From nobody Sat May 18 17:10:32 2024 X-Original-To: freebsd-hackers@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4VhVtK5lyTz5L9VK for ; Sat, 18 May 2024 17:19:05 +0000 (UTC) (envelope-from anonloli@autistici.org) Received: from confino.investici.org (confino.investici.org [IPv6:2a11:7980:1::2:0]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4VhVtJ2RtKz4M5C for ; Sat, 18 May 2024 17:19:04 +0000 (UTC) (envelope-from anonloli@autistici.org) Authentication-Results: mx1.freebsd.org; dkim=pass header.d=autistici.org header.s=stigmate header.b=YiHqrece; dmarc=pass (policy=reject) header.from=autistici.org; spf=pass (mx1.freebsd.org: domain of anonloli@autistici.org designates 2a11:7980:1::2:0 as permitted sender) smtp.mailfrom=anonloli@autistici.org DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=autistici.org; s=stigmate; t=1716052247; bh=s/wetzcKIAUa7yY3TH1NAM9SHSqWI3hdje3bhubS/pI=; h=Date:From:To:Subject:References:In-Reply-To:From; b=YiHqreceIZ6D6UcVhgGUoXVqpLlA9YHYWH4TiLaX46+RwltokDAdUpNiCflXOls9J THeDkmsdxXYHV8BvgsvxMzmkVeEay4Uij7JrVgC2k+J8iB3ND5TKV5JdgXtHUy6HMZ 79G/8kIONcgYwFts2Nq4YIe4M4Kx2L1AbCckOiAg= Received: from mx1.investici.org (unknown [127.0.0.1]) by confino.investici.org (Postfix) with ESMTP id 4VhVhl3Bqtz11Fl for ; Sat, 18 May 2024 17:10:47 +0000 (UTC) Received: from [93.190.126.19] (mx1.investici.org [93.190.126.19]) (Authenticated sender: anonloli@autistici.org) by localhost (Postfix) with ESMTPSA id 4VhVhk5c4rz1127 for ; Sat, 18 May 2024 17:10:46 +0000 (UTC) Date: Sat, 18 May 2024 17:10:32 +0000 From: Anon Loli To: freebsd-hackers@freebsd.org Subject: [fixed] Re: GELI disk corrupted or external influence? Message-ID: References: <1716050202-69054-mlmmj-647e0ac8@FreeBSD.org> List-Id: Technical discussions relating to FreeBSD List-Archive: https://lists.freebsd.org/archives/freebsd-hackers List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-hackers@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Spamd-Bar: + X-Spamd-Result: default: False [1.30 / 15.00]; MID_END_EQ_FROM_USER_PART(4.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; NEURAL_HAM_LONG(-1.00)[-1.000]; SUBJECT_ENDS_QUESTION(1.00)[]; NEURAL_HAM_SHORT(-1.00)[-1.000]; DMARC_POLICY_ALLOW(-0.50)[autistici.org,reject]; MID_RHS_NOT_FQDN(0.50)[]; R_DKIM_ALLOW(-0.20)[autistici.org:s=stigmate]; R_SPF_ALLOW(-0.20)[+ip6:2a11:7980:1:0::2:0:c]; RCVD_IN_DNSWL_LOW(-0.20)[93.190.126.19:received,2a11:7980:1::2:0:from]; MIME_GOOD(-0.10)[text/plain]; GREYLIST(0.00)[pass,body]; DKIM_TRACE(0.00)[autistici.org:+]; RCVD_TLS_LAST(0.00)[]; ARC_NA(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; FROM_HAS_DN(0.00)[]; ASN(0.00)[asn:210861, ipnet:2a11:7980::/40, country:CH]; RCPT_COUNT_ONE(0.00)[1]; RCVD_COUNT_TWO(0.00)[2]; FROM_EQ_ENVFROM(0.00)[]; MISSING_XM_UA(0.00)[]; TO_DN_NONE(0.00)[]; MLMMJ_DEST(0.00)[freebsd-hackers@freebsd.org]; PREVIOUSLY_DELIVERED(0.00)[freebsd-hackers@freebsd.org]; RCVD_VIA_SMTP_AUTH(0.00)[]; MIME_TRACE(0.00)[0:+] X-Rspamd-Queue-Id: 4VhVtJ2RtKz4M5C Oh, I immediately tried this `geli restore /var/backups/ada0.eli ada0` and it got fixed! :) What broke this? Some BIOS setting change or the other OS deleted something? In any case I can finally move to OpenBSD lol bye (I'm still curious as to who broke it, it's an older FreeBSD install if it matters) On Sat, May 18, 2024 at 04:59:59PM +0000, Anon Loli wrote: > Hello mailing list! > I've had an event which includes modifying some BIOS settings (can't > remember which exactly), and testing some OS other than FreeBSD. > > And I think that the said OS did something malicious to the disk in > question because it has been doing it for prolonged period of time, and > mentioned disks.. > > So this was all on same machine, like dual-booting but from another > drive. > > Then when I went back into FreeBSD I noticed an error, `geli attach` > doesn't work, I used a /etc/rc.local script for the GELI disk like so: > `geli attach -p -k /etc/diskpassword.key /dev/ada0 > zpool import zmedia` > I get an error message when I try to run the geli command: > > geli: Cannot read metadata from /dev/ada0: Invalid argument. > > I have /var/backupts/ada.eli if that can help.. > There's only /dev/ada0, no ada0s1 for example or .eli or whatever.. > Also when running `gpart show`, I see 2 disks: > xxx GPT (main boot drive) > freebsd-boot > freebsd-swap > freebsd-zfs > > and > ada0 GPT (the drive in problem) > -free- (everything) > > > Does this indicate that everything has been lost, like the partitioning > table or whatever you call it, like it has been formatted? > Did the other evil OS-fucker destroy my disk without saying it would do > that? > > > If you can't tell, I'm hesitant to give more information than what's > necessary for someone to help me because almost any data can be used to > deanonymize someone, but if you do need some information, please feel > free to ask. > > > TL;DR: some OS could have wiped some part of a FreeBSD-zfs drive, can > you help me conclude wether or not we can somehow save it?