off
@ -130,17 +140,17 @@ f_isset ZFSBOOT_DATASETS || ZFSBOOT_DATASETS="
/usr/home # NB: /home is a symlink to /usr/home
# Ports tree
/usr/ports compression=lz4,setuid=off
/usr/ports setuid=off
# Source tree (compressed)
/usr/src compression=lz4,exec=off,setuid=off
/usr/src
# Create /var and friends
/var mountpoint=/var
/var/crash compression=lz4,exec=off,setuid=off
/var/log compression=lz4,exec=off,setuid=off
/var/mail compression=lz4,atime=on
/var/tmp compression=lz4,exec=on,setuid=off
/var/crash exec=off,setuid=off
/var/log exec=off,setuid=off
/var/mail atime=on
/var/tmp setuid=off
" # END-QUOTE
#
@ -184,6 +194,7 @@ MOUNT_TYPE='mount -t %s "%s" "%s"'
PRINTF_CONF="printf '%s=\"%%s\"\\\n' %s >> \"%s\""
PRINTF_FSTAB='printf "$FSTAB_FMT" "%s" "%s" "%s" "%s" "%s" "%s" >> "%s"'
SHELL_TRUNCATE=':> "%s"'
SWAP_GMIRROR_LABEL='gmirror label swap %s'
UMOUNT='umount "%s"'
ZFS_CREATE_WITH_OPTIONS='zfs create %s "%s"'
ZFS_SET='zfs set "%s" "%s"'
@ -209,6 +220,8 @@ msg_configure_options="Configure Options:"
msg_detailed_disk_info="gpart(8) show %s:\n%s\n\ncamcontrol(8) inquiry %s:\n%s\n\n\ncamcontrol(8) identify %s:\n%s\n"
msg_disk_info="Disk Info"
msg_disk_info_help="Get detailed information on disk device(s)"
msg_disk_singular="disk"
msg_disk_plural="disks"
msg_encrypt_disks="Encrypt Disks?"
msg_encrypt_disks_help="Use geli(8) to encrypt all data partitions"
msg_error="Error"
@ -263,6 +276,10 @@ msg_select_a_disk_device="Select a disk device"
msg_select_virtual_device_type="Select Virtual Device type:"
msg_stripe_desc="Stripe - No Redundancy"
msg_stripe_help="[1+ Disks] Striping provides maximum storage but no redundancy"
msg_swap_encrypt="Encrypt Swap?"
msg_swap_encrypt_help="Encrypt swap partitions with temporary keys, discarded on reboot"
msg_swap_mirror="Mirror Swap?"
msg_swap_mirror_help="Mirror swap partitions for redundancy, breaks crash dumps"
msg_swap_size="Swap Size"
msg_swap_size_help="Customize how much swap space is allocated to each selected disk"
msg_these_disks_are_too_small="These disks are too small given the amount of requested\nswap (%s) and/or geli(8) (%s) partitions, which would\ntake 50%% or more of each of the following selected disk\ndevices (not recommended):\n\n %s\n\nRecommend changing partition size(s) and/or selecting a\ndifferent set of devices."
@ -285,15 +302,20 @@ dialog_menu_main()
local prompt="$msg_configure_options"
local force4k="$msg_no"
local usegeli="$msg_no"
local swapgeli="$msg_no"
local swapmirror="$msg_no"
[ "$ZFSBOOT_GNOP_4K_FORCE_ALIGN" ] && force4k="$msg_yes"
[ "$ZFSBOOT_GELI_ENCRYPTION" ] && usegeli="$msg_yes"
local disks n
[ "$ZFSBOOT_SWAP_ENCRYPTION" ] && swapgeli="$msg_yes"
[ "$ZFSBOOT_SWAP_MIRROR" ] && swapmirror="$msg_yes"
local disks n disks_grammar
f_count n $ZFSBOOT_DISKS
{ [ $n -eq 1 ] && disks=disk; } || disks=disks # grammar
{ [ $n -eq 1 ] && disks_grammar=$msg_disk_singular; } ||
disks_grammar=$msg_disk_plural # grammar
local menu_list="
'>>> $msg_install' '$msg_install_desc'
'$msg_install_help'
'T $msg_pool_type_disks' '$ZFSBOOT_VDEV_TYPE: $n $disks'
'T $msg_pool_type_disks' '$ZFSBOOT_VDEV_TYPE: $n $disks_grammar'
'$msg_pool_type_disks_help'
'- $msg_rescan_devices' '*'
'$msg_rescan_devices_help'
@ -309,6 +331,10 @@ dialog_menu_main()
'$msg_partition_scheme_help'
'S $msg_swap_size' '$ZFSBOOT_SWAP_SIZE'
'$msg_swap_size_help'
'M $msg_swap_mirror' '$swapmirror'
'$msg_swap_mirror_help'
'W $msg_swap_encrypt' '$swapgeli'
'$msg_swap_encrypt_help'
" # END-QUOTE
local defaultitem= # Calculated below
local hline="$hline_alnum_arrows_punc_tab_enter"
@ -747,14 +773,14 @@ zfs_create_diskpart()
return $FAILURE
# NB: zpool will use the `zfs#' GPT labels
bootpart=p2 targetpart=p2
bootpart=p2 swappart=p2 targetpart=p2
[ ${swapsize:-0} -gt 0 ] && targetpart=p3
#
# Prepare boot pool if enabled (e.g., for geli(8))
#
if [ "$ZFSBOOT_BOOT_POOL" ]; then
bootpart=p2 targetpart=p3
bootpart=p2 swappart=p3 targetpart=p3
[ ${swapsize:-0} -gt 0 ] && targetpart=p4
f_eval_catch $funcname gpart \
"$GPART_ADD_LABEL_WITH_SIZE" boot$index \
@ -781,12 +807,7 @@ zfs_create_diskpart()
return $FAILURE
# Pedantically nuke any old labels on the swap
f_eval_catch -d $funcname zpool "$ZPOOL_LABELCLEAR_F" \
/dev/gpt/swap$index
# Update fstab(5)
f_eval_catch $funcname printf "$PRINTF_FSTAB" \
/dev/gpt/swap$index none swap sw 0 0 \
$BSDINSTALL_TMPETC/fstab ||
return $FAILURE
/dev/$disk$swappart
fi
#
@ -827,7 +848,7 @@ zfs_create_diskpart()
return $FAILURE
# NB: zpool will use s1a (no labels)
bootpart=s1a targetpart=s1d mbrindex=4
bootpart=s1a swappart=s1b targetpart=s1d mbrindex=4
#
# Always prepare a boot pool on MBR
@ -858,11 +879,6 @@ zfs_create_diskpart()
# Pedantically nuke any old labels on the swap
f_eval_catch -d $funcname zpool "$ZPOOL_LABELCLEAR_F" \
/dev/${disk}s1b
# Update fstab(5)
f_eval_catch $funcname printf "$PRINTF_FSTAB" \
/dev/${disk}s1b none swap sw 0 0 \
$BSDINSTALL_TMPETC/fstab ||
return $FAILURE
fi
#
@ -879,6 +895,33 @@ zfs_create_diskpart()
esac # $ZFSBOOT_PARTITION_SCHEME
# Update fstab(5)
if [ "$isswapmirror" ]; then
# This is not the first disk in the mirror, do nothing
elif [ "$ZFSBOOT_SWAP_ENCRYPTION" -a "$ZFSBOOT_SWAP_MIRROR" ]; then
f_eval_catch $funcname printf "$PRINTF_FSTAB" \
/dev/mirror/swap.eli none swap sw 0 0 \
$BSDINSTALL_TMPETC/fstab ||
return $FAILURE
isswapmirror=1
elif [ "$ZFSBOOT_SWAP_MIRROR" ]; then
f_eval_catch $funcname printf "$PRINTF_FSTAB" \
/dev/mirror/swap none swap sw 0 0 \
$BSDINSTALL_TMPETC/fstab ||
return $FAILURE
isswapmirror=1
elif [ "$ZFSBOOT_SWAP_ENCRYPTION" ]; then
f_eval_catch $funcname printf "$PRINTF_FSTAB" \
/dev/$disk${swappart}.eli none swap sw 0 0 \
$BSDINSTALL_TMPETC/fstab ||
return $FAILURE
else
f_eval_catch $funcname printf "$PRINTF_FSTAB" \
/dev/$disk$swappart none swap sw 0 0 \
$BSDINSTALL_TMPETC/fstab ||
return $FAILURE
fi
return $SUCCESS
}
@ -893,10 +936,12 @@ zfs_create_boot()
local zroot_name="$1"
local zroot_vdevtype="$2"
local zroot_vdevs= # Calculated below
local swap_devs= # Calculated below
local boot_vdevs= # Used for geli(8) and/or MBR layouts
shift 2 # poolname vdev_type
local disks="$*" disk
local bootpart targetpart # Set by zfs_create_diskpart() below
local isswapmirror
local bootpart targetpart swappart # Set by zfs_create_diskpart() below
#
# Pedantic checks; should never be seen
@ -968,7 +1013,8 @@ zfs_create_boot()
local n=0
for disk in $disks; do
zfs_create_diskpart $disk $n || return $FAILURE
# Now $bootpart and $targetpart are set (suffix for $disk)
# Now $bootpart, $targetpart, and $swappart are set (suffix
# for $disk)
# Forced 4k alignment support using Geom NOP (see gnop(8))
if [ "$ZFSBOOT_GNOP_4K_FORCE_ALIGN" ]; then
@ -1087,13 +1133,24 @@ zfs_create_boot()
return $FAILURE
f_eval_catch -d $funcname umount "$UMOUNT" /mnt # tmpfs
fi
#
# Create the gmirror(8) GEOMS for swap
#
if [ "$ZFSBOOT_SWAP_MIRROR" ]; then
for disk in $disks; do
swap_devs="$swap_devs $disk$swappart"
done
f_eval_catch $funcname gmirror "$SWAP_GMIRROR_LABEL" \
"$swap_devs" || return $FAILURE
fi
#
# Create the ZFS root pool with desired type and disk devices
#
f_dprintf "$funcname: Creating root pool..."
f_eval_catch $funcname zpool "$ZPOOL_CREATE_WITH_OPTIONS" \
"-o altroot=$BSDINSTALL_CHROOT -m none -f" \
"-o altroot=$BSDINSTALL_CHROOT -O compress=lz4
-m none -f" \
"$zroot_name" "$zroot_vdevtype" "$zroot_vdevs" ||
return $FAILURE
@ -1212,6 +1269,14 @@ zfs_create_boot()
$BSDINSTALL_TMPETC/rc.conf.zfs || return $FAILURE
f_eval_catch $funcname echo "$ECHO_APPEND" 'zfs_load=\"YES\"' \
$BSDINSTALL_TMPBOOT/loader.conf.zfs || return $FAILURE
f_eval_catch $funcname echo "$ECHO_APPEND" \
'kern.geom.label.gptid.enable=\"0\"' \
$BSDINSTALL_TMPBOOT/loader.conf.zfs || return $FAILURE
if [ "$ZFSBOOT_SWAP_MIRROR" ]; then
f_eval_catch $funcname echo "$ECHO_APPEND" 'geom_mirror_load=\"YES\"' \
$BSDINSTALL_TMPBOOT/loader.conf.gmirror || return $FAILURE
fi
# We're all done unless we should go on for boot pool
[ "$ZFSBOOT_BOOT_POOL" ] || return $SUCCESS
@ -1445,6 +1510,22 @@ while :; do
"$ZFSBOOT_SWAP_SIZE" &&
ZFSBOOT_SWAP_SIZE="${input:-0}"
;;
?" $msg_swap_mirror")
# Toggle the variable referenced both by the menu and later
if [ "$ZFSBOOT_SWAP_MIRROR" ]; then
ZFSBOOT_SWAP_MIRROR=
else
ZFSBOOT_SWAP_MIRROR=1
fi
;;
?" $msg_swap_encrypt")
# Toggle the variable referenced both by the menu and later
if [ "$ZFSBOOT_SWAP_ENCRYPTION" ]; then
ZFSBOOT_SWAP_ENCRYPTION=
else
ZFSBOOT_SWAP_ENCRYPTION=1
fi
;;
esac
done