Author: oshogbo Date: Tue Apr 10 13:22:48 2018 New Revision: 332361 URL: https://svnweb.freebsd.org/changeset/base/332361
Log: Introduce dry run option for attaching the device. This will allow us to verify if passphrase and key is valid without decrypting whole device. Reviewed by: cem@, allanjude@ Differential Revision: https://reviews.freebsd.org/D15000 Modified: head/sbin/geom/class/eli/geli.8 head/sbin/geom/class/eli/geom_eli.c head/sys/geom/eli/g_eli_ctl.c Modified: head/sbin/geom/class/eli/geli.8 ============================================================================== --- head/sbin/geom/class/eli/geli.8 Tue Apr 10 13:16:50 2018 (r332360) +++ head/sbin/geom/class/eli/geli.8 Tue Apr 10 13:22:48 2018 (r332361) @@ -24,7 +24,7 @@ .\" .\" $FreeBSD$ .\" -.Dd September 17, 2017 +.Dd April 10, 2018 .Dt GELI 8 .Os .Sh NAME @@ -67,7 +67,7 @@ utility: .Cm init .Nm .Cm attach -.Op Fl dprv +.Op Fl dnprv .Op Fl j Ar passfile .Op Fl k Ar keyfile .Ar prov @@ -420,6 +420,9 @@ For more information see the description of the option for the .Cm init subcommand. +.It Fl n +Do a dry-run decryption. +This is useful to verify passphrase and keyfile without decrypting the device. .It Fl p Do not use a passphrase as a component of the User Key. Cannot be combined with the Modified: head/sbin/geom/class/eli/geom_eli.c ============================================================================== --- head/sbin/geom/class/eli/geom_eli.c Tue Apr 10 13:16:50 2018 (r332360) +++ head/sbin/geom/class/eli/geom_eli.c Tue Apr 10 13:22:48 2018 (r332361) @@ -148,11 +148,12 @@ struct g_command class_commands[] = { { 'd', "detach", NULL, G_TYPE_BOOL }, { 'j', "passfile", G_VAL_OPTIONAL, G_TYPE_STRING | G_TYPE_MULTI }, { 'k', "keyfile", G_VAL_OPTIONAL, G_TYPE_STRING | G_TYPE_MULTI }, + { 'n', "dryrun", NULL, G_TYPE_BOOL }, { 'p', "nopassphrase", NULL, G_TYPE_BOOL }, { 'r', "readonly", NULL, G_TYPE_BOOL }, G_OPT_SENTINEL }, - "[-dprv] [-j passfile] [-k keyfile] prov" + "[-dnprv] [-j passfile] [-k keyfile] prov" }, { "detach", 0, NULL, { Modified: head/sys/geom/eli/g_eli_ctl.c ============================================================================== --- head/sys/geom/eli/g_eli_ctl.c Tue Apr 10 13:16:50 2018 (r332360) +++ head/sys/geom/eli/g_eli_ctl.c Tue Apr 10 13:22:48 2018 (r332361) @@ -59,7 +59,7 @@ g_eli_ctl_attach(struct gctl_req *req, struct g_class struct g_provider *pp; const char *name; u_char *key, mkey[G_ELI_DATAIVKEYLEN]; - int *nargs, *detach, *readonly; + int *nargs, *detach, *readonly, *dryrun; int keysize, error; u_int nkey; @@ -87,6 +87,12 @@ g_eli_ctl_attach(struct gctl_req *req, struct g_class return; } + dryrun = gctl_get_paraml(req, "dryrun", sizeof(*dryrun)); + if (dryrun == NULL) { + gctl_error(req, "No '%s' argument.", "dryrun"); + return; + } + if (*detach && *readonly) { gctl_error(req, "Options -d and -r are mutually exclusive."); return; @@ -141,7 +147,8 @@ g_eli_ctl_attach(struct gctl_req *req, struct g_class md.md_flags |= G_ELI_FLAG_WO_DETACH; if (*readonly) md.md_flags |= G_ELI_FLAG_RO; - g_eli_create(req, mp, pp, &md, mkey, nkey); + if (!*dryrun) + g_eli_create(req, mp, pp, &md, mkey, nkey); explicit_bzero(mkey, sizeof(mkey)); explicit_bzero(&md, sizeof(md)); } _______________________________________________ svn-src-all@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
