From nobody Thu Mar 10 00:46:55 2022 X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 443D919F7061; Thu, 10 Mar 2022 00:46:56 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4KDVkm0wN2z4n4t; Thu, 10 Mar 2022 00:46:56 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1646873216; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Cl1Pqc0akuMzftIRwRnIJEwRjqaxLpWhs6A933qI/PE=; b=Ouw2YRdE+ZePuDQHLT4Gmgj1HvqjWqDwicWTwKzdpwHpdk5CNtZAx8iqgi0vCAHxDXheQ/ kST7sufEb9adA6cNmiwp/gkuhxzzqa9IIcSnVKvrlz0zsnnXp35e62uzjoNSVtX+QeYM7V InYGtHtilejYCmjJr0PF4bvggVYvOPZdJrW4sdn8XJ1VCHC6JH6FnUcRR0fZNTFBHGEW+g adhVYri8u2xGpuRH3m5CZiNXDJ4VdWow5KPBDRsYX0bMaGwXoc6MnVI56tri8serN+12Dh jDsal31LSJF4Vf+upLU/GzSUneoRyM73fIFmtWmaNb4ae4R1vsJq8uoOE3/9tw== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id DA9FC1B503; Thu, 10 Mar 2022 00:46:55 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 22A0ktNS073099; Thu, 10 Mar 2022 00:46:55 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 22A0kt0k073098; Thu, 10 Mar 2022 00:46:55 GMT (envelope-from git) Date: Thu, 10 Mar 2022 00:46:55 GMT Message-Id: <202203100046.22A0kt0k073098@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Ed Maste Subject: git: 67e751f167c9 - main - dumpon: use underlying device if encrypted swap is in use List-Id: Commit messages for the main branch of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-main@freebsd.org X-BeenThere: dev-commits-src-main@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: emaste X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 67e751f167c98d02f85eb38401e3e6388db09ac1 Auto-Submitted: auto-generated ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1646873216; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=Cl1Pqc0akuMzftIRwRnIJEwRjqaxLpWhs6A933qI/PE=; b=oldvQiaMpsNZudv8XmanxuhvEH/D+U9TmGQ995DWK41E0JXJHzd5IYCLGPkSIPUs6fAUE6 T2uoUe4Ly0nCdttYkWzRF1VAs4uRgmFDNplTUFqM2qx79GTujcPNsyJpoCxXkJgRbmgtGF 8ckXPFTY/FL/dNi0oHukRaEehgXOFoKVj91KHv9hqihptvtXd82bSMH1GLKp3EY9zk18S3 vXb88M/gdgqzJUcuH7rgr7OLZqV278acSPiSSAAdKW2uxa0QR8wNSwHScAngJwQS9zN8eR xxWoPR9HCSCRTllLJRmturSk76hEYBcq3CaoluYvg/k6ihWL5e+gish/W/Slxg== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1646873216; a=rsa-sha256; cv=none; b=AwvttxXSXR0Sy0D9JItbVy8OgRlaA9umCZeAE05CmIFDz2YH5xpM1em5LvI9YtyDZo+En/ KIcoX+ULFeMFlWUdWeIhNKWH92gnu/d0tQpJsWogAYbAWV5vlaOrO5OhFHWkEzIqGJG/eQ FvX0GirWNM05g8+KojJtAjYhFHylR3pephUh2FoOtSiZyHg7khaQcHX1jYBDNQTat/3kMH Tk8bmrOyacUmEKAZ4ViwyFSRmQay6oIJ7sm6tcEBBQJiH/uFlZKaidhJh+p1ELA+SkCqE0 YkVfN4vzVNT0F2+mSOZOC+mKyy9pbzseN/3Uwzkpw9PnxIj4UhvNMbhoLyayww== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N The branch main has been updated by emaste: URL: https://cgit.FreeBSD.org/src/commit/?id=67e751f167c98d02f85eb38401e3e6388db09ac1 commit 67e751f167c98d02f85eb38401e3e6388db09ac1 Author: Ed Maste AuthorDate: 2022-03-07 19:17:01 +0000 Commit: Ed Maste CommitDate: 2022-03-10 00:43:14 +0000 dumpon: use underlying device if encrypted swap is in use /etc/rc.d/dumpon runs before /etc/rc.d/swap. When encrypted swap is in use the .eli or .bde device will not exist at the time dumpon runs. Even if this is addressed it does not make sense to dump core to encrypted swap, as the encryption key will not be available after reboot rendering the dump useless. Thus, for the case that dumpdev=AUTO and encrypted swap is in use, strip the extension and use the underlying device. Emit a warning if we are using the underlying device and the user has not configured dump encryption, so that the user knows that the will not be encrypted. PR: 238301 Reported by: Ivan Rozhuk Reviewed by: jilles MFC after: 1 week Sponsored by: The FreeBSD Foundation Differential Revision: https://reviews.freebsd.org/D34474 --- libexec/rc/rc.d/dumpon | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/libexec/rc/rc.d/dumpon b/libexec/rc/rc.d/dumpon index 752f52315f49..6ca335b73842 100755 --- a/libexec/rc/rc.d/dumpon +++ b/libexec/rc/rc.d/dumpon @@ -33,6 +33,19 @@ dumpon_try() return 1 } +dumpon_warn_unencrypted() +{ + if [ -n "${dumppubkey}" ]; then + return + fi + for flag in ${dumpon_flags}; do + if [ $flag = -k ]; then + return + fi + done + warn "Kernel dumps will be written to the swap partition without encryption." +} + dumpon_start() { # Enable dumpdev so that savecore can see it. Enable it @@ -50,6 +63,12 @@ dumpon_start() fi while read dev mp type more ; do [ "${type}" = "swap" ] || continue + case ${dev} in + *.bde|*.eli) + dumpon_warn_unencrypted + dev=${dev%.*} + ;; + esac [ -c "${dev}" ] || continue dumpon_try "${dev}" 2>/dev/null && return 0 done