d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
bebcdc0073
freebsd-skq/sys/geom
History
John Baldwin 5c420aae3b Add deprecation warnings for weaker algorithms to geli(4). 
- Triple DES has been formally deprecated in Kerberos (RFC 8429)
  and is soon to be deprecated in IPsec (RFC 8221).
- Blowfish is deprecated.  FreeBSD doesn't support its successor
  (Twofish).
- MD5 is generally considered a weak digest that has known attacks.

geli refuses to create new volumes using these algorithms via 'geli
init'.  It also warns when attaching to existing volumes or creating
temporary volumes via 'geli onetime' .  The plan is to fully remove
support for these algorithms in FreeBSD 13.

Note that none of these algorithms have ever been the default
algorithm used by geli(8).  Users would have had to explicitly select
these algorithms when creating volumes in the past.

Reviewed by:	cem, delphij
MFC after:	3 days
Relnotes:	yes
Sponsored by:	Chelsio Communications
Differential Revision:	https://reviews.freebsd.org/D20344
2019-05-23 22:31:55 +00:00
..
bde Annotate geom modules with MODULE_VERSION 2018-04-10 19:18:16 +00:00
cache Annotate geom modules with MODULE_VERSION 2018-04-10 19:18:16 +00:00
concat Add a missing return statement to g_concat_kernel_dump(). 2019-02-26 18:30:51 +00:00
eli Add deprecation warnings for weaker algorithms to geli(4). 2019-05-23 22:31:55 +00:00
gate geom_gate: enable resize 2018-07-13 07:08:06 +00:00
journal Normally when an attempt is made to mount a UFS/FFS filesystem whose 2018-12-06 00:09:39 +00:00
label Support device-independent labels for geom_flashmap slices. 2019-03-24 19:11:45 +00:00
linux_lvm Annotate geom modules with MODULE_VERSION 2018-04-10 19:18:16 +00:00
mirror gmirror: Relocate DEVICE_FLAGS to adjacent lines 2019-01-23 16:44:21 +00:00
mountver Annotate geom modules with MODULE_VERSION 2018-04-10 19:18:16 +00:00
multipath Annotate geom modules with MODULE_VERSION 2018-04-10 19:18:16 +00:00
nop gnop(8): Nopify configuration as a kernel dump device 2019-04-22 03:25:49 +00:00
part Revert revision 254095 2019-03-05 04:15:34 +00:00
raid List-ify kernel dump device configuration 2019-05-06 18:24:07 +00:00
raid3 Annotate geom modules with MODULE_VERSION 2018-04-10 19:18:16 +00:00
sched sys/geom: adoption of SPDX licensing ID tags. 2017-11-27 15:17:37 +00:00
shsec Annotate geom modules with MODULE_VERSION 2018-04-10 19:18:16 +00:00
stripe Extend stripeoffset and stripesize of GEOMs from u_int to off_t 2018-10-27 16:14:42 +00:00
uzip Modularize xz. 2019-02-26 19:55:03 +00:00
vinum Annotate geom modules with MODULE_VERSION 2018-04-10 19:18:16 +00:00
virstor Annotate geom modules with MODULE_VERSION 2018-04-10 19:18:16 +00:00
zero Annotate geom modules with MODULE_VERSION 2018-04-10 19:18:16 +00:00
geom_bsd_enc.c sys/geom: adoption of SPDX licensing ID tags. 2017-11-27 15:17:37 +00:00
geom_bsd.c Annotate geom modules with MODULE_VERSION 2018-04-10 19:18:16 +00:00
geom_ccd.c Annotate geom modules with MODULE_VERSION 2018-04-10 19:18:16 +00:00
geom_ctl.c Define a constant for the maximum number of GEOM_CTL arguments. 2019-02-20 17:07:08 +00:00
geom_ctl.h Define a constant for the maximum number of GEOM_CTL arguments. 2019-02-20 17:07:08 +00:00
geom_dev.c List-ify kernel dump device configuration 2019-05-06 18:24:07 +00:00
geom_disk.c geom_disk / scsi_da: deny opening write-protected disks for writing 2018-01-15 11:20:00 +00:00
geom_disk.h Extend stripeoffset and stripesize of GEOMs from u_int to off_t 2018-10-27 16:14:42 +00:00
geom_dump.c Extend stripeoffset and stripesize of GEOMs from u_int to off_t 2018-10-27 16:14:42 +00:00
geom_event.c Instrument "boot holds" for the benefit of the TSLOG framework. These 2017-12-31 09:23:52 +00:00
geom_flashmap.c Support device-independent labels for geom_flashmap slices. 2019-03-24 19:11:45 +00:00
geom_flashmap.h Support device-independent labels for geom_flashmap slices. 2019-03-24 19:11:45 +00:00
geom_fox.c Annotate geom modules with MODULE_VERSION 2018-04-10 19:18:16 +00:00
geom_int.h sys/geom: adoption of SPDX licensing ID tags. 2017-11-27 15:17:37 +00:00
geom_io.c stack(9): Drop unused API mode and comment that referenced it 2019-03-15 22:39:55 +00:00
geom_kern.c sys/geom: adoption of SPDX licensing ID tags. 2017-11-27 15:17:37 +00:00
geom_map.c Annotate geom modules with MODULE_VERSION 2018-04-10 19:18:16 +00:00
geom_mbr_enc.c sys/geom: adoption of SPDX licensing ID tags. 2017-11-27 15:17:37 +00:00
geom_mbr.c Annotate geom modules with MODULE_VERSION 2018-04-10 19:18:16 +00:00
geom_redboot.c Extend stripeoffset and stripesize of GEOMs from u_int to off_t 2018-10-27 16:14:42 +00:00
geom_slice.c sys/geom: adoption of SPDX licensing ID tags. 2017-11-27 15:17:37 +00:00
geom_slice.h sys/geom: adoption of SPDX licensing ID tags. 2017-11-27 15:17:37 +00:00
geom_subr.c Extend stripeoffset and stripesize of GEOMs from u_int to off_t 2018-10-27 16:14:42 +00:00
geom_sunlabel_enc.c sys/geom: adoption of SPDX licensing ID tags. 2017-11-27 15:17:37 +00:00
geom_sunlabel.c Annotate geom modules with MODULE_VERSION 2018-04-10 19:18:16 +00:00
geom_vfs.c sys/geom: adoption of SPDX licensing ID tags. 2017-11-27 15:17:37 +00:00
geom_vfs.h sys/geom: adoption of SPDX licensing ID tags. 2017-11-27 15:17:37 +00:00
geom_vol_ffs.c Annotate geom modules with MODULE_VERSION 2018-04-10 19:18:16 +00:00
geom.h geom: fix initialization order 2019-05-06 09:48:34 +00:00
notes