From owner-svn-src-all@freebsd.org Mon Sep 10 14:50:35 2018 Return-Path: Delivered-To: svn-src-all@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 678AE1091D67; Mon, 10 Sep 2018 14:50:35 +0000 (UTC) (envelope-from woodsb02@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "mxrelay.nyi.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 1D409846EE; Mon, 10 Sep 2018 14:50:35 +0000 (UTC) (envelope-from woodsb02@FreeBSD.org) Received: from repo.freebsd.org (repo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:0]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 184791C72; Mon, 10 Sep 2018 14:50:35 +0000 (UTC) (envelope-from woodsb02@FreeBSD.org) Received: from repo.freebsd.org ([127.0.1.37]) by repo.freebsd.org (8.15.2/8.15.2) with ESMTP id w8AEoYgD021222; Mon, 10 Sep 2018 14:50:34 GMT (envelope-from woodsb02@FreeBSD.org) Received: (from woodsb02@localhost) by repo.freebsd.org (8.15.2/8.15.2/Submit) id w8AEoYXh021221; Mon, 10 Sep 2018 14:50:34 GMT (envelope-from woodsb02@FreeBSD.org) Message-Id: <201809101450.w8AEoYXh021221@repo.freebsd.org> X-Authentication-Warning: repo.freebsd.org: woodsb02 set sender to woodsb02@FreeBSD.org using -f From: Ben Woods Date: Mon, 10 Sep 2018 14:50:34 +0000 (UTC) To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r338558 - head/lib/geom/eli X-SVN-Group: head X-SVN-Commit-Author: woodsb02 X-SVN-Commit-Paths: head/lib/geom/eli X-SVN-Commit-Revision: 338558 X-SVN-Commit-Repository: base MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 10 Sep 2018 14:50:35 -0000 Author: woodsb02 (ports committer) Date: Mon Sep 10 14:50:34 2018 New Revision: 338558 URL: https://svnweb.freebsd.org/changeset/base/338558 Log: geli init with multiple providers - fix init and fix -B "none" Apply some fixes post rS336659, which allowed multiple provders to be initialized in a single command. - Fix issue where second and subsequent providers would fail init. This was due to the metadata struct being zeroed after the first provider init was completed, despite containing common data required for subsequent providers. - Fix issue where -B "none" would still result in the metadata being backed-up if multiple providers had been specified. This was due to the backupfile of "none" being incorrectly made unique for each provider by appending "-". Approved by: asomers Approved by: re (gjb) Differential Revision: https://reviews.freebsd.org/D17096 Modified: head/lib/geom/eli/geom_eli.c Modified: head/lib/geom/eli/geom_eli.c ============================================================================== --- head/lib/geom/eli/geom_eli.c Mon Sep 10 08:19:38 2018 (r338557) +++ head/lib/geom/eli/geom_eli.c Mon Sep 10 14:50:34 2018 (r338558) @@ -888,29 +888,17 @@ eli_init(struct gctl_req *req) /* Encrypt the first and the only Master Key. */ error = g_eli_mkey_encrypt(md.md_ealgo, key, md.md_keylen, md.md_mkeys); - explicit_bzero(key, sizeof(key)); if (error != 0) { gctl_error(r, "Cannot encrypt Master Key: %s.", strerror(error)); goto out; } - /* - * Convert metadata to on-disk format and then immediately erase - * sensitive data from the metadata struct. - */ + /* Convert metadata to on-disk format. */ eli_metadata_encode(&md, sector); - explicit_bzero(&md.md_provsize, sizeof(md.md_provsize)); - explicit_bzero(&md.md_sectorsize, sizeof(md.md_sectorsize)); - explicit_bzero(&md.md_salt, sizeof(md.md_salt)); - explicit_bzero(&md.md_mkeys, sizeof(md.md_mkeys)); - /* - * Store metadata to disk and then immediately erase sensitive - * data from memory. - */ + /* Store metadata to disk. */ error = g_metadata_store(prov, sector, sizeof(sector)); - explicit_bzero(sector, sizeof(sector)); if (error != 0) { gctl_error(r, "Cannot store metadata on %s: %s.", prov, strerror(error)); @@ -937,9 +925,11 @@ eli_init(struct gctl_req *req) /* Backupfile given by the user, just copy it. */ strlcpy(backfile, str, sizeof(backfile)); - /* Make the backup filename unique if multiple providers - * initialized in one command. */ - if (nargs > 1) { + /* If multiple providers have been initialized in one + * command, and the backup filename has been specified + * as anything other than "none", make the backup + * filename unique for each provider. */ + if (nargs > 1 && strcmp(backfile, "none") != 0) { /* * Replace first occurrence of "PROV" with * provider name. @@ -999,11 +989,14 @@ out: gctl_free(r); /* - * Erase sensitive data from memory, and ensure subsequent - * providers are initialized with unique metadata. + * Erase sensitive and provider specific data from memory. */ explicit_bzero(key, sizeof(key)); - explicit_bzero(&md, sizeof(md)); + explicit_bzero(sector, sizeof(sector)); + explicit_bzero(&md.md_provsize, sizeof(md.md_provsize)); + explicit_bzero(&md.md_sectorsize, sizeof(md.md_sectorsize)); + explicit_bzero(&md.md_salt, sizeof(md.md_salt)); + explicit_bzero(&md.md_mkeys, sizeof(md.md_mkeys)); } /* Clear the cached metadata, including keys. */