From af23b88b5cf9e3728289126ea8805e3be750263e Mon Sep 17 00:00:00 2001 From: Eitan Adler Date: Wed, 9 May 2012 17:26:52 +0000 Subject: [PATCH] Clarify error that geli generates when it finds corrupt data. PR: kern/165695 Submitted by: Robert Simmons Reviewed by: pjd Approved by: cperciva MFC after: 1 week --- sbin/geom/class/eli/geli.8 | 3 +++ sys/geom/eli/g_eli_integrity.c | 7 ++++--- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/sbin/geom/class/eli/geli.8 b/sbin/geom/class/eli/geli.8 index 43c0129c16f3..0803480450f1 100644 --- a/sbin/geom/class/eli/geli.8 +++ b/sbin/geom/class/eli/geli.8 @@ -924,6 +924,9 @@ will not protect your data against replay attacks. It is recommended to write to the whole provider before first use, in order to make sure that all sectors and their corresponding checksums are properly initialized into a consistent state. +One can safely ignore data authentication errors that occur immediately +after the first time a provider is attached and before it is +initialized in this way. .Sh SEE ALSO .Xr crypto 4 , .Xr gbde 4 , diff --git a/sys/geom/eli/g_eli_integrity.c b/sys/geom/eli/g_eli_integrity.c index 50f2a31de0eb..c029d8e9dc7a 100644 --- a/sys/geom/eli/g_eli_integrity.c +++ b/sys/geom/eli/g_eli_integrity.c @@ -205,8 +205,8 @@ g_eli_auth_read_done(struct cryptop *crp) * Report previous corruption if there was one. */ if (coroff != -1) { - G_ELI_DEBUG(0, "%s: %jd bytes " - "corrupted at offset %jd.", + G_ELI_DEBUG(0, "%s: Failed to authenticate %jd " + "bytes of data at offset %jd", sc->sc_name, (intmax_t)corsize, (intmax_t)coroff); coroff = -1; @@ -221,7 +221,8 @@ g_eli_auth_read_done(struct cryptop *crp) } /* Report previous corruption if there was one. */ if (coroff != -1) { - G_ELI_DEBUG(0, "%s: %jd bytes corrupted at offset %jd.", + G_ELI_DEBUG(0, "%s: Failed to authenticate %jd " + "bytes of data at offset %jd", sc->sc_name, (intmax_t)corsize, (intmax_t)coroff); } }