From owner-freebsd-current@freebsd.org Wed Aug 22 07:10:30 2018 Return-Path: Delivered-To: freebsd-current@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id C8AEE108F65C; Wed, 22 Aug 2018 07:10:29 +0000 (UTC) (envelope-from mmacy@freebsd.org) Received: from smtp.freebsd.org (smtp.freebsd.org [96.47.72.83]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "smtp.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 7ABB28649B; Wed, 22 Aug 2018 07:10:29 +0000 (UTC) (envelope-from mmacy@freebsd.org) Received: from mail-it0-f44.google.com (mail-it0-f44.google.com [209.85.214.44]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G3" (verified OK)) (Authenticated sender: mmacy) by smtp.freebsd.org (Postfix) with ESMTPSA id 397E612120; Wed, 22 Aug 2018 07:10:29 +0000 (UTC) (envelope-from mmacy@freebsd.org) Received: by mail-it0-f44.google.com with SMTP id d16-v6so13095092itj.0; Wed, 22 Aug 2018 00:10:29 -0700 (PDT) X-Gm-Message-State: APzg51BNvH46zbazcb5xhnEsf+7LPRroCdIfKl6LQ2HuxOJKr+RwlZOD fT+ByiGiHHT9WGjHlSybe1xUhZfZgKGXNTN/JRM= X-Google-Smtp-Source: ANB0VdZHn6+WYWMY7qpNYAUqI43Rn/hVG2+2hyAEkKKaRrLKCzj8iFLsPNC/pJ+smqIS/9LE1SHZIv15HhW9MiqGHec= X-Received: by 2002:a24:704f:: with SMTP id f76-v6mr2161624itc.30.1534921828769; Wed, 22 Aug 2018 00:10:28 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: Matthew Macy Date: Wed, 22 Aug 2018 00:10:16 -0700 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: Native Encryption for ZFS on FreeBSD CFT To: Outback Dingo Cc: freebsd-current , freebsd-fs , Sean Fagan Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.27 X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.27 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 22 Aug 2018 07:10:30 -0000 Yes. I _just_ rebased and broke world in the process. Fix coming up momentarily. -M On Wed, Aug 22, 2018 at 12:06 AM Outback Dingo wrote: > of course interesting work, but unfortunately, and as you know me, > what would i say next > > cc -target x86_64-unknown-freebsd12.0 > --sysroot=/usr/obj/usr/src/amd64.amd64/tmp > -B/usr/obj/usr/src/amd64.amd64/tmp/usr/bin -O2 -pipe > -I/usr/src/sys/cddl/compat/opensolaris > -I/usr/src/cddl/compat/opensolaris/include > -I/usr/src/cddl/compat/opensolaris/lib/libumem > -I/usr/src/cddl/contrib/opensolaris/lib/libzpool/common > -I/usr/src/sys/cddl/contrib/opensolaris/uts/common/fs/zfs > -I/usr/src/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/lua > -I/usr/src/sys/cddl/contrib/opensolaris/common/zfs > -I/usr/src/sys/cddl/contrib/opensolaris/uts/common > -I/usr/src/cddl/contrib/opensolaris/head > -I/usr/src/cddl/contrib/opensolaris/lib/libnvpair > -I/usr/src/cddl/contrib/opensolaris/lib/libcmdutils > -DWANTS_MUTEX_OWNED -I/usr/src/lib/libpthread/thread > -I/usr/src/lib/libpthread/sys -I/usr/src/lib/libthr/arch/amd64/include > -g -DDEBUG=1 -DZFS_DEBUG=1 -DNEED_SOLARIS_BOOLEAN -g -MD > -MF.depend.freebsd_crypto.o -MTfreebsd_crypto.o -std=iso9899:1999 > -fstack-protector-strong -Wno-pointer-sign -Wno-unknown-pragmas > -Wno-empty-body -Wno-string-plus-int -Wno-unused-const-variable > -Wno-tautological-compare -Wno-unused-value -Wno-parentheses-equality > -Wno-unused-function -Wno-enum-conversion -Wno-unused-local-typedef > -Wno-address-of-packed-member -Wno-switch -Wno-switch-enum > -Wno-knr-promoted-parameter -Wno-parentheses -Qunused-arguments -c > /usr/src/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/freebsd_crypto.c > -o freebsd_crypto.o > > /usr/src/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/freebsd_crypto.c:62:19: > warning: tentative definition of variable with internal linkage has > incomplete non-array type 'struct mtx' > [-Wtentative-definition-incomplete-type] > static struct mtx freebsd_crypto_mutex; > ^ > > /usr/src/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/freebsd_crypto.c:62:15: > note: forward declaration of 'struct mtx' > static struct mtx freebsd_crypto_mutex; > ^ > > /usr/src/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/freebsd_crypto.c:63:35: > error: expected identifier > MTX_SYSINIT(freebsd_crypto_mutex, &freebsd_crypto_mutex, "FreeBSD ZFS > Crypto mutex", MTX_DEF); > ^ > > /usr/src/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/freebsd_crypto.c:63:1: > warning: type specifier missing, defaults to 'int' [-Wimplicit-int] > MTX_SYSINIT(freebsd_crypto_mutex, &freebsd_crypto_mutex, "FreeBSD ZFS > Crypto mutex", MTX_DEF); > ^ > > /usr/src/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/freebsd_crypto.c:62:19: > error: tentative definition has type 'struct mtx' that is never > completed > static struct mtx freebsd_crypto_mutex; > ^ > > /usr/src/sys/cddl/contrib/opensolaris/uts/common/fs/zfs/freebsd_crypto.c:62:15: > note: forward declaration of 'struct mtx' > static struct mtx freebsd_crypto_mutex; > ^ > 2 warnings and 2 errors generated. > *** Error code 1 > On Wed, Aug 22, 2018 at 4:28 AM Matthew Macy wrote: > > > > On Tue, Aug 21, 2018 at 6:55 PM Matthew Macy wrote: > > > > > To anyone with an interest in native encryption in ZFS please test the > > > projects/zfs-crypto-merge-0820 branch in my freebsd repo: > > > https://github.com/mattmacy/networking.git > > > > > > > > Oh and I neglected to state that this work is being supported by iX > Systems > > and the tree is all built on work done by Sean Fagan at iX Systems. > Please > > keep him in the loop on any problems encountered. > > Thanks. > > > > > > > > > ( git clone https://github.com/mattmacy/networking.git -b > > > projects/zfs-crypto-merge-0820 ) > > > > > > The UI is quite close to the Oracle Solaris ZFS crypto with minor > > > differences for specifying key location. > > > > > > Please note that once a feature is enabled on a pool it can't be > > > disabled. This means that if you enable encryption support on a pool > > > you will never be able to import it in to a ZFS without encryption > > > support. For this reason I would strongly advise against using this on > > > any pool that can't be easily replaced until this change has made its > > > way in to HEAD after the freeze has been lifted. > > > > > > > > > By way of background the original ZoL commit can be found at: > > > > > > > https://github.com/zfsonlinux/zfs/pull/5769/commits/5aef9bedc801830264428c64cd2242d1b786fd49 > > > > > > Thanks in advance. > > > -M > > > > > _______________________________________________ > > freebsd-current@freebsd.org mailing list > > https://lists.freebsd.org/mailman/listinfo/freebsd-current > > To unsubscribe, send any mail to " > freebsd-current-unsubscribe@freebsd.org" >