Hello, I have a custom installer script which automatically creates RAID devices and assembles an sd1 CRYPTO device before the ordinary installer continues (making the installer use sd1 for the rest of the installation).
This works well, other than needing this patch since the keydisk is on the same harddrive: http://marc.info/?l=openbsd-misc&m=141450636905550&w=2 The fdisk/disklabel magic does the following steps: === echo "Creating MBR partition on physical disk" fdisk -iy sd0 echo "Creating crypto disklabel" disklabel -E sd0 <<EOF z a b 2g a d 1m RAID a a RAID w q EOF echo "Creating crypto softraid with keydisk" bioctl -c C -l /dev/sd0a -k /dev/sd0d softraid0 echo "Creating device node for sd1" cd /dev sh MAKEDEV sd1 echo "Zeroing out first MB of softraid device" dd if=/dev/zero of=/dev/rsd1c bs=1m count=1 sleep 5 === The final state on an installed machine looks like this, first the underlying real disk: === # disklabel sd0 # /dev/rsd0c: type: SCSI disk: SCSI disk label: Virtual disk duid: bd09fc7682c8c8a9 flags: bytes/sector: 512 sectors/track: 63 tracks/cylinder: 255 sectors/cylinder: 16065 cylinders: 2088 total sectors: 33554432 boundstart: 64 boundend: 33543720 drivedata: 0 16 partitions: # size offset fstype [fsize bsize cpg] a: 29318625 4225095 RAID b: 4208966 64 swap c: 33554432 0 unused d: 16065 4209030 RAID # === ... and secondly the softraid device: === # disklabel sd1 # /dev/rsd1c: type: SCSI disk: SCSI disk label: SR CRYPTO duid: 28075faa89475d37 flags: bytes/sector: 512 sectors/track: 63 tracks/cylinder: 255 sectors/cylinder: 16065 cylinders: 1824 total sectors: 29318097 boundstart: 64 boundend: 29302560 drivedata: 0 16 partitions: # size offset fstype [fsize bsize cpg] a: 894944 64 4.2BSD 2048 16384 1 # / b: 1626080 895008 swap # none c: 29318097 0 unused d: 1415552 2521088 4.2BSD 2048 16384 1 # /tmp e: 2064736 3936640 4.2BSD 2048 16384 1 # /var f: 2574304 6001376 4.2BSD 2048 16384 1 # /usr g: 1487232 8575680 4.2BSD 2048 16384 1 # /usr/X11R6 h: 5656544 10062912 4.2BSD 2048 16384 1 # /usr/local i: 2389600 15719456 4.2BSD 2048 16384 1 # /usr/src j: 3247296 18109056 4.2BSD 2048 16384 1 # /usr/obj k: 7946144 21356352 4.2BSD 2048 16384 1 # /home # === Initially I needed a quick way to wipe the keydisk to make the system unuseable, this was easy by simply overwriting the keydisk like so: === # dd if=/dev/zero of=/dev/rsd0d === This makes the system halt at the bootloader, asking for a passphrase which is fine. Where the problem starts is that at this point, if I reinstall the machine using the same automated installer, the bioctl call will fail, making the installer continue with sd0 instead, making the contents end up directly on the unencrypted sd0. The installer output shows this (can be compared to the script shown above): === Creating crypto softraid with keydisk softraid0: not valid softraid metadata softraid0: not valid softraid metadata === There is probbaly some softraid metadata left on the device which is confusing things, so I wish to clear that as well when wiping the keydisk. >From reading information such as http://www.openbsd.org/papers/asiabsdcon2010_softraid/softraid.pdf and http://marc.info/?l=openbsd-misc&m=134221355709007&w=2 I get the idea that writing 1MB of zeroes to the beginning of an underlying RAID partition should be enough to clear any relevant metadata, however this fails for me. At this point I am trying a nuke-from-orbit approach, writing over the complete keydisk as well as the first 1MB of both the sd0a RAID partition as well as sd0c: === # dd if=/dev/zero of=/dev/rsd0d # dd if=/dev/zero of=/dev/rsd0a bs=1m count=1 # dd if=/dev/zero of=/dev/rsd0c bs=1m count=1 === Yet even when doing this the installer still fails with the "not valid softraid metadata" error. What am I missing? Where is that metadata hiding? -- Patrik Lundin
