2 * SPDX-License-Identifier: BSD-2-Clause-FreeBSD
4 * Copyright (c) 2004-2010 Pawel Jakub Dawidek <pjd@FreeBSD.org>
7 * Redistribution and use in source and binary forms, with or without
8 * modification, are permitted provided that the following conditions
10 * 1. Redistributions of source code must retain the above copyright
11 * notice, this list of conditions and the following disclaimer.
12 * 2. Redistributions in binary form must reproduce the above copyright
13 * notice, this list of conditions and the following disclaimer in the
14 * documentation and/or other materials provided with the distribution.
16 * THIS SOFTWARE IS PROVIDED BY THE AUTHORS AND CONTRIBUTORS ``AS IS'' AND
17 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
19 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHORS OR CONTRIBUTORS BE LIABLE
20 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
22 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
23 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
24 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
25 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
29 #include <sys/cdefs.h>
30 __FBSDID("$FreeBSD$");
32 #include <sys/param.h>
34 #include <sys/sysctl.h>
35 #include <sys/resource.h>
36 #include <opencrypto/cryptodev.h>
44 #include <readpassphrase.h>
53 #include <geom/eli/g_eli.h>
54 #include <geom/eli/pkcs5v2.h>
56 #include "core/geom.h"
57 #include "misc/subr.h"
60 uint32_t lib_version = G_LIB_VERSION;
61 uint32_t version = G_ELI_VERSION;
63 #define GELI_BACKUP_DIR "/var/backups/"
64 #define GELI_ENC_ALGO "aes"
66 static void eli_main(struct gctl_req *req, unsigned flags);
67 static void eli_init(struct gctl_req *req);
68 static void eli_attach(struct gctl_req *req);
69 static void eli_configure(struct gctl_req *req);
70 static void eli_setkey(struct gctl_req *req);
71 static void eli_delkey(struct gctl_req *req);
72 static void eli_resume(struct gctl_req *req);
73 static void eli_kill(struct gctl_req *req);
74 static void eli_backup(struct gctl_req *req);
75 static void eli_restore(struct gctl_req *req);
76 static void eli_resize(struct gctl_req *req);
77 static void eli_version(struct gctl_req *req);
78 static void eli_clear(struct gctl_req *req);
79 static void eli_dump(struct gctl_req *req);
81 static int eli_backup_create(struct gctl_req *req, const char *prov,
87 * init [-bdgPTv] [-a aalgo] [-B backupfile] [-e ealgo] [-i iterations] [-l keylen] [-J newpassfile] [-K newkeyfile] [-s sectorsize] [-V version] prov
88 * label - alias for 'init'
89 * attach [-Cdprv] [-n keyno] [-j passfile] [-k keyfile] prov
90 * detach [-fl] prov ...
91 * stop - alias for 'detach'
92 * onetime [-d] [-a aalgo] [-e ealgo] [-l keylen] prov
93 * configure [-bBgGtT] prov ...
94 * setkey [-pPv] [-n keyno] [-j passfile] [-J newpassfile] [-k keyfile] [-K newkeyfile] prov
95 * delkey [-afv] [-n keyno] prov
96 * suspend [-v] -a | prov ...
97 * resume [-pv] [-j passfile] [-k keyfile] prov
98 * kill [-av] [prov ...]
99 * backup [-v] prov file
100 * restore [-fv] file prov
101 * resize [-v] -s oldsize prov
103 * clear [-v] prov ...
106 struct g_command class_commands[] = {
107 { "init", G_FLAG_VERBOSE, eli_main,
109 { 'a', "aalgo", "", G_TYPE_STRING },
110 { 'b', "boot", NULL, G_TYPE_BOOL },
111 { 'B', "backupfile", "", G_TYPE_STRING },
112 { 'd', "displaypass", NULL, G_TYPE_BOOL },
113 { 'e', "ealgo", "", G_TYPE_STRING },
114 { 'g', "geliboot", NULL, G_TYPE_BOOL },
115 { 'i', "iterations", "-1", G_TYPE_NUMBER },
116 { 'J', "newpassfile", G_VAL_OPTIONAL, G_TYPE_STRING | G_TYPE_MULTI },
117 { 'K', "newkeyfile", G_VAL_OPTIONAL, G_TYPE_STRING | G_TYPE_MULTI },
118 { 'l', "keylen", "0", G_TYPE_NUMBER },
119 { 'P', "nonewpassphrase", NULL, G_TYPE_BOOL },
120 { 's', "sectorsize", "0", G_TYPE_NUMBER },
121 { 'T', "notrim", NULL, G_TYPE_BOOL },
122 { 'V', "mdversion", "-1", G_TYPE_NUMBER },
125 "[-bdgPTv] [-a aalgo] [-B backupfile] [-e ealgo] [-i iterations] [-l keylen] [-J newpassfile] [-K newkeyfile] [-s sectorsize] [-V version] prov"
127 { "label", G_FLAG_VERBOSE, eli_main,
129 { 'a', "aalgo", "", G_TYPE_STRING },
130 { 'b', "boot", NULL, G_TYPE_BOOL },
131 { 'B', "backupfile", "", G_TYPE_STRING },
132 { 'd', "displaypass", NULL, G_TYPE_BOOL },
133 { 'e', "ealgo", "", G_TYPE_STRING },
134 { 'g', "geliboot", NULL, G_TYPE_BOOL },
135 { 'i', "iterations", "-1", G_TYPE_NUMBER },
136 { 'J', "newpassfile", G_VAL_OPTIONAL, G_TYPE_STRING | G_TYPE_MULTI },
137 { 'K', "newkeyfile", G_VAL_OPTIONAL, G_TYPE_STRING | G_TYPE_MULTI },
138 { 'l', "keylen", "0", G_TYPE_NUMBER },
139 { 'P', "nonewpassphrase", NULL, G_TYPE_BOOL },
140 { 's', "sectorsize", "0", G_TYPE_NUMBER },
141 { 'V', "mdversion", "-1", G_TYPE_NUMBER },
144 "- an alias for 'init'"
146 { "attach", G_FLAG_VERBOSE | G_FLAG_LOADKLD, eli_main,
148 { 'C', "dryrun", NULL, G_TYPE_BOOL },
149 { 'd', "detach", NULL, G_TYPE_BOOL },
150 { 'j', "passfile", G_VAL_OPTIONAL, G_TYPE_STRING | G_TYPE_MULTI },
151 { 'k', "keyfile", G_VAL_OPTIONAL, G_TYPE_STRING | G_TYPE_MULTI },
152 { 'n', "keyno", "-1", G_TYPE_NUMBER },
153 { 'p', "nopassphrase", NULL, G_TYPE_BOOL },
154 { 'r', "readonly", NULL, G_TYPE_BOOL },
157 "[-Cdprv] [-n keyno] [-j passfile] [-k keyfile] prov"
161 { 'f', "force", NULL, G_TYPE_BOOL },
162 { 'l', "last", NULL, G_TYPE_BOOL },
169 { 'f', "force", NULL, G_TYPE_BOOL },
170 { 'l', "last", NULL, G_TYPE_BOOL },
173 "- an alias for 'detach'"
175 { "onetime", G_FLAG_VERBOSE | G_FLAG_LOADKLD, NULL,
177 { 'a', "aalgo", "", G_TYPE_STRING },
178 { 'd', "detach", NULL, G_TYPE_BOOL },
179 { 'e', "ealgo", GELI_ENC_ALGO, G_TYPE_STRING },
180 { 'l', "keylen", "0", G_TYPE_NUMBER },
181 { 's', "sectorsize", "0", G_TYPE_NUMBER },
182 { 'T', "notrim", NULL, G_TYPE_BOOL },
185 "[-dT] [-a aalgo] [-e ealgo] [-l keylen] [-s sectorsize] prov"
187 { "configure", G_FLAG_VERBOSE, eli_main,
189 { 'b', "boot", NULL, G_TYPE_BOOL },
190 { 'B', "noboot", NULL, G_TYPE_BOOL },
191 { 'd', "displaypass", NULL, G_TYPE_BOOL },
192 { 'D', "nodisplaypass", NULL, G_TYPE_BOOL },
193 { 'g', "geliboot", NULL, G_TYPE_BOOL },
194 { 'G', "nogeliboot", NULL, G_TYPE_BOOL },
195 { 't', "trim", NULL, G_TYPE_BOOL },
196 { 'T', "notrim", NULL, G_TYPE_BOOL },
199 "[-bBdDgGtT] prov ..."
201 { "setkey", G_FLAG_VERBOSE, eli_main,
203 { 'i', "iterations", "-1", G_TYPE_NUMBER },
204 { 'j', "passfile", G_VAL_OPTIONAL, G_TYPE_STRING | G_TYPE_MULTI },
205 { 'J', "newpassfile", G_VAL_OPTIONAL, G_TYPE_STRING | G_TYPE_MULTI },
206 { 'k', "keyfile", G_VAL_OPTIONAL, G_TYPE_STRING | G_TYPE_MULTI },
207 { 'K', "newkeyfile", G_VAL_OPTIONAL, G_TYPE_STRING | G_TYPE_MULTI },
208 { 'n', "keyno", "-1", G_TYPE_NUMBER },
209 { 'p', "nopassphrase", NULL, G_TYPE_BOOL },
210 { 'P', "nonewpassphrase", NULL, G_TYPE_BOOL },
213 "[-pPv] [-n keyno] [-i iterations] [-j passfile] [-J newpassfile] [-k keyfile] [-K newkeyfile] prov"
215 { "delkey", G_FLAG_VERBOSE, eli_main,
217 { 'a', "all", NULL, G_TYPE_BOOL },
218 { 'f', "force", NULL, G_TYPE_BOOL },
219 { 'n', "keyno", "-1", G_TYPE_NUMBER },
222 "[-afv] [-n keyno] prov"
224 { "suspend", G_FLAG_VERBOSE, NULL,
226 { 'a', "all", NULL, G_TYPE_BOOL },
231 { "resume", G_FLAG_VERBOSE, eli_main,
233 { 'j', "passfile", G_VAL_OPTIONAL, G_TYPE_STRING | G_TYPE_MULTI },
234 { 'k', "keyfile", G_VAL_OPTIONAL, G_TYPE_STRING | G_TYPE_MULTI },
235 { 'p', "nopassphrase", NULL, G_TYPE_BOOL },
238 "[-pv] [-j passfile] [-k keyfile] prov"
240 { "kill", G_FLAG_VERBOSE, eli_main,
242 { 'a', "all", NULL, G_TYPE_BOOL },
247 { "backup", G_FLAG_VERBOSE, eli_main, G_NULL_OPTS,
250 { "restore", G_FLAG_VERBOSE, eli_main,
252 { 'f', "force", NULL, G_TYPE_BOOL },
257 { "resize", G_FLAG_VERBOSE, eli_main,
259 { 's', "oldsize", NULL, G_TYPE_NUMBER },
262 "[-v] -s oldsize prov"
264 { "version", G_FLAG_LOADKLD, eli_main, G_NULL_OPTS,
267 { "clear", G_FLAG_VERBOSE, eli_main, G_NULL_OPTS,
270 { "dump", G_FLAG_VERBOSE, eli_main, G_NULL_OPTS,
276 static int verbose = 0;
281 eli_protect(struct gctl_req *req)
285 /* Disable core dumps. */
288 if (setrlimit(RLIMIT_CORE, &rl) == -1) {
289 gctl_error(req, "Cannot disable core dumps: %s.",
293 /* Disable swapping. */
294 if (mlockall(MCL_FUTURE) == -1) {
295 gctl_error(req, "Cannot lock memory: %s.", strerror(errno));
302 eli_main(struct gctl_req *req, unsigned int flags)
306 if (eli_protect(req) == -1)
309 if ((flags & G_FLAG_VERBOSE) != 0)
312 name = gctl_get_ascii(req, "verb");
314 gctl_error(req, "No '%s' argument.", "verb");
317 if (strcmp(name, "init") == 0 || strcmp(name, "label") == 0)
319 else if (strcmp(name, "attach") == 0)
321 else if (strcmp(name, "configure") == 0)
323 else if (strcmp(name, "setkey") == 0)
325 else if (strcmp(name, "delkey") == 0)
327 else if (strcmp(name, "resume") == 0)
329 else if (strcmp(name, "kill") == 0)
331 else if (strcmp(name, "backup") == 0)
333 else if (strcmp(name, "restore") == 0)
335 else if (strcmp(name, "resize") == 0)
337 else if (strcmp(name, "version") == 0)
339 else if (strcmp(name, "dump") == 0)
341 else if (strcmp(name, "clear") == 0)
344 gctl_error(req, "Unknown command: %s.", name);
348 eli_is_attached(const char *prov)
350 char name[MAXPATHLEN];
353 * Not the best way to do it, but the easiest.
354 * We try to open provider and check if it is a GEOM provider
355 * by asking about its sectorsize.
357 snprintf(name, sizeof(name), "%s%s", prov, G_ELI_SUFFIX);
358 return (g_get_sectorsize(name) > 0);
362 eli_genkey_files(struct gctl_req *req, bool new, const char *type,
363 struct hmac_ctx *ctxp, char *passbuf, size_t passbufsize)
365 char *p, buf[BUFSIZE], argname[16];
370 assert((strcmp(type, "keyfile") == 0 && ctxp != NULL &&
371 passbuf == NULL && passbufsize == 0) ||
372 (strcmp(type, "passfile") == 0 && ctxp == NULL &&
373 passbuf != NULL && passbufsize > 0));
374 assert(strcmp(type, "keyfile") == 0 || passbuf[0] == '\0');
377 snprintf(argname, sizeof(argname), "%s%s%d",
378 new ? "new" : "", type, i);
380 /* No more {key,pass}files? */
381 if (!gctl_has_param(req, argname))
384 file = gctl_get_ascii(req, "%s", argname);
385 assert(file != NULL);
387 if (strcmp(file, "-") == 0)
390 fd = open(file, O_RDONLY);
392 gctl_error(req, "Cannot open %s %s: %s.",
393 type, file, strerror(errno));
397 if (strcmp(type, "keyfile") == 0) {
398 while ((done = read(fd, buf, sizeof(buf))) > 0)
399 g_eli_crypto_hmac_update(ctxp, buf, done);
400 } else /* if (strcmp(type, "passfile") == 0) */ {
401 assert(strcmp(type, "passfile") == 0);
403 while ((done = read(fd, buf, sizeof(buf) - 1)) > 0) {
405 p = strchr(buf, '\n');
410 if (strlcat(passbuf, buf, passbufsize) >=
413 "Passphrase in %s too long.", file);
414 bzero(buf, sizeof(buf));
422 if (strcmp(file, "-") != 0)
424 bzero(buf, sizeof(buf));
426 gctl_error(req, "Cannot read %s %s: %s.",
427 type, file, strerror(error));
435 eli_genkey_passphrase_prompt(struct gctl_req *req, bool new, char *passbuf,
442 new ? "Enter new passphrase: " : "Enter passphrase: ",
443 passbuf, passbufsize, RPP_ECHO_OFF | RPP_REQUIRE_TTY);
445 bzero(passbuf, passbufsize);
446 gctl_error(req, "Cannot read passphrase: %s.",
452 char tmpbuf[BUFSIZE];
454 p = readpassphrase("Reenter new passphrase: ",
455 tmpbuf, sizeof(tmpbuf),
456 RPP_ECHO_OFF | RPP_REQUIRE_TTY);
458 bzero(passbuf, passbufsize);
460 "Cannot read passphrase: %s.",
465 if (strcmp(passbuf, tmpbuf) != 0) {
466 bzero(passbuf, passbufsize);
467 fprintf(stderr, "They didn't match.\n");
470 bzero(tmpbuf, sizeof(tmpbuf));
478 eli_genkey_passphrase(struct gctl_req *req, struct g_eli_metadata *md, bool new,
479 struct hmac_ctx *ctxp)
481 char passbuf[BUFSIZE];
486 gctl_get_int(req, new ? "nonewpassphrase" : "nopassphrase");
488 if (gctl_has_param(req, new ? "newpassfile0" : "passfile0")) {
490 "Options -%c and -%c are mutually exclusive.",
491 new ? 'J' : 'j', new ? 'P' : 'p');
497 if (!new && md->md_iterations == -1) {
498 gctl_error(req, "Missing -p flag.");
502 nfiles = eli_genkey_files(req, new, "passfile", NULL, passbuf,
506 else if (nfiles == 0) {
507 if (eli_genkey_passphrase_prompt(req, new, passbuf,
508 sizeof(passbuf)) == -1) {
513 * Field md_iterations equal to -1 means "choose some sane
516 if (md->md_iterations == -1) {
519 printf("Calculating number of iterations...\n");
520 md->md_iterations = pkcs5v2_calculate(2000000);
521 assert(md->md_iterations > 0);
523 printf("Done, using %d iterations.\n",
528 * If md_iterations is equal to 0, user doesn't want PKCS#5v2.
530 if (md->md_iterations == 0) {
531 g_eli_crypto_hmac_update(ctxp, md->md_salt,
532 sizeof(md->md_salt));
533 g_eli_crypto_hmac_update(ctxp, passbuf, strlen(passbuf));
534 } else /* if (md->md_iterations > 0) */ {
535 unsigned char dkey[G_ELI_USERKEYLEN];
537 pkcs5v2_genkey(dkey, sizeof(dkey), md->md_salt,
538 sizeof(md->md_salt), passbuf, md->md_iterations);
539 g_eli_crypto_hmac_update(ctxp, dkey, sizeof(dkey));
540 bzero(dkey, sizeof(dkey));
542 bzero(passbuf, sizeof(passbuf));
547 static unsigned char *
548 eli_genkey(struct gctl_req *req, struct g_eli_metadata *md, unsigned char *key,
556 gctl_get_int(req, new ? "nonewpassphrase" : "nopassphrase");
558 g_eli_crypto_hmac_init(&ctx, NULL, 0);
560 nfiles = eli_genkey_files(req, new, "keyfile", &ctx, NULL, 0);
563 else if (nfiles == 0 && nopassphrase) {
564 gctl_error(req, "No key components given.");
568 if (eli_genkey_passphrase(req, md, new, &ctx) == -1)
571 g_eli_crypto_hmac_final(&ctx, key, 0);
577 eli_metadata_read(struct gctl_req *req, const char *prov,
578 struct g_eli_metadata *md)
580 unsigned char sector[sizeof(struct g_eli_metadata)];
583 if (g_get_sectorsize(prov) == 0) {
586 /* This is a file probably. */
587 fd = open(prov, O_RDONLY);
589 gctl_error(req, "Cannot open %s: %s.", prov,
593 if (read(fd, sector, sizeof(sector)) != sizeof(sector)) {
594 gctl_error(req, "Cannot read metadata from %s: %s.",
595 prov, strerror(errno));
601 /* This is a GEOM provider. */
602 error = g_metadata_read(prov, sector, sizeof(sector),
605 gctl_error(req, "Cannot read metadata from %s: %s.",
606 prov, strerror(error));
610 error = eli_metadata_decode(sector, md);
616 "Provider's %s metadata version %u is too new.\n"
617 "geli: The highest supported version is %u.",
618 prov, (unsigned int)md->md_version, G_ELI_VERSION);
621 gctl_error(req, "Inconsistent provider's %s metadata.", prov);
625 "Unexpected error while decoding provider's %s metadata: %s.",
626 prov, strerror(error));
633 eli_metadata_store(struct gctl_req *req, const char *prov,
634 struct g_eli_metadata *md)
636 unsigned char sector[sizeof(struct g_eli_metadata)];
639 eli_metadata_encode(md, sector);
640 if (g_get_sectorsize(prov) == 0) {
643 /* This is a file probably. */
644 fd = open(prov, O_WRONLY | O_TRUNC);
646 gctl_error(req, "Cannot open %s: %s.", prov,
648 bzero(sector, sizeof(sector));
651 if (write(fd, sector, sizeof(sector)) != sizeof(sector)) {
652 gctl_error(req, "Cannot write metadata to %s: %s.",
653 prov, strerror(errno));
654 bzero(sector, sizeof(sector));
660 /* This is a GEOM provider. */
661 error = g_metadata_store(prov, sector, sizeof(sector));
663 gctl_error(req, "Cannot write metadata to %s: %s.",
664 prov, strerror(errno));
665 bzero(sector, sizeof(sector));
669 bzero(sector, sizeof(sector));
674 eli_init(struct gctl_req *req)
676 struct g_eli_metadata md;
677 unsigned char sector[sizeof(struct g_eli_metadata)] __aligned(4);
678 unsigned char key[G_ELI_USERKEYLEN];
679 char backfile[MAXPATHLEN];
680 const char *str, *prov;
681 unsigned int secsize, version;
686 nargs = gctl_get_int(req, "nargs");
688 gctl_error(req, "Invalid number of arguments.");
691 prov = gctl_get_ascii(req, "arg0");
692 mediasize = g_get_mediasize(prov);
693 secsize = g_get_sectorsize(prov);
694 if (mediasize == 0 || secsize == 0) {
695 gctl_error(req, "Cannot get informations about %s: %s.", prov,
700 bzero(&md, sizeof(md));
701 strlcpy(md.md_magic, G_ELI_MAGIC, sizeof(md.md_magic));
702 val = gctl_get_intmax(req, "mdversion");
704 version = G_ELI_VERSION;
705 } else if (val < 0 || val > G_ELI_VERSION) {
707 "Invalid version specified should be between %u and %u.",
708 G_ELI_VERSION_00, G_ELI_VERSION);
713 md.md_version = version;
715 if (gctl_get_int(req, "boot"))
716 md.md_flags |= G_ELI_FLAG_BOOT;
717 if (gctl_get_int(req, "geliboot"))
718 md.md_flags |= G_ELI_FLAG_GELIBOOT;
719 if (gctl_get_int(req, "displaypass"))
720 md.md_flags |= G_ELI_FLAG_GELIDISPLAYPASS;
721 if (gctl_get_int(req, "notrim"))
722 md.md_flags |= G_ELI_FLAG_NODELETE;
723 md.md_ealgo = CRYPTO_ALGORITHM_MIN - 1;
724 str = gctl_get_ascii(req, "aalgo");
726 if (version < G_ELI_VERSION_01) {
728 "Data authentication is supported starting from version %u.",
732 md.md_aalgo = g_eli_str2aalgo(str);
733 if (md.md_aalgo >= CRYPTO_ALGORITHM_MIN &&
734 md.md_aalgo <= CRYPTO_ALGORITHM_MAX) {
735 md.md_flags |= G_ELI_FLAG_AUTH;
738 * For backward compatibility, check if the -a option
739 * was used to provide encryption algorithm.
741 md.md_ealgo = g_eli_str2ealgo(str);
742 if (md.md_ealgo < CRYPTO_ALGORITHM_MIN ||
743 md.md_ealgo > CRYPTO_ALGORITHM_MAX) {
745 "Invalid authentication algorithm.");
748 fprintf(stderr, "warning: The -e option, not "
749 "the -a option is now used to specify "
750 "encryption algorithm to use.\n");
754 if (md.md_ealgo < CRYPTO_ALGORITHM_MIN ||
755 md.md_ealgo > CRYPTO_ALGORITHM_MAX) {
756 str = gctl_get_ascii(req, "ealgo");
758 if (version < G_ELI_VERSION_05)
763 md.md_ealgo = g_eli_str2ealgo(str);
764 if (md.md_ealgo < CRYPTO_ALGORITHM_MIN ||
765 md.md_ealgo > CRYPTO_ALGORITHM_MAX) {
766 gctl_error(req, "Invalid encryption algorithm.");
769 if (md.md_ealgo == CRYPTO_CAMELLIA_CBC &&
770 version < G_ELI_VERSION_04) {
772 "Camellia-CBC algorithm is supported starting from version %u.",
776 if (md.md_ealgo == CRYPTO_AES_XTS &&
777 version < G_ELI_VERSION_05) {
779 "AES-XTS algorithm is supported starting from version %u.",
784 val = gctl_get_intmax(req, "keylen");
786 md.md_keylen = g_eli_keylen(md.md_ealgo, md.md_keylen);
787 if (md.md_keylen == 0) {
788 gctl_error(req, "Invalid key length.");
791 md.md_provsize = mediasize;
793 val = gctl_get_intmax(req, "iterations");
798 * Don't allow to set iterations when there will be no
801 nonewpassphrase = gctl_get_int(req, "nonewpassphrase");
802 if (nonewpassphrase) {
804 "Options -i and -P are mutually exclusive.");
808 md.md_iterations = val;
810 val = gctl_get_intmax(req, "sectorsize");
812 md.md_sectorsize = secsize;
814 if (val < 0 || (val % secsize) != 0 || !powerof2(val)) {
815 gctl_error(req, "Invalid sector size.");
818 if (val > sysconf(_SC_PAGE_SIZE)) {
820 "warning: Using sectorsize bigger than the page size!\n");
822 md.md_sectorsize = val;
826 arc4random_buf(md.md_salt, sizeof(md.md_salt));
827 arc4random_buf(md.md_mkeys, sizeof(md.md_mkeys));
829 /* Generate user key. */
830 if (eli_genkey(req, &md, key, true) == NULL) {
831 bzero(key, sizeof(key));
832 bzero(&md, sizeof(md));
836 /* Encrypt the first and the only Master Key. */
837 error = g_eli_mkey_encrypt(md.md_ealgo, key, md.md_keylen, md.md_mkeys);
838 bzero(key, sizeof(key));
840 bzero(&md, sizeof(md));
841 gctl_error(req, "Cannot encrypt Master Key: %s.",
846 eli_metadata_encode(&md, sector);
847 bzero(&md, sizeof(md));
848 error = g_metadata_store(prov, sector, sizeof(sector));
849 bzero(sector, sizeof(sector));
851 gctl_error(req, "Cannot store metadata on %s: %s.", prov,
856 printf("Metadata value stored on %s.\n", prov);
857 /* Backup metadata to a file. */
858 str = gctl_get_ascii(req, "backupfile");
859 if (str[0] != '\0') {
860 /* Backupfile given be the user, just copy it. */
861 strlcpy(backfile, str, sizeof(backfile));
863 /* Generate file name automatically. */
864 const char *p = prov;
867 if (strncmp(p, _PATH_DEV, sizeof(_PATH_DEV) - 1) == 0)
868 p += sizeof(_PATH_DEV) - 1;
869 snprintf(backfile, sizeof(backfile), "%s%s.eli",
871 /* Replace all / with _. */
872 for (i = strlen(GELI_BACKUP_DIR); backfile[i] != '\0'; i++) {
873 if (backfile[i] == '/')
877 if (strcmp(backfile, "none") != 0 &&
878 eli_backup_create(req, prov, backfile) == 0) {
879 printf("\nMetadata backup can be found in %s and\n", backfile);
880 printf("can be restored with the following command:\n");
881 printf("\n\t# geli restore %s %s\n\n", backfile, prov);
886 eli_attach(struct gctl_req *req)
888 struct g_eli_metadata md;
889 unsigned char key[G_ELI_USERKEYLEN];
894 nargs = gctl_get_int(req, "nargs");
896 gctl_error(req, "Invalid number of arguments.");
899 prov = gctl_get_ascii(req, "arg0");
901 if (eli_metadata_read(req, prov, &md) == -1)
904 mediasize = g_get_mediasize(prov);
905 if (md.md_provsize != (uint64_t)mediasize) {
906 gctl_error(req, "Provider size mismatch.");
910 if (eli_genkey(req, &md, key, false) == NULL) {
911 bzero(key, sizeof(key));
915 gctl_ro_param(req, "key", sizeof(key), key);
916 if (gctl_issue(req) == NULL) {
918 printf("Attached to %s.\n", prov);
920 bzero(key, sizeof(key));
924 eli_configure_detached(struct gctl_req *req, const char *prov, int boot,
925 int geliboot, int displaypass, int trim)
927 struct g_eli_metadata md;
930 if (eli_metadata_read(req, prov, &md) == -1)
933 if (boot == 1 && (md.md_flags & G_ELI_FLAG_BOOT)) {
935 printf("BOOT flag already configured for %s.\n", prov);
936 } else if (boot == 0 && !(md.md_flags & G_ELI_FLAG_BOOT)) {
938 printf("BOOT flag not configured for %s.\n", prov);
939 } else if (boot >= 0) {
941 md.md_flags |= G_ELI_FLAG_BOOT;
943 md.md_flags &= ~G_ELI_FLAG_BOOT;
947 if (geliboot == 1 && (md.md_flags & G_ELI_FLAG_GELIBOOT)) {
949 printf("GELIBOOT flag already configured for %s.\n", prov);
950 } else if (geliboot == 0 && !(md.md_flags & G_ELI_FLAG_GELIBOOT)) {
952 printf("GELIBOOT flag not configured for %s.\n", prov);
953 } else if (geliboot >= 0) {
955 md.md_flags |= G_ELI_FLAG_GELIBOOT;
957 md.md_flags &= ~G_ELI_FLAG_GELIBOOT;
961 if (displaypass == 1 && (md.md_flags & G_ELI_FLAG_GELIDISPLAYPASS)) {
963 printf("GELIDISPLAYPASS flag already configured for %s.\n", prov);
964 } else if (displaypass == 0 &&
965 !(md.md_flags & G_ELI_FLAG_GELIDISPLAYPASS)) {
967 printf("GELIDISPLAYPASS flag not configured for %s.\n", prov);
968 } else if (displaypass >= 0) {
970 md.md_flags |= G_ELI_FLAG_GELIDISPLAYPASS;
972 md.md_flags &= ~G_ELI_FLAG_GELIDISPLAYPASS;
976 if (trim == 0 && (md.md_flags & G_ELI_FLAG_NODELETE)) {
978 printf("TRIM disable flag already configured for %s.\n", prov);
979 } else if (trim == 1 && !(md.md_flags & G_ELI_FLAG_NODELETE)) {
981 printf("TRIM disable flag not configured for %s.\n", prov);
982 } else if (trim >= 0) {
984 md.md_flags &= ~G_ELI_FLAG_NODELETE;
986 md.md_flags |= G_ELI_FLAG_NODELETE;
991 eli_metadata_store(req, prov, &md);
992 bzero(&md, sizeof(md));
996 eli_configure(struct gctl_req *req)
999 bool boot, noboot, geliboot, nogeliboot, displaypass, nodisplaypass;
1001 int doboot, dogeliboot, dodisplaypass, dotrim;
1004 nargs = gctl_get_int(req, "nargs");
1006 gctl_error(req, "Too few arguments.");
1010 boot = gctl_get_int(req, "boot");
1011 noboot = gctl_get_int(req, "noboot");
1012 geliboot = gctl_get_int(req, "geliboot");
1013 nogeliboot = gctl_get_int(req, "nogeliboot");
1014 displaypass = gctl_get_int(req, "displaypass");
1015 nodisplaypass = gctl_get_int(req, "nodisplaypass");
1016 trim = gctl_get_int(req, "trim");
1017 notrim = gctl_get_int(req, "notrim");
1020 if (boot && noboot) {
1021 gctl_error(req, "Options -b and -B are mutually exclusive.");
1030 if (geliboot && nogeliboot) {
1031 gctl_error(req, "Options -g and -G are mutually exclusive.");
1036 else if (nogeliboot)
1040 if (displaypass && nodisplaypass) {
1041 gctl_error(req, "Options -d and -D are mutually exclusive.");
1046 else if (nodisplaypass)
1050 if (trim && notrim) {
1051 gctl_error(req, "Options -t and -T are mutually exclusive.");
1059 if (doboot == -1 && dogeliboot == -1 && dodisplaypass == -1 &&
1061 gctl_error(req, "No option given.");
1065 /* First attached providers. */
1068 for (i = 0; i < nargs; i++) {
1069 prov = gctl_get_ascii(req, "arg%d", i);
1070 if (!eli_is_attached(prov)) {
1071 eli_configure_detached(req, prov, doboot, dogeliboot,
1072 dodisplaypass, dotrim);
1078 eli_setkey_attached(struct gctl_req *req, struct g_eli_metadata *md)
1080 unsigned char key[G_ELI_USERKEYLEN];
1081 intmax_t val, old = 0;
1084 val = gctl_get_intmax(req, "iterations");
1085 /* Check if iterations number should be changed. */
1087 md->md_iterations = val;
1089 old = md->md_iterations;
1091 /* Generate key for Master Key encryption. */
1092 if (eli_genkey(req, md, key, true) == NULL) {
1093 bzero(key, sizeof(key));
1097 * If number of iterations has changed, but wasn't given as a
1098 * command-line argument, update the request.
1100 if (val == -1 && md->md_iterations != old) {
1101 error = gctl_change_param(req, "iterations", sizeof(intmax_t),
1102 &md->md_iterations);
1106 gctl_ro_param(req, "key", sizeof(key), key);
1108 bzero(key, sizeof(key));
1112 eli_setkey_detached(struct gctl_req *req, const char *prov,
1113 struct g_eli_metadata *md)
1115 unsigned char key[G_ELI_USERKEYLEN], mkey[G_ELI_DATAIVKEYLEN];
1116 unsigned char *mkeydst;
1121 if (md->md_keys == 0) {
1122 gctl_error(req, "No valid keys on %s.", prov);
1126 /* Generate key for Master Key decryption. */
1127 if (eli_genkey(req, md, key, false) == NULL) {
1128 bzero(key, sizeof(key));
1132 /* Decrypt Master Key. */
1133 error = g_eli_mkey_decrypt_any(md, key, mkey, &nkey);
1134 bzero(key, sizeof(key));
1136 bzero(md, sizeof(*md));
1138 gctl_error(req, "Wrong key for %s.", prov);
1139 else /* if (error > 0) */ {
1140 gctl_error(req, "Cannot decrypt Master Key: %s.",
1146 printf("Decrypted Master Key %u.\n", nkey);
1148 val = gctl_get_intmax(req, "keyno");
1153 ; /* Use the key number which was found during decryption. */
1155 if (nkey >= G_ELI_MAXMKEYS) {
1156 gctl_error(req, "Invalid '%s' argument.", "keyno");
1160 val = gctl_get_intmax(req, "iterations");
1161 /* Check if iterations number should and can be changed. */
1162 if (val != -1 && md->md_iterations == -1) {
1163 md->md_iterations = val;
1164 } else if (val != -1 && val != md->md_iterations) {
1165 if (bitcount32(md->md_keys) != 1) {
1166 gctl_error(req, "To be able to use '-i' option, only "
1167 "one key can be defined.");
1170 if (md->md_keys != (1 << nkey)) {
1171 gctl_error(req, "Only already defined key can be "
1172 "changed when '-i' option is used.");
1175 md->md_iterations = val;
1178 mkeydst = md->md_mkeys + nkey * G_ELI_MKEYLEN;
1179 md->md_keys |= (1 << nkey);
1181 bcopy(mkey, mkeydst, sizeof(mkey));
1182 bzero(mkey, sizeof(mkey));
1184 /* Generate key for Master Key encryption. */
1185 if (eli_genkey(req, md, key, true) == NULL) {
1186 bzero(key, sizeof(key));
1187 bzero(md, sizeof(*md));
1191 /* Encrypt the Master-Key with the new key. */
1192 error = g_eli_mkey_encrypt(md->md_ealgo, key, md->md_keylen, mkeydst);
1193 bzero(key, sizeof(key));
1195 bzero(md, sizeof(*md));
1196 gctl_error(req, "Cannot encrypt Master Key: %s.",
1201 /* Store metadata with fresh key. */
1202 eli_metadata_store(req, prov, md);
1203 bzero(md, sizeof(*md));
1207 eli_setkey(struct gctl_req *req)
1209 struct g_eli_metadata md;
1213 nargs = gctl_get_int(req, "nargs");
1215 gctl_error(req, "Invalid number of arguments.");
1218 prov = gctl_get_ascii(req, "arg0");
1220 if (eli_metadata_read(req, prov, &md) == -1)
1223 if (eli_is_attached(prov))
1224 eli_setkey_attached(req, &md);
1226 eli_setkey_detached(req, prov, &md);
1228 if (req->error == NULL || req->error[0] == '\0') {
1229 printf("Note, that the master key encrypted with old keys "
1230 "and/or passphrase may still exists in a metadata backup "
1236 eli_delkey_attached(struct gctl_req *req, const char *prov __unused)
1243 eli_delkey_detached(struct gctl_req *req, const char *prov)
1245 struct g_eli_metadata md;
1246 unsigned char *mkeydst;
1251 if (eli_metadata_read(req, prov, &md) == -1)
1254 all = gctl_get_int(req, "all");
1256 arc4random_buf(md.md_mkeys, sizeof(md.md_mkeys));
1258 force = gctl_get_int(req, "force");
1259 val = gctl_get_intmax(req, "keyno");
1261 gctl_error(req, "Key number has to be specified.");
1265 if (nkey >= G_ELI_MAXMKEYS) {
1266 gctl_error(req, "Invalid '%s' argument.", "keyno");
1269 if (!(md.md_keys & (1 << nkey)) && !force) {
1270 gctl_error(req, "Master Key %u is not set.", nkey);
1273 md.md_keys &= ~(1 << nkey);
1274 if (md.md_keys == 0 && !force) {
1275 gctl_error(req, "This is the last Master Key. Use '-f' "
1276 "option if you really want to remove it.");
1279 mkeydst = md.md_mkeys + nkey * G_ELI_MKEYLEN;
1280 arc4random_buf(mkeydst, G_ELI_MKEYLEN);
1283 eli_metadata_store(req, prov, &md);
1284 bzero(&md, sizeof(md));
1288 eli_delkey(struct gctl_req *req)
1293 nargs = gctl_get_int(req, "nargs");
1295 gctl_error(req, "Invalid number of arguments.");
1298 prov = gctl_get_ascii(req, "arg0");
1300 if (eli_is_attached(prov))
1301 eli_delkey_attached(req, prov);
1303 eli_delkey_detached(req, prov);
1307 eli_resume(struct gctl_req *req)
1309 struct g_eli_metadata md;
1310 unsigned char key[G_ELI_USERKEYLEN];
1315 nargs = gctl_get_int(req, "nargs");
1317 gctl_error(req, "Invalid number of arguments.");
1320 prov = gctl_get_ascii(req, "arg0");
1322 if (eli_metadata_read(req, prov, &md) == -1)
1325 mediasize = g_get_mediasize(prov);
1326 if (md.md_provsize != (uint64_t)mediasize) {
1327 gctl_error(req, "Provider size mismatch.");
1331 if (eli_genkey(req, &md, key, false) == NULL) {
1332 bzero(key, sizeof(key));
1336 gctl_ro_param(req, "key", sizeof(key), key);
1337 if (gctl_issue(req) == NULL) {
1339 printf("Resumed %s.\n", prov);
1341 bzero(key, sizeof(key));
1345 eli_trash_metadata(struct gctl_req *req, const char *prov, int fd, off_t offset)
1347 unsigned int overwrites;
1348 unsigned char *sector;
1352 size = sizeof(overwrites);
1353 if (sysctlbyname("kern.geom.eli.overwrites", &overwrites, &size,
1354 NULL, 0) == -1 || overwrites == 0) {
1355 overwrites = G_ELI_OVERWRITES;
1358 size = g_sectorsize(fd);
1360 gctl_error(req, "Cannot obtain provider sector size %s: %s.",
1361 prov, strerror(errno));
1364 sector = malloc(size);
1365 if (sector == NULL) {
1366 gctl_error(req, "Cannot allocate %zd bytes of memory.", size);
1372 arc4random_buf(sector, size);
1373 if (pwrite(fd, sector, size, offset) != size) {
1378 } while (--overwrites > 0);
1381 gctl_error(req, "Cannot trash metadata on provider %s: %s.",
1382 prov, strerror(error));
1389 eli_kill_detached(struct gctl_req *req, const char *prov)
1395 * NOTE: Maybe we should verify if this is geli provider first,
1396 * but 'kill' command is quite critical so better don't waste
1400 error = g_metadata_read(prov, (unsigned char *)&md, sizeof(md),
1403 gctl_error(req, "Cannot read metadata from %s: %s.", prov,
1409 fd = g_open(prov, 1);
1411 gctl_error(req, "Cannot open provider %s: %s.", prov,
1415 offset = g_mediasize(fd) - g_sectorsize(fd);
1418 "Cannot obtain media size or sector size for provider %s: %s.",
1419 prov, strerror(errno));
1423 (void)eli_trash_metadata(req, prov, fd, offset);
1428 eli_kill(struct gctl_req *req)
1433 nargs = gctl_get_int(req, "nargs");
1434 all = gctl_get_int(req, "all");
1435 if (!all && nargs == 0) {
1436 gctl_error(req, "Too few arguments.");
1440 * How '-a' option combine with a list of providers:
1441 * Delete Master Keys from all attached providers:
1443 * Delete Master Keys from all attached providers and from
1444 * detached da0 and da1:
1445 * geli kill -a da0 da1
1446 * Delete Master Keys from (attached or detached) da0 and da1:
1450 /* First detached providers. */
1451 for (i = 0; i < nargs; i++) {
1452 prov = gctl_get_ascii(req, "arg%d", i);
1453 if (!eli_is_attached(prov))
1454 eli_kill_detached(req, prov);
1456 /* Now attached providers. */
1461 eli_backup_create(struct gctl_req *req, const char *prov, const char *file)
1463 unsigned char *sector;
1465 int error, filefd, ret;
1472 secsize = g_get_sectorsize(prov);
1474 gctl_error(req, "Cannot get informations about %s: %s.", prov,
1478 sector = malloc(secsize);
1479 if (sector == NULL) {
1480 gctl_error(req, "Cannot allocate memory.");
1483 /* Read metadata from the provider. */
1484 error = g_metadata_read(prov, sector, secsize, G_ELI_MAGIC);
1486 gctl_error(req, "Unable to read metadata from %s: %s.", prov,
1491 filefd = open(file, O_WRONLY | O_TRUNC | O_CREAT, 0600);
1493 gctl_error(req, "Unable to open %s: %s.", file,
1497 /* Write metadata to the destination file. */
1498 if (write(filefd, sector, secsize) != secsize) {
1499 gctl_error(req, "Unable to write to %s: %s.", file,
1501 (void)close(filefd);
1505 (void)fsync(filefd);
1506 (void)close(filefd);
1510 if (sector != NULL) {
1511 bzero(sector, secsize);
1518 eli_backup(struct gctl_req *req)
1520 const char *file, *prov;
1523 nargs = gctl_get_int(req, "nargs");
1525 gctl_error(req, "Invalid number of arguments.");
1528 prov = gctl_get_ascii(req, "arg0");
1529 file = gctl_get_ascii(req, "arg1");
1531 eli_backup_create(req, prov, file);
1535 eli_restore(struct gctl_req *req)
1537 struct g_eli_metadata md;
1538 const char *file, *prov;
1542 nargs = gctl_get_int(req, "nargs");
1544 gctl_error(req, "Invalid number of arguments.");
1547 file = gctl_get_ascii(req, "arg0");
1548 prov = gctl_get_ascii(req, "arg1");
1550 /* Read metadata from the backup file. */
1551 if (eli_metadata_read(req, file, &md) == -1)
1553 /* Obtain provider's mediasize. */
1554 mediasize = g_get_mediasize(prov);
1555 if (mediasize == 0) {
1556 gctl_error(req, "Cannot get informations about %s: %s.", prov,
1560 /* Check if the provider size has changed since we did the backup. */
1561 if (md.md_provsize != (uint64_t)mediasize) {
1562 if (gctl_get_int(req, "force")) {
1563 md.md_provsize = mediasize;
1565 gctl_error(req, "Provider size mismatch: "
1566 "wrong backup file?");
1570 /* Write metadata to the provider. */
1571 (void)eli_metadata_store(req, prov, &md);
1575 eli_resize(struct gctl_req *req)
1577 struct g_eli_metadata md;
1579 unsigned char *sector;
1581 off_t mediasize, oldsize;
1582 int error, nargs, provfd;
1584 nargs = gctl_get_int(req, "nargs");
1586 gctl_error(req, "Invalid number of arguments.");
1589 prov = gctl_get_ascii(req, "arg0");
1595 provfd = g_open(prov, 1);
1597 gctl_error(req, "Cannot open %s: %s.", prov, strerror(errno));
1601 mediasize = g_mediasize(provfd);
1602 secsize = g_sectorsize(provfd);
1603 if (mediasize == -1 || secsize == -1) {
1604 gctl_error(req, "Cannot get information about %s: %s.", prov,
1609 sector = malloc(secsize);
1610 if (sector == NULL) {
1611 gctl_error(req, "Cannot allocate memory.");
1615 oldsize = gctl_get_intmax(req, "oldsize");
1616 if (oldsize < 0 || oldsize > mediasize) {
1617 gctl_error(req, "Invalid oldsize: Out of range.");
1620 if (oldsize == mediasize) {
1621 gctl_error(req, "Size hasn't changed.");
1625 /* Read metadata from the 'oldsize' offset. */
1626 if (pread(provfd, sector, secsize, oldsize - secsize) != secsize) {
1627 gctl_error(req, "Cannot read old metadata: %s.",
1632 /* Check if this sector contains geli metadata. */
1633 error = eli_metadata_decode(sector, &md);
1639 "Provider's %s metadata version %u is too new.\n"
1640 "geli: The highest supported version is %u.",
1641 prov, (unsigned int)md.md_version, G_ELI_VERSION);
1644 gctl_error(req, "Inconsistent provider's %s metadata.", prov);
1648 "Unexpected error while decoding provider's %s metadata: %s.",
1649 prov, strerror(error));
1654 * If the old metadata doesn't have a correct provider size, refuse
1657 if (md.md_provsize != (uint64_t)oldsize) {
1658 gctl_error(req, "Provider size mismatch at oldsize.");
1663 * Update the old metadata with the current provider size and write
1664 * it back to the correct place on the provider.
1666 md.md_provsize = mediasize;
1667 /* Write metadata to the provider. */
1668 (void)eli_metadata_store(req, prov, &md);
1669 /* Now trash the old metadata. */
1670 (void)eli_trash_metadata(req, prov, provfd, oldsize - secsize);
1673 (void)g_close(provfd);
1674 if (sector != NULL) {
1675 bzero(sector, secsize);
1681 eli_version(struct gctl_req *req)
1683 struct g_eli_metadata md;
1685 unsigned int version;
1686 int error, i, nargs;
1688 nargs = gctl_get_int(req, "nargs");
1691 unsigned int kernver;
1694 size = sizeof(kernver);
1695 if (sysctlbyname("kern.geom.eli.version", &kernver, &size,
1697 warn("Unable to obtain GELI kernel version");
1699 printf("kernel: %u\n", kernver);
1701 printf("userland: %u\n", G_ELI_VERSION);
1705 for (i = 0; i < nargs; i++) {
1706 name = gctl_get_ascii(req, "arg%d", i);
1707 error = g_metadata_read(name, (unsigned char *)&md,
1708 sizeof(md), G_ELI_MAGIC);
1710 warn("%s: Unable to read metadata: %s.", name,
1712 gctl_error(req, "Not fully done.");
1715 version = le32dec(&md.md_version);
1716 printf("%s: %u\n", name, version);
1721 eli_clear(struct gctl_req *req)
1724 int error, i, nargs;
1726 nargs = gctl_get_int(req, "nargs");
1728 gctl_error(req, "Too few arguments.");
1732 for (i = 0; i < nargs; i++) {
1733 name = gctl_get_ascii(req, "arg%d", i);
1734 error = g_metadata_clear(name, G_ELI_MAGIC);
1736 fprintf(stderr, "Cannot clear metadata on %s: %s.\n",
1737 name, strerror(error));
1738 gctl_error(req, "Not fully done.");
1742 printf("Metadata cleared on %s.\n", name);
1747 eli_dump(struct gctl_req *req)
1749 struct g_eli_metadata md;
1753 nargs = gctl_get_int(req, "nargs");
1755 gctl_error(req, "Too few arguments.");
1759 for (i = 0; i < nargs; i++) {
1760 name = gctl_get_ascii(req, "arg%d", i);
1761 if (eli_metadata_read(NULL, name, &md) == -1) {
1762 gctl_error(req, "Not fully done.");
1765 printf("Metadata on %s:\n", name);
1766 eli_metadata_dump(&md);