Commit Graph

157 Commits

Author SHA1 Message Date
Pawel Jakub Dawidek
5b110804b1 Fix incorrect comment. Geli will protect against data modification, of
course! It won't protect against reply attacks - try harder to explain
them correctly.

MFC after:	1 week
2007-03-05 12:39:49 +00:00
Alex Dupre
65835cf341 Call the multipath device with its real name. 2007-02-27 08:56:11 +00:00
Christian Brueffer
eb6cb8953e First cleanup pass: new sentence -> new line, typos fixed, some markup
errors fixed.
2007-02-27 07:53:20 +00:00
Matt Jacob
a5e9bfc6f9 Add a man page. 2007-02-27 07:29:15 +00:00
Matt Jacob
e770bc6bf5 First cut at GEOM based multipath. This is an active/passive{/passive...}
arrangement that has no intrinsic internal knowledge of whether devices
it is given are truly multipath devices. As such, this is a simplistic
approach, but still a useful one.

The basic approach is to (at present- this will change soon) use camcontrol
to find likely identical devices and and label the trailing sector of the
first one. This label contains both a full UUID and a name. The name is
what is presented in /dev/multipath, but the UUID is used as a true
distinguishor at g_taste time, thus making sure we don't have chaos
on a shared SAN where everyone names their data multipath as "Fred".

The first of N identical devices (and N *may* be 1!) becomes the active
path until a BIO request is failed with EIO or ENXIO. When this occurs,
the active disk is ripped away and the next in a list is picked to
(retry and) continue with.

During g_taste events new disks that meet the match criteria for existing
multipath geoms get added to the tail end of the list.

Thus, this active/passive setup actually does work for devices which
go away and come back, as do (now) mpt(4) and isp(4) SAN based disks.

There is still a lot to do to improve this- like about 5 of the 12
recommendations I've received about it,  but it's been functional enough
for a while that it deserves a broader test base.

Reviewed by: pjd
Sponsored by: IronPort Systems
MFC: 2 months
2007-02-27 04:01:58 +00:00
Pawel Jakub Dawidek
e739933759 Correct typo.
Spotted by:	Tomasz Dudzisz
2007-02-22 19:25:37 +00:00
Pawel Jakub Dawidek
2e0f7f9fb0 Forgot to hook up gjournal manual page to the build.
Reminded by:	simon, piso
2007-02-10 17:59:46 +00:00
Pawel Jakub Dawidek
51ca5b2182 Add gjournal(8) manual page. Documentation of kern.geom.journal.* sysctls
is still missing, ehh.

Reviewed by:	trhodes
2007-01-29 22:12:22 +00:00
Pawel Jakub Dawidek
eeefa1fa7e When the following conditions are meet:
- First configured key is based only on keyfile (no passphrase).
- Device is attached.
- User changes first key (setkey) from keyfile to passphrase and doesn't
  specify number of iterations (with -i option).
...geli(8) won't store calculated number of iterations in metadata.
This result in device beeing unaccesable after detach.

One can recover from this situation by guessing number of iterations
generated, storing it in metadata and trying to attach device.
Recovery procedure isn't nice, but one's data is not lost.

Reported by:	Thomas Nickl <T.Nickl@gmx.net>
MFC after:	1 week
2007-01-25 11:44:03 +00:00
Ceri Davies
32ef7e9ba8 Remove duplicate "clear" subcommand.
PR:		docs/106947
Submitted by:	TAOKA Fumiyoshi
2006-12-21 18:30:23 +00:00
Ceri Davies
42db1b70c5 Bump .Dd for -f|-F. 2006-11-02 10:44:02 +00:00
Pawel Jakub Dawidek
501250ba60 Now, that we have gjournal in the tree add possibility to configure
gmirror and graid3 in a way that it is not resynchronized after a
power failure or system crash.
It is safe when gjournal is running on top of gmirror/graid3.
2006-11-01 22:51:49 +00:00
Pawel Jakub Dawidek
aee5398c29 G_TYPE_NONE was replaced with G_TYPE_BOOL. 2006-11-01 22:28:11 +00:00
Pawel Jakub Dawidek
6634ef3651 Fix powerpc build.
Reported by:	Peter Grehan <grehan@freebsd.org>
2006-11-01 09:22:33 +00:00
Pawel Jakub Dawidek
f348204c94 Hook up gjournal bits to the build.
Sponsored by:	home.pl
2006-10-31 22:22:30 +00:00
Pawel Jakub Dawidek
bd7f6c2999 Add userland control utility for gjournal GEOM class.
Sponsored by:	home.pl
2006-10-31 21:32:54 +00:00
Pawel Jakub Dawidek
360df38e5f Be sure to not create devices with (mediasize % sectorsize) != 0.
Reported by:	xride
MFC after:	1 week
2006-10-10 15:00:32 +00:00
Pawel Jakub Dawidek
2e0ca9c4a3 Be sure to not create device which 2006-10-10 14:58:21 +00:00
Ruslan Ermilov
04c7da702f A GEOM cache can speed up read performance by sending fixed size
read requests to its consumer.  It has been developed to address
the problem of a horrible read performance of a 64k blocksize FS
residing on a RAID3 array with 8 data components, where a single
disk component would only get 8k read requests, thus effectively
killing disk performance under high load.  Documentation will be
provided later.  I'd like to thank Vsevolod Lobko for his bright
ideas, and Pawel Jakub Dawidek for helping me fix the nasty bug.
2006-10-06 08:27:07 +00:00
Pawel Jakub Dawidek
5e527bc0c9 MFp4: G_TYPE_BOOL sounds much better than G_TYPE_NONE.
Changes:	98722
2006-09-30 14:40:50 +00:00
Ruslan Ermilov
8266d47670 Markup fixes. 2006-09-18 11:55:10 +00:00
Christian Brueffer
b94ebe0fad Remove a contraction and add a missing article. 2006-09-17 11:30:44 +00:00
Pawel Jakub Dawidek
1650d24936 Fix copy&paste mistake.
Submitted by:	Matthias Lederhofer <matled@gmx.net>
2006-09-16 10:47:30 +00:00
Pawel Jakub Dawidek
8abd1ad101 Add 'configure' subcommand which for now only allows setting and removing
of the BOOT flag. It can be performed on both attached and detached
providers.

Requested by:	Matthias Lederhofer <matled@gmx.net>
MFC after:	1 week
2006-09-16 10:43:17 +00:00
Pawel Jakub Dawidek
7330b46e36 Note that we don't destroy keys on read-only attached providers.
MFC after:	1 week
2006-09-16 09:27:54 +00:00
Pawel Jakub Dawidek
301b9004a9 First kill detached providers, because of two reasons:
- after killing all attached providers, all providers are then detached
  and operation is repeated for those who were attached,
- we don't want to remove keys for read-only attached providers, we only
  want to detach them.

MFC after:	1 week
2006-09-16 09:26:57 +00:00
Pawel Jakub Dawidek
6a146a1989 - Split failure probability configuration into read failure probability and
write failure probability.
- Allow to specify an error number to return of failure.

MFC after:	3 days
2006-09-08 09:21:21 +00:00
Maxim Konovalov
939b8dd67a o Spell.
Submitted by:	ru
2006-08-10 01:13:38 +00:00
Maxim Konovalov
5c5effc42f o Strip eol whitespaces. 2006-08-09 19:41:34 +00:00
Maxim Konovalov
cc163b19c0 o New sentence, new line.
o Touch Dd for -r.
2006-08-09 18:35:31 +00:00
Pawel Jakub Dawidek
850590166f Allow geli to operate on read-only providers.
Initial patch from:	vd
MFC after:		2 weeks
2006-08-09 18:11:14 +00:00
Pawel Jakub Dawidek
7fd26f86d1 Add missing #. 2006-08-07 20:09:09 +00:00
Pawel Jakub Dawidek
c84efdca04 Allow to use the old -a option to specify an encryption algorithm to use
(for backward compatibility), but print a warning to inform about the
change.
2006-06-06 22:06:24 +00:00
Christian Brueffer
6f36bcfc77 Clarify and merge two sentences.
Discussed with:		pjd
2006-06-06 19:03:51 +00:00
Christian Brueffer
b47c8c10c3 Mdoc cleanup and some wording improvements. 2006-06-06 14:02:13 +00:00
Pawel Jakub Dawidek
ba0b146814 Remove section committed by mistake. It is not yet ready. 2006-06-06 07:10:42 +00:00
Pawel Jakub Dawidek
198eeec116 Document geli(8) data authentication.
Supported by:	Wheel Sp. z o.o. (http://www.wheel.pl)
2006-06-05 21:43:51 +00:00
Pawel Jakub Dawidek
7fe923a866 Userland bits of geli(8) data authentication.
Now, encryption algorithm is given using '-e' option, not '-a'.
The '-a' option is now used to specify authentication algorithm.

Supported by:	Wheel Sp. z o.o. (http://www.wheel.pl)
2006-06-05 21:40:54 +00:00
Pawel Jakub Dawidek
8134d91329 Correct error messages.
MFC after:	2 weeks
2006-05-01 12:05:45 +00:00
Ruslan Ermilov
e1fe3dba5c Reimplementation of world/kernel build options. For details, see:
http://lists.freebsd.org/pipermail/freebsd-current/2006-March/061725.html

The src.conf(5) manpage is to follow in a few days.

Brought to you by:	imp, jhb, kris, phk, ru (all bugs are mine)
2006-03-17 18:54:44 +00:00
Pawel Jakub Dawidek
67bcd64670 Add some notes how to properly dump kernel onto gmirror provider.
Reviewed and corrected by:	brueffer
MFC after:	3 days
2006-03-08 08:50:52 +00:00
Wojciech A. Koszek
98213e5c70 Print "clear" and "dump" only once.
Reviewed by:	pjd
Approved by:	cognet (mentor)
MFC after:	3 days
2006-03-03 21:35:57 +00:00
Pawel Jakub Dawidek
17f4ac945f Add an example how to use keyfiles for encrypted providers which should be
attached before the root file system is mounted.

MFC after:	3 days
2006-02-11 13:18:47 +00:00
Pawel Jakub Dawidek
f2aa80d883 - Allow to use -b without passphrase or with keyfiles as it will be
supported for a moment.
- Don't allow to use -i when no passphrase is given. Now if iterations is
  equal to -1 (not set), we know that we should not ask for the passphrase
  on boot.
  It still doesn't handle situation when one key is protected with
  passphrase and the other is not. There is no quick fix for this.
  The complete solution will be to make number of iterations a per-key
  value. Because this need metadata format change and is only needed for
  devices attached on boot, I'll leave it as it is for now.

MFC after:	3 days
2006-02-11 13:04:10 +00:00
Pawel Jakub Dawidek
f1650f412f Deny init/attach/setkey subcommands when no key components are given.
MFC after:	3 days
Tested with:	prove /usr/src/tools/regression/geom_eli
2006-02-01 15:01:55 +00:00
Joel Dahl
fbf9b468d5 Expand contractions. 2006-02-01 14:33:14 +00:00
Pawel Jakub Dawidek
66aa222e60 Remove trailing spaces. 2006-02-01 12:11:37 +00:00
Pawel Jakub Dawidek
4ca64f1db6 Remove unused argument.
MFC after:	3 days
2006-01-31 15:55:52 +00:00
Pawel Jakub Dawidek
aaf8e1867b Allow to specify only one disk. This is helpful when we want to extend
our concatenated device later.

MFC after:	1 week
2006-01-30 22:47:07 +00:00
Pawel Jakub Dawidek
df3d5a19fc Teach NOP GEOM class how to gather the following statistics:
- number of read I/O requests,
- number of write I/O requests,
- number of read bytes,
- number of written bytes.
Add 'reset' subcommand for resetting statistics.
2005-12-08 23:00:31 +00:00