aesni(?) corrupts data on 8.2-BETA1
Mike Tancsa
mike at sentex.net
Sat Dec 11 01:43:32 UTC 2010
Actually, I just noticed something like this as well with ssh via
cryptodev and rsync as well. It was erroring out. eg.
Dec 10 16:50:01 backup3 sshd[13120]: Corrupted MAC on input.
Dec 10 16:50:01 backup3 sshd[13120]: Finished discarding for 64.x.x.x
I had a few ssh sessions die as well. It was working ok with a kernel /
world from last week. I was going to try and see if I can narrow it
down, but it seemed to had been working fine with world from last week.
Not sure if its the openssl update ? But if you are seeing issues with
geli, then I doubt its openssl.
---Mike
On 12/10/2010 7:49 PM, Jan Henrik Sylvester wrote:
> I just upgraded my main laptop from 8.1-RELEASE (GENERIC, amd64) to
> 8.2-BETA1 and added aesni_load="YES" to my /boot/loader.conf.
>
> (If my interpretation is correct:) With aesni loaded, I see many files
> corrupted on my geli encrypted volume. Without aesni loaded, they are ok.
>
> I have got a journaling UFS2 on gjournal on geli on a FreeBSD partition
> on a MBR slice on a disk with ahci loaded.
>
> Story: First I noticed some weirdness of Thunderbird not showing the
> "upgraded" message properly and reloading IMAP messages that have
> already been read, but did not think of anything. Only during my usual
> rsyncing of the encrypted volume, I saw that some files could not be
> read (invalid file descriptor?). I rebooted without aesni and got a
> different error message.
>
> I created checksums of all files on that encrypted volume with and
> without aesni loaded (rebooting in between): 150 Differences (one files
> could not be read in both cases).
>
> Just to make sure, I tried to rsync with "--checksum" and "--dry-run" to
> the other machine that is supposed to have the same files: With aesni,
> many files were scheduled to be synced and one could not be read, but
> without aesni, only that one file was scheduled to be synced -- it
> probably got corrupted for good with aesni loaded. It is especially
> weird that I did not attempt to write to the file that got corrupted on
> disk with aesni loaded.
>
> Is there anything I am doing wrong or is it really aesni or the
> processor failing?
>
> The processor is a Core i7-M620 (with AESNI of course).
>
> Before I investigate any further, I have to make a real backup...
> rsyncing does not prevent silent corruption. I am lucky that it was not
> so silent after all.
>
> Jan Henrik
> _______________________________________________
> freebsd-stable at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-stable
> To unsubscribe, send any mail to "freebsd-stable-unsubscribe at freebsd.org"
>
>
More information about the freebsd-stable
mailing list