Age | Commit message (Collapse) | Author |
|
crypto optional metadata.
ok marco@
|
|
optional metadata per volume and discipline specific optional metadata
processing.
ok marco@
|
|
Also add a new optional metadata type for boot data. This is the first
step (of many) towards being able to boot from softraid volumes.
WARNING: This version of the softraid metadata is not compatible with
previous versions. As a result, any softraid volumes created with older
kernels will not assemble. Data on existing softraid volumes should be
backed up before upgrading. The volume should then be recreated and the
data restored.
ok marco@
|
|
ok @marco
|
|
without using a passphrase - instead the encryption mask key is stored on
the specified key disk partition (ideally being one on a removable device).
This also enables automatic assembly of crypto volumes at boot time.
ok marco@
|
|
"in, in, in!" marco@
|
|
ok marco@
|
|
"shiny!!" marco@
|
|
you backup your data and lock up your pets prior to using this.
Tested by todd@
ok marco@
|
|
ok marco@
|
|
ok marco@
|
|
d_open/d_close.
tested by many, ok jsing, thib, krw
|
|
ok marco@
|
|
ok marco@
|
|
including a "chunk id already in use" bug that occurred when assembling
more than one volume at boot. Volumes are now kept in order, as are the
chunks which they are assembled from. Duplicated chunk IDs are now handled
appropriately, with the chunk that has the most recent ondisk metadata
being used.
Also tested by nicm@ who got bitten by the "chunk id already in use" bug.
ok marco@
|
|
rename the abort flag so that it is more generalised.
ok marco@
|
|
ok jordan
|
|
smoking but it sure as heck wasn't good.
Issue found by jsing on sparc64; tested by jsing and me on various arches.
ok deraadt jsing
|
|
Needed for RAID4/RAID5 xor buffers
ok marco@
|
|
|
|
|
|
|
|
Abort rebuild and drain IO when shutting down.
|
|
KNF & spelling too
|
|
|
|
rather than initialising everything in softraid.c. This makes a discipline
more self-contained and reduces the number of function declarations needed
in softraidvar.h.
ok marco@
|
|
is such a beast because it doesn't physically add a device to the OS but
exports a RAID partition. It creates a kernel thread for each
exported aoe target. Since it reuses all the goodies in softraid upon
reboot the metadata is discovered and therefore the partition is exported
at boot time.
ok tedu dlg
|
|
|
|
part of a server. there's no configuration yet, and several other drawbacks,
but it can be hammered into shape. i haven't moved the code forward in a year,
and marco wants it in the tree to hack on.
|
|
Fix a typo while here.
The rebuild field was appended to the metadata so that we can automatically
update from v2 to v3. The only visible difference will be that in the dmesg
the SCSI version number will go from 002 to 003.
ok deraad.
|
|
pretty-print the UUID in RFC4122 form
|
|
that caused illegal checksums. The new metadata code is more or less ready
to deal with other vendor's metadata formats.
While here clean up the name space.
Fix thib's pool mess by adding removing bad flags in interrupt context.
tested on macppc, amd64, i386, sparc64 & hppa
sparc64 has issues with crypto however those do not seem to be softraid
specific.
help from okan@ ckuethe@ Will Backman and others
|
|
instead of malloc;
OK hshoexer@ and macro@
|
|
most 0.5TB of disk. This is well below P1619-2007's recommendation
for AES-XTS of 1TB/key, but small enough so we can test that we
actually use multiple keys with inexpensive hardware.
We allocate 32 keys, so this will do for volumes up to 16TB.
Fix a crypto session leak in sr_crypto_free_resources()
much debugging help mshoexer@; ok hshoexer@ marco@
|
|
|
|
been correctly decrypted using the masking key.
The check code is a HMAC-SHA1 over the disk keys using a hash of
the masking key. It should be slow enough to provide no useful
brute force success oracle and should not leak significant data about
the masking key or disk keys.
ok hshoexer@ marco@
|
|
reserved space in case we ever want to support a different scheme
ok hshoexer@ marco@
|
|
ok marco djm
|
|
parts in #ifdef _KERNEL; makes softraidvar.h usable from userland
ok hshoexer@
|
|
|
|
generation used by user space in the meta data.
Actually use the masking key for encryption and decryption of on-disk key
at run time.
ok djm marco
|
|
discussed with krw, kettenis & drahn
ok hshoexer
|
|
disabled, of course, and still work in progress.
help by djm@, ok marco@
|
|
also use aes to generate proppper IVs
ok marco@
|
|
code single time I look at it.
|
|
ok marco@
|
|
|
|
ok tedu@ marco@
|
|
Randomize Crypto password and add salt array.
Add mock key encryption functions.
|
|
fucntion. Fix bug in the crypto code that could casuse data corruption as
a bonus, bad cut & past tedu!
|