Bug 120091 - [geom] [geli] [gjournal] geli does not prompt for password on /dev/concat/XXX.eli.journal
Summary: [geom] [geli] [gjournal] geli does not prompt for password on /dev/concat/XXX...
Status: Open
Alias: None
Product: Base System
Classification: Unclassified
Component: kern (show other bugs)
Version: Unspecified
Hardware: Any Any
: Normal Affects Only Me
Assignee: freebsd-bugs (Nobody)
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2008-01-28 18:20 UTC by ota
Modified: 2024-11-19 10:55 UTC (History)
1 user (show)

See Also:


Attachments
rc.subr-geli.diff (1.16 KB, patch)
2008-02-03 04:02 UTC, ota
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description ota 2008-01-28 18:20:01 UTC
I created gjournal on geli on gconcat.

# grep export /etc/fstab
/dev/concat/export.eli.journal /export ufs rw.noatime,async 2 2

The geli is password base, but it doesn't prompt at boot time so that it brings down to single user mode.

Before I added gjournal, i.e., geli on gconcat or, for example, fstab of that time below, geli prompted password.
/dev/concat/export.eli /export usr rw,noatime 2 2

How-To-Repeat: # gconcat label export /dev/ad0s1f /dev/ad0s2f
# geli init /dev/concat/export
Password:
..
# geli attach /dev/concat/export
Password:
# gjournal /dev/concat/export.eli
# newfs -J /dev/concat/export.eli.journal

Update fstab.

# reboot
Comment 1 Volker 2008-01-29 23:16:58 UTC
Hi Ota,

Please provide output of:

geli status
gconcat status
dmesg

Volker
Comment 2 Mark Linimon freebsd_committer freebsd_triage 2008-01-30 01:14:02 UTC
State Changed
From-To: open->feedback

Note that feedback has been requested. 


Comment 3 Mark Linimon freebsd_committer freebsd_triage 2008-01-30 01:14:02 UTC
Responsible Changed
From-To: freebsd-bugs->freebsd-geom

Over to maintainer(s).
Comment 4 ota 2008-01-30 10:04:35 UTC
On Wed, 30 Jan 2008 00:16:58 +0100
Volker <volker@vwsoft.com> wrote:

> Hi Ota,
> 
> Please provide output of:
> 
> geli status
> gconcat status
> dmesg
> 
> Volker
> 

Please note that the system fails to mount /dev/concat/export.eli.gjournal
and falls back to the single user mode.  Then, I type "geli attach /dev/concat/export"
and "GEOM_ELI: Device concat/export.eli created." appears.


# geli status
             Name  Status  Components
concat/export.eli     N/A  concat/export
# gconcat status
         Name  Status  Components
concat/export      UP  ad4s3f
                       ad4s4f
# dmesg
Copyright (c) 1992-2008 The FreeBSD Project.
Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
	The Regents of the University of California. All rights reserved.
FreeBSD is a registered trademark of The FreeBSD Foundation.
FreeBSD 7.0-RC1 #400: Fri Jan 25 00:00:28 EST 2008
    root@xxx:/usr/obj/usr/src/sys/GENERIC
Timecounter "i8254" frequency 1193182 Hz quality 0
CPU: AMD Turion(tm) 64 X2 Mobile Technology TL-58 (1908.70-MHz 686-class CPU)
  Origin = "AuthenticAMD"  Id = 0x60f81  Stepping = 1
  Features=0x178bfbff<FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CLFLUSH,MMX,FXSR,SSE,SSE2,HTT>
  Features2=0x2001<SSE3,CX16>
  AMD Features=0xea500800<SYSCALL,NX,MMX+,FFXSR,RDTSCP,LM,3DNow!+,3DNow!>
  AMD Features2=0x11f<LAHF,CMP,SVM,ExtAPIC,CR8,Prefetch>
  Cores per package: 2
real memory  = 1005584384 (959 MB)
avail memory = 970309632 (925 MB)
ACPI APIC Table: <HP     	 APIC  >
FreeBSD/SMP: Multiprocessor System Detected: 2 CPUs
 cpu0 (BSP): APIC ID:  0
 cpu1 (AP): APIC ID:  1
MADT: Forcing active-low polarity and level trigger for SCI
ioapic0 <Version 1.1> irqs 0-23 on motherboard
wlan: mac acl policy registered
kbd1 at kbdmux0
ath_hal: 0.9.20.3 (AR5210, AR5211, AR5212, RF5111, RF5112, RF2413, RF5413)
hptrr: HPT RocketRAID controller driver v1.1 (Jan 20 2008 00:19:12)
acpi0: <HPQOEM SLIC-MPC> on motherboard
acpi0: [ITHREAD]
acpi0: Power Button (fixed)
Timecounter "ACPI-safe" frequency 3579545 Hz quality 850
acpi_timer0: <24-bit timer at 3.579545MHz> port 0x1008-0x100b on acpi0
acpi_ec0: <Embedded Controller: GPE 0x10> port 0x62,0x66 on acpi0
acpi_hpet0: <High Precision Event Timer> iomem 0xfed00000-0xfed003ff on acpi0
Timecounter "HPET" frequency 25000000 Hz quality 900
cpu0: <ACPI CPU> on acpi0
powernow0: <PowerNow! K8> on cpu0
cpu1: <ACPI CPU> on acpi0
powernow1: <PowerNow! K8> on cpu1
acpi_button0: <Power Button> on acpi0
acpi_button1: <Sleep Button> on acpi0
acpi_acad0: <AC Adapter> on acpi0
battery0: <ACPI Control Method Battery> on acpi0
acpi_lid0: <Control Method Lid Switch> on acpi0
pcib0: <ACPI Host-PCI bridge> port 0xcf8-0xcff on acpi0
pci_link9: BIOS IRQ 10 for 0.10.INTB is invalid
pci0: <ACPI PCI bus> on pcib0
pci0: <memory, RAM> at device 0.0 (no driver attached)
pci0: <memory, RAM> at device 0.1 (no driver attached)
pci0: <memory, RAM> at device 0.2 (no driver attached)
pci0: <memory, RAM> at device 0.3 (no driver attached)
pci0: <memory, RAM> at device 0.4 (no driver attached)
pci0: <memory, RAM> at device 0.5 (no driver attached)
pci0: <memory, RAM> at device 0.6 (no driver attached)
pci0: <memory, RAM> at device 0.7 (no driver attached)
pcib1: <ACPI PCI-PCI bridge> at device 2.0 on pci0
pci1: <ACPI PCI bus> on pcib1
pcib2: <ACPI PCI-PCI bridge> at device 3.0 on pci0
pci3: <ACPI PCI bus> on pcib2
pci3: <network> at device 0.0 (no driver attached)
vgapci0: <VGA-compatible display> mem 0xb2000000-0xb2ffffff,0xc0000000-0xcfffffff,0xb1000000-0xb1ffffff irq 18 at device 5.0 on pci0
pci0: <memory, RAM> at device 9.0 (no driver attached)
isab0: <PCI-ISA bridge> port 0x1d00-0x1d7f at device 10.0 on pci0
isa0: <ISA bus> on isab0
pci0: <serial bus, SMBus> at device 10.1 (no driver attached)
pci0: <processor> at device 10.3 (no driver attached)
ohci0: <OHCI (generic) USB controller> mem 0xb0004000-0xb0004fff irq 22 at device 11.0 on pci0
ohci0: [GIANT-LOCKED]
ohci0: [ITHREAD]
usb0: OHCI version 1.0, legacy support
usb0: SMM does not respond, resetting
usb0: <OHCI (generic) USB controller> on ohci0
usb0: USB revision 1.0
uhub0: <nVidia OHCI root hub, class 9/0, rev 1.00/1.00, addr 1> on usb0
uhub0: 8 ports with 8 removable, self powered
ehci0: <EHCI (generic) USB 2.0 controller> mem 0xb0005000-0xb00050ff irq 22 at device 11.1 on pci0
ehci0: [GIANT-LOCKED]
ehci0: [ITHREAD]
usb1: EHCI version 1.0
usb1: companion controller, 8 ports each: usb0
usb1: <EHCI (generic) USB 2.0 controller> on ehci0
usb1: USB revision 2.0
uhub1: <nVidia EHCI root hub, class 9/0, rev 2.00/1.00, addr 1> on usb1
uhub1: 8 ports with 8 removable, self powered
umass0: <vendor 0x04b4 Cypress AT2LP, class 0/0, rev 2.00/2.40, addr 2> on uhub1
ugen0: <Sonix Technology Co., Ltd. USB 2.0 Camera, class 239/2, rev 2.00/2.10, addr 3> on uhub1
atapci0: <nVidia nForce MCP51 UDMA133 controller> port 0x1f0-0x1f7,0x3f6,0x170-0x177,0x376,0x3080-0x308f at device 13.0 on pci0
ata0: <ATA channel 0> on atapci0
ata0: [ITHREAD]
ata1: <ATA channel 1> on atapci0
ata1: [ITHREAD]
atapci1: <nVidia nForce MCP51 SATA300 controller> port 0x30c0-0x30c7,0x30b4-0x30b7,0x30b8-0x30bf,0x30b0-0x30b3,0x3090-0x309f irq 23 at device 14.0 on pci0
atapci1: [ITHREAD]
ata2: <ATA channel 0> on atapci1
ata2: [ITHREAD]
ata3: <ATA channel 1> on atapci1
ata3: [ITHREAD]
pcib3: <ACPI PCI-PCI bridge> at device 16.0 on pci0
pci_link0: BIOS IRQ 11 for 7.5.INTA is invalid
pci_link1: BIOS IRQ 11 for 7.5.INTB is invalid
pci7: <ACPI PCI bus> on pcib3
fwohci0: <1394 Open Host Controller Interface> mem 0xb8000000-0xb80007ff irq 9 at device 5.0 on pci7
fwohci0: [FILTER]
fwohci0: OHCI version 1.10 (ROM=0)
fwohci0: No. of Isochronous channels is 4.
fwohci0: EUI64 00:24:1b:00:f7:2b:34:00
fwohci0: Phy 1394a available S400, 1 ports.
fwohci0: Link S400, max_rec 2048 bytes.
firewire0: <IEEE1394(FireWire) bus> on fwohci0
fwe0: <Ethernet over FireWire> on firewire0
if_fwe0: Fake Ethernet address: 02:24:1b:2b:34:00
fwe0: Ethernet address: 02:24:1b:2b:34:00
fwip0: <IP over FireWire> on firewire0
fwip0: Firewire address: 00:24:1b:00:f7:2b:34:00 @ 0xfffe00000000, S400, maxrec 2048
sbp0: <SBP-2/SCSI over FireWire> on firewire0
dcons_crom0: <dcons configuration ROM> on firewire0
dcons_crom0: bus_addr 0x12c4000
fwohci0: Initiate bus reset
fwohci0: BUS reset
fwohci0: node_id=0xc800ffc0, gen=1, CYCLEMASTER mode
pci7: <base peripheral> at device 5.1 (no driver attached)
pci7: <base peripheral> at device 5.2 (no driver attached)
pci7: <base peripheral> at device 5.3 (no driver attached)
pci7: <base peripheral> at device 5.4 (no driver attached)
pci0: <multimedia> at device 16.1 (no driver attached)
nfe0: <NVIDIA nForce 430 MCP13 Networking Adapter> port 0x30e0-0x30e7 mem 0xb0008000-0xb0008fff irq 20 at device 20.0 on pci0
miibus0: <MII bus> on nfe0
rlphy0: <RTL8201L 10/100 media interface> PHY 1 on miibus0
rlphy0:  10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto
nfe0: Ethernet address: 00:1b:24:68:7c:d7
nfe0: [FILTER]
acpi_tz0: <Thermal Zone> on acpi0
atkbdc0: <Keyboard controller (i8042)> port 0x60,0x64 irq 1 on acpi0
atkbd0: <AT Keyboard> irq 1 on atkbdc0
kbd0 at atkbd0
atkbd0: [GIANT-LOCKED]
atkbd0: [ITHREAD]
psm0: <PS/2 Mouse> irq 12 on atkbdc0
psm0: [GIANT-LOCKED]
psm0: [ITHREAD]
psm0: model IntelliMouse, device ID 3
pmtimer0 on isa0
orm0: <ISA Option ROM> at iomem 0xcf800-0xd0fff pnpid ORM0000 on isa0
ppc0: parallel port not found.
sc0: <System console> at flags 0x100 on isa0
sc0: VGA <16 virtual consoles, flags=0x300>
sio0: configured irq 4 not in bitmap of probed irqs 0
sio0: port may not be enabled
sio0: configured irq 4 not in bitmap of probed irqs 0
sio0: port may not be enabled
sio0 at port 0x3f8-0x3ff irq 4 flags 0x10 on isa0
sio0: type 8250 or not responding
sio0: [FILTER]
sio1: configured irq 3 not in bitmap of probed irqs 0
sio1: port may not be enabled
vga0: <Generic ISA VGA> at port 0x3c0-0x3df iomem 0xa0000-0xbffff on isa0
ums0: <MosArt Optical Mouse, class 0/0, rev 1.10/0.00, addr 2> on uhub0
ums0: 3 buttons and Z dir.
Timecounters tick every 1.000 msec
hptrr: no controller detected.firewire0: 1 nodes, maxhop <= 0, cable IRM = 0 (me)
firewire0: bus manager 0 (me)

acd0: DVDR <TSSTcorpCD/DVDW TS-L632M/0917> at ata0-master PIO4
ad4: 152627MB <WDC WD1600BEVS-60RST0 04.01G04> at ata2-master SATA150
GEOM_LABEL: Label for provider ad4s2 is ntfs/HP_RECOVERY.
GEOM_CONCAT: Device export created (id=3382027346).
GEOM_CONCAT: Disk ad4s3f attached to export.
GEOM_JOURNAL: Journal 4240811370: ad4s4e contains data.
GEOM_CONCAT: Disk ad4s4f attached to export.
GEOM_CONCAT: Device export activated.
GEOM_JOURNAL: Journal 4240811370: ad4s4g contains journal.
GEOM_JOURNAL: Journal ad4s4e clean.
SMP: AP CPU #1 Launched!
da0 at umass-sim0 bus 0 target 0 lun 0
da0: <SAMSUNG SP2514N 0000> Fixed Direct Access SCSI-0 device 
da0: 40.000MB/s transfers
da0: 238475MB (488397168 512 byte sectors: 255H 63S/T 30401C)
Trying to mount root from ufs:/dev/ad4s4a
cryptosoft0: <software crypto> on motherboard
GEOM_ELI: Device concat/export.eli created.
GEOM_ELI: Encryption: AES-CBC 128
GEOM_ELI:     Crypto: software
GEOM_JOURNAL: Journal 2182369297: concat/export.eli contains data.
GEOM_JOURNAL: Journal 2182369297: concat/export.eli contains journal.
GEOM_JOURNAL: Journal concat/export.eli clean.
WARNING: TMPFS is considered to be a highly experimental feature in FreeBSD.
WARNING: TMPFS is considered to be a highly experimental feature in FreeBSD.
umass0: at uhub1 port 2 (addr 2) disconnected
(da0:umass-sim0:0:0:0): lost device
(da0:umass-sim0:0:0:0): removing device entry
umass0: detached
Comment 5 ota 2008-02-03 04:02:56 UTC
As Volker and I investigated, we found the followings.

1. Use "geli configure -b" option with geom_eli_load="YES" in loader.conf
attaches /dev/concat/export.eli correctly at boot time.  However, key strokes
are lost and password verification fails.  There are some other PRs filed already
on this case.

2. Use "geli_devices" in rc.conf.  Even if this is not a preferred way, this works.

3. Use the patch.  The rc facility tries to parse /etc/fstab to find GELI providers.
However, it assumes that all provider ends with .eli.  It is not the case here and fails.
The patch is to detect all eli providers in a given path, i.e. /dev/concat/export.eli
in my cause.


The #3 is the most preferred way for this problem as the path indicates use of GEOM eli.

Thanks,
Hiro
Comment 6 ota 2008-04-18 21:50:07 UTC
The patch was been working grate for months on several machines without causing any problems.

It will be nice if this is committed to the HEAD.

Thanks,
Hiro
Comment 7 ota 2009-01-20 06:18:22 UTC
Hi Pawel,

Have you had a chance to take a look on this PR?

Thanks,
Hiro
Comment 8 Mark Linimon freebsd_committer freebsd_triage 2009-05-28 23:16:01 UTC
State Changed
From-To: feedback->open

Note that feedback was received some time ago. 


Comment 9 Mark Linimon freebsd_committer freebsd_triage 2009-05-28 23:16:01 UTC
Responsible Changed
From-To: pjd->freebsd-geom

pjd is not actively working on GEOM at the moment.
Comment 10 Pawel Jakub Dawidek freebsd_committer freebsd_triage 2014-06-01 06:44:34 UTC
Responsible Changed
From-To: freebsd-geom->pjd

I'll take this one.
Comment 11 Eitan Adler freebsd_committer freebsd_triage 2017-12-31 08:01:33 UTC
For bugs matching the following criteria:

Status: In Progress Changed: (is less than) 2014-06-01

Reset to default assignee and clear in-progress tags.

Mail being skipped