From owner-freebsd-i386@FreeBSD.ORG Thu Jan 3 07:50:01 2008 Return-Path: Delivered-To: freebsd-i386@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E1DC816A421 for ; Thu, 3 Jan 2008 07:50:01 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id C212B13C469 for ; Thu, 3 Jan 2008 07:50:01 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.14.2/8.14.2) with ESMTP id m037o1AF097311 for ; Thu, 3 Jan 2008 07:50:01 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.2/8.14.1/Submit) id m037o100097310; Thu, 3 Jan 2008 07:50:01 GMT (envelope-from gnats) Resent-Date: Thu, 3 Jan 2008 07:50:01 GMT Resent-Message-Id: <200801030750.m037o100097310@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-i386@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Keve Nagy Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 67C0716A417 for ; Thu, 3 Jan 2008 07:46:13 +0000 (UTC) (envelope-from nobody@FreeBSD.org) Received: from www.freebsd.org (www.freebsd.org [IPv6:2001:4f8:fff6::21]) by mx1.freebsd.org (Postfix) with ESMTP id 56C6D13C45D for ; Thu, 3 Jan 2008 07:46:13 +0000 (UTC) (envelope-from nobody@FreeBSD.org) Received: from www.freebsd.org (localhost [127.0.0.1]) by www.freebsd.org (8.14.2/8.14.2) with ESMTP id m037jK6i086725 for ; Thu, 3 Jan 2008 07:45:20 GMT (envelope-from nobody@www.freebsd.org) Received: (from nobody@localhost) by www.freebsd.org (8.14.2/8.14.1/Submit) id m037jJOY086724; Thu, 3 Jan 2008 07:45:19 GMT (envelope-from nobody) Message-Id: <200801030745.m037jJOY086724@www.freebsd.org> Date: Thu, 3 Jan 2008 07:45:19 GMT From: Keve Nagy To: freebsd-gnats-submit@FreeBSD.org X-Send-Pr-Version: www-3.1 Cc: Subject: i386/119293: gdbe swap encryption forces gmirror to rebuild upon each system restart X-BeenThere: freebsd-i386@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: I386-specific issues for FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Jan 2008 07:50:02 -0000 >Number: 119293 >Category: i386 >Synopsis: gdbe swap encryption forces gmirror to rebuild upon each system restart >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-i386 >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Thu Jan 03 07:50:01 UTC 2008 >Closed-Date: >Last-Modified: >Originator: Keve Nagy >Release: FreeBSD 6.2-STABLE >Organization: N/A >Environment: FreeBSD i386 6.2-STABLE >Description: I experienced an issue under FreeBSD 6.2-STABLE between GBDE and GMIRROR, where a BDE encrypted swap causes the mirror to be rebuilt every single time the system is rebooted. I believe the problem is hiding somewhere around the point where gbde gets stopped/unloaded during shutdown, which probably writes some little data back on disk AFTER gmirror stops syncing the providers. This way, when the system is booted gmirror finds the providers being out of sync, and it triggers itself to rebuild the secondary provider from the primary. This has been tested and proven on multiple systems for consistency. A swapoff before shutdown does not eliminate the problem. I had to comment out the swap.bde line from fstab, boot the system this way so that a bde encrypted swap didn't get created/loaded and then the mirror stopped rebuilding itself after reboot. Using GELI to encrypt the swap space does not produce this problem. Until this issue with GBDE and GMIRROR gets fixed, a note or comment in the handbook should be placed, practically for both GBDE "Chapter 18.17.3" and GMIRROR "Chapter 19.4 or 19.4.1", warning users that using bde to encrypt swap inside a gmirror may produce this problem and for the time being this can be quickly solved by using geli instead of gbde. >How-To-Repeat: My systems had two physical disks of the same type. One single FreeBSD slice spanning the entire disk, and separate partitions for /, swap, /var, /tmp and /usr in this order. Only the swap space was encrypted. Encryption and mirroring was set up according to the handbook and man pages, no extra settings or options were used. >Fix: Until gbde gets fixed, use geli to encrypt your swap space inside a gmirror. >Release-Note: >Audit-Trail: >Unformatted: