From owner-freebsd-stable@freebsd.org  Fri Nov  6 05:55:50 2020
Return-Path: <owner-freebsd-stable@freebsd.org>
Delivered-To: freebsd-stable@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id EC30B2E0129
 for <freebsd-stable@mailman.nyi.freebsd.org>;
 Fri,  6 Nov 2020 05:55:50 +0000 (UTC)
 (envelope-from dewayne@heuristicsystems.com.au)
Received: from hermes.heuristicsystems.com.au (hermes.heuristicsystems.com.au
 [203.41.22.115])
 (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (2560 bits) client-digest SHA256)
 (Client CN "hermes.heuristicsystems.com.au",
 Issuer "Heuristic Systems Type 4 Host CA" (not verified))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4CS8kt1LcZz4dYj
 for <freebsd-stable@freebsd.org>; Fri,  6 Nov 2020 05:55:49 +0000 (UTC)
 (envelope-from dewayne@heuristicsystems.com.au)
Received: from [10.0.5.3] (noddy.hs [10.0.5.3]) (authenticated bits=0)
 by hermes.heuristicsystems.com.au (8.15.2/8.15.2) with ESMTPSA id
 0A65tBtJ003354
 (version=TLSv1.3 cipher=TLS_AES_256_GCM_SHA384 bits=256 verify=NOT)
 for <freebsd-stable@freebsd.org>; Fri, 6 Nov 2020 16:55:12 +1100 (AEDT)
 (envelope-from dewayne@heuristicsystems.com.au)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple;
 d=heuristicsystems.com.au; s=hsa; t=1604642112; x=1605246913;
 bh=X1pSYlTOuk+0gzcuR+SaafKYTyffGOxuHS9SLTWw+xI=;
 h=To:From:Subject:Message-ID:Date;
 b=NFRN/gL/qxHYoq+aBAjfRzv5yyWSciXW0sGuAWxQff6EfLdUXnWiuL1VR3NTjoW6I
 3jcVl+pqmpzI9zMtBLSvIXG84OWzN7LZlXfGkRUa05XdI+QEevxYBlaHNjrRhSeOp9
 bW1SLcBzRiVLcaGpfGMo86N2Y1WA+n8q5uo54MHdsGxcuvEW4NJhA
X-Authentication-Warning: b3.hs: Host noddy.hs [10.0.5.3] claimed to be
 [10.0.5.3]
To: FreeBSD Stable Mailing List <freebsd-stable@freebsd.org>
From: Dewayne Geraghty <dewayne@heuristicsystems.com.au>
Subject: Has geli broken when using authentication (hmac/sha256)?
Message-ID: <22acef0d-910a-2dae-53ac-7c4de5d0e4e3@heuristicsystems.com.au>
Date: Fri, 6 Nov 2020 16:46:29 +1100
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:78.0) Gecko/20100101
 Thunderbird/78.3.2
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Language: en-GB
Content-Transfer-Encoding: 7bit
X-Rspamd-Queue-Id: 4CS8kt1LcZz4dYj
X-Spamd-Bar: ----
Authentication-Results: mx1.freebsd.org;
 dkim=pass header.d=heuristicsystems.com.au header.s=hsa header.b=NFRN/gL/;
 dmarc=none;
 spf=pass (mx1.freebsd.org: domain of dewayne@heuristicsystems.com.au
 designates 203.41.22.115 as permitted sender)
 smtp.mailfrom=dewayne@heuristicsystems.com.au
X-Spamd-Result: default: False [-4.20 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[];
 R_SPF_ALLOW(-0.20)[+mx:c]; HAS_XAW(0.00)[];
 RCVD_DKIM_ARC_DNSWL_MED(-0.50)[]; TO_DN_ALL(0.00)[];
 DKIM_TRACE(0.00)[heuristicsystems.com.au:+];
 RCVD_IN_DNSWL_MED(-0.20)[203.41.22.115:from];
 NEURAL_HAM_SHORT(-1.00)[-1.000]; FROM_EQ_ENVFROM(0.00)[];
 MIME_TRACE(0.00)[0:+]; SUBJECT_ENDS_QUESTION(1.00)[];
 ASN(0.00)[asn:1221, ipnet:203.40.0.0/13, country:AU];
 MID_RHS_MATCH_FROM(0.00)[]; ARC_NA(0.00)[];
 NEURAL_HAM_MEDIUM(-1.00)[-1.000];
 R_DKIM_ALLOW(-0.20)[heuristicsystems.com.au:s=hsa];
 FROM_HAS_DN(0.00)[];
 DWL_DNSWL_MED(-2.00)[heuristicsystems.com.au:dkim];
 TO_MATCH_ENVRCPT_ALL(0.00)[]; MIME_GOOD(-0.10)[text/plain];
 PREVIOUSLY_DELIVERED(0.00)[freebsd-stable@freebsd.org];
 DMARC_NA(0.00)[heuristicsystems.com.au];
 RCPT_COUNT_ONE(0.00)[1]; RCVD_COUNT_TWO(0.00)[2];
 RCVD_TLS_ALL(0.00)[]; MAILMAN_DEST(0.00)[freebsd-stable]
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-stable>, 
 <mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable/>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
 <mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Nov 2020 05:55:51 -0000

Using FreeBSD 12.2S r367125M, to
# geli init -a HMAC/SHA256 -e aes-cbc -l 128 -P -s 4096 -K /tmp/key ${D}s1a
fails during newfs,
# newfs -O2 -U ${D}s1a.eli
newfs: can't read old UFS1 superblock: read error from block device:
Invalid argument

Using geli with encryption only, works as usual. But using hmac/sha256
fails when used with "-e null" or in combination with a cipher.

Using encryption only, everything is normal, ie newfs ok, the filesystem
mounts and is accessible.

Could someone verify if something is broken?  I've included my test case
below:

-- 
Reproducible with:

D=/dev/md0
# Cleanup previous runs
umount /mnt/A
geli detach ${D}s1a || true
mdconfig -du 0 || TRUE
rm /tmp/test || true

truncate -s 64m /tmp/test
mdconfig -t vnode -f /tmp/test

gpart create -s MBR ${D}
gpart add -a 4k -s 14m -t freebsd $D
gpart add -a 4k -s 10m -t freebsd $D
gpart add -a 4k -s 10m -t freebsd $D
gpart create -s bsd ${D}s1
gpart create -s bsd ${D}s2

gpart add -a 4k   -s 10m -t freebsd-ufs ${D}s1

openssl rand -hex -out /tmp/key 32
geli init -a HMAC/SHA256 -e aes-cbc -l 128 -P -s 4096 -K /tmp/key ${D}s1a
geli attach -p -k /tmp/key ${D}s1a

newfs -O2 -U ${D}s1a.eli
/dev/md0s1a.eli: 8.9MB (18200 sectors) block size 32768, fragment size 4096
        using 4 cylinder groups of 2.25MB, 72 blks, 384 inodes.
        with soft updates
newfs: can't read old UFS1 superblock: read error from block device:
Invalid argument

However using UFS1, newfs succeeds but the mount fails.

newfs -O1 -U ${D}s1a.eli
/dev/md0s1a.eli: 8.9MB (18200 sectors) block size 32768, fragment size 4096
        using 4 cylinder groups of 2.25MB, 72 blks, 512 inodes.
        with soft updates
super-block backups (for fsck_ffs -b #) at:
 64, 4672, 9280, 13888
# mount -v /dev/md0s1a.eli /mnt/A
mount: /dev/md0s1a.eli: Invalid argument


The only change that may be related is:

# svnlite log -l 4  /usr/src/tests/sys/geom/class/eli
------------------------------------------------------------------------
r363486 | asomers | 2020-07-25 04:19:25 +1000 (Sat, 25 Jul 2020) | 13 lines

MFC r363014:

geli: enable direct dispatch

geli does all of its crypto operations in a separate thread pool, so
g_eli_start, g_eli_read_done, and g_eli_write_done don't actually do very
much work. Enabling direct dispatch eliminates the g_up/g_down bottlenecks,
doubling IOPs on my system. This change does not affect the thread pool.

Reviewed by:    markj
Sponsored by:   Axcient
Differential Revision:  https://reviews.freebsd.org/D25587

Cheers, Dewayne

-- 
*** NOTICE This email and any attachments may contain legally privileged
or confidential information and may be protected by copyright. You must
not use or disclose them other than for the purposes for which they were
supplied. The privilege or confidentiality attached to this message and
attachments is not waived by reason of mistaken delivery to you. If you
are not the intended recipient, you must not use, disclose, retain,
forward or reproduce this message or any attachments. If you receive
this message in error please notify the sender by return email or
telephone and destroy and delete all copies. ***