From owner-freebsd-arm@FreeBSD.ORG  Wed Feb 11 14:04:06 2015
Return-Path: <owner-freebsd-arm@FreeBSD.ORG>
Delivered-To: freebsd-arm@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id C6B87AB2
 for <freebsd-arm@freebsd.org>; Wed, 11 Feb 2015 14:04:06 +0000 (UTC)
Received: from mail-qa0-x231.google.com (mail-qa0-x231.google.com
 [IPv6:2607:f8b0:400d:c00::231])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 7C96B3E2
 for <freebsd-arm@freebsd.org>; Wed, 11 Feb 2015 14:04:06 +0000 (UTC)
Received: by mail-qa0-f49.google.com with SMTP id v8so2647984qal.8
 for <freebsd-arm@freebsd.org>; Wed, 11 Feb 2015 06:04:05 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=mime-version:date:message-id:subject:from:to:content-type;
 bh=JI4Eiv2BRmW6EhVtE2M9t8jTgTB/VNOav8O/ciMEqqI=;
 b=iW7113fHtUPWMHKyHCEQ2T4Gqt2Vte0nhZN/Wzi1jcHCZmRnblCRdljbOGTb+HkQWZ
 s+hFdcebFqqsGHRHXNKzAgJMAX29zo07uN7DBWXC6uRx2MulPPRqpYxloF5lUW1DnhxN
 GV53q81PUa7XLTIiaSTM/60kF2mwiFjE1VkyhJlZTtqDQgK0N8jPWxRlVW9sgNYNxlbE
 8rPLG+HSBCChbQn3UAWdeVqEHKdMuh4SDDF7N8U1hGUFnRzPb0SnsXz6FnGjgqRqakwD
 Tjj4kVFp6XDwAaEvWy0ezg2Y9NQ7dDe6AnZPoJJLypGdC4X90ow32mj9UwxmWkW5UGak
 JfwA==
MIME-Version: 1.0
X-Received: by 10.229.241.137 with SMTP id le9mr19274024qcb.20.1423663445158; 
 Wed, 11 Feb 2015 06:04:05 -0800 (PST)
Received: by 10.140.104.229 with HTTP; Wed, 11 Feb 2015 06:04:05 -0800 (PST)
Date: Wed, 11 Feb 2015 09:04:05 -0500
Message-ID: <CANUxo4omL1m0EkSnmad8qyZqRWbuZ5zJ29nzCA0+gSyCAyU9dw@mail.gmail.com>
Subject: "geli: Wrong key" unable to attach in RPi/ARM environment
From: Brenden Bartelt <brenden.bartelt@gmail.com>
To: freebsd-arm@freebsd.org
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
X-Content-Filtered-By: Mailman/MimeDel 2.1.18-1
X-BeenThere: freebsd-arm@freebsd.org
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: "Porting FreeBSD to ARM processors." <freebsd-arm.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-arm>,
 <mailto:freebsd-arm-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-arm/>
List-Post: <mailto:freebsd-arm@freebsd.org>
List-Help: <mailto:freebsd-arm-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-arm>,
 <mailto:freebsd-arm-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 11 Feb 2015 14:04:06 -0000

Hi all,

This a follow up to a previous thread in freebsd-geom where it was
determined that geli is functional in 11.0-CURRENT and it could be an ARM
problem.

I have been unable to geli attach in RPi, even with a very simple
passphrase ("test"). Has anyone had success with this? I have tried on an
external usb, da0 as well as a partition on the SD card itself, mmcsd0s3.
The geli init appears to work, and a geli dump reveals that a master key
was indeed written to the device. What is even more puzzling is that a geli
onetime will work for the device, so it would appear that geli is
functional, but something has gone wrong with the master key
generating/writing/reading operation.

Can anyone shed some light on something I am missing? Is geli not fully
supported on ARM?

Thanks,
Brenden

Log:

# uname -a
FreeBSD raspberry-pi 11.0-CURRENT FreeBSD 11.0-CURRENT #0 r278031: Mon Feb
2 02:54:08 UTC 2015
root@releng2.nyi.freebsd.org:/usr/obj/arm.armv6/usr/src/sys/RPI-B
arm

# kldstat
Id Refs Address    Size     Name
 8    1 0xc5657000 17000    geom_eli.ko
 9    1 0xc572e000 2c000    crypto.ko

# geli init mmcsd0s3
Enter new passphrase:
Reenter new passphrase:

Metadata backup can be found in /var/backups/mmcsd0s3.eli and
can be restored with the following command:

        # geli restore /var/backups/mmcsd0s3.eli mmcsd0s3

# geli attach mmcsd0s3
Enter passphrase:
geli: Wrong key for mmcsd0s3.

# geli dump mmcsd0s3
Metadata on mmcsd0s3:
     magic: GEOM::ELI
   version: 7
     flags: 0x0
     ealgo: AES-XTS
    keylen: 128
  provsize: 24796725248
sectorsize: 512
      keys: 0x01
iterations: 21660
      Salt:
d2678fa977889263b18cbbb2e5a3151ac8185d9d0bc5dafa548abc4510ca49ce134ef9410cc=
63a9b0881514d9e9fedb6a3d392ba4096775030d0646fbfb4cce5
Master Key:
4c26413b864d809b7e537e13ad442d22eada3a12ef61cd538f3a2bc9fd3a1dbbe80e19d6a00=
9c51784461380ff150602c31c4910ad63aa52d105fc93b2005f18cd0b187e0e56b44eabc978=
4a6255e696a9c398653e4ec669cae64961bd7b43d9af01fa0897f84fef1608c632bbb881d41=
8bdf81e637afff4191ceda6ec829f33c93a0cb5ead63ee63e4c4ccc3ee0b076e6f86b05d514=
c8b006bf8a11e3f78ac658e56bd824d6958747f09f3c8e80861d2f19eed3f334bbcc83aa28a=
227239c4bd9c4390a9e1acb5aefed4ef4602432359271217bfb9676eb753930f5c9c45899b0=
f44bdd230517d3238fc9ab9763b2def43658f44fc76094ccb4af54c7c492a790eca0b407adf=
66fccf2f3b049c874b66d4bbccd4e82fe8a2e79985ae5e1d64affed7ac66808a2bbd9d661b4=
60c2b9acc1bac5a537bc7d862c711c9ca4892fcf3e607b6ee255555b742352483b7ffda8054=
5bd3774f90ff0e74db58ef87c6c050501c0643c3921345df6e6d7a296c7c535ec81468a8a73=
9824673303664a8874
  MD5 hash: f97f3ca1cf95c25144c84a12b10d81ef

# geli onetime mmcsd0s3
# geli list
Geom name: mmcsd0s3.eli
State: ACTIVE
EncryptionAlgorithm: AES-XTS
KeyLength: 128
Crypto: software
Version: 7
Flags: ONETIME
KeysAllocated: 47
KeysTotal: 47
Providers:
1. Name: mmcsd0s3.eli
   Mediasize: 24796725248 (23G)
   Sectorsize: 512
   Mode: r0w0e0
Consumers:
1. Name: mmcsd0s3
   Mediasize: 24796725248 (23G)
   Sectorsize: 512
   Stripesize: 4194304
   Stripeoffset: 0
   Mode: r1w1e1