From nobody@FreeBSD.org  Thu Jan  3 07:46:13 2008
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 67C0716A417
	for <freebsd-gnats-submit@FreeBSD.org>; Thu,  3 Jan 2008 07:46:13 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (www.freebsd.org [IPv6:2001:4f8:fff6::21])
	by mx1.freebsd.org (Postfix) with ESMTP id 56C6D13C45D
	for <freebsd-gnats-submit@FreeBSD.org>; Thu,  3 Jan 2008 07:46:13 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.14.2/8.14.2) with ESMTP id m037jK6i086725
	for <freebsd-gnats-submit@FreeBSD.org>; Thu, 3 Jan 2008 07:45:20 GMT
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.14.2/8.14.1/Submit) id m037jJOY086724;
	Thu, 3 Jan 2008 07:45:19 GMT
	(envelope-from nobody)
Message-Id: <200801030745.m037jJOY086724@www.freebsd.org>
Date: Thu, 3 Jan 2008 07:45:19 GMT
From: Keve Nagy <wforms@safe-mail.net>
To: freebsd-gnats-submit@FreeBSD.org
Subject: gdbe swap encryption forces gmirror to rebuild upon each system restart
X-Send-Pr-Version: www-3.1
X-GNATS-Notify:

>Number:         119293
>Category:       kern
>Synopsis:       [gbde] gbde swap encryption forces gmirror to rebuild upon each system restart
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Thu Jan 03 07:50:01 UTC 2008
>Closed-Date:    
>Last-Modified:  Mon Jan 07 06:18:10 UTC 2008
>Originator:     Keve Nagy
>Release:        FreeBSD 6.2-STABLE
>Organization:
N/A
>Environment:
FreeBSD i386 6.2-STABLE
>Description:
I experienced an issue under FreeBSD 6.2-STABLE between GBDE and GMIRROR,
where a BDE encrypted swap causes the mirror to be rebuilt every single
time the system is rebooted. I believe the problem is hiding somewhere
around the point where gbde gets stopped/unloaded during shutdown, which
probably writes some little data back on disk AFTER gmirror stops syncing
the providers. This way, when the system is booted gmirror finds the
providers being out of sync, and it triggers itself to rebuild the
secondary provider from the primary.

This has been tested and proven on multiple systems for consistency.
A swapoff before shutdown does not eliminate the problem. I had to comment
out the swap.bde line from fstab, boot the system this way so that a bde
encrypted swap didn't get created/loaded and then the mirror stopped
rebuilding itself after reboot. Using GELI to encrypt the swap space
does not produce this problem.

Until this issue with GBDE and GMIRROR gets fixed, a note or comment
in the handbook should be placed, practically for both GBDE
"Chapter 18.17.3" and GMIRROR "Chapter 19.4 or 19.4.1", warning users
that using bde to encrypt swap inside a gmirror may produce this problem
and for the time being this can be quickly solved by using geli instead
of gbde.

>How-To-Repeat:
My systems had two physical disks of the same type. One single FreeBSD
slice spanning the entire disk, and separate partitions for /, swap,
/var, /tmp and /usr in this order. Only the swap space was encrypted.
Encryption and mirroring was set up according to the handbook and man
pages, no extra settings or options were used.
>Fix:
Until gbde gets fixed, use geli to encrypt your swap space inside a gmirror.

>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-i386->freebsd-bugs 
Responsible-Changed-By: linimon 
Responsible-Changed-When: Mon Jan 7 06:16:31 UTC 2008 
Responsible-Changed-Why:  
This does not sound i386-specific. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=119293 
>Unformatted:
