aboutsummaryrefslogtreecommitdiff
path: root/lib/geom
Commit message (Collapse)AuthorAgeFilesLines
* Drop "All rights reserved" from all my stuff. This includesEdward Tomasz Napierala2020-10-282-2/+0
| | | | | | | | | | | | Foundation copyrights, approved by emaste@. It does not include files which carry other people's copyrights; if you're one of those people, feel free to make similar change. Reviewed by: emaste, imp, gbe (manpages) Differential Revision: https://reviews.freebsd.org/D26980 Notes: svn path=/head/; revision=367105
* Fix formatting of SYNOPSISMateusz Piotrowski2020-10-151-3/+2
| | | | | | | | | There was an unnecessary newline being added before Nm. MFC after: 3 days Notes: svn path=/head/; revision=366725
* gpart(8): Recognize apple-zfs and solaris-reserved partition idsConrad Meyer2020-08-171-3/+57
| | | | | | | | | | | | | Introduce G_PART_ALIAS_SOLARIS_RESERVED, GPT_ENT_TYPE_SOLARIS_RESERVED et al., to make gpart show output more convenient on systems with illumos/openindiana disks visible. Submitted by: Juraj Lutter <otis AT sk.FreeBSD.org> Reviewed by: bcr(manpages), delphij, myself Differential Revision: https://reviews.freebsd.org/D26012 Notes: svn path=/head/; revision=364316
* geli(8): Add missing commands in the EXAMPLES sectionGordon Bergling2020-07-221-2/+4
| | | | | | | | | | | | | - Add a missing 'geli attach' command - Fix the passphrase prompt for a 'geli attach' command Reported by: Fabian Keil <freebsd-listen at fabiankeil dot de> Reviewed by: bcr (mentor) Approved by: bcr (mentor) Differential Revision: https://reviews.freebsd.org/D25761 Notes: svn path=/head/; revision=363416
* geli(8): Add an example on how to use geli(8) with a file as encrypted storageGordon Bergling2020-07-201-2/+62
| | | | | | | | | | Reviewed by: bcr (mentor) Approved by: bcr (mentor) MFC after: 1 week Differential Revision: https://reviews.freebsd.org/D25741 Notes: svn path=/head/; revision=363363
* Revert r362466Baptiste Daroussin2020-06-221-4/+4
| | | | | | | | | Such change should not have happen without prior discussion and review. With hat: transitioning core Notes: svn path=/head/; revision=362488
* Improve wording to be more precise and clear.Hans Petter Selasky2020-06-211-4/+4
| | | | | | | | | | | | No functional change intended. s/Master Boot/Main Boot/ (also called MBR) MFC after: 1 week Sponsored by: Mellanox Technologies Notes: svn path=/head/; revision=362466
* Remove support for geli(4) algorithms deprecated in r348206.John Baldwin2020-04-152-42/+3
| | | | | | | | | | | | | | | | | | | | This removes support for reading and writing volumes using the following algorithms: - Triple DES - Blowfish - MD5 HMAC integrity In addition, this commit adds an explicit whitelist of supported algorithms to give a better error message when an invalid or unsupported algorithm is used by an existing volume. Reviewed by: cem Sponsored by: Chelsio Communications Differential Revision: https://reviews.freebsd.org/D24343 Notes: svn path=/head/; revision=359945
* Document geli(8) loader variables conventionsMateusz Piotrowski2020-03-191-1/+30
| | | | | | | | | | | | | | | | | | The geli(8) manual page has an example for preloading keyfiles during boot. There is no detail though on how the lookup of these variables actually works. Let's document that the name of a device does not have to be a part of the variable. PR: 243261 Submitted by: johannes@jo-t.de Approved by: bcr (mentor) MFC after: 3 weeks Differential Revision: https://reviews.freebsd.org/D24114 Notes: svn path=/head/; revision=359125
* Add some missing articles.David Malone2020-01-281-6/+6
| | | | | | | | | | Use .Nm to format the utility name. Get the name of the GEOM class right. MFC after: 2 weeks Notes: svn path=/head/; revision=357204
* Remove GEOM_SCHED class and gsched tool.Alexander Motin2019-12-295-319/+0
| | | | | | | | | | | | | | | | | | This code was not actively maintained since it was introduced 10 years ago. It lacks support for many later GEOM features, such as direct dispatch, unmapped I/O, stripesize/stripeoffset, resize, etc. Plus it is the only remaining use of GEOM nstart/nend request counters, used there to implement live insertion/removal, questionable by itself. Plus, as number of people commented, GEOM is not the best place for I/O scheduler, since it has limited information about layers both above and below it, required for efficient scheduling. Plus with the modern shift to SSDs there is just no more significant need for this kind of scheduling. Approved by: imp, phk, luigi Relnotes: yes Notes: svn path=/head/; revision=356185
* gnop: change the "count until fail" optionMariusz Zaborski2019-12-291-2/+2
| | | | | | | | | | | | | | | | | | | | | | Change the "count_until_fail" option of gnop, now it enables the failing rating instead of setting them to 100%. The original patch introduced the new flag, which sets the fail/rate to 100% after N requests. In some cases, we don't want to have 100% of failure probabilities. We want to start failing at some point. For example, on the early stage, we may like to allow some read/writes requests before having some requests delayed - when we try to mount the partition, or when we are trying to import the pool. Another case may be to check how scrub in ZFS will behave on different stages. This allows us to cover more cases. The previous behavior still may be configured. Reviewed by: kib Differential Revision: https://reviews.freebsd.org/D22632 Notes: svn path=/head/; revision=356176
* gnop: allow to change the name of created deviceMariusz Zaborski2019-12-292-2/+9
| | | | | | | | | | | | Thanks to this option we can create more then one gnop provider from single provider. This may be useful for temporary labeling some data on the disk. Reviewed by: markj, allanjude, bcr Differential Revision: https://reviews.freebsd.org/D22304 Notes: svn path=/head/; revision=356174
* gpart(8): ms-basic-data is used for exFAT on GPTConrad Meyer2019-12-241-1/+2
| | | | | | | | | | | | | | Be explicit about it; the first mention of exFAT is for the MBR type 'ntfs', and the reader must work back from there to the GPT type and infer that a reference to MBR ntfs type means ms-basic-data is canonical for exFAT. (It'd also be great if gpart had convenient aliases that did the right thing for the partition scheme, such as 'ntfs' => ms-basic-data on GPT schemes or 'exfat' => 'ntfs' in MBR schemes. The tool is also bad about providing user-meaningful reasons for EINVAL failures.) Notes: svn path=/head/; revision=356048
* Add kern.geom.part.separator tunable. This makes it possibleEdward Tomasz Napierala2019-12-131-1/+9
| | | | | | | | | | | | | | | to specify an optional separator to insert before partition name; eg if it's set to "c/", you'll get "ada0c/s1" instead of "ada0s1". (It cannot be set to just “/“, since ada0 is a device node, not a directory.) Reviewed by: imp MFC after: 2 weeks Sponsored by: Klara Inc. Differential Revision: https://reviews.freebsd.org/D22193 Notes: svn path=/head/; revision=355705
* Fix grammar in gpart.8.Mark Johnston2019-11-181-1/+1
| | | | | | | | PR: 241973 MFC after: 3 days Notes: svn path=/head/; revision=354824
* geli: raise WARNS to 6Alan Somers2019-11-012-13/+11
| | | | | | | | MFC after: 2 weeks Sponsored by: Axcient Notes: svn path=/head/; revision=354234
* Add a "count_until_fail" option to gnop, which says to start failingChuck Silvers2019-09-132-7/+16
| | | | | | | | | | | | I/O requests after the given number have been allowed though. Approved by: imp (mentor) Reviewed by: rpokala kib 0mp mckusick Sponsored by: Netflix Differential Revision: https://reviews.freebsd.org/D21593 Notes: svn path=/head/; revision=352312
* gnop: Fix initial value for the wdelayprobMariusz Zaborski2019-09-101-2/+2
| | | | | | | Reported by: Chuck Silvers <chuq@chuq.com> Notes: svn path=/head/; revision=352186
* Allow more nesting of GEOM partitioning schemesKyle Evans2019-09-031-2/+11
| | | | | | | | | | | | | | | | | | GEOM is supposed to be topology-agnostic, but the GPT and BSD partition code has arbitrary restrictions on nesting that are annoying in cases such as running VMs on raw partitions (since the VM's partitioning scheme is not visible to the host). This patch adds sysctls to disable the restrictions except in the case of BSD label (and similar) partitions with offset 0 (where we need to avoid recursively recognizing the label). Submitted by: Andrew Gierth MFC after: 1 week Differential Revision: https://reviews.freebsd.org/D21350 Notes: svn path=/head/; revision=351797
* gnop: Introduce requests delay.Mariusz Zaborski2019-07-312-5/+25
| | | | | | | | | | This allows to simulated disk that is responding slowly to the IO requests. Reviewed by: markj, bcr, pjd (previous version) Differential Revision: https://reviews.freebsd.org/D21052 Notes: svn path=/head/; revision=350471
* Correct the argument passed to g_eli_algo2str()Li-Wen Hsu2019-05-241-1/+1
| | | | | | | | MFC with: r348206 Sponsored by: The FreeBSD Foundation Notes: svn path=/head/; revision=348231
* Add deprecation warnings for weaker algorithms to geli(4).John Baldwin2019-05-232-2/+30
| | | | | | | | | | | | | | | | | | | | | | | | | | - Triple DES has been formally deprecated in Kerberos (RFC 8429) and is soon to be deprecated in IPsec (RFC 8221). - Blowfish is deprecated. FreeBSD doesn't support its successor (Twofish). - MD5 is generally considered a weak digest that has known attacks. geli refuses to create new volumes using these algorithms via 'geli init'. It also warns when attaching to existing volumes or creating temporary volumes via 'geli onetime' . The plan is to fully remove support for these algorithms in FreeBSD 13. Note that none of these algorithms have ever been the default algorithm used by geli(8). Users would have had to explicitly select these algorithms when creating volumes in the past. Reviewed by: cem, delphij MFC after: 3 days Relnotes: yes Sponsored by: Chelsio Communications Differential Revision: https://reviews.freebsd.org/D20344 Notes: svn path=/head/; revision=348206
* Implement automatic online expansion of GELI providers - if the underlyingPawel Jakub Dawidek2019-04-032-18/+75
| | | | | | | | | | | | | | | | | | | provider grows, GELI will expand automatically and will move the metadata to the new location of the last sector. This functionality is turned on by default. It can be turned off with the -R flag, but it is not recommended - if the underlying provider grows and automatic expansion is turned off, it won't be possible to attach this provider again, as the metadata is no longer located in the last sector. If the automatic expansion is turned off and the underlying provider grows, GELI will only log a message with the previous size of the provider, so recovery can be easier. Obtained from: Fudo Security Notes: svn path=/head/; revision=345862
* - Add missing -T (notrim) option to the label subcommand.Pawel Jakub Dawidek2019-04-031-1/+2
| | | | | | | | | - Add missing -T option in the onetime subcommand comment. Obtained from: Fudo Security Notes: svn path=/head/; revision=345861
* Add a “skip_dsn” option to g_part's bootcode verb to prevent g_part_mbrDag-Erling Smørgrav2018-11-272-1/+12
| | | | | | | | | | | | | from setting the volume serial number. This unbreaks older boot blocks that don't support serial numbers, and allows boot0cfg to set the serial number itself if requested by the user. Submitted by: lev@, yuripv@ MFC after: 1 week Differential Revision: https://reviews.freebsd.org/D17386 Notes: svn path=/head/; revision=341067
* geli init with multiple providers - fix init and fix -B "none"Ben Woods2018-09-101-20/+13
| | | | | | | | | | | | | | | | | | | | Apply some fixes post rS336659, which allowed multiple provders to be initialized in a single command. - Fix issue where second and subsequent providers would fail init. This was due to the metadata struct being zeroed after the first provider init was completed, despite containing common data required for subsequent providers. - Fix issue where -B "none" would still result in the metadata being backed-up if multiple providers had been specified. This was due to the backupfile of "none" being incorrectly made unique for each provider by appending "-<prov>". Approved by: asomers Approved by: re (gjb) Differential Revision: https://reviews.freebsd.org/D17096 Notes: svn path=/head/; revision=338558
* geli init: Allow initialization of multiple geli providers at once ifBen Woods2018-07-232-84/+210
| | | | | | | | | | | | | | | | | they use same passphrase and keyfiles. Unique salt will be randomly generated for each provider to ensure the Master Key for each is unique. This change follows on from r335673 and r336602, which allowed multiple providers to be attached in a single command. Reviewed by: asomers Approved by: sobomax Differential Revision: https://reviews.freebsd.org/D16115 Notes: svn path=/head/; revision=336659
* geli attach: Fix exit codes and errors not being printed after r335673Ben Woods2018-07-221-11/+20
| | | | | | | | | | | | | | Now that multiple providers can be attached at once, exit codes and error messages must be handled correctly if there are failures in on any of the providers. Reported by: asomers (Kyua test failures via continuous integration) Reviewed by: asomers Approved by: allanjude Differential Revision: https://reviews.freebsd.org/D16386 Notes: svn path=/head/; revision=336602
* Remove three stray instances of zfsloader.Warner Losh2018-07-201-2/+2
| | | | Notes: svn path=/head/; revision=336536
* geli attach multiple providersBen Woods2018-06-262-120/+185
| | | | | | | | | | | | | | | | | | | | | | | | | Allow attaching of multiple geli providers at once if they use same passphrase and keyfiles. This is helpful when the providers being attached are not used for boot, and therefore the existing code to first try the cached password when tasting the providers during boot does not apply. Multiple providers with the same passphrase and keyfiles can be attached at the same time during system start-up by adding the following to rc.conf: geli_groups="storage backup" geli_storage_flags="-k /etc/geli/storage.keys" geli_storage_devices="ada0 ada1" geli_backup_flags="-j /etc/geli/backup.passfile -k /etc/geli/backup.keys" geli_backup_devices="ada2 ada3" Reviewed by: wblock, delphij, jilles Approved by: sobomax (src), bcr (doc) Differential Revision: https://reviews.freebsd.org/D12644 Notes: svn path=/head/; revision=335673
* Add a file missed in r335645.Brad Davis2018-06-251-0/+26
| | | | | | | | Approved by: brooks, allanjude (mentor) Differential Revision: https://reviews.freebsd.org/D15360 Notes: svn path=/head/; revision=335647
* Normalize the g(eom,cache,part,...) build.Brooks Davis2018-06-2568-0/+13554
Rather then combining hardlink creation for the geom(8) binary with shared library build, move libraries to src/lib/geom so they are built and installed normally. Create a common Makefile.classes which is included by both lib/geom/Makefile and sbin/geom/Makefile so the symlink and libraries stay in sync. The relocation of libraries allows libraries to be build for 32-bit compat. This also reduces the number of non-standard builds in the system. This commit is not sufficent to run a 32-bit /sbin/geom on a 64-bit system out of the box as it will look in the wrong place for libraries unless GEOM_LIBRARY_PATH is set appropriatly in the environment. Reviewed by: bdrewery Sponsored by: DARPA, AFRL Differential Revision: https://reviews.freebsd.org/D15360 Notes: svn path=/head/; revision=335645