Commit Graph

148 Commits

Author SHA1 Message Date
Pawel Jakub Dawidek
17f4ac945f Add an example how to use keyfiles for encrypted providers which should be
attached before the root file system is mounted.

MFC after:	3 days
2006-02-11 13:18:47 +00:00
Pawel Jakub Dawidek
f2aa80d883 - Allow to use -b without passphrase or with keyfiles as it will be
supported for a moment.
- Don't allow to use -i when no passphrase is given. Now if iterations is
  equal to -1 (not set), we know that we should not ask for the passphrase
  on boot.
  It still doesn't handle situation when one key is protected with
  passphrase and the other is not. There is no quick fix for this.
  The complete solution will be to make number of iterations a per-key
  value. Because this need metadata format change and is only needed for
  devices attached on boot, I'll leave it as it is for now.

MFC after:	3 days
2006-02-11 13:04:10 +00:00
Pawel Jakub Dawidek
f1650f412f Deny init/attach/setkey subcommands when no key components are given.
MFC after:	3 days
Tested with:	prove /usr/src/tools/regression/geom_eli
2006-02-01 15:01:55 +00:00
Joel Dahl
fbf9b468d5 Expand contractions. 2006-02-01 14:33:14 +00:00
Pawel Jakub Dawidek
66aa222e60 Remove trailing spaces. 2006-02-01 12:11:37 +00:00
Pawel Jakub Dawidek
4ca64f1db6 Remove unused argument.
MFC after:	3 days
2006-01-31 15:55:52 +00:00
Pawel Jakub Dawidek
aaf8e1867b Allow to specify only one disk. This is helpful when we want to extend
our concatenated device later.

MFC after:	1 week
2006-01-30 22:47:07 +00:00
Pawel Jakub Dawidek
343c20a85e Add a reference to geli(8).
MFC after:	3 days
2006-01-29 00:32:40 +00:00
Pawel Jakub Dawidek
df3d5a19fc Teach NOP GEOM class how to gather the following statistics:
- number of read I/O requests,
- number of write I/O requests,
- number of read bytes,
- number of written bytes.
Add 'reset' subcommand for resetting statistics.
2005-12-08 23:00:31 +00:00
Pawel Jakub Dawidek
f13942a746 - The geom(8) utility only uses three types of arguments: string (char *),
value (intmax_t) and boolean (int).
  Based on that provide three functions:
        - gctl_get_ascii()
        - gctl_get_int()
        - gctl_get_intmax()
- Hide gctl_get_param() function, as it is only used internally in
  subr.c.
- Allow to provide argument name as (fmt, ...).
- Assert geom(8) bugs (missing argument is a geom(8) bug).

- Clean-up and simplify the code by using new functions and assumtions
  (no more checking for missing argument).

Tested by:	regression tests
2005-12-07 01:38:27 +00:00
Joel Dahl
19797b2256 s/5.5/6.0/ in HISTORY section.
Discussed with:	ru
2005-11-24 09:25:10 +00:00
Ceri Davies
dd7337fc3a gmirror.8:
Note the default balancing algorithm and stripe size.

geom_mirror.c:
  Slightly friendlier error message.

Reviewed by:	pjd
2005-10-25 13:45:07 +00:00
Pawel Jakub Dawidek
0896d83c56 Add a note in example as well, that last sector is used for metadata,
so it don't provoke confusions.

Noticed by:	Victor Sudakov <sudakov@sibptus.tomsk.ru>
MFC after:	2 days
2005-09-29 08:56:15 +00:00
Pawel Jakub Dawidek
df7eabb059 Even if there are no valid keys in metadata, but provider is attached
we can still use setkey subcommand.

MFC after:	3 days
Found by:	regression tests
2005-09-10 07:43:03 +00:00
Marius Strobl
52a7b796a4 As with NO_CRYPT, don't try to compile geli(8) when NO_OPENSSL is defined
either.

MFC after:	1 week
2005-08-27 20:51:12 +00:00
Takanori Watanabe
cf5a7ef8d1 Update Document. 2005-08-26 11:39:38 +00:00
Pawel Jakub Dawidek
dd549194ae By default, when doing crypto work in software, start as many threads
as we have active CPUs and bind each thread to its own CPU.

MFC after:	3 days
2005-08-21 18:12:51 +00:00
Pawel Jakub Dawidek
7a5c26fcbd Allow to change number of iterations for PKCS#5v2. It can only be used
when there is only one key set.

MFC after:	3 days
2005-08-19 22:19:25 +00:00
Pawel Jakub Dawidek
829781048d Move function for calculating number of bits into more central place.
I want to use it so more.

MFC after:	3 days
2005-08-19 22:13:09 +00:00
Pawel Jakub Dawidek
4cb6ca7622 Update manual page (now dedicated kernel thread is always started).
MFC after:	3 days
2005-08-17 15:27:23 +00:00
Pawel Jakub Dawidek
a73148d28d Unfortunately dlerror(3) returns string, so there is no clean way to
ignore "no such file" errors only, which I wanted to do.
Because of this I ignored all other errors on dlopen(3) failure as well,
which isn't good.
Fix this situation by calling access(2) on library file first and ignore
only ENOENT error. This allows to report all the rest of dlopen(3) errors.

MFC after:	3 days
2005-08-14 21:55:18 +00:00
Pawel Jakub Dawidek
5b5a030fa4 When keys were configured without passphrase, number of iterations in
metadata is equal to -1. if we then wanted to attach provider (or change
keys) and forget about '-p' flag it failed on assertion (quite ok, without
assertion it could call PKCS#5v2 with 4294967295 iterations).

Instead of failing on assertion, remind about '-p' flag.

MFC after:	3 days
2005-08-14 14:13:07 +00:00
Pawel Jakub Dawidek
325319eb3d GELI doesn't need cryptodev.
MFC after:	2 days
2005-08-12 07:44:42 +00:00
Pawel Jakub Dawidek
9417a618d1 Add code for Ext2FS and ReiserFS labels recognition.
Submitted by:	Stanislav Sedov <stas@310.ru>
PR:		kern/84638
MFC after:	1 week
2005-08-12 00:27:45 +00:00
Ruslan Ermilov
a5de1230a9 Add missing check for the NO_CRYPT build option.
Reported by:	Alexander Polakov
2005-08-02 20:12:30 +00:00
Christian Brueffer
acc79971c2 Misc cleanup (spelling, grammar, mdoc, style, cut >80 char lines). 2005-07-30 13:27:15 +00:00
Pawel Jakub Dawidek
fd833a6a19 I actually do need libmd. 2005-07-29 10:06:57 +00:00
Pawel Jakub Dawidek
a05fe8d0e5 I think I found the problem, reconnect geli to the build. 2005-07-27 23:56:32 +00:00
Pawel Jakub Dawidek
0ee6653d31 - Reduce WARNS level to 3, so it will be compilabe on alpha.
- Don't link libmd, it is not needed.
- Connect manual page to the build.

MFC after:	1 week
2005-07-27 23:56:01 +00:00
Pawel Jakub Dawidek
f90af958e4 Disconnect geli from the build for now.
I need to find out first what is the cause of sha2.c compilation problem
on alpha.
2005-07-27 23:30:50 +00:00
Pawel Jakub Dawidek
5ca1fcfe06 Connect GEOM_ELI class to the build.
MFC after:	1 week
2005-07-27 21:47:55 +00:00
Pawel Jakub Dawidek
c58794debd Add GEOM_ELI class which provides GEOM providers encryption.
For features list and usage see manual page: geli(8).

Sponsored by:	Wheel Sp. z o.o.
		http://www.wheel.pl
MFC after:	1 week
2005-07-27 21:43:37 +00:00
Pawel Jakub Dawidek
436b93a0dd Don't forget to initialize 'id' field.
MFC after:	3 days
2005-07-13 07:46:55 +00:00
Pawel Jakub Dawidek
760fde0677 Remove trailing spaces. 2005-04-29 07:57:50 +00:00
Pawel Jakub Dawidek
0080ee9897 Fix stripe size in example.
Found by:	kris
MFC after:	3 days
2005-04-26 09:23:21 +00:00
Pawel Jakub Dawidek
8bdc733007 Remove duplicated description of 'clear' subcommand.
Pointed out by:	marck
X-MFC-after:	few seconds
2005-04-23 12:17:21 +00:00
Pawel Jakub Dawidek
d37ed29c98 Document 'clear' and 'dump' subcommands.
MFC after:	1 week
2005-04-15 23:51:20 +00:00
Pawel Jakub Dawidek
220bc2ffc1 Allow classes to specify local source files.
MFC after:	3 weeks
2005-04-07 15:57:38 +00:00
Pawel Jakub Dawidek
53767efdce Empty error buffer is not an error.
MFC after:	3 weeks
2005-04-07 06:46:11 +00:00
Pawel Jakub Dawidek
1bcfab7f56 Fix use of uninitialized buf[0].
Reported by:	stefanf
MFC after:	3 days
2005-03-22 22:05:44 +00:00
Pawel Jakub Dawidek
ee602fbb50 Be sure that class name storaed in 'class_name' is lower case.
MFC after:	1 week
2005-03-14 15:00:51 +00:00
Pawel Jakub Dawidek
e10c321f69 Define subcommands' usage inside g_command structure.
MFC after:	1 week
2005-03-14 14:25:47 +00:00
Pawel Jakub Dawidek
c979e2069c - Add gc_usage field to g_command structure. This will allow to define
usage for a subcommand, so no 'usage' function has to be implemented
  in class library.
- Bump version number as it breaks ABI, but don't provide backward
  compatibility, because there are probably no external consumers of this
  geom(8).
This allows to print more precise usage for standard commands and simplify
class libraries a bit.

MFC after:	1 week
2005-03-14 14:24:46 +00:00
Pawel Jakub Dawidek
650a08d046 Instead of documenting every standard subcommand's argument everywhere,
just leave reference to geom(8).

MFC after:	1 week
2005-03-14 13:14:04 +00:00
Pawel Jakub Dawidek
adc8d20d9c Document subcommands' arguments.
MFC after:	1 week
2005-03-14 13:06:09 +00:00
Pawel Jakub Dawidek
ccc0c8978c Document '-s' option of 'status' subcommand.
MFC after:	1 week
2005-03-14 12:37:55 +00:00
Pawel Jakub Dawidek
ba6821f0d0 Add '-s' option to 'status' subcommand. It produces script-friendly output:
# gmirror status
       Name    Status  Components
mirror/root  COMPLETE  ad0s1a
                       ad2s1a
mirror/data  DEGRADED  da0
                       da1 (76%)
                       da2
# gmirror status -s
       Name    Status  Components
mirror/root  COMPLETE  ad0s1a
mirror/root  COMPLETE  ad2s1a
mirror/data  DEGRADED  da0
mirror/data  DEGRADED  da1 (76%)
mirror/data  DEGRADED  da2

MFC after:	1 week
2005-03-14 12:33:19 +00:00
Pawel Jakub Dawidek
da80913d35 Use int instead of size_t (%*s needs int).
MFC after:	1 week
2005-03-14 08:34:02 +00:00
Xin LI
257eeb8e0b printf(3) expects that %*s having an int parameter, which generates
warning on 64-bit platforms.  Explicitly cast these values to int
to work around this issue, as these values are tend to be small.

Spotted by:	ia64 tinderbox
2005-03-14 04:33:13 +00:00
Pawel Jakub Dawidek
85e9dc7d1b - Document 'status' subcommand.
- Update copyrights.

MFC after:	1 week
2005-03-13 19:38:12 +00:00