geli(8) breaks after a couple hours of uptime

Fabian Keil freebsd-listen at
Mon Feb 11 10:52:12 UTC 2013

Pawel Jakub Dawidek <pjd at> wrote:

> On Sun, Feb 10, 2013 at 09:50:58AM +0200, Andriy Gapon wrote:
> > I think that PAGE_SIZE (or at most a small multiple of it) should be
> > sufficient. I don't think that we currently have (or expect to see in
> > the near future) algorithms where keys with more than 4096 size
> > provide any additional security.
> geli(8) deals just fine with files that are larger than buffers, so even
> with smaller buffer it can read the data in few steps.
> The proposed patch is here if someone would like to give it a try:

Works for me, thanks a lot.

I tested with a couple of geli providers ranging from
v3 AES-CBC 128 bit to v7 AES-XTS 256 bit and didn't get
any crashes.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 196 bytes
Desc: not available
URL: <>

More information about the freebsd-current mailing list