-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 12/03/10 09:15, Ulrich Spörlein wrote: > On Fri, 03.12.2010 at 10:06:19 +0000, Xin LI wrote: >> Author: delphij >> Date: Fri Dec 3 10:06:19 2010 >> New Revision: 216147 >> URL: http://svn.freebsd.org/changeset/base/216147 >> >> Log: >> * Recommend a overwrite of whole geli provider before use. >> * Correct a typo while I'm there. >> >> Reviewed by: pjd >> MFC after: 2 weeks >> >> Modified: >> head/sbin/geom/class/eli/geli.8 >> >> Modified: head/sbin/geom/class/eli/geli.8 >> ============================================================================== >> --- head/sbin/geom/class/eli/geli.8 Fri Dec 3 09:26:56 2010 >> (r216146) >> +++ head/sbin/geom/class/eli/geli.8 Fri Dec 3 10:06:19 2010 >> (r216147) >> @@ -24,7 +24,7 @@ >> .\" >> .\" $FreeBSD$ >> .\" >> -.Dd October 20, 2010 >> +.Dd December 3, 2010 >> .Dt GELI 8 >> .Os >> .Sh NAME >> @@ -842,7 +842,7 @@ Enter passphrase: >> .Nm >> supports two encryption modes: >> .Nm XTS , >> -which was standarized as >> +which was standardized as >> .Nm IEE P1619 >> and >> .Nm CBC >> @@ -873,6 +873,10 @@ changes with the data he owns without no >> In other words >> .Nm >> will not protect your data against replay attacks. >> +.Pp >> +It is recommended to write the whole provider before the first use, >> +in order to make sure that all sectors and their corresponding >> +checksums are properly initialized into a consistent state. >> .Sh SEE ALSO >> .Xr crypto 4 , >> .Xr gbde 4 , > > I'm not sure this wording is very helpful. Why should there be a > "consistent" state? In fact, if you write all zeros to the partition > before creating the geom, then an attacker pretty much knows how much > data you have written to the provider. I'm not saying this weakens any > security, but I think the current phrasing will confuse the reader. What > needs to be consistent? What does writing to the provider mean? > > Or am I mixing up provider and consumer here?
How would you like the attached patch? Cheers, - -- Xin LI <delp...@delphij.net> http://www.delphij.net/ FreeBSD - The Power to Serve! Live free or die -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.16 (FreeBSD) iQEcBAEBCAAGBQJM+UkvAAoJEATO+BI/yjfBP1oIANH6E0mTqQWc8b0WFd61YYTr t2YTiJGyUXa1bt9LnhQr8iasCYKx9AqAHO0sDMjezo94jYfpyW/C0jYD7vj+fuIP m84CWUfbKC079REhvv/j9t+mbcEFiQK3u4I3nG/ArNSbjXZUOvkav3c20rGHtwEy ncwGWwTB/5Z5zIT4hPS4e6hiUSR5afBQu+Ww0CqyK2S3w6cdY/kQyyFH8De4TbnX MBhJw/74Y6mRM0PjsIuISP59ZxV5OelWz/DZmcP6tNXmpv3ExW6TmD4ov9X/9eYS WRNi2ygNpGMKHx/8RqKtDOdQ1R0nz9lKUt3Zg5q8GhGS0Lce4GuoaRr0XWQD19I= =ipPy -----END PGP SIGNATURE-----
Index: geli.8 =================================================================== --- geli.8 (revision 216157) +++ geli.8 (working copy) @@ -24,7 +24,7 @@ .\" .\" $FreeBSD$ .\" -.Dd December 3, 2010 +.Dd December 4, 2010 .Dt GELI 8 .Os .Sh NAME @@ -874,7 +874,15 @@ .Nm will not protect your data against replay attacks. .Pp -It is recommended to write the whole provider before the first use, +The +.Nm +class does not distinguish whether data is written after its creation, +therefore, read from +.Dq uninitialized +area may result in false positives on data corruption. +It is recommended to write the whole provider +.Pq for instance, Pa /dev/ Ns Ao prov Ac Ns .eli +before its first use, ideally with random data, in order to make sure that all sectors and their corresponding checksums are properly initialized into a consistent state. .Sh SEE ALSO
_______________________________________________ svn-src-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/svn-src-all To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
