From owner-freebsd-stable@freebsd.org Mon Nov 2 07:15:15 2020 Return-Path: Delivered-To: freebsd-stable@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id C0ED44483DB for ; Mon, 2 Nov 2020 07:15:15 +0000 (UTC) (envelope-from freebsd@tango.lu) Received: from mail.tango.lu (mail1.tango.lu [212.66.75.102]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4CPkhK3mfsz4948 for ; Mon, 2 Nov 2020 07:15:13 +0000 (UTC) (envelope-from freebsd@tango.lu) Received: from mail.tango.lu (localhost [127.0.0.1]) by mail.tango.lu (Postfix) with ESMTP id 20E4D38AC3D for ; Mon, 2 Nov 2020 08:15:05 +0100 (CET) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII; format=flowed Content-Transfer-Encoding: 7bit Date: Mon, 02 Nov 2020 08:15:05 +0100 From: freebsd@tango.lu To: freebsd-stable@freebsd.org Subject: FreeBSD disable any automated outgoing connections Message-ID: <06ef76eeff11b6bd6c0964dbf8256d40@tango.lu> X-Sender: freebsd@tango.lu User-Agent: Roundcube Webmail/1.2.0 X-Virus-Scanned: clamav-milter 0.99.4 at mail.tango.lu X-Virus-Status: Clean X-Rspamd-Queue-Id: 4CPkhK3mfsz4948 X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=pass (mx1.freebsd.org: domain of freebsd@tango.lu designates 212.66.75.102 as permitted sender) smtp.mailfrom=freebsd@tango.lu X-Spamd-Result: default: False [-2.58 / 15.00]; RCVD_TLS_LAST(0.00)[]; ARC_NA(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; R_SPF_ALLOW(-0.20)[+ip4:212.66.75.0/24]; MIME_GOOD(-0.10)[text/plain]; TO_DN_NONE(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[freebsd-stable@freebsd.org]; RCPT_COUNT_ONE(0.00)[1]; NEURAL_HAM_LONG(-1.02)[-1.020]; DMARC_NA(0.00)[tango.lu]; NEURAL_HAM_SHORT(-0.26)[-0.258]; FROM_NO_DN(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:56665, ipnet:212.66.72.0/21, country:LU]; RCVD_COUNT_TWO(0.00)[2]; MAILMAN_DEST(0.00)[freebsd-stable]; RWL_MAILSPIKE_POSSIBLE(0.00)[212.66.75.102:from] X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Nov 2020 07:15:15 -0000 Hello, I have these connections 4-5 am in the morning going to bytemark, cloudfare and other cloud providers: - Connections 2.0 - Payload 5.0k - Ports | Sources | Destinations | Services | Protocols | States | 443 100.0% | 192.168.1.5#1 100.0% | 104.16.45.99#2 50.0% | - 100.0% | 6 100.0% | SHR 100.0% | | | 104.16.44.99#3 50.0% | | | | This machine is an IDS it should never make outgoing connections ever. How to disable this? I have found some older mail on the list that it is some package checksum verification in periodic.conf I disabled it didn't work so I have changed the ServerName from update.FreeBSD.org to 127.0.0.1 in /etc/freebsd-update.conf something still tries to connect out. From owner-freebsd-stable@freebsd.org Mon Nov 2 09:52:31 2020 Return-Path: Delivered-To: freebsd-stable@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id D016144CC0B for ; Mon, 2 Nov 2020 09:52:31 +0000 (UTC) (envelope-from mach@swishmail.com) Received: from vorlon-ext1.swishmail.com (sinclair-ext1.swishmail.com [IPv6:2602:ffb8::208:72:56:63]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature ECDSA (P-384) client-digest SHA384) (Client CN "*.swishmail.com", Issuer "Sectigo ECC Domain Validation Secure Server CA" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4CPp9p6WJNz4LDG for ; Mon, 2 Nov 2020 09:52:30 +0000 (UTC) (envelope-from mach@swishmail.com) Received: from vorlon.swishmail.com (vorlon.swishmail.com [208.72.56.19]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-384) server-signature ECDSA (P-384) server-digest SHA384) (No client certificate requested) by sinclair-ext1.swishmail.com (Postfix) with ESMTPS id 273B713F69 for ; Mon, 2 Nov 2020 04:52:24 -0500 (EST) Received: (qmail 39110 invoked by uid 89); 2 Nov 2020 09:52:23 -0000 Received: from unknown (HELO ?IPv6:2001:b030:14e:100:1031:4d2d:edab:f4d8?) (mach@swishmail.com@2001:b030:14e:100:1031:4d2d:edab:f4d8) by vorlon.swishmail.com with ESMTPSA (TLS_AES_128_GCM_SHA256 encrypted, authenticated); 2 Nov 2020 09:52:23 -0000 To: List Mailing FreeBSD-STABLE From: Kris von Mach Subject: 12.2 release, blacklistd with ipfw gives error Message-ID: <47c8436c-7584-49ba-be94-ca46a3d5972b@swishmail.com> Date: Mon, 2 Nov 2020 17:52:21 +0800 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:68.0) Gecko/20100101 Thunderbird/68.12.1 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: base64 Content-Language: en-US X-Spam-Status: No, score=-10.70 X-Rspamd-Queue-Id: 4CPp9p6WJNz4LDG X-Spamd-Bar: --- X-Spamd-Result: default: False [-3.16 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; ARC_NA(0.00)[]; R_DKIM_ALLOW(-0.20)[swishmail.com:s=dkim]; MID_RHS_MATCH_FROM(0.00)[]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2602:ffb8::/36]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-stable@freebsd.org]; NEURAL_HAM_LONG(-1.01)[-1.006]; RCPT_COUNT_ONE(0.00)[1]; RCVD_COUNT_THREE(0.00)[3]; NEURAL_HAM_MEDIUM(-1.00)[-0.996]; TO_DN_ALL(0.00)[]; DKIM_TRACE(0.00)[swishmail.com:+]; MIME_BASE64_TEXT(0.10)[]; DMARC_POLICY_ALLOW(-0.50)[swishmail.com,reject]; NEURAL_HAM_SHORT(-0.26)[-0.263]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:14469, ipnet:2602:ffb8::/36, country:US]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-stable]; DWL_DNSWL_NONE(0.00)[swishmail.com:dkim] X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Nov 2020 09:52:31 -0000 SGVsbG8sDQoNCkkndmUgdXBncmFkZWQgYSB3b3JraW5nIGJsYWNrbGlzdGQgd2l0aCBpcGZ3 IHNlcnZlciBmcm9tIDEyLjEgdG8gMTIuMiANCmFuZCBub3cgaXQgZ2l2ZXMgdGhlIGZvbGxv d2luZyBlcnJvcjoNCg0KYmxhY2tsaXN0ZFs1MTU4M106IGdldG51bTogL2V0Yy9ibGFja2xp c3RkLmNvbmYsIDIyOiBCYWQgbnVtYmVyIGZvciANCnNlcnZpY2UgW10NCg0KTXkgY29uZmln Og0KDQpyYy5jb25mOg0KYmxhY2tsaXN0ZF9lbmFibGU9IllFUyLCoMKgwqDCoMKgwqDCoMKg wqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKg wqDCoMKgwqDCoCAjIA0KYWN0aXZhdGVzIGJsYWNrbGlzdGQNCnNzaGRfZmxhZ3M9Ii1vIFVz ZUJsYWNrTGlzdD15ZXMiwqDCoMKgwqDCoMKgwqAgIyBpbnN0cnVjdCBzc2hkIHRvIHJlcG9y dCB0byANCmJsYWNrbGlzdGQNCmZpcmV3YWxsX2VuYWJsZT0iWUVTIg0KZmlyZXdhbGxfdHlw ZT0iT1BFTiINCmJsYWNrbGlzdGRfZmxhZ3M9Ii1mIg0KDQovZXRjL2lwZnctYmxhY2tsaXN0 LnJjIGV4aXN0czoNCi1ydy1yLS1yLS3CoCAxIHJvb3TCoCB3aGVlbMKgIDAgTm92wqAgNMKg IDIwMTggL2V0Yy9pcGZ3LWJsYWNrbGlzdC5yYw0KDQpibGFja2xpc3RkLmNvbmY6DQojICRG cmVlQlNEOiByZWxlbmcvMTIuMi91c3Iuc2Jpbi9ibGFja2xpc3RkL2JsYWNrbGlzdGQuY29u ZiAzMzY5NzcgDQoyMDE4LTA3LTMxIDE2OjM5OjM4WiBicmQgJA0KIw0KIyBCbGFja2xpc3Qg cnVsZQ0KIyBhZHIvbWFzazpwb3J0IHR5cGXCoMKgwqAgcHJvdG/CoMKgIG93bmVywqDCoMKg wqDCoMKgwqDCoMKgwqAgbmFtZcKgwqDCoCBuZmFpbCBkaXNhYmxlDQpbbG9jYWxdDQpzc2jC oMKgwqDCoMKgwqDCoMKgwqDCoMKgwqAgc3RyZWFtwqAgKsKgwqDCoMKgwqDCoCAqwqDCoMKg wqDCoMKgwqDCoMKgwqDCoMKgwqDCoCAqwqDCoMKgwqDCoMKgIDPCoMKgwqDCoMKgwqAgMjRo DQpmdHDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqAgc3RyZWFtwqAgKsKgwqDCoMKgwqDCoCAq wqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoCAqwqDCoMKgwqDCoMKgIDPCoMKgwqDCoMKg wqAgMjRoDQpzbXRwwqDCoMKgwqDCoMKgwqDCoMKgwqDCoCBzdHJlYW3CoCAqwqDCoMKgwqDC oMKgICrCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgICrCoMKgwqDCoMKgwqAgM8KgwqDC oMKgwqDCoCAyNGgNCnN1Ym1pc3Npb27CoMKgwqDCoMKgIHN0cmVhbcKgICrCoMKgwqDCoMKg wqAgKsKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqAgKsKgwqDCoMKgwqDCoCAzwqDCoMKg wqDCoMKgIDI0aA0KIzYxNjHCoMKgwqDCoMKgwqDCoMKgwqDCoCBzdHJlYW3CoCB0Y3A2wqDC oMKgIGNocmlzdG9zwqDCoMKgwqDCoMKgwqAgKsKgwqDCoMKgwqDCoCAywqDCoMKgwqDCoMKg IDEwbQ0KKsKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqAgKsKgwqDCoMKgwqDCoCAqwqDC oMKgwqDCoMKgICrCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgICrCoMKgwqDCoMKgwqAg M8KgwqDCoMKgwqDCoCA2MA0KDQojIGFkci9tYXNrOnBvcnQgdHlwZcKgwqDCoCBwcm90b8Kg wqAgb3duZXLCoMKgwqDCoMKgwqDCoMKgwqDCoCBuYW1lwqDCoMKgIG5mYWlsIGRpc2FibGUN CltyZW1vdGVdDQojMTI5LjE2OC4wLjAvMTYgKsKgwqDCoMKgwqDCoCAqwqDCoMKgwqDCoMKg ICrCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgID3CoMKgwqDCoMKgwqAgKsKgwqDCoMKg wqDCoCAqDQojNjE2McKgwqDCoMKgwqDCoMKgwqDCoMKgID3CoMKgwqDCoMKgwqAgPcKgwqDC oMKgwqDCoCA9wqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoCA9LzI0wqDCoMKgID3CoMKg wqDCoMKgwqAgPQ0KIyrCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoCBzdHJlYW3CoCB0Y3DC oMKgwqDCoCAqwqDCoMKgwqDCoMKgwqDCoMKgwqDCoMKgwqDCoCA9wqDCoMKgwqDCoMKgID3C oMKgwqDCoMKgwqAgPQ0KDQoNCnNlcnZpY2VzIGFyZSBydW5uaW5nOg0Kcm9vdMKgwqDCoMKg IDM3MjM0wqDCoMKgIDAuMMKgIDAuMMKgwqDCoCAxOTYwMMKgwqDCoCA4MjI0wqAgLcKgIElz wqDCoCAwNDo0MSAwOjAwLjAwIA0KL3Vzci9zYmluL3NzaGQgLW8gVXNlQmxhY2tMaXN0PXll cw0Kcm9vdMKgwqDCoMKgIDUyMDMzwqDCoMKgIDAuMMKgIDAuMMKgwqDCoCAxMTc0MMKgwqDC oCAyODQwwqAgLcKgIFNzwqDCoCAwNDo0MSAwOjAwLjAwIA0KL3Vzci9zYmluL2JsYWNrbGlz dGQgLWYNCg0KaXBmdyBsaXN0DQowMDAwMSBkZW55IGlwIGZyb20gdGFibGUoMSkgdG8gbWUN CjAwMTAwIGFsbG93IGlwIGZyb20gYW55IHRvIGFueSB2aWEgbG8wDQowMDIwMCBkZW55IGlw IGZyb20gYW55IHRvIDEyNy4wLjAuMC84DQowMDMwMCBkZW55IGlwIGZyb20gMTI3LjAuMC4w LzggdG8gYW55DQowMDQwMCBkZW55IGlwIGZyb20gYW55IHRvIDo6MQ0KMDA1MDAgZGVueSBp cCBmcm9tIDo6MSB0byBhbnkNCjAwNjAwIGFsbG93IGlwdjYtaWNtcCBmcm9tIDo6IHRvIGZm MDI6Oi8xNg0KMDA3MDAgYWxsb3cgaXB2Ni1pY21wIGZyb20gZmU4MDo6LzEwIHRvIGZlODA6 Oi8xMA0KMDA4MDAgYWxsb3cgaXB2Ni1pY21wIGZyb20gZmU4MDo6LzEwIHRvIGZmMDI6Oi8x Ng0KMDA5MDAgYWxsb3cgaXB2Ni1pY21wIGZyb20gYW55IHRvIGFueSBpY21wNnR5cGVzIDEN CjAxMDAwIGFsbG93IGlwdjYtaWNtcCBmcm9tIGFueSB0byBhbnkgaWNtcDZ0eXBlcyAyLDEz NSwxMzYNCjY1MDAwIGFsbG93IGlwIGZyb20gYW55IHRvIGFueQ0KNjU1MzUgZGVueSBpcCBm cm9tIGFueSB0byBhbnkNCg0KdGFibGUgcG9ydDIyIGlzbid0IGNyZWF0ZWQNCg0KSXMgdGhp cyBhIGJ1ZyBvciBhbSBJIG1pc3Npbmcgc29tZSBjaGFuZ2UgaW4gdGhlIGNvbmZpZz8NCg0K From owner-freebsd-stable@freebsd.org Tue Nov 3 12:03:14 2020 Return-Path: Delivered-To: freebsd-stable@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 3184D456860 for ; Tue, 3 Nov 2020 12:03:14 +0000 (UTC) (envelope-from softwareinfojam@gmail.com) Received: from mail-ua1-x929.google.com (mail-ua1-x929.google.com [IPv6:2607:f8b0:4864:20::929]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4CQT292xPMz3XQS for ; Tue, 3 Nov 2020 12:03:13 +0000 (UTC) (envelope-from softwareinfojam@gmail.com) Received: by mail-ua1-x929.google.com with SMTP id a10so1561206uan.12 for ; Tue, 03 Nov 2020 04:03:13 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:date:from:subject:thread-topic:message-id:to :content-transfer-encoding; bh=G8hsCC3PJGnbx322GuezUTXyXu8Ekr5ZmTGW1RlmEBU=; b=U5BA0GMKs9uR1qQlsTA+xyVj2TI54b8OzGOc8epCFG2rFUwdjWJMbyqw6dlHYNNZH4 YmXlZizKDV80P2QMdFAonTJeD+uan82wyBZnLN85ywBVHA1ZvlW9vsA76X7gQAwU7iJO WoT5aLkTqJn8Djf88cpoMhK7dsh95xThLNNq9rlfdyfVSHSj75mHP8wV5mMjl9YORiOo ACBSSffAy3fXCqxzN3l2bqg1OtXW8KcVxDxveFWrpRPQkhod+vZx0GLR+inqGjKD8s/B 6XpJsxCi3RgRNvzSG7x6PJX90id6oeOLEqtafHXZomNdzkJKRtf+jR0SO+L5jJq4HrnI LOuQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:date:from:subject:thread-topic :message-id:to:content-transfer-encoding; bh=G8hsCC3PJGnbx322GuezUTXyXu8Ekr5ZmTGW1RlmEBU=; b=tBBEVmT9mPmy8UlxV3RVDr3ke6V+PikxqJDXdz5+/Mq8jw90Gep33GnGwQ63UWbKgi r/tQG5tv9aCNJpzYbLAw2ylDKyd8WEnhQhL+8+u9eBvtlz9tALNJmZkIIR+a56BaxR26 KxQxsyJZBm1lACbN+FiUOxbD4C+njG3PACQM/1PH++7Ot6g7KdA0iandp/jW3obbCYZ9 38do25VZjRaLExfd75O/tUOsgpOdpnmEQ5zsbJSIeI+JpibJ7UVFGYe4LejCh7tOm6f9 nwIXZ2fueDYq7nJeiHPA4PNO6ypYmY+i6i9L2Jfuauy/9uz3F5C9fbf6PzoW5j3mNUvp 6KZA== X-Gm-Message-State: AOAM532grTwmVVd3+I/iEzrhLSLMohrQPjgN1LL1+xGiA2aAc//w2P00 APY7ZmzZsIgZpoXpqFofMKAhOX0dfn4Adw== X-Google-Smtp-Source: ABdhPJzQx4TLowV9pi+DVOyT6i1DBpkzrlj9OpLo16qassvxgacXNNw1vveM9bMVxL2+JPxWoRDk9A== X-Received: by 2002:a9f:3584:: with SMTP id t4mr678826uad.24.1604404992014; Tue, 03 Nov 2020 04:03:12 -0800 (PST) Received: from smtp.gmail.com ([72.252.144.69]) by smtp.gmail.com with ESMTPSA id t127sm2171190vka.3.2020.11.03.04.03.11 for (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Tue, 03 Nov 2020 04:03:11 -0800 (PST) Date: Tue, 3 Nov 2020 07:03:10 -0500 From: Peter Fraser Subject: Mount SNBv2+ Shares Thread-Topic: Mount SNBv2+ Shares Message-ID: To: Nick Kostirya via freebsd-stable X-Rspamd-Queue-Id: 4CQT292xPMz3XQS X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=U5BA0GMK; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of softwareinfojam@gmail.com designates 2607:f8b0:4864:20::929 as permitted sender) smtp.mailfrom=softwareinfojam@gmail.com X-Spamd-Result: default: False [-2.70 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; ARC_NA(0.00)[]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; NEURAL_HAM_MEDIUM(-0.83)[-0.832]; FROM_HAS_DN(0.00)[]; FREEMAIL_FROM(0.00)[gmail.com]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.001]; PREVIOUSLY_DELIVERED(0.00)[freebsd-stable@freebsd.org]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36]; RCPT_COUNT_ONE(0.00)[1]; RCVD_COUNT_THREE(0.00)[3]; TO_DN_ALL(0.00)[]; DKIM_TRACE(0.00)[gmail.com:+]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::929:from]; NEURAL_HAM_SHORT(-0.17)[-0.168]; MIME_HTML_ONLY(0.20)[]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:~]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-stable]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim] MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.33 X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 03 Nov 2020 12:03:14 -0000 From owner-freebsd-stable@freebsd.org Thu Nov 5 04:35:02 2020 Return-Path: Delivered-To: freebsd-stable@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 2D44F44A71C for ; Thu, 5 Nov 2020 04:35:02 +0000 (UTC) (envelope-from emz@norma.perm.ru) Received: from elf.hq.norma.perm.ru (mail.norma.perm.ru [128.127.146.8]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "mail.norma.perm.ru", Issuer "Let's Encrypt Authority X3" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4CRW010xlpz4lgj for ; Thu, 5 Nov 2020 04:34:55 +0000 (UTC) (envelope-from emz@norma.perm.ru) Received: from [192.168.243.9] ([192.168.243.9]) by elf.hq.norma.perm.ru (8.15.2/8.15.2) with ESMTP id 0A54ZX99072789; Thu, 5 Nov 2020 09:35:33 +0500 (+05) (envelope-from emz@norma.perm.ru) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=norma.perm.ru; s=key; t=1604550934; bh=lOZAArZ65IheicgStS2OH1iLWoz/Bwdkj0L19AqGMbQ=; h=To:Cc:From:Subject:Date; b=IcGBJSqzlTyVlZzgIp2f3Nti2GNDziWYUC7Z+eQvdDDTZVWBC91MCRQ8zhxqqGJwB nxGJ9OkgeVusurMDhlnM5fQ64clCpcel2YLR/G3LW6Vmjec5VCQ/fhxlZZP3GXKAie IrRUOo2EPwkXg3v4P1I81izifh6e9YaZcnHaBY+U= To: freebsd-stable Cc: freebsd-virt From: "Eugene M. Zheganin" Subject: FreeBSD 12.x, virtio and alicloud (aliyun.com) Message-ID: Date: Thu, 5 Nov 2020 09:34:45 +0500 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:68.0) Gecko/20100101 Thunderbird/68.12.1 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit Content-Language: ru X-Rspamd-Queue-Id: 4CRW010xlpz4lgj X-Spamd-Bar: +++ Authentication-Results: mx1.freebsd.org; dkim=pass header.d=norma.perm.ru header.s=key header.b=IcGBJSqz; dmarc=pass (policy=none) header.from=perm.ru; spf=pass (mx1.freebsd.org: domain of emz@norma.perm.ru designates 128.127.146.8 as permitted sender) smtp.mailfrom=emz@norma.perm.ru X-Spamd-Result: default: False [3.50 / 15.00]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-0.24)[-0.237]; R_DKIM_ALLOW(0.00)[norma.perm.ru:s=key]; FROM_HAS_DN(0.00)[]; R_SPF_ALLOW(0.00)[+a]; NEURAL_SPAM_SHORT(0.17)[0.175]; MIME_GOOD(-0.10)[text/plain]; HFILTER_HELO_IP_A(1.00)[elf.hq.norma.perm.ru]; HFILTER_HELO_NORES_A_OR_MX(0.30)[elf.hq.norma.perm.ru]; BAD_REP_POLICIES(0.10)[]; TO_MATCH_ENVRCPT_SOME(0.00)[]; TO_DN_ALL(0.00)[]; DKIM_TRACE(0.00)[norma.perm.ru:+]; RCPT_COUNT_TWO(0.00)[2]; DMARC_POLICY_ALLOW(0.00)[perm.ru,none]; RBL_VIRUSFREE_BOTNET(2.00)[128.127.146.8:from]; NEURAL_SPAM_LONG(0.26)[0.261]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; RCVD_TLS_LAST(0.00)[]; ASN(0.00)[asn:212494, ipnet:128.127.146.0/24, country:RU]; MID_RHS_MATCH_FROM(0.00)[]; MAILMAN_DEST(0.00)[freebsd-stable]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 05 Nov 2020 04:35:02 -0000 Hello, Guys, does anyone have VM running in AliCloud Chinese provider (one of the biggest, if not the biggest one) ? They seem to provide stock FreeBSD 11.x images on some Redhat-based Linux with VirtIO which run just fine (at least I take a look at their kernel and it seem to be a stock GENERIC), but after source uprgading to 12.2 it cannot mountroot, because literally no disks are found after thee kernel booting stage. This, in turn, is cause by a bunch of repeatable virtio errors, which looks like (screenshot provided in the link): virtio_pci1: cannot map I/O space device_attach:  virtio_pci1 attach returned 6 (https://enazadev.ru/stub-data/freebsd12-alicloud-cannot-map-io.png) So not only vtbd0 cannot be attached to, but also a network adater. Surprisingly, virtio_console and memory baloon device seems to be working. I've took a look at various VirtIO cases in the bug tracker and compiled a kernel without netmap (yeah, after some consideration this could help only with virtio_net part), but this doesn't help. Is this some sort of regression that needs to be reported ? Is there some kind of known workaround ? I also have a running 11.3 on a second VM, so I can provide any necessary details if needed. Thanks. Eugene. From owner-freebsd-stable@freebsd.org Thu Nov 5 06:07:28 2020 Return-Path: Delivered-To: freebsd-stable@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 7B1C544B9FD for ; Thu, 5 Nov 2020 06:07:28 +0000 (UTC) (envelope-from cevin.cheung@gmail.com) Received: from mail-io1-xd34.google.com (mail-io1-xd34.google.com [IPv6:2607:f8b0:4864:20::d34]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4CRY2l3Xb4z4pbK for ; Thu, 5 Nov 2020 06:07:27 +0000 (UTC) (envelope-from cevin.cheung@gmail.com) Received: by mail-io1-xd34.google.com with SMTP id u19so656088ion.3; Wed, 04 Nov 2020 22:07:27 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=8il/2judAxZlurxq+noZMtqgDkr0p+qcCiMtfcELpBU=; b=m49nb/BV67mM0FjzQ2XQK7uUXrcz+nps1XhGN/a0xEsXkfJnRrBWJuep28O0ZMlRz3 UfxIWBiyaONeYyDz6YH1dlp+kzPiJTzpHz5n/65x8+Ywr6xLEOMz8vgaAr5evorMKJhs auF98ordgRPdT0baoNbllDy5wJBXbn7SLtqkmfeGA9YKCL/UoA2WiglP206JCkbDp7VJ zabfGT20ea6dzcdw5LB1G44UleRpF78XOgxVFMXs+iZyC3M64XU6mqtVvWgNuYeH0tb0 i3fJUWpo5fPJ6mgCZviOMytecCzUkJGBQcUMh2CkBYWfmVpXOEjIeFfAyFKSqxjkhjRL XZIg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=8il/2judAxZlurxq+noZMtqgDkr0p+qcCiMtfcELpBU=; b=R+jP0Ig7kiywh8POk9MAbivO6GWddAxA9GmztAtgu2TLp1TwN/3ADId6TeHjKNnq0x ocegTMJFuwyqSs78qX1pH7DAewoQ10xXwLLE+LXe6aFvg0x99NvIKfrrIJ+8I03S/Fpa 9RKOZILhbhqgoD/w7GxLhemq4u58bRuyyOkHcv4O9OatlZyo1HsRIY9H/Dcz5RvjDqCn ykg7DPbCB4W0eq/R4k5xJBUrEthLR8YQAodjJjV5gNFfHBpqIdT/j6O5rEb4yjwxGDxK cugkcRyZ7Pp/hq5ApGMXCo1SCcUwkSV5zO4HrjqGIkKqu/RbfvVEs3I5eO7zTCiwg/V7 /bdw== X-Gm-Message-State: AOAM533/bt6+orwT7Poif4fiVnD6AvC9J0TBllOL8GkUTiAOJogXHPRr FXdkzWzLufh9pd/5Km2Wk2fIr8BL0sSRC3uZsr6h0I2n+7lio/H5 X-Google-Smtp-Source: ABdhPJwdRZqdMgfCXGMXMXFPdrXtE0y5+UaRhkIx6+DBGYkkqM6ebPNMuvL8oX4RsLLqvFcz/CFzh4hUE/yUThRInrw= X-Received: by 2002:a6b:7114:: with SMTP id q20mr720716iog.16.1604556446131; Wed, 04 Nov 2020 22:07:26 -0800 (PST) MIME-Version: 1.0 References: In-Reply-To: From: Cevin Date: Thu, 5 Nov 2020 14:06:29 +0800 Message-ID: Subject: Re: FreeBSD 12.x, virtio and alicloud (aliyun.com) To: "Eugene M. Zheganin" Cc: freebsd-stable , freebsd-virt X-Rspamd-Queue-Id: 4CRY2l3Xb4z4pbK X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=m49nb/BV; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of cevincheung@gmail.com designates 2607:f8b0:4864:20::d34 as permitted sender) smtp.mailfrom=cevincheung@gmail.com X-Spamd-Result: default: False [-3.08 / 15.00]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.01)[-1.008]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; RCVD_TLS_ALL(0.00)[]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36:c]; FREEMAIL_FROM(0.00)[gmail.com]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; NEURAL_HAM_LONG(-0.99)[-0.987]; TO_MATCH_ENVRCPT_SOME(0.00)[]; TO_DN_ALL(0.00)[]; DKIM_TRACE(0.00)[gmail.com:+]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::d34:from]; NEURAL_HAM_SHORT(-0.08)[-0.081]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; TAGGED_FROM(0.00)[]; MAILMAN_DEST(0.00)[freebsd-stable]; RCVD_COUNT_TWO(0.00)[2] Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.33 X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.33 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 05 Nov 2020 06:07:28 -0000 The problem seems to have been fixed, but the code is still in the review. For more details, see https://reviews.freebsd.org/D26915#601420 Eugene M. Zheganin =E4=BA=8E2020=E5=B9=B411=E6=9C=885= =E6=97=A5=E5=91=A8=E5=9B=9B =E4=B8=8B=E5=8D=8812:35=E5=86=99=E9=81=93=EF=BC= =9A > Hello, > > > Guys, does anyone have VM running in AliCloud Chinese provider (one of > the biggest, if not the biggest one) ? They seem to provide stock > FreeBSD 11.x images on some Redhat-based Linux with VirtIO which run > just fine (at least I take a look at their kernel and it seem to be a > stock GENERIC), but after source uprgading to 12.2 it cannot mountroot, > because literally no disks are found after thee kernel booting stage. > This, in turn, is cause by a bunch of repeatable virtio errors, which > looks like (screenshot provided in the link): > > > virtio_pci1: cannot map I/O space > > device_attach: virtio_pci1 attach returned 6 > > > (https://enazadev.ru/stub-data/freebsd12-alicloud-cannot-map-io.png) > > So not only vtbd0 cannot be attached to, but also a network adater. > Surprisingly, virtio_console and memory baloon device seems to be working= . > > I've took a look at various VirtIO cases in the bug tracker and compiled > a kernel without netmap (yeah, after some consideration this could help > only with virtio_net part), but this doesn't help. > > Is this some sort of regression that needs to be reported ? Is there > some kind of known workaround ? > > I also have a running 11.3 on a second VM, so I can provide any > necessary details if needed. > > > Thanks. > > Eugene. > > _______________________________________________ > freebsd-stable@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-stable > To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org" > From owner-freebsd-stable@freebsd.org Thu Nov 5 20:52:11 2020 Return-Path: Delivered-To: freebsd-stable@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 5488D2D0E01; Thu, 5 Nov 2020 20:52:11 +0000 (UTC) (envelope-from emz@norma.perm.ru) Received: from elf.hq.norma.perm.ru (mail.norma.perm.ru [128.127.146.8]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "mail.norma.perm.ru", Issuer "Let's Encrypt Authority X3" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4CRwgW5LBhz3Ndh; Thu, 5 Nov 2020 20:52:07 +0000 (UTC) (envelope-from emz@norma.perm.ru) Received: from [192.168.243.9] ([192.168.243.9]) by elf.hq.norma.perm.ru (8.15.2/8.15.2) with ESMTP id 0A5Kqq2k065035; Fri, 6 Nov 2020 01:52:52 +0500 (+05) (envelope-from emz@norma.perm.ru) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=norma.perm.ru; s=key; t=1604609572; bh=WDieaXhnqVWLBfCNHhRuk2MQ5+/8Krt7CQejpvD2e+Y=; h=Subject:To:References:Cc:From:Date:In-Reply-To; b=UgF/e4R8vFmcKW4v7+zzsCAY6A2RcD/70erwCMEsOCpFat0uSBVb43j8GbFfPq2lv qzUxjbWTqKZuzgYY5vLdIN3zrfBXKEia/FYrB9lq6h9Bhrr5m+6g8h4XFiK1N+unZ/ s4VDOf5aBvr0WwnqF9sNOcHgtoaTaZIKeFxHhwR4= Subject: Re: FreeBSD 12.x, virtio and alicloud (aliyun.com) To: freebsd-stable@freebsd.org References: Cc: virtualization@freebsd.org From: "Eugene M. Zheganin" Message-ID: <98cd7866-7d05-6e49-e53b-e8dedf2a1531@norma.perm.ru> Date: Fri, 6 Nov 2020 01:52:03 +0500 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:68.0) Gecko/20100101 Thunderbird/68.12.1 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit Content-Language: ru X-Rspamd-Queue-Id: 4CRwgW5LBhz3Ndh X-Spamd-Bar: ++++ Authentication-Results: mx1.freebsd.org; dkim=pass header.d=norma.perm.ru header.s=key header.b=UgF/e4R8; dmarc=pass (policy=none) header.from=perm.ru; spf=pass (mx1.freebsd.org: domain of emz@norma.perm.ru designates 128.127.146.8 as permitted sender) smtp.mailfrom=emz@norma.perm.ru X-Spamd-Result: default: False [4.28 / 15.00]; ARC_NA(0.00)[]; RBL_DBL_DONT_QUERY_IPS(0.00)[128.127.146.8:from]; R_DKIM_ALLOW(0.00)[norma.perm.ru:s=key]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; R_SPF_ALLOW(0.00)[+a]; MIME_GOOD(-0.10)[text/plain]; TO_DN_NONE(0.00)[]; HFILTER_HELO_IP_A(1.00)[elf.hq.norma.perm.ru]; HFILTER_HELO_NORES_A_OR_MX(0.30)[elf.hq.norma.perm.ru]; SPAMHAUS_ZRD(0.00)[128.127.146.8:from:127.0.2.255]; RBL_VIRUSFREE_BOTNET(2.00)[128.127.146.8:from]; NEURAL_SPAM_SHORT(0.98)[0.984]; DKIM_TRACE(0.00)[norma.perm.ru:+]; RCPT_COUNT_TWO(0.00)[2]; DMARC_POLICY_ALLOW(0.00)[perm.ru,none]; BAD_REP_POLICIES(0.10)[]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; RCVD_TLS_LAST(0.00)[]; ASN(0.00)[asn:212494, ipnet:128.127.146.0/24, country:RU]; MID_RHS_MATCH_FROM(0.00)[]; MAILMAN_DEST(0.00)[freebsd-stable,virtualization]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 05 Nov 2020 20:52:11 -0000 Hello. Well, with this patch I'm getting trap immediately on the kernel booting phase: ===Cut=== virtio_pci2:virtqueue 0 (vtnet0-0 rx) does not exists (size is zero) virtio_pci2: cannot allocate virtqueue 0: 19 vtnet0: cannot allocate virtqueues ===Cut=== see the screenshot below: https://enazadev.ru/stub-data/freebsd12-patched-trap.png 05.11.2020 11:06, Cevin пишет: > The problem seems to have been fixed, but the code is still in the review. > For more details, see https://reviews.freebsd.org/D26915#601420 > > Eugene M. Zheganin 于2020年11月5日周四 下午12:35写道: > >> Hello, >> >> >> Guys, does anyone have VM running in AliCloud Chinese provider (one of >> the biggest, if not the biggest one) ? They seem to provide stock >> FreeBSD 11.x images on some Redhat-based Linux with VirtIO which run >> just fine (at least I take a look at their kernel and it seem to be a >> stock GENERIC), but after source uprgading to 12.2 it cannot mountroot, >> because literally no disks are found after thee kernel booting stage. >> This, in turn, is cause by a bunch of repeatable virtio errors, which >> looks like (screenshot provided in the link): >> >> >> virtio_pci1: cannot map I/O space >> >> device_attach: virtio_pci1 attach returned 6 >> >> >> (https://enazadev.ru/stub-data/freebsd12-alicloud-cannot-map-io.png) >> >> So not only vtbd0 cannot be attached to, but also a network adater. >> Surprisingly, virtio_console and memory baloon device seems to be working. >> >> I've took a look at various VirtIO cases in the bug tracker and compiled >> a kernel without netmap (yeah, after some consideration this could help >> only with virtio_net part), but this doesn't help. >> >> Is this some sort of regression that needs to be reported ? Is there >> some kind of known workaround ? >> >> I also have a running 11.3 on a second VM, so I can provide any >> necessary details if needed. >> >> >> Thanks. >> >> Eugene. >> >> _______________________________________________ >> freebsd-stable@freebsd.org mailing list >> https://lists.freebsd.org/mailman/listinfo/freebsd-stable >> To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org" >> > _______________________________________________ > freebsd-stable@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-stable > To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org" From owner-freebsd-stable@freebsd.org Fri Nov 6 05:55:50 2020 Return-Path: Delivered-To: freebsd-stable@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id EC30B2E0129 for ; Fri, 6 Nov 2020 05:55:50 +0000 (UTC) (envelope-from dewayne@heuristicsystems.com.au) Received: from hermes.heuristicsystems.com.au (hermes.heuristicsystems.com.au [203.41.22.115]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2560 bits) client-digest SHA256) (Client CN "hermes.heuristicsystems.com.au", Issuer "Heuristic Systems Type 4 Host CA" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4CS8kt1LcZz4dYj for ; Fri, 6 Nov 2020 05:55:49 +0000 (UTC) (envelope-from dewayne@heuristicsystems.com.au) Received: from [10.0.5.3] (noddy.hs [10.0.5.3]) (authenticated bits=0) by hermes.heuristicsystems.com.au (8.15.2/8.15.2) with ESMTPSA id 0A65tBtJ003354 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NOT) for ; Fri, 6 Nov 2020 16:55:12 +1100 (AEDT) (envelope-from dewayne@heuristicsystems.com.au) DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=heuristicsystems.com.au; s=hsa; t=1604642112; x=1605246913; bh=X1pSYlTOuk+0gzcuR+SaafKYTyffGOxuHS9SLTWw+xI=; h=To:From:Subject:Message-ID:Date; b=NFRN/gL/qxHYoq+aBAjfRzv5yyWSciXW0sGuAWxQff6EfLdUXnWiuL1VR3NTjoW6I 3jcVl+pqmpzI9zMtBLSvIXG84OWzN7LZlXfGkRUa05XdI+QEevxYBlaHNjrRhSeOp9 bW1SLcBzRiVLcaGpfGMo86N2Y1WA+n8q5uo54MHdsGxcuvEW4NJhA X-Authentication-Warning: b3.hs: Host noddy.hs [10.0.5.3] claimed to be [10.0.5.3] To: FreeBSD Stable Mailing List From: Dewayne Geraghty Subject: Has geli broken when using authentication (hmac/sha256)? Message-ID: <22acef0d-910a-2dae-53ac-7c4de5d0e4e3@heuristicsystems.com.au> Date: Fri, 6 Nov 2020 16:46:29 +1100 User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:78.0) Gecko/20100101 Thunderbird/78.3.2 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Language: en-GB Content-Transfer-Encoding: 7bit X-Rspamd-Queue-Id: 4CS8kt1LcZz4dYj X-Spamd-Bar: ---- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=heuristicsystems.com.au header.s=hsa header.b=NFRN/gL/; dmarc=none; spf=pass (mx1.freebsd.org: domain of dewayne@heuristicsystems.com.au designates 203.41.22.115 as permitted sender) smtp.mailfrom=dewayne@heuristicsystems.com.au X-Spamd-Result: default: False [-4.20 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; R_SPF_ALLOW(-0.20)[+mx:c]; HAS_XAW(0.00)[]; RCVD_DKIM_ARC_DNSWL_MED(-0.50)[]; TO_DN_ALL(0.00)[]; DKIM_TRACE(0.00)[heuristicsystems.com.au:+]; RCVD_IN_DNSWL_MED(-0.20)[203.41.22.115:from]; NEURAL_HAM_SHORT(-1.00)[-1.000]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; SUBJECT_ENDS_QUESTION(1.00)[]; ASN(0.00)[asn:1221, ipnet:203.40.0.0/13, country:AU]; MID_RHS_MATCH_FROM(0.00)[]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; R_DKIM_ALLOW(-0.20)[heuristicsystems.com.au:s=hsa]; FROM_HAS_DN(0.00)[]; DWL_DNSWL_MED(-2.00)[heuristicsystems.com.au:dkim]; TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-stable@freebsd.org]; DMARC_NA(0.00)[heuristicsystems.com.au]; RCPT_COUNT_ONE(0.00)[1]; RCVD_COUNT_TWO(0.00)[2]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-stable] X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 06 Nov 2020 05:55:51 -0000 Using FreeBSD 12.2S r367125M, to # geli init -a HMAC/SHA256 -e aes-cbc -l 128 -P -s 4096 -K /tmp/key ${D}s1a fails during newfs, # newfs -O2 -U ${D}s1a.eli newfs: can't read old UFS1 superblock: read error from block device: Invalid argument Using geli with encryption only, works as usual. But using hmac/sha256 fails when used with "-e null" or in combination with a cipher. Using encryption only, everything is normal, ie newfs ok, the filesystem mounts and is accessible. Could someone verify if something is broken? I've included my test case below: -- Reproducible with: D=/dev/md0 # Cleanup previous runs umount /mnt/A geli detach ${D}s1a || true mdconfig -du 0 || TRUE rm /tmp/test || true truncate -s 64m /tmp/test mdconfig -t vnode -f /tmp/test gpart create -s MBR ${D} gpart add -a 4k -s 14m -t freebsd $D gpart add -a 4k -s 10m -t freebsd $D gpart add -a 4k -s 10m -t freebsd $D gpart create -s bsd ${D}s1 gpart create -s bsd ${D}s2 gpart add -a 4k -s 10m -t freebsd-ufs ${D}s1 openssl rand -hex -out /tmp/key 32 geli init -a HMAC/SHA256 -e aes-cbc -l 128 -P -s 4096 -K /tmp/key ${D}s1a geli attach -p -k /tmp/key ${D}s1a newfs -O2 -U ${D}s1a.eli /dev/md0s1a.eli: 8.9MB (18200 sectors) block size 32768, fragment size 4096 using 4 cylinder groups of 2.25MB, 72 blks, 384 inodes. with soft updates newfs: can't read old UFS1 superblock: read error from block device: Invalid argument However using UFS1, newfs succeeds but the mount fails. newfs -O1 -U ${D}s1a.eli /dev/md0s1a.eli: 8.9MB (18200 sectors) block size 32768, fragment size 4096 using 4 cylinder groups of 2.25MB, 72 blks, 512 inodes. with soft updates super-block backups (for fsck_ffs -b #) at: 64, 4672, 9280, 13888 # mount -v /dev/md0s1a.eli /mnt/A mount: /dev/md0s1a.eli: Invalid argument The only change that may be related is: # svnlite log -l 4 /usr/src/tests/sys/geom/class/eli ------------------------------------------------------------------------ r363486 | asomers | 2020-07-25 04:19:25 +1000 (Sat, 25 Jul 2020) | 13 lines MFC r363014: geli: enable direct dispatch geli does all of its crypto operations in a separate thread pool, so g_eli_start, g_eli_read_done, and g_eli_write_done don't actually do very much work. Enabling direct dispatch eliminates the g_up/g_down bottlenecks, doubling IOPs on my system. This change does not affect the thread pool. Reviewed by: markj Sponsored by: Axcient Differential Revision: https://reviews.freebsd.org/D25587 Cheers, Dewayne -- *** NOTICE This email and any attachments may contain legally privileged or confidential information and may be protected by copyright. You must not use or disclose them other than for the purposes for which they were supplied. The privilege or confidentiality attached to this message and attachments is not waived by reason of mistaken delivery to you. If you are not the intended recipient, you must not use, disclose, retain, forward or reproduce this message or any attachments. If you receive this message in error please notify the sender by return email or telephone and destroy and delete all copies. *** From owner-freebsd-stable@freebsd.org Sat Nov 7 03:44:46 2020 Return-Path: Delivered-To: freebsd-stable@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id ED3112E106F for ; Sat, 7 Nov 2020 03:44:46 +0000 (UTC) (envelope-from lnelson@nelnet.org) Received: from mail-pj1-x102f.google.com (mail-pj1-x102f.google.com [IPv6:2607:f8b0:4864:20::102f]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4CSjnB2B8Jz3kvB for ; Sat, 7 Nov 2020 03:44:46 +0000 (UTC) (envelope-from lnelson@nelnet.org) Received: by mail-pj1-x102f.google.com with SMTP id w7so279246pjy.1 for ; Fri, 06 Nov 2020 19:44:45 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nelnet-org.20150623.gappssmtp.com; s=20150623; h=date:from:to:subject:message-id:user-agent:mime-version; bh=nrbp3AjTyb3NZDJGNq8G3VJzv8EOBZEFLICC+SemBpQ=; b=qEVqKhAQysePpb3Udx8993k8PkZvzDZTca6ZMQ53gc759PIkOqDCMrISyQE92Fvm5N /HqstsiajyYD2LKEnJVuD1iNWF6sQ+C5sR7aYAD5/nVIW1A87SoZukE3aKjOj8CACGEF 6nT0eVKOhtUIQWi2QR5xQ+PWjxoVMH+y4b7Oq50i+uAAbrKn7cvDZKbHyoYuawJuCwJj swfHeUxzmaw3iRzFW5TN0WFEuBNCwLWq7JQ8FXjXGR85SEldVGlQpgfOtLjPmqXZYj7T q5daCn55u5Dh8IhyrfzdNvgFyK8IujtCEvxT87/fLt1Ij1TzFTW+Zvy2MmTy+tOWe+Hu 1u7Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:subject:message-id:user-agent :mime-version; bh=nrbp3AjTyb3NZDJGNq8G3VJzv8EOBZEFLICC+SemBpQ=; b=I8ne+2aXnJMwIgq50rKuXpRBgGqlSKQg9UIctRGlCQi7bRmU83ABiNkRm+3La+xO7H NYoRMuojZHZ1behIXJsTAYGroenbW8qso2VyJnoZWVk54oAs0qdEgnUbRgs2zm34KfCP DkSZFriPOiK0+lC919bj6ZLMKgSKLunDHcAnuXS9DtzA86IL1XhoUckD6Gh+vtzLecXm fI4GV61xzJKxbJGVq2ZAyIsI+TyVJoedPzPLRhtZfEjq6cH1hTWgqEw/I45wvkwDCBHU b8Kh7zqbRyMsifdf6vaF9k/+TynyyE0m+hgzeK0XXTt23V562iW1RpiwkKvsE5sJRvIi 5uiQ== X-Gm-Message-State: AOAM532+nhDS+XF27mbidfPxIgyqGbsZbulsZ4r7j95b9D164+S6avKK IAhmfrrCGDrFR9bg3nJdjeeVvcSLs6GvoA== X-Google-Smtp-Source: ABdhPJy9WmcdvlUV/jwT9x1jmgqBbPQ4PSsMJmb3c2LtCmafidd1S1ZGZxndgA4JwL0fLHzeucHOaw== X-Received: by 2002:a17:902:9a0c:b029:d6:c6a3:66f with SMTP id v12-20020a1709029a0cb02900d6c6a3066fmr4033787plp.52.1604720684400; Fri, 06 Nov 2020 19:44:44 -0800 (PST) Received: from [192.168.44.182] ([184.53.16.164]) by smtp.gmail.com with ESMTPSA id p15sm4089547pjv.44.2020.11.06.19.44.41 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 06 Nov 2020 19:44:43 -0800 (PST) Date: Fri, 6 Nov 2020 19:44:27 -0800 (PST) From: Lee Nelson X-X-Sender: lnelson@lap01.localdomain To: freebsd-stable@freebsd.org Subject: HAST different disk sizes Message-ID: User-Agent: Alpine 2.22 (DEB 394 2020-01-19) MIME-Version: 1.0 Content-Type: text/plain; format=flowed; charset=US-ASCII X-Rspamd-Queue-Id: 4CSjnB2B8Jz3kvB X-Spamd-Bar: / Authentication-Results: mx1.freebsd.org; dkim=pass header.d=nelnet-org.20150623.gappssmtp.com header.s=20150623 header.b=qEVqKhAQ; dmarc=none; spf=none (mx1.freebsd.org: domain of lnelson@nelnet.org has no SPF policy when checking 2607:f8b0:4864:20::102f) smtp.mailfrom=lnelson@nelnet.org X-Spamd-Result: default: False [-0.32 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; ARC_NA(0.00)[]; R_DKIM_ALLOW(-0.20)[nelnet-org.20150623.gappssmtp.com:s=20150623]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; FROM_HAS_DN(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; NEURAL_SPAM_SHORT(0.98)[0.985]; MIME_GOOD(-0.10)[text/plain]; TO_DN_NONE(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[freebsd-stable@freebsd.org]; RCPT_COUNT_ONE(0.00)[1]; SPAMHAUS_ZRD(0.00)[2607:f8b0:4864:20::102f:from:127.0.2.255]; RCVD_COUNT_THREE(0.00)[3]; DMARC_NA(0.00)[nelnet.org]; DKIM_TRACE(0.00)[nelnet-org.20150623.gappssmtp.com:+]; RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::102f:from]; R_SPF_NA(0.00)[no SPF record]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+]; RBL_DBL_DONT_QUERY_IPS(0.00)[2607:f8b0:4864:20::102f:from]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-stable]; RECEIVED_SPAMHAUS_PBL(0.00)[184.53.16.164:received] X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 07 Nov 2020 03:44:47 -0000 Can HAST be run on partitions? The documentation assumes that the drives being used are the same size and the examples only show the whole disk device (/dev/da0, for example). In my case, the drives on each host are very different in size: 500GB and 1TB. If HAST can be run on partitions, how are drives of different sizes handled? It seems unlikely, in the real world, that drives are going to be the same size unless they are the same model from the same vendor. I'm sorry if this is the wrong list. freebsd-cluster seems to be dormant except for spam. From owner-freebsd-stable@freebsd.org Sat Nov 7 10:05:30 2020 Return-Path: Delivered-To: freebsd-stable@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 1BD132EAC98 for ; Sat, 7 Nov 2020 10:05:30 +0000 (UTC) (envelope-from clay@milos.co.za) Received: from lisa.milos.co.za (lisa.milos.co.za [109.169.49.137]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "www.milos.co.za", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4CStDR4s5Pz4cD6 for ; Sat, 7 Nov 2020 10:05:27 +0000 (UTC) (envelope-from clay@milos.co.za) Received: (Haraka outbound); Sat, 07 Nov 2020 10:05:19 +0000 Received-SPF: Fail (lisa.milos.co.za: domain of milos.co.za does not designate 62.16.254.18 as permitted sender) receiver=lisa.milos.co.za; identity=mailfrom; client-ip=62.16.254.18; helo=[192.168.1.21]; envelope-from= Received: from [192.168.1.21] (ti0108q160-3559.bb.online.no [62.16.254.18]) by lisa.milos.co.za (Haraka/2.8.16) with ESMTPSA id 969137EB-200F-49F8-8F84-32FC0B631371.1 envelope-from (authenticated bits=0) (version=TLSv1/SSLv3 cipher=ECDHE-RSA-AES128-GCM-SHA256 verify=FAIL); Sat, 07 Nov 2020 10:05:19 +0000 From: Clayton Milos Message-Id: Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.4\)) Subject: Re: HAST different disk sizes Date: Sat, 7 Nov 2020 11:05:07 +0100 In-Reply-To: Cc: freebsd-stable@freebsd.org To: Lee Nelson References: X-Mailer: Apple Mail (2.3608.120.23.2.4) X-Haraka-Karma: score: 12, good: 11, bad: 0, connections: 11, history: 11, awards: 006, 130, 133, 162, 150, 182, pass:all_good, relaying DKIM-Signature: v=1; a=rsa-sha256; bh=Cwjv8BC31DYX2PKuI83zhVN1jwivaaPRAVJbLm3+ICI=; c=relaxed/simple; d=milos.co.za; h=from:subject:date:message-id:to:cc:mime-version; s=nov2017; b=D7QveZAL2kJm+y29/dsHmvIZckmUINO/cAvnQlkW5b0UHtPhBZp3qlSomUv7kg1S2I5g6d6twcpq5dq2V/ISeSXwhmxkDTLBbUpYxi5bzX1DE+BN0zd2FPtn0uvKiIkuBY9NxqBp0LaKxY54rp4GwfiTD1qloMjQWnMMX7zIAcg6l6Y4/d/GMRSWdibfx8jNSoBlWYSDTqmRhmUNH+V0wx4cwUKnfRjiPfsufpl4v3qD+cOtLeKTB19JKt/8cLKEkeHsEB9v4+Rer+5VTh6INBt5X4fXDv9Ut9aqJskkx0Ff5sGXFd7vjSaAopKWXP5DfZcbPahJrjTmSN+Jsmsamg== X-Rspamd-Queue-Id: 4CStDR4s5Pz4cD6 X-Spamd-Bar: / Authentication-Results: mx1.freebsd.org; dkim=none (invalid DKIM record) header.d=milos.co.za header.s=nov2017 header.b=D7QveZAL; dmarc=none; spf=pass (mx1.freebsd.org: domain of clay@milos.co.za designates 109.169.49.137 as permitted sender) smtp.mailfrom=clay@milos.co.za X-Spamd-Result: default: False [-0.83 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; ARC_NA(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; FROM_HAS_DN(0.00)[]; TO_DN_SOME(0.00)[]; MV_CASE(0.50)[]; R_SPF_ALLOW(-0.20)[+a]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; DMARC_NA(0.00)[milos.co.za]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_SPAM_SHORT(0.97)[0.966]; SPAMHAUS_ZRD(0.00)[109.169.49.137:from:127.0.2.255]; TO_MATCH_ENVRCPT_SOME(0.00)[]; DKIM_TRACE(0.00)[milos.co.za:~]; RCPT_COUNT_TWO(0.00)[2]; R_DKIM_PERMFAIL(0.00)[milos.co.za:s=nov2017]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+,2:~]; RBL_DBL_DONT_QUERY_IPS(0.00)[109.169.49.137:from]; ASN(0.00)[asn:20860, ipnet:109.169.0.0/18, country:GB]; RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-stable]; RCVD_COUNT_TWO(0.00)[2] Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.34 X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 07 Nov 2020 10:05:30 -0000 It works no problem on partitions. I=E2=80=99ve been running it for some = time without any issues on partitions between 2 sites on different L3 = networks, sometimes under heavy load. root@OSL1EXPORT1:/store# uptime 10:59AM up 1298 days, 27 mins, 21 users, load averages: 0.02, 0.02, = 0.00 root@OSL1EXPORT1:/archive/unzipped # cat /etc/hast.conf resource store { on OSL1EXPORT1 { local /dev/da0p3 remote 10.x.x.85 } on OSL2EXPORT1 { local /dev/da0p3 remote 10.x.y.30 } } root@OSL1EXPORT1:/store# df -h | egrep "File|hast" Filesystem Size Used Avail Capacity Mounted on /dev/hast/store 715G 511G 204G 71% /store > On 7 Nov 2020, at 04:44, Lee Nelson wrote: >=20 >=20 > Can HAST be run on partitions? The documentation assumes that the = drives being used are the same size and the examples only show the whole = disk device (/dev/da0, for example). In my case, the drives on each = host are very different in size: 500GB and 1TB. If HAST can be run on = partitions, how are drives of different sizes handled? It seems = unlikely, in the real world, that drives are going to be the same size = unless they are the same model from the same vendor. >=20 > I'm sorry if this is the wrong list. freebsd-cluster seems to be = dormant except for spam. > _______________________________________________ > freebsd-stable@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-stable > To unsubscribe, send any mail to = "freebsd-stable-unsubscribe@freebsd.org" From owner-freebsd-stable@freebsd.org Sat Nov 7 10:06:44 2020 Return-Path: Delivered-To: freebsd-stable@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id A3D2D2EACB4 for ; Sat, 7 Nov 2020 10:06:44 +0000 (UTC) (envelope-from jmg@gold.funkthat.com) Received: from gold.funkthat.com (gate2.funkthat.com [208.87.223.18]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "gate2.funkthat.com", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4CStFv5j7nz4cY2 for ; Sat, 7 Nov 2020 10:06:43 +0000 (UTC) (envelope-from jmg@gold.funkthat.com) Received: from gold.funkthat.com (localhost [127.0.0.1]) by gold.funkthat.com (8.15.2/8.15.2) with ESMTPS id 0A7A6aFP090673 (version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Sat, 7 Nov 2020 02:06:36 -0800 (PST) (envelope-from jmg@gold.funkthat.com) Received: (from jmg@localhost) by gold.funkthat.com (8.15.2/8.15.2/Submit) id 0A7A6ZnC090672; Sat, 7 Nov 2020 02:06:35 -0800 (PST) (envelope-from jmg) Date: Sat, 7 Nov 2020 02:06:35 -0800 From: John-Mark Gurney To: Dewayne Geraghty Cc: FreeBSD Stable Mailing List Subject: Re: Has geli broken when using authentication (hmac/sha256)? Message-ID: <20201107100635.GF31099@funkthat.com> Mail-Followup-To: Dewayne Geraghty , FreeBSD Stable Mailing List References: <22acef0d-910a-2dae-53ac-7c4de5d0e4e3@heuristicsystems.com.au> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <22acef0d-910a-2dae-53ac-7c4de5d0e4e3@heuristicsystems.com.au> X-Operating-System: FreeBSD 11.3-STABLE amd64 X-PGP-Fingerprint: D87A 235F FB71 1F3F 55B7 ED9B D5FF 5A51 C0AC 3D65 X-Files: The truth is out there X-URL: https://www.funkthat.com/ X-Resume: https://www.funkthat.com/~jmg/resume.html X-TipJar: bitcoin:13Qmb6AeTgQecazTWph4XasEsP7nGRbAPE X-to-the-FBI-CIA-and-NSA: HI! HOW YA DOIN? can i haz chizburger? User-Agent: Mutt/1.6.1 (2016-04-27) X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.4.3 (gold.funkthat.com [127.0.0.1]); Sat, 07 Nov 2020 02:06:36 -0800 (PST) X-Rspamd-Queue-Id: 4CStFv5j7nz4cY2 X-Spamd-Bar: + Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=none; spf=none (mx1.freebsd.org: domain of jmg@gold.funkthat.com has no SPF policy when checking 208.87.223.18) smtp.mailfrom=jmg@gold.funkthat.com X-Spamd-Result: default: False [1.20 / 15.00]; RCVD_TLS_ALL(0.00)[]; ARC_NA(0.00)[]; RCVD_COUNT_TWO(0.00)[2]; FREEFALL_USER(0.00)[jmg]; FROM_HAS_DN(0.00)[]; RBL_DBL_DONT_QUERY_IPS(0.00)[208.87.223.18:from]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; MID_RHS_MATCH_FROM(0.00)[]; MIME_GOOD(-0.10)[text/plain]; DMARC_NA(0.00)[funkthat.com]; AUTH_NA(1.00)[]; NEURAL_SPAM_SHORT(1.00)[1.000]; SPAMHAUS_ZRD(0.00)[208.87.223.18:from:127.0.2.255]; TO_MATCH_ENVRCPT_SOME(0.00)[]; TO_DN_ALL(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; RCPT_COUNT_TWO(0.00)[2]; R_SPF_NA(0.00)[no SPF record]; FORGED_SENDER(0.30)[jmg@funkthat.com,jmg@gold.funkthat.com]; SUBJECT_ENDS_QUESTION(1.00)[]; R_DKIM_NA(0.00)[]; ASN(0.00)[asn:32354, ipnet:208.87.216.0/21, country:US]; MIME_TRACE(0.00)[0:+]; FROM_NEQ_ENVFROM(0.00)[jmg@funkthat.com,jmg@gold.funkthat.com]; MAILMAN_DEST(0.00)[freebsd-stable] X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 07 Nov 2020 10:06:44 -0000 Dewayne Geraghty wrote this message on Fri, Nov 06, 2020 at 16:46 +1100: > Using FreeBSD 12.2S r367125M, to > # geli init -a HMAC/SHA256 -e aes-cbc -l 128 -P -s 4096 -K /tmp/key ${D}s1a > fails during newfs, > # newfs -O2 -U ${D}s1a.eli > newfs: can't read old UFS1 superblock: read error from block device: > Invalid argument > > Using geli with encryption only, works as usual. But using hmac/sha256 > fails when used with "-e null" or in combination with a cipher. > > Using encryption only, everything is normal, ie newfs ok, the filesystem > mounts and is accessible. > > Could someone verify if something is broken? I've included my test case > below: What happens if you zero out the device first: dd if=/dev/zero of=${D}s1a.eli bs=1m If it's large, you likely only need to set the count to 1 or 2... newfs is likely trying to read make sure there aren't any old file systems there, but geli init doesn't write new data, so any reads will fail... Note that the geli man page says: It is recommended to write to the whole provider before first use, in order to make sure that all sectors and their corresponding checksums are properly initialized into a consistent state. One can safely ignore data authentication errors that occur immediately after the first time a provider is attached and before it is initialized in this way. Also, are you sure this worked BEFORE the changes? Because those changes shouldn't have caused this failure... > openssl rand -hex -out /tmp/key 32 > geli init -a HMAC/SHA256 -e aes-cbc -l 128 -P -s 4096 -K /tmp/key ${D}s1a > geli attach -p -k /tmp/key ${D}s1a I don't see a write here... > newfs -O2 -U ${D}s1a.eli > /dev/md0s1a.eli: 8.9MB (18200 sectors) block size 32768, fragment size 4096 > using 4 cylinder groups of 2.25MB, 72 blks, 384 inodes. > with soft updates > newfs: can't read old UFS1 superblock: read error from block device: > Invalid argument > > However using UFS1, newfs succeeds but the mount fails. > > newfs -O1 -U ${D}s1a.eli > /dev/md0s1a.eli: 8.9MB (18200 sectors) block size 32768, fragment size 4096 > using 4 cylinder groups of 2.25MB, 72 blks, 512 inodes. > with soft updates > super-block backups (for fsck_ffs -b #) at: > 64, 4672, 9280, 13888 > # mount -v /dev/md0s1a.eli /mnt/A > mount: /dev/md0s1a.eli: Invalid argument This is likely trying to read a UFS v2 super block, failing, and not trying other locations... > The only change that may be related is: > > # svnlite log -l 4 /usr/src/tests/sys/geom/class/eli > ------------------------------------------------------------------------ > r363486 | asomers | 2020-07-25 04:19:25 +1000 (Sat, 25 Jul 2020) | 13 lines > > MFC r363014: > > geli: enable direct dispatch > > geli does all of its crypto operations in a separate thread pool, so > g_eli_start, g_eli_read_done, and g_eli_write_done don't actually do very > much work. Enabling direct dispatch eliminates the g_up/g_down bottlenecks, > doubling IOPs on my system. This change does not affect the thread pool. > > Reviewed by: markj > Sponsored by: Axcient > Differential Revision: https://reviews.freebsd.org/D25587 > > Cheers, Dewayne > > -- > *** NOTICE This email and any attachments may contain legally privileged > or confidential information and may be protected by copyright. You must > not use or disclose them other than for the purposes for which they were > supplied. The privilege or confidentiality attached to this message and > attachments is not waived by reason of mistaken delivery to you. If you > are not the intended recipient, you must not use, disclose, retain, > forward or reproduce this message or any attachments. If you receive > this message in error please notify the sender by return email or > telephone and destroy and delete all copies. *** > _______________________________________________ > freebsd-stable@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-stable > To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org" -- John-Mark Gurney Voice: +1 415 225 5579 "All that I will do, has been done, All that I have, has not."