svn commit: r216147 - head/sbin/geom/class/eli
delphij at delphij.net
Fri Dec 3 19:47:14 UTC 2010
-----BEGIN PGP SIGNED MESSAGE-----
On 12/03/10 09:15, Ulrich Spörlein wrote:
> On Fri, 03.12.2010 at 10:06:19 +0000, Xin LI wrote:
>> Author: delphij
>> Date: Fri Dec 3 10:06:19 2010
>> New Revision: 216147
>> URL: http://svn.freebsd.org/changeset/base/216147
>> * Recommend a overwrite of whole geli provider before use.
>> * Correct a typo while I'm there.
>> Reviewed by: pjd
>> MFC after: 2 weeks
>> Modified: head/sbin/geom/class/eli/geli.8
>> --- head/sbin/geom/class/eli/geli.8 Fri Dec 3 09:26:56 2010 (r216146)
>> +++ head/sbin/geom/class/eli/geli.8 Fri Dec 3 10:06:19 2010 (r216147)
>> @@ -24,7 +24,7 @@
>> .\" $FreeBSD$
>> -.Dd October 20, 2010
>> +.Dd December 3, 2010
>> .Dt GELI 8
>> .Sh NAME
>> @@ -842,7 +842,7 @@ Enter passphrase:
>> supports two encryption modes:
>> .Nm XTS ,
>> -which was standarized as
>> +which was standardized as
>> .Nm IEE P1619
>> .Nm CBC
>> @@ -873,6 +873,10 @@ changes with the data he owns without no
>> In other words
>> will not protect your data against replay attacks.
>> +It is recommended to write the whole provider before the first use,
>> +in order to make sure that all sectors and their corresponding
>> +checksums are properly initialized into a consistent state.
>> .Sh SEE ALSO
>> .Xr crypto 4 ,
>> .Xr gbde 4 ,
> I'm not sure this wording is very helpful. Why should there be a
> "consistent" state? In fact, if you write all zeros to the partition
> before creating the geom, then an attacker pretty much knows how much
> data you have written to the provider. I'm not saying this weakens any
> security, but I think the current phrasing will confuse the reader. What
> needs to be consistent? What does writing to the provider mean?
> Or am I mixing up provider and consumer here?
How would you like the attached patch?
Xin LI <delphij at delphij.net> http://www.delphij.net/
FreeBSD - The Power to Serve! Live free or die
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.16 (FreeBSD)
-----END PGP SIGNATURE-----
-------------- next part --------------
--- geli.8 (revision 216157)
+++ geli.8 (working copy)
@@ -24,7 +24,7 @@
-.Dd December 3, 2010
+.Dd December 4, 2010
.Dt GELI 8
@@ -874,7 +874,15 @@
will not protect your data against replay attacks.
-It is recommended to write the whole provider before the first use,
+class does not distinguish whether data is written after its creation,
+therefore, read from
+area may result in false positives on data corruption.
+It is recommended to write the whole provider
+.Pq for instance, Pa /dev/ Ns Ao prov Ac Ns .eli
+before its first use, ideally with random data,
in order to make sure that all sectors and their corresponding
checksums are properly initialized into a consistent state.
.Sh SEE ALSO
More information about the svn-src-all