From owner-svn-src-all@freebsd.org  Wed Apr 15 17:55:54 2020
Return-Path: <owner-svn-src-all@freebsd.org>
Delivered-To: svn-src-all@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 71D692BD76E;
 Wed, 15 Apr 2020 17:55:54 +0000 (UTC)
 (envelope-from kevans@freebsd.org)
Received: from smtp.freebsd.org (smtp.freebsd.org
 [IPv6:2610:1c1:1:606c::24b:4])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 server-signature RSA-PSS (4096 bits)
 client-signature RSA-PSS (4096 bits) client-digest SHA256)
 (Client CN "smtp.freebsd.org",
 Issuer "Let's Encrypt Authority X3" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 492VQL1qpjz49DP;
 Wed, 15 Apr 2020 17:55:54 +0000 (UTC)
 (envelope-from kevans@freebsd.org)
Received: from mail-qk1-f176.google.com (mail-qk1-f176.google.com
 [209.85.222.176])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK))
 (Authenticated sender: kevans)
 by smtp.freebsd.org (Postfix) with ESMTPSA id 2E3FE18853;
 Wed, 15 Apr 2020 17:55:54 +0000 (UTC)
 (envelope-from kevans@freebsd.org)
Received: by mail-qk1-f176.google.com with SMTP id s63so14118559qke.4;
 Wed, 15 Apr 2020 10:55:54 -0700 (PDT)
X-Gm-Message-State: AGi0PuZ9anzeNQXiXsOsoewpdxyHhs5fp6gk7ImlBNSoaVsZbdWNo/SQ
 zG9rEVvB7GDYQEi16dJ39MiOY6z3mJReomRHKT8=
X-Google-Smtp-Source: APiQypK5JuMHHpVpblBzqwscRefwLKUqezb7APZkI3p1dGyRbfDpQnKBKM+E9iU4dev18FjygrZn7VdT3hia7Ypjn5s=
X-Received: by 2002:a37:6287:: with SMTP id w129mr27094840qkb.34.1586973353664; 
 Wed, 15 Apr 2020 10:55:53 -0700 (PDT)
MIME-Version: 1.0
References: <202004150014.03F0EpQt039761@repo.freebsd.org>
In-Reply-To: <202004150014.03F0EpQt039761@repo.freebsd.org>
From: Kyle Evans <kevans@freebsd.org>
Date: Wed, 15 Apr 2020 12:55:40 -0500
X-Gmail-Original-Message-ID: <CACNAnaGUqAmZhF5Bpq1AV_Nt9jKW714PQkxJ2+U4DGvFvr+pWA@mail.gmail.com>
Message-ID: <CACNAnaGUqAmZhF5Bpq1AV_Nt9jKW714PQkxJ2+U4DGvFvr+pWA@mail.gmail.com>
Subject: Re: svn commit: r359945 - in head: lib/geom/eli sys/geom/eli
To: John Baldwin <jhb@freebsd.org>
Cc: src-committers <src-committers@freebsd.org>,
 svn-src-all <svn-src-all@freebsd.org>, 
 svn-src-head <svn-src-head@freebsd.org>
Content-Type: text/plain; charset="UTF-8"
X-BeenThere: svn-src-all@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "SVN commit messages for the entire src tree \(except for &quot;
 user&quot; and &quot; projects&quot; \)" <svn-src-all.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-src-all>,
 <mailto:svn-src-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-all/>
List-Post: <mailto:svn-src-all@freebsd.org>
List-Help: <mailto:svn-src-all-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-src-all>,
 <mailto:svn-src-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 15 Apr 2020 17:55:54 -0000

On Tue, Apr 14, 2020 at 7:15 PM John Baldwin <jhb@freebsd.org> wrote:
>
> Author: jhb
> Date: Wed Apr 15 00:14:50 2020
> New Revision: 359945
> URL: https://svnweb.freebsd.org/changeset/base/359945
>
> Log:
>   Remove support for geli(4) algorithms deprecated in r348206.
>
>   This removes support for reading and writing volumes using the
>   following algorithms:
>
>   - Triple DES
>   - Blowfish
>   - MD5 HMAC integrity
>
>   In addition, this commit adds an explicit whitelist of supported
>   algorithms to give a better error message when an invalid or
>   unsupported algorithm is used by an existing volume.
>
>   Reviewed by:  cem
>   Sponsored by: Chelsio Communications
>   Differential Revision:        https://reviews.freebsd.org/D24343
>
> Modified:
>   head/lib/geom/eli/geli.8
>   head/lib/geom/eli/geom_eli.c
>   head/sys/geom/eli/g_eli.c
>   head/sys/geom/eli/g_eli.h
>   head/sys/geom/eli/g_eli_crypto.c
>   head/sys/geom/eli/g_eli_ctl.c
>
> [... snip ...]
> @@ -522,6 +506,36 @@ eli_metadata_dump(const struct g_eli_metadata *md)
>         printf("  MD5 hash: %s\n", str);
>  }
>
> +#ifdef _KERNEL
> +static bool
> +eli_metadata_crypto_supported(const struct g_eli_metadata *md)
> +{
> +
> +       switch (md->md_ealgo) {
> +       case CRYPTO_NULL_CBC:
> +       case CRYPTO_AES_CBC:
> +       case CRYPTO_CAMELLIA_CBC:
> +       case CRYPTO_AES_XTS:
> +               break;
> +       default:
> +               return (false);
> +       }
> +       if (md->md_flags & G_ELI_FLAG_AUTH) {
> +               switch (md->md_aalgo) {
> +               case CRYPTO_SHA1_HMAC:
> +               case CRYPTO_RIPEMD160_HMAC:
> +               case CRYPTO_SHA2_256_HMAC:
> +               case CRYPTO_SHA2_384_HMAC:
> +               case CRYPTO_SHA2_512_HMAC:
> +                       break;
> +               default:
> +                       return (false);
> +               }
> +       }
> +       return (true);
> +}
> +#endif
> +
>  static __inline u_int
>  g_eli_keylen(u_int algo, u_int keylen)
>  {
> [... snip ...]

eli_metadata_crypto_supported is defined here, but unused in most
compilation units that include g_eli.h, resulting in some amount of
noise:

In file included from /usr/src/sys/geom/eli/g_eli_crypto.c:46:
/usr/src/sys/geom/eli/g_eli.h:511:1: warning: unused function
'eli_metadata_crypto_supported' [-Wunused-function]
eli_metadata_crypto_supported(const struct g_eli_metadata *md)

(repeat for g_eli_hmac.c, g_eli_integrity.c, g_eli_key.c,
g_eli_key_cache.c, g_eli_privacy.c, pkcs5v2.c)

Given that it's probably not in danger of silently going away and not
getting removed, any objection to marking it __unused to squelch the warnings?

Thanks,

Kyle Evans