From owner-freebsd-hackers@freebsd.org  Thu Oct 12 15:18:26 2017
Return-Path: <owner-freebsd-hackers@freebsd.org>
Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 8707CE2C832;
 Thu, 12 Oct 2017 15:18:26 +0000 (UTC)
 (envelope-from woodsb02@gmail.com)
Received: from mail-ua0-x236.google.com (mail-ua0-x236.google.com
 [IPv6:2607:f8b0:400c:c08::236])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 3E169803FD;
 Thu, 12 Oct 2017 15:18:26 +0000 (UTC)
 (envelope-from woodsb02@gmail.com)
Received: by mail-ua0-x236.google.com with SMTP id w45so3276194uac.3;
 Thu, 12 Oct 2017 08:18:26 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
 h=mime-version:in-reply-to:references:from:date:message-id:subject:to;
 bh=f9wy+PoAqlzCnyuBy3Q43zrR2/G2YUWZQ2E36/PPhcA=;
 b=HmjTTJx0ddOIINww8apm5xZLMiwsQ5WOJLRATfeWPjCnZpq28EOa+9G1s5gQD6jKxs
 tiApA4d6MsggFKmTVXkcDoEE0ELeMps5l4zaBpDo5+ibRtVfW0d7ZxceKYY45PS0fTo8
 VwDav+nmvk6dyxYdY1dYcQG4R5OOsJE6w+oxlNHPoE+qSx2LXewuJ10nuWHGm16pU+pO
 e9TY8pcKdr4AmA+NHUimxPnFFL/3tNIl1IFKWJkmF7zmjdZgkUZBiM2W9Cv9U/gy7AOo
 xz4jzTqOB19j64NBICQqXxs0oLzqkTeE5UsZu451vRGPZDlaUMtNDoERBbjzeEoDhxfO
 KUHQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:mime-version:in-reply-to:references:from:date
 :message-id:subject:to;
 bh=f9wy+PoAqlzCnyuBy3Q43zrR2/G2YUWZQ2E36/PPhcA=;
 b=Zhin1Cpdty4KbtfhNZ/F7vrKIn/t3blE9NSQCyfnWSHYNOAgHBuOEv9W+ml2oe646Q
 r39Drv5HBkcvRT53kqU3EyrqJ1gsnssJu/8ttVuKqYZnigV5/FuYTtHGk/7yTpfgcQe3
 MGi/8tTC6cdBIQvVMjSzY4/kTkVfoW5IU5oCRVxTRReowwbaZf/FYbKcr3ZfR0R0uEPF
 qkMg0mJeu6MOXYBjj4Ac+w377wc5P7BFrfslWWAmTJCIpBvlOd0dUFk4EMGKanvuQW3l
 pKT6Dqo4IL7w5wfSJJflnOJLaG/M4A2YPaWLWQR6WgdVpXeyoJ8MTM5ddUHHmCEtc6bq
 LZRw==
X-Gm-Message-State: AMCzsaXViJ9q88FoEpgEn044c4J99XuXhfo6gdAXVr+VoJAGggzl1Prh
 DeJeOdqfzx58YAuaxOiasjpOCTBZWYzS/qJExF3jXGYW
X-Google-Smtp-Source: AOwi7QBSS5/EvTuYblsjDig41ga4uSBe2leeTgkELYmu32Frp1L1pXn2Fnd5ZHPp79lZA3fcQIeuepQMqM8deuoOl8A=
X-Received: by 10.176.16.18 with SMTP id f18mr567208uab.108.1507821501773;
 Thu, 12 Oct 2017 08:18:21 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.31.131.80 with HTTP; Thu, 12 Oct 2017 08:18:21 -0700 (PDT)
In-Reply-To: <CAOc73CDE5wjP0N=WXPK_d+kr0uyXOTbKuas4Nw2myi_4YPxy6A@mail.gmail.com>
References: <CAOc73CDE5wjP0N=WXPK_d+kr0uyXOTbKuas4Nw2myi_4YPxy6A@mail.gmail.com>
From: Ben Woods <woodsb02@gmail.com>
Date: Thu, 12 Oct 2017 23:18:21 +0800
Message-ID: <CAOc73CCYRg=Wr3eX9rhJ3Z5YtwzGuTT2RXGxai-jk77NDNbA-g@mail.gmail.com>
Subject: Re: [RFC] geli - Allow attaching multiple providers
To: freebsd-geom@freebsd.org, freebsd-hackers@freebsd.org
X-Mailman-Approved-At: Thu, 12 Oct 2017 16:19:18 +0000
Content-Type: text/plain; charset="UTF-8"
X-Content-Filtered-By: Mailman/MimeDel 2.1.23
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
 <freebsd-hackers.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-hackers>, 
 <mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers/>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-hackers>, 
 <mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 12 Oct 2017 15:18:26 -0000

On 28 May 2017 at 13:38, Ben Woods <woodsb02@gmail.com> wrote:

> Hi everyone,
>
> I would like to propose a patch to geli to allow multiple providers to be
> attached in a single command if they use the same passphrase/keyfiles.
>
> This is helpful when the providers being attached are not used for boot,
> and therefore the existing code to first try the cached password when
> tasting the providers during boot does not apply.
>
> Multiple providers with the same passphrase and keyfiles can be attached
> at the same time during system start-up by adding the following to
> /etc/rc.conf:
>
> geli_groups="storage backup"
> geli_storage_flags="-k /etc/geli/storage.keys"
> geli_storage_devices="ada0 ada1"
> geli_backup_flags="-j /etc/geli/backup.passfile -k /etc/geli/backup.keys"
> geli_backup_devices="ada2 ada3"
>
> The patch is up for review on phabricator here:
> https://reviews.freebsd.org/D9396
>
> Regards,
> Ben
>
> --
> From: Benjamin Woods
> woodsb02@gmail.com
>

Hi everyone,

I have created a new phabricator review for this work to allow multiple
providers to be attached in a single geli command if they use the same
passphrase/keyfiles.

Unlike D9396, this implementation does not modify the kernel. This is
achieved by creating a new child geom request for each provider being
attached, and passing each request to the kernel one by one.

The new patch can be found here:
https://reviews.freebsd.org/D12644

I am hoping people can review and comment on this patch, and that I can get
assistance committing this once it is approved (as I am only a ports
committer).

Regards,
Ben

--
From: Benjamin Woods
woodsb02@gmail.com