2 * Copyright (c) 2004-2010 Pawel Jakub Dawidek <pjd@FreeBSD.org>
5 * Redistribution and use in source and binary forms, with or without
6 * modification, are permitted provided that the following conditions
8 * 1. Redistributions of source code must retain the above copyright
9 * notice, this list of conditions and the following disclaimer.
10 * 2. Redistributions in binary form must reproduce the above copyright
11 * notice, this list of conditions and the following disclaimer in the
12 * documentation and/or other materials provided with the distribution.
14 * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND
15 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
16 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
17 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE
18 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
19 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
20 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
21 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
22 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
23 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
27 #include <sys/cdefs.h>
28 __FBSDID("$FreeBSD$");
30 #include <sys/types.h>
31 #include <sys/sysctl.h>
39 #include <readpassphrase.h>
47 #include <sys/param.h>
49 #include <sys/resource.h>
50 #include <opencrypto/cryptodev.h>
51 #include <geom/eli/g_eli.h>
52 #include <geom/eli/pkcs5v2.h>
54 #include "core/geom.h"
55 #include "misc/subr.h"
58 uint32_t lib_version = G_LIB_VERSION;
59 uint32_t version = G_ELI_VERSION;
61 #define GELI_BACKUP_DIR "/var/backups/"
62 #define GELI_ENC_ALGO "aes"
64 static void eli_main(struct gctl_req *req, unsigned flags);
65 static void eli_init(struct gctl_req *req);
66 static void eli_attach(struct gctl_req *req);
67 static void eli_configure(struct gctl_req *req);
68 static void eli_setkey(struct gctl_req *req);
69 static void eli_delkey(struct gctl_req *req);
70 static void eli_resume(struct gctl_req *req);
71 static void eli_kill(struct gctl_req *req);
72 static void eli_backup(struct gctl_req *req);
73 static void eli_restore(struct gctl_req *req);
74 static void eli_resize(struct gctl_req *req);
75 static void eli_clear(struct gctl_req *req);
76 static void eli_dump(struct gctl_req *req);
78 static int eli_backup_create(struct gctl_req *req, const char *prov,
84 * init [-bhPv] [-a aalgo] [-B backupfile] [-e ealgo] [-i iterations] [-l keylen] [-J newpassfile] [-K newkeyfile] prov
85 * label - alias for 'init'
86 * attach [-dprv] [-j passfile] [-k keyfile] prov
87 * detach [-fl] prov ...
88 * stop - alias for 'detach'
89 * onetime [-d] [-a aalgo] [-e ealgo] [-l keylen] prov
90 * configure [-bB] prov ...
91 * setkey [-pPv] [-n keyno] [-j passfile] [-J newpassfile] [-k keyfile] [-K newkeyfile] prov
92 * delkey [-afv] [-n keyno] prov
93 * suspend [-v] -a | prov ...
94 * resume [-pv] [-j passfile] [-k keyfile] prov
95 * kill [-av] [prov ...]
96 * backup [-v] prov file
97 * restore [-fv] file prov
98 * resize [-v] -s oldsize prov
102 struct g_command class_commands[] = {
103 { "init", G_FLAG_VERBOSE, eli_main,
105 { 'a', "aalgo", "none", G_TYPE_STRING },
106 { 'b', "boot", NULL, G_TYPE_BOOL },
107 { 'B', "backupfile", "", G_TYPE_STRING },
108 { 'e', "ealgo", GELI_ENC_ALGO, G_TYPE_STRING },
109 { 'i', "iterations", "-1", G_TYPE_NUMBER },
110 { 'J', "newpassfile", G_VAL_OPTIONAL, G_TYPE_STRING | G_TYPE_MULTI },
111 { 'K', "newkeyfile", G_VAL_OPTIONAL, G_TYPE_STRING | G_TYPE_MULTI },
112 { 'l', "keylen", "0", G_TYPE_NUMBER },
113 { 'P', "nonewpassphrase", NULL, G_TYPE_BOOL },
114 { 's', "sectorsize", "0", G_TYPE_NUMBER },
118 "[-bPv] [-a aalgo] [-B backupfile] [-e ealgo] [-i iterations] [-l keylen] [-J newpassfile] [-K newkeyfile] [-s sectorsize] prov"
120 { "label", G_FLAG_VERBOSE, eli_main,
122 { 'a', "aalgo", "none", G_TYPE_STRING },
123 { 'b', "boot", NULL, G_TYPE_BOOL },
124 { 'B', "backupfile", "", G_TYPE_STRING },
125 { 'e', "ealgo", GELI_ENC_ALGO, G_TYPE_STRING },
126 { 'i', "iterations", "-1", G_TYPE_NUMBER },
127 { 'J', "newpassfile", G_VAL_OPTIONAL, G_TYPE_STRING | G_TYPE_MULTI },
128 { 'K', "newkeyfile", G_VAL_OPTIONAL, G_TYPE_STRING | G_TYPE_MULTI },
129 { 'l', "keylen", "0", G_TYPE_NUMBER },
130 { 'P', "nonewpassphrase", NULL, G_TYPE_BOOL },
131 { 's', "sectorsize", "0", G_TYPE_NUMBER },
135 "- an alias for 'init'"
137 { "attach", G_FLAG_VERBOSE | G_FLAG_LOADKLD, eli_main,
139 { 'd', "detach", NULL, G_TYPE_BOOL },
140 { 'j', "passfile", G_VAL_OPTIONAL, G_TYPE_STRING | G_TYPE_MULTI },
141 { 'k', "keyfile", G_VAL_OPTIONAL, G_TYPE_STRING | G_TYPE_MULTI },
142 { 'p', "nopassphrase", NULL, G_TYPE_BOOL },
143 { 'r', "readonly", NULL, G_TYPE_BOOL },
147 "[-dprv] [-j passfile] [-k keyfile] prov"
151 { 'f', "force", NULL, G_TYPE_BOOL },
152 { 'l', "last", NULL, G_TYPE_BOOL },
160 { 'f', "force", NULL, G_TYPE_BOOL },
161 { 'l', "last", NULL, G_TYPE_BOOL },
165 "- an alias for 'detach'"
167 { "onetime", G_FLAG_VERBOSE | G_FLAG_LOADKLD, NULL,
169 { 'a', "aalgo", "none", G_TYPE_STRING },
170 { 'd', "detach", NULL, G_TYPE_BOOL },
171 { 'e', "ealgo", GELI_ENC_ALGO, G_TYPE_STRING },
172 { 'l', "keylen", "0", G_TYPE_NUMBER },
173 { 's', "sectorsize", "0", G_TYPE_NUMBER },
177 "[-d] [-a aalgo] [-e ealgo] [-l keylen] [-s sectorsize] prov"
179 { "configure", G_FLAG_VERBOSE, eli_main,
181 { 'b', "boot", NULL, G_TYPE_BOOL },
182 { 'B', "noboot", NULL, G_TYPE_BOOL },
188 { "setkey", G_FLAG_VERBOSE, eli_main,
190 { 'i', "iterations", "-1", G_TYPE_NUMBER },
191 { 'j', "passfile", G_VAL_OPTIONAL, G_TYPE_STRING | G_TYPE_MULTI },
192 { 'J', "newpassfile", G_VAL_OPTIONAL, G_TYPE_STRING | G_TYPE_MULTI },
193 { 'k', "keyfile", G_VAL_OPTIONAL, G_TYPE_STRING | G_TYPE_MULTI },
194 { 'K', "newkeyfile", G_VAL_OPTIONAL, G_TYPE_STRING | G_TYPE_MULTI },
195 { 'n', "keyno", "-1", G_TYPE_NUMBER },
196 { 'p', "nopassphrase", NULL, G_TYPE_BOOL },
197 { 'P', "nonewpassphrase", NULL, G_TYPE_BOOL },
201 "[-pPv] [-n keyno] [-i iterations] [-j passfile] [-J newpassfile] [-k keyfile] [-K newkeyfile] prov"
203 { "delkey", G_FLAG_VERBOSE, eli_main,
205 { 'a', "all", NULL, G_TYPE_BOOL },
206 { 'f', "force", NULL, G_TYPE_BOOL },
207 { 'n', "keyno", "-1", G_TYPE_NUMBER },
211 "[-afv] [-n keyno] prov"
213 { "suspend", G_FLAG_VERBOSE, NULL,
215 { 'a', "all", NULL, G_TYPE_BOOL },
221 { "resume", G_FLAG_VERBOSE, eli_main,
223 { 'j', "passfile", G_VAL_OPTIONAL, G_TYPE_STRING | G_TYPE_MULTI },
224 { 'k', "keyfile", G_VAL_OPTIONAL, G_TYPE_STRING | G_TYPE_MULTI },
225 { 'p', "nopassphrase", NULL, G_TYPE_BOOL },
229 "[-pv] [-j passfile] [-k keyfile] prov"
231 { "kill", G_FLAG_VERBOSE, eli_main,
233 { 'a', "all", NULL, G_TYPE_BOOL },
239 { "backup", G_FLAG_VERBOSE, eli_main, G_NULL_OPTS, NULL,
242 { "restore", G_FLAG_VERBOSE, eli_main,
244 { 'f', "force", NULL, G_TYPE_BOOL },
250 { "resize", G_FLAG_VERBOSE, eli_main,
252 { 's', "oldsize", NULL, G_TYPE_NUMBER },
256 "[-v] -s oldsize prov"
258 { "clear", G_FLAG_VERBOSE, eli_main, G_NULL_OPTS, NULL,
261 { "dump", G_FLAG_VERBOSE, eli_main, G_NULL_OPTS, NULL,
267 static int verbose = 0;
270 eli_protect(struct gctl_req *req)
274 /* Disable core dumps. */
277 if (setrlimit(RLIMIT_CORE, &rl) == -1) {
278 gctl_error(req, "Cannot disable core dumps: %s.",
282 /* Disable swapping. */
283 if (mlockall(MCL_FUTURE) == -1) {
284 gctl_error(req, "Cannot lock memory: %s.", strerror(errno));
291 eli_main(struct gctl_req *req, unsigned int flags)
295 if (eli_protect(req) == -1)
298 if ((flags & G_FLAG_VERBOSE) != 0)
301 name = gctl_get_ascii(req, "verb");
303 gctl_error(req, "No '%s' argument.", "verb");
306 if (strcmp(name, "init") == 0 || strcmp(name, "label") == 0)
308 else if (strcmp(name, "attach") == 0)
310 else if (strcmp(name, "configure") == 0)
312 else if (strcmp(name, "setkey") == 0)
314 else if (strcmp(name, "delkey") == 0)
316 else if (strcmp(name, "resume") == 0)
318 else if (strcmp(name, "kill") == 0)
320 else if (strcmp(name, "backup") == 0)
322 else if (strcmp(name, "restore") == 0)
324 else if (strcmp(name, "resize") == 0)
326 else if (strcmp(name, "dump") == 0)
328 else if (strcmp(name, "clear") == 0)
331 gctl_error(req, "Unknown command: %s.", name);
335 arc4rand(unsigned char *buf, size_t size)
341 buf4 = (uint32_t *)buf;
344 for (i = 0; i < size4; i++)
345 buf4[i] = arc4random();
346 for (i *= 4; i < size; i++)
347 buf[i] = arc4random() % 0xff;
351 eli_is_attached(const char *prov)
353 char name[MAXPATHLEN];
357 * Not the best way to do it, but the easiest.
358 * We try to open provider and check if it is a GEOM provider
359 * by asking about its sectorsize.
361 snprintf(name, sizeof(name), "%s%s", prov, G_ELI_SUFFIX);
362 secsize = g_get_sectorsize(name);
369 eli_genkey_files(struct gctl_req *req, bool new, const char *type,
370 struct hmac_ctx *ctxp, char *passbuf, size_t passbufsize)
372 char *p, buf[MAXPHYS], argname[16];
377 assert((strcmp(type, "keyfile") == 0 && ctxp != NULL &&
378 passbuf == NULL && passbufsize == 0) ||
379 (strcmp(type, "passfile") == 0 && ctxp == NULL &&
380 passbuf != NULL && passbufsize > 0));
381 assert(strcmp(type, "keyfile") == 0 || passbuf[0] == '\0');
384 snprintf(argname, sizeof(argname), "%s%s%d",
385 new ? "new" : "", type, i);
387 /* No more {key,pass}files? */
388 if (!gctl_has_param(req, argname))
391 file = gctl_get_ascii(req, argname);
392 assert(file != NULL);
394 if (strcmp(file, "-") == 0)
397 fd = open(file, O_RDONLY);
399 gctl_error(req, "Cannot open %s %s: %s.",
400 type, file, strerror(errno));
404 if (strcmp(type, "keyfile") == 0) {
405 while ((done = read(fd, buf, sizeof(buf))) > 0)
406 g_eli_crypto_hmac_update(ctxp, buf, done);
407 } else /* if (strcmp(type, "passfile") == 0) */ {
408 while ((done = read(fd, buf, sizeof(buf) - 1)) > 0) {
410 p = strchr(buf, '\n');
415 if (strlcat(passbuf, buf, passbufsize) >=
418 "Passphrase in %s too long.", file);
419 bzero(buf, sizeof(buf));
427 if (strcmp(file, "-") != 0)
429 bzero(buf, sizeof(buf));
431 gctl_error(req, "Cannot read %s %s: %s.",
432 type, file, strerror(error));
440 eli_genkey_passphrase_prompt(struct gctl_req *req, bool new, char *passbuf,
447 new ? "Enter new passphrase:" : "Enter passphrase:",
448 passbuf, passbufsize, RPP_ECHO_OFF | RPP_REQUIRE_TTY);
450 bzero(passbuf, passbufsize);
451 gctl_error(req, "Cannot read passphrase: %s.",
459 p = readpassphrase("Reenter new passphrase: ",
460 tmpbuf, sizeof(tmpbuf),
461 RPP_ECHO_OFF | RPP_REQUIRE_TTY);
463 bzero(passbuf, passbufsize);
465 "Cannot read passphrase: %s.",
470 if (strcmp(passbuf, tmpbuf) != 0) {
471 bzero(passbuf, passbufsize);
472 fprintf(stderr, "They didn't match.\n");
475 bzero(tmpbuf, sizeof(tmpbuf));
483 eli_genkey_passphrase(struct gctl_req *req, struct g_eli_metadata *md, bool new,
484 struct hmac_ctx *ctxp)
486 char passbuf[MAXPHYS];
491 gctl_get_int(req, new ? "nonewpassphrase" : "nopassphrase");
493 if (gctl_has_param(req, new ? "newpassfile0" : "passfile0")) {
495 "Options -%c and -%c are mutually exclusive.",
496 new ? 'J' : 'j', new ? 'P' : 'p');
502 if (!new && md->md_iterations == -1) {
503 gctl_error(req, "Missing -p flag.");
507 nfiles = eli_genkey_files(req, new, "passfile", NULL, passbuf,
511 else if (nfiles == 0) {
512 if (eli_genkey_passphrase_prompt(req, new, passbuf,
513 sizeof(passbuf)) == -1) {
518 * Field md_iterations equal to -1 means "choose some sane
521 if (md->md_iterations == -1) {
524 printf("Calculating number of iterations...\n");
525 md->md_iterations = pkcs5v2_calculate(2000000);
526 assert(md->md_iterations > 0);
528 printf("Done, using %d iterations.\n",
533 * If md_iterations is equal to 0, user doesn't want PKCS#5v2.
535 if (md->md_iterations == 0) {
536 g_eli_crypto_hmac_update(ctxp, md->md_salt,
537 sizeof(md->md_salt));
538 g_eli_crypto_hmac_update(ctxp, passbuf, strlen(passbuf));
539 } else /* if (md->md_iterations > 0) */ {
540 unsigned char dkey[G_ELI_USERKEYLEN];
542 pkcs5v2_genkey(dkey, sizeof(dkey), md->md_salt,
543 sizeof(md->md_salt), passbuf, md->md_iterations);
544 g_eli_crypto_hmac_update(ctxp, dkey, sizeof(dkey));
545 bzero(dkey, sizeof(dkey));
547 bzero(passbuf, sizeof(passbuf));
552 static unsigned char *
553 eli_genkey(struct gctl_req *req, struct g_eli_metadata *md, unsigned char *key,
561 gctl_get_int(req, new ? "nonewpassphrase" : "nopassphrase");
563 g_eli_crypto_hmac_init(&ctx, NULL, 0);
565 nfiles = eli_genkey_files(req, new, "keyfile", &ctx, NULL, 0);
568 else if (nfiles == 0 && nopassphrase) {
569 gctl_error(req, "No key components given.");
573 if (eli_genkey_passphrase(req, md, new, &ctx) == -1)
576 g_eli_crypto_hmac_final(&ctx, key, 0);
582 eli_metadata_read(struct gctl_req *req, const char *prov,
583 struct g_eli_metadata *md)
585 unsigned char sector[sizeof(struct g_eli_metadata)];
588 if (g_get_sectorsize(prov) == 0) {
591 /* This is a file probably. */
592 fd = open(prov, O_RDONLY);
594 gctl_error(req, "Cannot open %s: %s.", prov,
598 if (read(fd, sector, sizeof(sector)) != sizeof(sector)) {
599 gctl_error(req, "Cannot read metadata from %s: %s.",
600 prov, strerror(errno));
606 /* This is a GEOM provider. */
607 error = g_metadata_read(prov, sector, sizeof(sector),
610 gctl_error(req, "Cannot read metadata from %s: %s.",
611 prov, strerror(error));
615 if (eli_metadata_decode(sector, md) != 0) {
616 gctl_error(req, "MD5 hash mismatch for %s.", prov);
623 eli_metadata_store(struct gctl_req *req, const char *prov,
624 struct g_eli_metadata *md)
626 unsigned char sector[sizeof(struct g_eli_metadata)];
629 eli_metadata_encode(md, sector);
630 if (g_get_sectorsize(prov) == 0) {
633 /* This is a file probably. */
634 fd = open(prov, O_WRONLY | O_TRUNC);
636 gctl_error(req, "Cannot open %s: %s.", prov,
638 bzero(sector, sizeof(sector));
641 if (write(fd, sector, sizeof(sector)) != sizeof(sector)) {
642 gctl_error(req, "Cannot write metadata to %s: %s.",
643 prov, strerror(errno));
644 bzero(sector, sizeof(sector));
650 /* This is a GEOM provider. */
651 error = g_metadata_store(prov, sector, sizeof(sector));
653 gctl_error(req, "Cannot write metadata to %s: %s.",
654 prov, strerror(errno));
655 bzero(sector, sizeof(sector));
659 bzero(sector, sizeof(sector));
664 eli_init(struct gctl_req *req)
666 struct g_eli_metadata md;
667 unsigned char sector[sizeof(struct g_eli_metadata)];
668 unsigned char key[G_ELI_USERKEYLEN];
669 char backfile[MAXPATHLEN];
670 const char *str, *prov;
676 nargs = gctl_get_int(req, "nargs");
678 gctl_error(req, "Invalid number of arguments.");
681 prov = gctl_get_ascii(req, "arg0");
682 mediasize = g_get_mediasize(prov);
683 secsize = g_get_sectorsize(prov);
684 if (mediasize == 0 || secsize == 0) {
685 gctl_error(req, "Cannot get informations about %s: %s.", prov,
690 bzero(&md, sizeof(md));
691 strlcpy(md.md_magic, G_ELI_MAGIC, sizeof(md.md_magic));
692 md.md_version = G_ELI_VERSION;
694 if (gctl_get_int(req, "boot"))
695 md.md_flags |= G_ELI_FLAG_BOOT;
696 md.md_ealgo = CRYPTO_ALGORITHM_MIN - 1;
697 str = gctl_get_ascii(req, "aalgo");
698 if (strcmp(str, "none") != 0) {
699 md.md_aalgo = g_eli_str2aalgo(str);
700 if (md.md_aalgo >= CRYPTO_ALGORITHM_MIN &&
701 md.md_aalgo <= CRYPTO_ALGORITHM_MAX) {
702 md.md_flags |= G_ELI_FLAG_AUTH;
705 * For backward compatibility, check if the -a option
706 * was used to provide encryption algorithm.
708 md.md_ealgo = g_eli_str2ealgo(str);
709 if (md.md_ealgo < CRYPTO_ALGORITHM_MIN ||
710 md.md_ealgo > CRYPTO_ALGORITHM_MAX) {
712 "Invalid authentication algorithm.");
715 fprintf(stderr, "warning: The -e option, not "
716 "the -a option is now used to specify "
717 "encryption algorithm to use.\n");
721 if (md.md_ealgo < CRYPTO_ALGORITHM_MIN ||
722 md.md_ealgo > CRYPTO_ALGORITHM_MAX) {
723 str = gctl_get_ascii(req, "ealgo");
724 md.md_ealgo = g_eli_str2ealgo(str);
725 if (md.md_ealgo < CRYPTO_ALGORITHM_MIN ||
726 md.md_ealgo > CRYPTO_ALGORITHM_MAX) {
727 gctl_error(req, "Invalid encryption algorithm.");
731 val = gctl_get_intmax(req, "keylen");
733 md.md_keylen = g_eli_keylen(md.md_ealgo, md.md_keylen);
734 if (md.md_keylen == 0) {
735 gctl_error(req, "Invalid key length.");
738 md.md_provsize = mediasize;
740 val = gctl_get_intmax(req, "iterations");
745 * Don't allow to set iterations when there will be no
748 nonewpassphrase = gctl_get_int(req, "nonewpassphrase");
749 if (nonewpassphrase) {
751 "Options -i and -P are mutually exclusive.");
755 md.md_iterations = val;
757 val = gctl_get_intmax(req, "sectorsize");
759 md.md_sectorsize = secsize;
761 if (val < 0 || (val % secsize) != 0) {
762 gctl_error(req, "Invalid sector size.");
765 if (val > sysconf(_SC_PAGE_SIZE)) {
767 "warning: Using sectorsize bigger than the page size!\n");
769 md.md_sectorsize = val;
773 arc4rand(md.md_salt, sizeof(md.md_salt));
774 arc4rand(md.md_mkeys, sizeof(md.md_mkeys));
776 /* Generate user key. */
777 if (eli_genkey(req, &md, key, true) == NULL) {
778 bzero(key, sizeof(key));
779 bzero(&md, sizeof(md));
783 /* Encrypt the first and the only Master Key. */
784 error = g_eli_mkey_encrypt(md.md_ealgo, key, md.md_keylen, md.md_mkeys);
785 bzero(key, sizeof(key));
787 bzero(&md, sizeof(md));
788 gctl_error(req, "Cannot encrypt Master Key: %s.",
793 eli_metadata_encode(&md, sector);
794 bzero(&md, sizeof(md));
795 error = g_metadata_store(prov, sector, sizeof(sector));
796 bzero(sector, sizeof(sector));
798 gctl_error(req, "Cannot store metadata on %s: %s.", prov,
803 printf("Metadata value stored on %s.\n", prov);
804 /* Backup metadata to a file. */
805 str = gctl_get_ascii(req, "backupfile");
806 if (str[0] != '\0') {
807 /* Backupfile given be the user, just copy it. */
808 strlcpy(backfile, str, sizeof(backfile));
810 /* Generate file name automatically. */
811 const char *p = prov;
814 if (strncmp(p, _PATH_DEV, strlen(_PATH_DEV)) == 0)
815 p += strlen(_PATH_DEV);
816 snprintf(backfile, sizeof(backfile), "%s%s.eli",
818 /* Replace all / with _. */
819 for (i = strlen(GELI_BACKUP_DIR); backfile[i] != '\0'; i++) {
820 if (backfile[i] == '/')
824 if (strcmp(backfile, "none") != 0 &&
825 eli_backup_create(req, prov, backfile) == 0) {
826 printf("\nMetadata backup can be found in %s and\n", backfile);
827 printf("can be restored with the following command:\n");
828 printf("\n\t# geli restore %s %s\n\n", backfile, prov);
833 eli_attach(struct gctl_req *req)
835 struct g_eli_metadata md;
836 unsigned char key[G_ELI_USERKEYLEN];
841 nargs = gctl_get_int(req, "nargs");
843 gctl_error(req, "Invalid number of arguments.");
846 prov = gctl_get_ascii(req, "arg0");
848 if (eli_metadata_read(req, prov, &md) == -1)
851 mediasize = g_get_mediasize(prov);
852 if (md.md_provsize != (uint64_t)mediasize) {
853 gctl_error(req, "Provider size mismatch.");
857 if (eli_genkey(req, &md, key, false) == NULL) {
858 bzero(key, sizeof(key));
862 gctl_ro_param(req, "key", sizeof(key), key);
863 if (gctl_issue(req) == NULL) {
865 printf("Attached to %s.\n", prov);
867 bzero(key, sizeof(key));
871 eli_configure_detached(struct gctl_req *req, const char *prov, bool boot)
873 struct g_eli_metadata md;
875 if (eli_metadata_read(req, prov, &md) == -1)
878 if (boot && (md.md_flags & G_ELI_FLAG_BOOT)) {
880 printf("BOOT flag already configured for %s.\n", prov);
881 } else if (!boot && !(md.md_flags & G_ELI_FLAG_BOOT)) {
883 printf("BOOT flag not configured for %s.\n", prov);
886 md.md_flags |= G_ELI_FLAG_BOOT;
888 md.md_flags &= ~G_ELI_FLAG_BOOT;
889 eli_metadata_store(req, prov, &md);
891 bzero(&md, sizeof(md));
895 eli_configure(struct gctl_req *req)
901 nargs = gctl_get_int(req, "nargs");
903 gctl_error(req, "Too few arguments.");
907 boot = gctl_get_int(req, "boot");
908 noboot = gctl_get_int(req, "noboot");
910 if (boot && noboot) {
911 gctl_error(req, "Options -b and -B are mutually exclusive.");
914 if (!boot && !noboot) {
915 gctl_error(req, "No option given.");
919 /* First attached providers. */
922 for (i = 0; i < nargs; i++) {
923 prov = gctl_get_ascii(req, "arg%d", i);
924 if (!eli_is_attached(prov))
925 eli_configure_detached(req, prov, boot);
930 eli_setkey_attached(struct gctl_req *req, struct g_eli_metadata *md)
932 unsigned char key[G_ELI_USERKEYLEN];
933 intmax_t val, old = 0;
936 val = gctl_get_intmax(req, "iterations");
937 /* Check if iterations number should be changed. */
939 md->md_iterations = val;
941 old = md->md_iterations;
943 /* Generate key for Master Key encryption. */
944 if (eli_genkey(req, md, key, true) == NULL) {
945 bzero(key, sizeof(key));
949 * If number of iterations has changed, but wasn't given as a
950 * command-line argument, update the request.
952 if (val == -1 && md->md_iterations != old) {
953 error = gctl_change_param(req, "iterations", sizeof(intmax_t),
958 gctl_ro_param(req, "key", sizeof(key), key);
960 bzero(key, sizeof(key));
964 eli_setkey_detached(struct gctl_req *req, const char *prov,
965 struct g_eli_metadata *md)
967 unsigned char key[G_ELI_USERKEYLEN], mkey[G_ELI_DATAIVKEYLEN];
968 unsigned char *mkeydst;
973 if (md->md_keys == 0) {
974 gctl_error(req, "No valid keys on %s.", prov);
978 /* Generate key for Master Key decryption. */
979 if (eli_genkey(req, md, key, false) == NULL) {
980 bzero(key, sizeof(key));
984 /* Decrypt Master Key. */
985 error = g_eli_mkey_decrypt(md, key, mkey, &nkey);
986 bzero(key, sizeof(key));
988 bzero(md, sizeof(*md));
990 gctl_error(req, "Wrong key for %s.", prov);
991 else /* if (error > 0) */ {
992 gctl_error(req, "Cannot decrypt Master Key: %s.",
998 printf("Decrypted Master Key %u.\n", nkey);
1000 val = gctl_get_intmax(req, "keyno");
1005 ; /* Use the key number which was found during decryption. */
1007 if (nkey >= G_ELI_MAXMKEYS) {
1008 gctl_error(req, "Invalid '%s' argument.", "keyno");
1012 val = gctl_get_intmax(req, "iterations");
1013 /* Check if iterations number should and can be changed. */
1015 if (bitcount32(md->md_keys) != 1) {
1016 gctl_error(req, "To be able to use '-i' option, only "
1017 "one key can be defined.");
1020 if (md->md_keys != (1 << nkey)) {
1021 gctl_error(req, "Only already defined key can be "
1022 "changed when '-i' option is used.");
1025 md->md_iterations = val;
1028 mkeydst = md->md_mkeys + nkey * G_ELI_MKEYLEN;
1029 md->md_keys |= (1 << nkey);
1031 bcopy(mkey, mkeydst, sizeof(mkey));
1032 bzero(mkey, sizeof(mkey));
1034 /* Generate key for Master Key encryption. */
1035 if (eli_genkey(req, md, key, true) == NULL) {
1036 bzero(key, sizeof(key));
1037 bzero(md, sizeof(*md));
1041 /* Encrypt the Master-Key with the new key. */
1042 error = g_eli_mkey_encrypt(md->md_ealgo, key, md->md_keylen, mkeydst);
1043 bzero(key, sizeof(key));
1045 bzero(md, sizeof(*md));
1046 gctl_error(req, "Cannot encrypt Master Key: %s.",
1051 /* Store metadata with fresh key. */
1052 eli_metadata_store(req, prov, md);
1053 bzero(md, sizeof(*md));
1057 eli_setkey(struct gctl_req *req)
1059 struct g_eli_metadata md;
1063 nargs = gctl_get_int(req, "nargs");
1065 gctl_error(req, "Invalid number of arguments.");
1068 prov = gctl_get_ascii(req, "arg0");
1070 if (eli_metadata_read(req, prov, &md) == -1)
1073 if (eli_is_attached(prov))
1074 eli_setkey_attached(req, &md);
1076 eli_setkey_detached(req, prov, &md);
1078 if (req->error == NULL || req->error[0] == '\0') {
1079 printf("Note, that the master key encrypted with old keys "
1080 "and/or passphrase may still exists in a metadata backup "
1086 eli_delkey_attached(struct gctl_req *req, const char *prov __unused)
1093 eli_delkey_detached(struct gctl_req *req, const char *prov)
1095 struct g_eli_metadata md;
1096 unsigned char *mkeydst;
1101 if (eli_metadata_read(req, prov, &md) == -1)
1104 all = gctl_get_int(req, "all");
1106 arc4rand(md.md_mkeys, sizeof(md.md_mkeys));
1108 force = gctl_get_int(req, "force");
1109 val = gctl_get_intmax(req, "keyno");
1111 gctl_error(req, "Key number has to be specified.");
1115 if (nkey >= G_ELI_MAXMKEYS) {
1116 gctl_error(req, "Invalid '%s' argument.", "keyno");
1119 if (!(md.md_keys & (1 << nkey)) && !force) {
1120 gctl_error(req, "Master Key %u is not set.", nkey);
1123 md.md_keys &= ~(1 << nkey);
1124 if (md.md_keys == 0 && !force) {
1125 gctl_error(req, "This is the last Master Key. Use '-f' "
1126 "option if you really want to remove it.");
1129 mkeydst = md.md_mkeys + nkey * G_ELI_MKEYLEN;
1130 arc4rand(mkeydst, G_ELI_MKEYLEN);
1133 eli_metadata_store(req, prov, &md);
1134 bzero(&md, sizeof(md));
1138 eli_delkey(struct gctl_req *req)
1143 nargs = gctl_get_int(req, "nargs");
1145 gctl_error(req, "Invalid number of arguments.");
1148 prov = gctl_get_ascii(req, "arg0");
1150 if (eli_is_attached(prov))
1151 eli_delkey_attached(req, prov);
1153 eli_delkey_detached(req, prov);
1157 eli_resume(struct gctl_req *req)
1159 struct g_eli_metadata md;
1160 unsigned char key[G_ELI_USERKEYLEN];
1165 nargs = gctl_get_int(req, "nargs");
1167 gctl_error(req, "Invalid number of arguments.");
1170 prov = gctl_get_ascii(req, "arg0");
1172 if (eli_metadata_read(req, prov, &md) == -1)
1175 mediasize = g_get_mediasize(prov);
1176 if (md.md_provsize != (uint64_t)mediasize) {
1177 gctl_error(req, "Provider size mismatch.");
1181 if (eli_genkey(req, &md, key, false) == NULL) {
1182 bzero(key, sizeof(key));
1186 gctl_ro_param(req, "key", sizeof(key), key);
1187 if (gctl_issue(req) == NULL) {
1189 printf("Resumed %s.\n", prov);
1191 bzero(key, sizeof(key));
1195 eli_trash_metadata(struct gctl_req *req, const char *prov, int fd, off_t offset)
1197 unsigned int overwrites;
1198 unsigned char *sector;
1202 size = sizeof(overwrites);
1203 if (sysctlbyname("kern.geom.eli.overwrites", &overwrites, &size,
1204 NULL, 0) == -1 || overwrites == 0) {
1205 overwrites = G_ELI_OVERWRITES;
1208 size = g_sectorsize(fd);
1210 gctl_error(req, "Cannot obtain provider sector size %s: %s.",
1211 prov, strerror(errno));
1214 sector = malloc(size);
1215 if (sector == NULL) {
1216 gctl_error(req, "Cannot allocate %zd bytes of memory.", size);
1222 arc4rand(sector, size);
1223 if (pwrite(fd, sector, size, offset) != size) {
1228 } while (--overwrites > 0);
1230 gctl_error(req, "Cannot trash metadata on provider %s: %s.",
1231 prov, strerror(error));
1238 eli_kill_detached(struct gctl_req *req, const char *prov)
1244 * NOTE: Maybe we should verify if this is geli provider first,
1245 * but 'kill' command is quite critical so better don't waste
1249 error = g_metadata_read(prov, (unsigned char *)&md, sizeof(md),
1252 gctl_error(req, "Cannot read metadata from %s: %s.", prov,
1258 fd = g_open(prov, 1);
1260 gctl_error(req, "Cannot open provider %s: %s.", prov,
1264 offset = g_mediasize(fd) - g_sectorsize(fd);
1267 "Cannot obtain media size or sector size for provider %s: %s.",
1268 prov, strerror(errno));
1272 (void)eli_trash_metadata(req, prov, fd, offset);
1277 eli_kill(struct gctl_req *req)
1282 nargs = gctl_get_int(req, "nargs");
1283 all = gctl_get_int(req, "all");
1284 if (!all && nargs == 0) {
1285 gctl_error(req, "Too few arguments.");
1289 * How '-a' option combine with a list of providers:
1290 * Delete Master Keys from all attached providers:
1292 * Delete Master Keys from all attached providers and from
1293 * detached da0 and da1:
1294 * geli kill -a da0 da1
1295 * Delete Master Keys from (attached or detached) da0 and da1:
1299 /* First detached providers. */
1300 for (i = 0; i < nargs; i++) {
1301 prov = gctl_get_ascii(req, "arg%d", i);
1302 if (!eli_is_attached(prov))
1303 eli_kill_detached(req, prov);
1305 /* Now attached providers. */
1310 eli_backup_create(struct gctl_req *req, const char *prov, const char *file)
1312 struct g_eli_metadata md;
1313 unsigned char *sector;
1316 int filefd, provfd, ret;
1319 provfd = filefd = -1;
1323 provfd = g_open(prov, 0);
1325 gctl_error(req, "Cannot open %s: %s.", prov, strerror(errno));
1328 filefd = open(file, O_WRONLY | O_TRUNC | O_CREAT, 0600);
1330 gctl_error(req, "Cannot open %s: %s.", file, strerror(errno));
1334 mediasize = g_mediasize(provfd);
1335 secsize = g_sectorsize(provfd);
1336 if (mediasize == -1 || secsize == -1) {
1337 gctl_error(req, "Cannot get informations about %s: %s.", prov,
1342 sector = malloc(secsize);
1343 if (sector == NULL) {
1344 gctl_error(req, "Cannot allocate memory.");
1348 /* Read metadata from the provider. */
1349 if (pread(provfd, sector, secsize, mediasize - secsize) != secsize) {
1350 gctl_error(req, "Cannot read metadata: %s.", strerror(errno));
1353 /* Check if this is geli provider. */
1354 if (eli_metadata_decode(sector, &md) != 0) {
1355 gctl_error(req, "MD5 hash mismatch: not a geli provider?");
1358 /* Write metadata to the destination file. */
1359 if (write(filefd, sector, secsize) != secsize) {
1360 gctl_error(req, "Cannot write to %s: %s.", file,
1364 (void)fsync(filefd);
1369 (void)g_close(provfd);
1371 (void)close(filefd);
1372 if (sector != NULL) {
1373 bzero(sector, secsize);
1380 eli_backup(struct gctl_req *req)
1382 const char *file, *prov;
1385 nargs = gctl_get_int(req, "nargs");
1387 gctl_error(req, "Invalid number of arguments.");
1390 prov = gctl_get_ascii(req, "arg0");
1391 file = gctl_get_ascii(req, "arg1");
1393 eli_backup_create(req, prov, file);
1397 eli_restore(struct gctl_req *req)
1399 struct g_eli_metadata md;
1400 const char *file, *prov;
1401 unsigned char *sector;
1404 int nargs, filefd, provfd;
1406 nargs = gctl_get_int(req, "nargs");
1408 gctl_error(req, "Invalid number of arguments.");
1411 file = gctl_get_ascii(req, "arg0");
1412 prov = gctl_get_ascii(req, "arg1");
1414 provfd = filefd = -1;
1418 filefd = open(file, O_RDONLY);
1420 gctl_error(req, "Cannot open %s: %s.", file, strerror(errno));
1423 provfd = g_open(prov, 1);
1425 gctl_error(req, "Cannot open %s: %s.", prov, strerror(errno));
1429 mediasize = g_mediasize(provfd);
1430 secsize = g_sectorsize(provfd);
1431 if (mediasize == -1 || secsize == -1) {
1432 gctl_error(req, "Cannot get informations about %s: %s.", prov,
1437 sector = malloc(secsize);
1438 if (sector == NULL) {
1439 gctl_error(req, "Cannot allocate memory.");
1443 /* Read metadata from the backup file. */
1444 if (read(filefd, sector, secsize) != secsize) {
1445 gctl_error(req, "Cannot read from %s: %s.", file,
1449 /* Check if this file contains geli metadata. */
1450 if (eli_metadata_decode(sector, &md) != 0) {
1451 gctl_error(req, "MD5 hash mismatch: not a geli backup file?");
1454 /* Check if the provider size has changed since we did the backup. */
1455 if (md.md_provsize != (uint64_t)mediasize) {
1456 if (gctl_get_int(req, "force")) {
1457 md.md_provsize = mediasize;
1458 eli_metadata_encode(&md, sector);
1460 gctl_error(req, "Provider size mismatch: "
1461 "wrong backup file?");
1465 /* Write metadata from the provider. */
1466 if (pwrite(provfd, sector, secsize, mediasize - secsize) != secsize) {
1467 gctl_error(req, "Cannot write metadata: %s.", strerror(errno));
1470 (void)g_flush(provfd);
1473 (void)g_close(provfd);
1475 (void)close(filefd);
1476 if (sector != NULL) {
1477 bzero(sector, secsize);
1483 eli_resize(struct gctl_req *req)
1485 struct g_eli_metadata md;
1487 unsigned char *sector;
1489 off_t mediasize, oldsize;
1492 nargs = gctl_get_int(req, "nargs");
1494 gctl_error(req, "Invalid number of arguments.");
1497 prov = gctl_get_ascii(req, "arg0");
1503 provfd = g_open(prov, 1);
1505 gctl_error(req, "Cannot open %s: %s.", prov, strerror(errno));
1509 mediasize = g_mediasize(provfd);
1510 secsize = g_sectorsize(provfd);
1511 if (mediasize == -1 || secsize == -1) {
1512 gctl_error(req, "Cannot get information about %s: %s.", prov,
1517 sector = malloc(secsize);
1518 if (sector == NULL) {
1519 gctl_error(req, "Cannot allocate memory.");
1523 oldsize = gctl_get_intmax(req, "oldsize");
1524 if (oldsize < 0 || oldsize > mediasize) {
1525 gctl_error(req, "Invalid oldsize: Out of range.");
1528 if (oldsize == mediasize) {
1529 gctl_error(req, "Size hasn't changed.");
1533 /* Read metadata from the 'oldsize' offset. */
1534 if (pread(provfd, sector, secsize, oldsize - secsize) != secsize) {
1535 gctl_error(req, "Cannot read old metadata: %s.",
1540 /* Check if this sector contains geli metadata. */
1541 if (eli_metadata_decode(sector, &md) != 0) {
1542 gctl_error(req, "MD5 hash mismatch: no metadata for oldsize.");
1547 * If the old metadata doesn't have a correct provider size, refuse
1550 if (md.md_provsize != (uint64_t)oldsize) {
1551 gctl_error(req, "Provider size mismatch at oldsize.");
1556 * Update the old metadata with the current provider size and write
1557 * it back to the correct place on the provider.
1559 md.md_provsize = mediasize;
1560 eli_metadata_encode(&md, sector);
1561 if (pwrite(provfd, sector, secsize, mediasize - secsize) != secsize) {
1562 gctl_error(req, "Cannot write metadata: %s.", strerror(errno));
1565 (void)g_flush(provfd);
1567 /* Now trash the old metadata. */
1568 if (eli_trash_metadata(req, prov, provfd, oldsize - secsize) == -1)
1572 (void)g_close(provfd);
1573 if (sector != NULL) {
1574 bzero(sector, secsize);
1580 eli_clear(struct gctl_req *req)
1583 int error, i, nargs;
1585 nargs = gctl_get_int(req, "nargs");
1587 gctl_error(req, "Too few arguments.");
1591 for (i = 0; i < nargs; i++) {
1592 name = gctl_get_ascii(req, "arg%d", i);
1593 error = g_metadata_clear(name, G_ELI_MAGIC);
1595 fprintf(stderr, "Cannot clear metadata on %s: %s.\n",
1596 name, strerror(error));
1597 gctl_error(req, "Not fully done.");
1601 printf("Metadata cleared on %s.\n", name);
1606 eli_dump(struct gctl_req *req)
1608 struct g_eli_metadata md, tmpmd;
1610 int error, i, nargs;
1612 nargs = gctl_get_int(req, "nargs");
1614 gctl_error(req, "Too few arguments.");
1618 for (i = 0; i < nargs; i++) {
1619 name = gctl_get_ascii(req, "arg%d", i);
1620 error = g_metadata_read(name, (unsigned char *)&tmpmd,
1621 sizeof(tmpmd), G_ELI_MAGIC);
1623 fprintf(stderr, "Cannot read metadata from %s: %s.\n",
1624 name, strerror(error));
1625 gctl_error(req, "Not fully done.");
1628 if (eli_metadata_decode((unsigned char *)&tmpmd, &md) != 0) {
1629 fprintf(stderr, "MD5 hash mismatch for %s, skipping.\n",
1631 gctl_error(req, "Not fully done.");
1634 printf("Metadata on %s:\n", name);
1635 eli_metadata_dump(&md);