svn commit: r285023 - in head: sbin/geom/class/eli sys/geom/eli
Pawel Jakub Dawidek
pjd at FreeBSD.org
Thu Jul 2 10:55:33 UTC 2015
Author: pjd
Date: Thu Jul 2 10:55:32 2015
New Revision: 285023
URL: https://svnweb.freebsd.org/changeset/base/285023
Log:
Allow to omit keyfile number for the first keyfile.
Modified:
head/sbin/geom/class/eli/geli.8
head/sys/geom/eli/g_eli.c
Modified: head/sbin/geom/class/eli/geli.8
==============================================================================
--- head/sbin/geom/class/eli/geli.8 Thu Jul 2 10:31:08 2015 (r285022)
+++ head/sbin/geom/class/eli/geli.8 Thu Jul 2 10:55:32 2015 (r285023)
@@ -24,7 +24,7 @@
.\"
.\" $FreeBSD$
.\"
-.Dd June 18, 2014
+.Dd June 2, 2015
.Dt GELI 8
.Os
.Sh NAME
@@ -893,6 +893,13 @@ geli_da1s3a_keyfile0_type="da1s3a:geli_k
geli_da1s3a_keyfile0_name="/boot/keys/da1s3a.key"
.Ed
.Pp
+If there is only one keyfile, the index might be omitted:
+.Bd -literal -offset indent
+geli_da1s3a_keyfile_load="YES"
+geli_da1s3a_keyfile_type="da1s3a:geli_keyfile"
+geli_da1s3a_keyfile_name="/boot/keys/da1s3a.key"
+.Ed
+.Pp
Not only configure encryption, but also data integrity verification using
.Nm HMAC/SHA256 .
.Bd -literal -offset indent
Modified: head/sys/geom/eli/g_eli.c
==============================================================================
--- head/sys/geom/eli/g_eli.c Thu Jul 2 10:31:08 2015 (r285022)
+++ head/sys/geom/eli/g_eli.c Thu Jul 2 10:55:32 2015 (r285023)
@@ -998,6 +998,13 @@ g_eli_keyfiles_load(struct hmac_ctx *ctx
for (i = 0; ; i++) {
snprintf(name, sizeof(name), "%s:geli_keyfile%d", provider, i);
keyfile = preload_search_by_type(name);
+ if (keyfile == NULL && i == 0) {
+ /*
+ * If there is only one keyfile, allow simpler name.
+ */
+ snprintf(name, sizeof(name), "%s:geli_keyfile", provider);
+ keyfile = preload_search_by_type(name);
+ }
if (keyfile == NULL)
return (i); /* Return number of loaded keyfiles. */
data = preload_fetch_addr(keyfile);
More information about the svn-src-head
mailing list