From nobody@FreeBSD.org  Mon Jan 28 18:14:42 2008
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id D005416A417
	for <freebsd-gnats-submit@FreeBSD.org>; Mon, 28 Jan 2008 18:14:42 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (www.freebsd.org [IPv6:2001:4f8:fff6::21])
	by mx1.freebsd.org (Postfix) with ESMTP id BF6AB13C4CE
	for <freebsd-gnats-submit@FreeBSD.org>; Mon, 28 Jan 2008 18:14:42 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.14.2/8.14.2) with ESMTP id m0SICw1e096547
	for <freebsd-gnats-submit@FreeBSD.org>; Mon, 28 Jan 2008 18:12:58 GMT
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.14.2/8.14.1/Submit) id m0SICwPH096546;
	Mon, 28 Jan 2008 18:12:58 GMT
	(envelope-from nobody)
Message-Id: <200801281812.m0SICwPH096546@www.freebsd.org>
Date: Mon, 28 Jan 2008 18:12:58 GMT
From: Yoshihiro Ota <ota@j.email.ne.jp>
To: freebsd-gnats-submit@FreeBSD.org
Subject: [GEOM][geli][gjournal] geli does not prompt for password on /dev/concat/XXX.eli.journal
X-Send-Pr-Version: www-3.1
X-GNATS-Notify:

>Number:         120091
>Category:       kern
>Synopsis:       [geom] [geli] [gjournal] geli does not prompt for password on /dev/concat/XXX.eli.journal
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-geom
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Mon Jan 28 18:20:01 UTC 2008
>Closed-Date:    
>Last-Modified:  Thu May 28 22:16:40 UTC 2009
>Originator:     Yoshihiro Ota
>Release:        FreeBSD 7.0-RC1 as of 01/25/08
>Organization:
>Environment:
FreeBSD XXX 7.0-RC1 #400 Fri Jan 25 00:0:28 EST 2008 root@XXX:/usr/obj/usr/src/sys/GENERIC i386
>Description:
I created gjournal on geli on gconcat.

# grep export /etc/fstab
/dev/concat/export.eli.journal /export ufs rw.noatime,async 2 2

The geli is password base, but it doesn't prompt at boot time so that it brings down to single user mode.

Before I added gjournal, i.e., geli on gconcat or, for example, fstab of that time below, geli prompted password.
/dev/concat/export.eli /export usr rw,noatime 2 2
>How-To-Repeat:
# gconcat label export /dev/ad0s1f /dev/ad0s2f
# geli init /dev/concat/export
Password:
..
# geli attach /dev/concat/export
Password:
# gjournal /dev/concat/export.eli
# newfs -J /dev/concat/export.eli.journal

Update fstab.

# reboot
>Fix:


>Release-Note:
>Audit-Trail:

From: Volker <volker@vwsoft.com>
To: bug-followup@FreeBSD.org, ota@j.email.ne.jp
Cc:  
Subject: Re: kern/120091: [GEOM][geli][gjournal] geli does not prompt for
 password on /dev/concat/XXX.eli.journal
Date: Wed, 30 Jan 2008 00:16:58 +0100

 Hi Ota,
 
 Please provide output of:
 
 geli status
 gconcat status
 dmesg
 
 Volker
 
State-Changed-From-To: open->feedback 
State-Changed-By: linimon 
State-Changed-When: Wed Jan 30 01:14:02 UTC 2008 
State-Changed-Why:  
Note that feedback has been requested. 


Responsible-Changed-From-To: freebsd-bugs->freebsd-geom 
Responsible-Changed-By: linimon 
Responsible-Changed-When: Wed Jan 30 01:14:02 UTC 2008 
Responsible-Changed-Why:  
Over to maintainer(s). 

http://www.freebsd.org/cgi/query-pr.cgi?pr=120091 

From: Yoshihiro Ota <ota@j.email.ne.jp>
To: Volker <volker@vwsoft.com>
Cc: bug-followup@FreeBSD.org
Subject: Re: kern/120091: [GEOM][geli][gjournal] geli does not prompt for
 password on /dev/concat/XXX.eli.journal
Date: Wed, 30 Jan 2008 05:04:35 -0500

 On Wed, 30 Jan 2008 00:16:58 +0100
 Volker <volker@vwsoft.com> wrote:
 
 > Hi Ota,
 > 
 > Please provide output of:
 > 
 > geli status
 > gconcat status
 > dmesg
 > 
 > Volker
 > 
 
 Please note that the system fails to mount /dev/concat/export.eli.gjournal
 and falls back to the single user mode.  Then, I type "geli attach /dev/concat/export"
 and "GEOM_ELI: Device concat/export.eli created." appears.
 
 
 # geli status
              Name  Status  Components
 concat/export.eli     N/A  concat/export
 # gconcat status
          Name  Status  Components
 concat/export      UP  ad4s3f
                        ad4s4f
 # dmesg
 Copyright (c) 1992-2008 The FreeBSD Project.
 Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
 	The Regents of the University of California. All rights reserved.
 FreeBSD is a registered trademark of The FreeBSD Foundation.
 FreeBSD 7.0-RC1 #400: Fri Jan 25 00:00:28 EST 2008
     root@xxx:/usr/obj/usr/src/sys/GENERIC
 Timecounter "i8254" frequency 1193182 Hz quality 0
 CPU: AMD Turion(tm) 64 X2 Mobile Technology TL-58 (1908.70-MHz 686-class CPU)
   Origin = "AuthenticAMD"  Id = 0x60f81  Stepping = 1
   Features=0x178bfbff<FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CLFLUSH,MMX,FXSR,SSE,SSE2,HTT>
   Features2=0x2001<SSE3,CX16>
   AMD Features=0xea500800<SYSCALL,NX,MMX+,FFXSR,RDTSCP,LM,3DNow!+,3DNow!>
   AMD Features2=0x11f<LAHF,CMP,SVM,ExtAPIC,CR8,Prefetch>
   Cores per package: 2
 real memory  = 1005584384 (959 MB)
 avail memory = 970309632 (925 MB)
 ACPI APIC Table: <HP     	 APIC  >
 FreeBSD/SMP: Multiprocessor System Detected: 2 CPUs
  cpu0 (BSP): APIC ID:  0
  cpu1 (AP): APIC ID:  1
 MADT: Forcing active-low polarity and level trigger for SCI
 ioapic0 <Version 1.1> irqs 0-23 on motherboard
 wlan: mac acl policy registered
 kbd1 at kbdmux0
 ath_hal: 0.9.20.3 (AR5210, AR5211, AR5212, RF5111, RF5112, RF2413, RF5413)
 hptrr: HPT RocketRAID controller driver v1.1 (Jan 20 2008 00:19:12)
 acpi0: <HPQOEM SLIC-MPC> on motherboard
 acpi0: [ITHREAD]
 acpi0: Power Button (fixed)
 Timecounter "ACPI-safe" frequency 3579545 Hz quality 850
 acpi_timer0: <24-bit timer at 3.579545MHz> port 0x1008-0x100b on acpi0
 acpi_ec0: <Embedded Controller: GPE 0x10> port 0x62,0x66 on acpi0
 acpi_hpet0: <High Precision Event Timer> iomem 0xfed00000-0xfed003ff on acpi0
 Timecounter "HPET" frequency 25000000 Hz quality 900
 cpu0: <ACPI CPU> on acpi0
 powernow0: <PowerNow! K8> on cpu0
 cpu1: <ACPI CPU> on acpi0
 powernow1: <PowerNow! K8> on cpu1
 acpi_button0: <Power Button> on acpi0
 acpi_button1: <Sleep Button> on acpi0
 acpi_acad0: <AC Adapter> on acpi0
 battery0: <ACPI Control Method Battery> on acpi0
 acpi_lid0: <Control Method Lid Switch> on acpi0
 pcib0: <ACPI Host-PCI bridge> port 0xcf8-0xcff on acpi0
 pci_link9: BIOS IRQ 10 for 0.10.INTB is invalid
 pci0: <ACPI PCI bus> on pcib0
 pci0: <memory, RAM> at device 0.0 (no driver attached)
 pci0: <memory, RAM> at device 0.1 (no driver attached)
 pci0: <memory, RAM> at device 0.2 (no driver attached)
 pci0: <memory, RAM> at device 0.3 (no driver attached)
 pci0: <memory, RAM> at device 0.4 (no driver attached)
 pci0: <memory, RAM> at device 0.5 (no driver attached)
 pci0: <memory, RAM> at device 0.6 (no driver attached)
 pci0: <memory, RAM> at device 0.7 (no driver attached)
 pcib1: <ACPI PCI-PCI bridge> at device 2.0 on pci0
 pci1: <ACPI PCI bus> on pcib1
 pcib2: <ACPI PCI-PCI bridge> at device 3.0 on pci0
 pci3: <ACPI PCI bus> on pcib2
 pci3: <network> at device 0.0 (no driver attached)
 vgapci0: <VGA-compatible display> mem 0xb2000000-0xb2ffffff,0xc0000000-0xcfffffff,0xb1000000-0xb1ffffff irq 18 at device 5.0 on pci0
 pci0: <memory, RAM> at device 9.0 (no driver attached)
 isab0: <PCI-ISA bridge> port 0x1d00-0x1d7f at device 10.0 on pci0
 isa0: <ISA bus> on isab0
 pci0: <serial bus, SMBus> at device 10.1 (no driver attached)
 pci0: <processor> at device 10.3 (no driver attached)
 ohci0: <OHCI (generic) USB controller> mem 0xb0004000-0xb0004fff irq 22 at device 11.0 on pci0
 ohci0: [GIANT-LOCKED]
 ohci0: [ITHREAD]
 usb0: OHCI version 1.0, legacy support
 usb0: SMM does not respond, resetting
 usb0: <OHCI (generic) USB controller> on ohci0
 usb0: USB revision 1.0
 uhub0: <nVidia OHCI root hub, class 9/0, rev 1.00/1.00, addr 1> on usb0
 uhub0: 8 ports with 8 removable, self powered
 ehci0: <EHCI (generic) USB 2.0 controller> mem 0xb0005000-0xb00050ff irq 22 at device 11.1 on pci0
 ehci0: [GIANT-LOCKED]
 ehci0: [ITHREAD]
 usb1: EHCI version 1.0
 usb1: companion controller, 8 ports each: usb0
 usb1: <EHCI (generic) USB 2.0 controller> on ehci0
 usb1: USB revision 2.0
 uhub1: <nVidia EHCI root hub, class 9/0, rev 2.00/1.00, addr 1> on usb1
 uhub1: 8 ports with 8 removable, self powered
 umass0: <vendor 0x04b4 Cypress AT2LP, class 0/0, rev 2.00/2.40, addr 2> on uhub1
 ugen0: <Sonix Technology Co., Ltd. USB 2.0 Camera, class 239/2, rev 2.00/2.10, addr 3> on uhub1
 atapci0: <nVidia nForce MCP51 UDMA133 controller> port 0x1f0-0x1f7,0x3f6,0x170-0x177,0x376,0x3080-0x308f at device 13.0 on pci0
 ata0: <ATA channel 0> on atapci0
 ata0: [ITHREAD]
 ata1: <ATA channel 1> on atapci0
 ata1: [ITHREAD]
 atapci1: <nVidia nForce MCP51 SATA300 controller> port 0x30c0-0x30c7,0x30b4-0x30b7,0x30b8-0x30bf,0x30b0-0x30b3,0x3090-0x309f irq 23 at device 14.0 on pci0
 atapci1: [ITHREAD]
 ata2: <ATA channel 0> on atapci1
 ata2: [ITHREAD]
 ata3: <ATA channel 1> on atapci1
 ata3: [ITHREAD]
 pcib3: <ACPI PCI-PCI bridge> at device 16.0 on pci0
 pci_link0: BIOS IRQ 11 for 7.5.INTA is invalid
 pci_link1: BIOS IRQ 11 for 7.5.INTB is invalid
 pci7: <ACPI PCI bus> on pcib3
 fwohci0: <1394 Open Host Controller Interface> mem 0xb8000000-0xb80007ff irq 9 at device 5.0 on pci7
 fwohci0: [FILTER]
 fwohci0: OHCI version 1.10 (ROM=0)
 fwohci0: No. of Isochronous channels is 4.
 fwohci0: EUI64 00:24:1b:00:f7:2b:34:00
 fwohci0: Phy 1394a available S400, 1 ports.
 fwohci0: Link S400, max_rec 2048 bytes.
 firewire0: <IEEE1394(FireWire) bus> on fwohci0
 fwe0: <Ethernet over FireWire> on firewire0
 if_fwe0: Fake Ethernet address: 02:24:1b:2b:34:00
 fwe0: Ethernet address: 02:24:1b:2b:34:00
 fwip0: <IP over FireWire> on firewire0
 fwip0: Firewire address: 00:24:1b:00:f7:2b:34:00 @ 0xfffe00000000, S400, maxrec 2048
 sbp0: <SBP-2/SCSI over FireWire> on firewire0
 dcons_crom0: <dcons configuration ROM> on firewire0
 dcons_crom0: bus_addr 0x12c4000
 fwohci0: Initiate bus reset
 fwohci0: BUS reset
 fwohci0: node_id=0xc800ffc0, gen=1, CYCLEMASTER mode
 pci7: <base peripheral> at device 5.1 (no driver attached)
 pci7: <base peripheral> at device 5.2 (no driver attached)
 pci7: <base peripheral> at device 5.3 (no driver attached)
 pci7: <base peripheral> at device 5.4 (no driver attached)
 pci0: <multimedia> at device 16.1 (no driver attached)
 nfe0: <NVIDIA nForce 430 MCP13 Networking Adapter> port 0x30e0-0x30e7 mem 0xb0008000-0xb0008fff irq 20 at device 20.0 on pci0
 miibus0: <MII bus> on nfe0
 rlphy0: <RTL8201L 10/100 media interface> PHY 1 on miibus0
 rlphy0:  10baseT, 10baseT-FDX, 100baseTX, 100baseTX-FDX, auto
 nfe0: Ethernet address: 00:1b:24:68:7c:d7
 nfe0: [FILTER]
 acpi_tz0: <Thermal Zone> on acpi0
 atkbdc0: <Keyboard controller (i8042)> port 0x60,0x64 irq 1 on acpi0
 atkbd0: <AT Keyboard> irq 1 on atkbdc0
 kbd0 at atkbd0
 atkbd0: [GIANT-LOCKED]
 atkbd0: [ITHREAD]
 psm0: <PS/2 Mouse> irq 12 on atkbdc0
 psm0: [GIANT-LOCKED]
 psm0: [ITHREAD]
 psm0: model IntelliMouse, device ID 3
 pmtimer0 on isa0
 orm0: <ISA Option ROM> at iomem 0xcf800-0xd0fff pnpid ORM0000 on isa0
 ppc0: parallel port not found.
 sc0: <System console> at flags 0x100 on isa0
 sc0: VGA <16 virtual consoles, flags=0x300>
 sio0: configured irq 4 not in bitmap of probed irqs 0
 sio0: port may not be enabled
 sio0: configured irq 4 not in bitmap of probed irqs 0
 sio0: port may not be enabled
 sio0 at port 0x3f8-0x3ff irq 4 flags 0x10 on isa0
 sio0: type 8250 or not responding
 sio0: [FILTER]
 sio1: configured irq 3 not in bitmap of probed irqs 0
 sio1: port may not be enabled
 vga0: <Generic ISA VGA> at port 0x3c0-0x3df iomem 0xa0000-0xbffff on isa0
 ums0: <MosArt Optical Mouse, class 0/0, rev 1.10/0.00, addr 2> on uhub0
 ums0: 3 buttons and Z dir.
 Timecounters tick every 1.000 msec
 hptrr: no controller detected.firewire0: 1 nodes, maxhop <= 0, cable IRM = 0 (me)
 firewire0: bus manager 0 (me)
 
 acd0: DVDR <TSSTcorpCD/DVDW TS-L632M/0917> at ata0-master PIO4
 ad4: 152627MB <WDC WD1600BEVS-60RST0 04.01G04> at ata2-master SATA150
 GEOM_LABEL: Label for provider ad4s2 is ntfs/HP_RECOVERY.
 GEOM_CONCAT: Device export created (id=3382027346).
 GEOM_CONCAT: Disk ad4s3f attached to export.
 GEOM_JOURNAL: Journal 4240811370: ad4s4e contains data.
 GEOM_CONCAT: Disk ad4s4f attached to export.
 GEOM_CONCAT: Device export activated.
 GEOM_JOURNAL: Journal 4240811370: ad4s4g contains journal.
 GEOM_JOURNAL: Journal ad4s4e clean.
 SMP: AP CPU #1 Launched!
 da0 at umass-sim0 bus 0 target 0 lun 0
 da0: <SAMSUNG SP2514N 0000> Fixed Direct Access SCSI-0 device 
 da0: 40.000MB/s transfers
 da0: 238475MB (488397168 512 byte sectors: 255H 63S/T 30401C)
 Trying to mount root from ufs:/dev/ad4s4a
 cryptosoft0: <software crypto> on motherboard
 GEOM_ELI: Device concat/export.eli created.
 GEOM_ELI: Encryption: AES-CBC 128
 GEOM_ELI:     Crypto: software
 GEOM_JOURNAL: Journal 2182369297: concat/export.eli contains data.
 GEOM_JOURNAL: Journal 2182369297: concat/export.eli contains journal.
 GEOM_JOURNAL: Journal concat/export.eli clean.
 WARNING: TMPFS is considered to be a highly experimental feature in FreeBSD.
 WARNING: TMPFS is considered to be a highly experimental feature in FreeBSD.
 umass0: at uhub1 port 2 (addr 2) disconnected
 (da0:umass-sim0:0:0:0): lost device
 (da0:umass-sim0:0:0:0): removing device entry
 umass0: detached

From: Yoshihiro Ota <ota@j.email.ne.jp>
To: bug-followup@FreeBSD.org
Cc: Volker <volker@vwsoft.com>
Subject: Re: kern/120091: [GEOM][geli][gjournal] geli does not prompt for
 password on /dev/concat/XXX.eli.journal
Date: Sat, 2 Feb 2008 23:02:56 -0500

 This is a multi-part message in MIME format.
 
 --Multipart=_Sat__2_Feb_2008_23_02_56_-0500_G6gJHWk1j3WlCJHe
 Content-Type: text/plain; charset=US-ASCII
 Content-Transfer-Encoding: 7bit
 
 As Volker and I investigated, we found the followings.
 
 1. Use "geli configure -b" option with geom_eli_load="YES" in loader.conf
 attaches /dev/concat/export.eli correctly at boot time.  However, key strokes
 are lost and password verification fails.  There are some other PRs filed already
 on this case.
 
 2. Use "geli_devices" in rc.conf.  Even if this is not a preferred way, this works.
 
 3. Use the patch.  The rc facility tries to parse /etc/fstab to find GELI providers.
 However, it assumes that all provider ends with .eli.  It is not the case here and fails.
 The patch is to detect all eli providers in a given path, i.e. /dev/concat/export.eli
 in my cause.
 
 
 The #3 is the most preferred way for this problem as the path indicates use of GEOM eli.
 
 Thanks,
 Hiro
 
 --Multipart=_Sat__2_Feb_2008_23_02_56_-0500_G6gJHWk1j3WlCJHe
 Content-Type: text/x-diff;
  name="rc.subr-geli.diff"
 Content-Disposition: attachment;
  filename="rc.subr-geli.diff"
 Content-Transfer-Encoding: 7bit
 
 Index: etc/rc.subr
 ===================================================================
 RCS file: /home/ncvs/src/etc/rc.subr,v
 retrieving revision 1.77
 diff -u -r1.77 rc.subr
 --- etc/rc.subr	9 Oct 2007 07:20:44 -0000	1.77
 +++ etc/rc.subr	1 Feb 2008 10:37:45 -0000
 @@ -1415,6 +1415,29 @@
  }
  
  # Creates a list of providers for GELI encryption.
 +geli_expand_entry()
 +{
 +	local devices3
 +	local entry dev tail
 +	for entry in $@; do
 +		tail="${entry}"
 +		while true; do
 +			dev="${dev}${tail%%.eli*}.eli"
 +			devices3="${devices3} ${dev}"
 +			tail="${entry##${dev}}"
 +			case "${tail}" in
 +			*.eli*)
 +				continue
 +				;;
 +			*)
 +				break
 +				;;
 +			esac
 +		done
 +		dev=""
 +	done
 +	echo ${devices3}
 +}
  geli_make_list()
  {
  	local devices devices2
 @@ -1435,7 +1458,7 @@
  		:#*)
  			continue
  			;;
 -		*.eli)
 +		*.eli*)
  			# Skip swap devices.
  			if [ "${type}" = "swap" -o "${options}" = "sw" -o "${noauto}" = "yes" ]; then
  				continue
 @@ -1446,7 +1469,7 @@
  	done < /etc/fstab
  
  	# Append providers from geli_devices.
 -	devices="${devices} ${geli_devices}"
 +	devices=`geli_expand_entry "${devices} ${geli_devices}"`
  
  	for provider in ${devices}; do
  		provider=${provider%.eli}
 
 
 --Multipart=_Sat__2_Feb_2008_23_02_56_-0500_G6gJHWk1j3WlCJHe--

From: Yoshihiro Ota <ota@j.email.ne.jp>
To: bug-followup@FreeBSD.org, Volker <volker@vwsoft.com>
Cc:  
Subject: Re: kern/120091: [geom] [geli] [gjournal] geli does not prompt for
 password on /dev/concat/XXX.eli.journal
Date: Fri, 18 Apr 2008 16:50:07 -0400

 The patch was been working grate for months on several machines without causing any problems.
 
 It will be nice if this is committed to the HEAD.
 
 Thanks,
 Hiro
Responsible-Changed-From-To: freebsd-geom->pjd 
Responsible-Changed-By: pjd 
Responsible-Changed-When: sob 19 kwi 06:08:32 2008 UTC 
Responsible-Changed-Why:  
I'll take this one. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=120091 

From: Yoshihiro Ota <ota@j.email.ne.jp>
To: pjd@FreeBSD.org, bug-followup@FreeBSD.org
Cc:  
Subject: Re: kern/120091: [geom] [geli] [gjournal] geli does not prompt for
 password on /dev/concat/XXX.eli.journal
Date: Tue, 20 Jan 2009 01:18:22 -0500

 Hi Pawel,
 
 Have you had a chance to take a look on this PR?
 
 Thanks,
 Hiro
State-Changed-From-To: feedback->open 
State-Changed-By: linimon 
State-Changed-When: Thu May 28 22:16:01 UTC 2009 
State-Changed-Why:  
Note that feedback was received some time ago. 


Responsible-Changed-From-To: pjd->freebsd-geom 
Responsible-Changed-By: linimon 
Responsible-Changed-When: Thu May 28 22:16:01 UTC 2009 
Responsible-Changed-Why:  
pjd is not actively working on GEOM at the moment. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=120091 
>Unformatted:
