Re: Depreciate and remove gbde
In message , NGie Cooper writes: >1. Why are there 2 competing technologies? They are not competing, they support two very different threat models. >3. Is there a gain/loss for removing gbde? Yes, you alienate a lot of users who very often are not even in a position to tell you they run FreeBSD. Think human rights activists for instance. >4. Why is it marked experimental [still]? To make people think. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 p...@freebsd.org | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. ___ freebsd-current@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"
Re: Depreciate and remove gbde
In message <20151019234855.4ed82...@gumby.homeunix.com>, RW writes: >I certainly wouldn't like to see gbde removed but I think it is >unfortunate that it's given slightly greater prominence in the handbook >than geli. geli is the right choice for most people. This I fully agree with. GELI is fine if your threatmodel is a stolen laptop. GBDE is for when the user is in danger. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 p...@freebsd.org | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. ___ freebsd-current@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"
Re: Depreciate and remove gbde
On Mon, 19 Oct 2015, John-Mark Gurney wrote: Ed Maste wrote this message on Mon, Oct 19, 2015 at 17:13 -0400: On 19 October 2015 at 16:50, John-Mark Gurney wrote: O. Hartmann wrote this message on Mon, Oct 19, 2015 at 06:19 +0200: For me, I'd like to know what is the benefit/performance of each technique and a clear preparation of each ones advantages over the other. That would make the decission process much easier and hopefully would not scare people away and announce "FreeBSD does not have a, b, c, ..." ... So, one thing that the docs talk about is that geli uses the crypto(9) framework. This doesn't mean much on it's own, but if you have a machine with AES-NI instructions or an accelerator card that supports the cipher mode used, then you can get faster performance of hardware off load, while gbde uses the software only routines which are slow.. John-Mark, thanks for listing these differences. This is the sort of information we should have available for end users to help choose one or the other -- this info ought to make it into the handbook. I'm working on updating the section now... Also realized we should include verbage to say that it's best to use page size sectors when possible to reduce overhead of the crypto... I can help with markup and editing. ___ freebsd-current@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"
Re: Depreciate and remove gbde
Hi Martin, thanks, that raises some interesting points. After reading PHK's paper on GBDE, I can see enough differences between GDBE and GELI that warrant keeping GDBE. [ At this point for me, this part is theoretical, but it's still interesting ] I've seen the concerned made a few times that we need to support existing users. That's true up to a point. There's always going to be a way to transition from GDBE to GELI if we really want to (eg. a conversion tool), or were forced to for any reason (full decrypt and re-encrypt), so we shouldn't be keeping GDBE in the tree solely for this reason alone. GDBE should be in the tree for it's technical merits (which I've found it does have). However, if it turns out in X years from today GELI can do everything GDBE can do and better, then I would say we should figure out a way to remove GDBE. On Mon, Oct 19, 2015 at 7:44 PM, Martin Cracauer wrote: > Yonas Yanfa wrote on Sun, Oct 18, 2015 at 06:36:19AM -0400: > > > > Is there any objection to removing gbde? How many people use gbde? When > > have you used gbde over geli, and why? > > You would exclude all current users from accessing their existing > filesystems or whatever they put into that block device. > > A conversion tool would pretty much be forced to use the current > kernel layers (doing the block chaining in userspace would be > annoying), and it would be fundamentally unsafe to have your > half-converted filesystem on disk in case of an interruption. Plus I > think GELI uses a bigger header so you might fall short by a couple of > bytes and you can't do anything about it on the block level with no > access to the filesystem. > > And people might not have their gbde units accessible right now, it > might be on a laptop in a closet on a different continent. > > Martin > -- > %%% > Martin Cracauerhttp://www.cons.org/cracauer/ > ___ freebsd-current@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"
Re: Depreciate and remove gbde
On Mon, Oct 19, 2015 at 4:44 PM, Martin Cracauer wrote: > Yonas Yanfa wrote on Sun, Oct 18, 2015 at 06:36:19AM -0400: >> >> Is there any objection to removing gbde? How many people use gbde? When >> have you used gbde over geli, and why? > > You would exclude all current users from accessing their existing > filesystems or whatever they put into that block device. > > A conversion tool would pretty much be forced to use the current > kernel layers (doing the block chaining in userspace would be > annoying), and it would be fundamentally unsafe to have your > half-converted filesystem on disk in case of an interruption. Plus I > think GELI uses a bigger header so you might fall short by a couple of > bytes and you can't do anything about it on the block level with no > access to the filesystem. > > And people might not have their gbde units accessible right now, it > might be on a laptop in a closet on a different continent. For the number of replies Yonas received saying "no, don't do that -- someone might be using it" -- the reason why Yonas asked the question is valid given the information that was presented. 1. Why are there 2 competing technologies? 2. Is one technologically superior to the other (performance, capability, etc)? 3. Is there a gain/loss for removing gbde? 4. Why is it marked experimental [still]? Thanks! -NGie ___ freebsd-current@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"
Re: Depreciate and remove gbde
Yonas Yanfa wrote on Sun, Oct 18, 2015 at 06:36:19AM -0400: > > Is there any objection to removing gbde? How many people use gbde? When > have you used gbde over geli, and why? You would exclude all current users from accessing their existing filesystems or whatever they put into that block device. A conversion tool would pretty much be forced to use the current kernel layers (doing the block chaining in userspace would be annoying), and it would be fundamentally unsafe to have your half-converted filesystem on disk in case of an interruption. Plus I think GELI uses a bigger header so you might fall short by a couple of bytes and you can't do anything about it on the block level with no access to the filesystem. And people might not have their gbde units accessible right now, it might be on a laptop in a closet on a different continent. Martin -- %%% Martin Cracauerhttp://www.cons.org/cracauer/ ___ freebsd-current@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"
Re: Depreciate and remove gbde
On Mon, 19 Oct 2015 06:19:30 +0200 O. Hartmann wrote: > When I looked for FreeBSD's encryption, I stopped by GELI. Because of > it's easy-to-use AND the 'experimental' tag in the handbook! > > For me, I'd like to know what is the benefit/performance of each > technique and a clear preparation of each ones advantages over the > other. IIRC gbde allows the passphrase to be verified even after the master-keys have been deleted. The point is to demonstrate that the passphrase is not being withheld, and the data unrecoverable. AFAIK that's the only advantage it has over geli. geli supports hardware acceleration, it's faster in software too. It's more resistant to dictionary/brute force attacks against the passphrase because of its PKCS #5 support. It supports a wider range of options and ciphers/modes. And though it's newer, it's undoubtedly had far more user-hours of use. Also I don't remember the details, but I think there's an operation that's atomic in geli, but not in gbde, that gives gbde a greater risk of data corruption. I certainly wouldn't like to see gbde removed but I think it is unfortunate that it's given slightly greater prominence in the handbook than geli. geli is the right choice for most people. ___ freebsd-current@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"
Re: Depreciate and remove gbde
Ed Maste wrote this message on Mon, Oct 19, 2015 at 17:13 -0400: > On 19 October 2015 at 16:50, John-Mark Gurney wrote: > > O. Hartmann wrote this message on Mon, Oct 19, 2015 at 06:19 +0200: > >> For me, I'd like to know what is the benefit/performance of each technique > >> and > >> a clear preparation of each ones advantages over the other. That would > >> make the > >> decission process much easier and hopefully would not scare people away and > >> announce "FreeBSD does not have a, b, c, ..." ... > > > > So, one thing that the docs talk about is that geli uses the crypto(9) > > framework. This doesn't mean much on it's own, but if you have a machine > > with AES-NI instructions or an accelerator card that supports the cipher > > mode used, then you can get faster performance of hardware off load, > > while gbde uses the software only routines which are slow.. > > John-Mark, thanks for listing these differences. This is the sort of > information we should have available for end users to help choose one > or the other -- this info ought to make it into the handbook. I'm working on updating the section now... Also realized we should include verbage to say that it's best to use page size sectors when possible to reduce overhead of the crypto... -- John-Mark Gurney Voice: +1 415 225 5579 "All that I will do, has been done, All that I have, has not." ___ freebsd-current@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"
Re: Depreciate and remove gbde
Slawa Olhovchenkov wrote: > On Mon, Oct 19, 2015 at 01:52:05AM -0700, Perry Hutchison wrote: > > > Anton Shterenlikht wrote: > > > > > I use gbde. > > > Can switch to geli, if required, > > > but please provide detailed instructions > > > for switching before removing gbde. > > > > Such instructions would presumably be included in the UPDATING > > entry. > > > > An additional consideration: If there is no convert-in-place > > mechanism -- i.e. the only way to convert a gbde FS to geli is to > > backup, wipe, and restore (thus involving considerable downtime) > > -- it will give some unknown number of production users a strong > > motivation to freeze at [last version of FreeBSD to include gbde > > support]. > > This must be show-stoper for removing gbde. Yes. Someone with a commit bit could hopefully add a line or 2 to man gbde, that as gbde was around in 5.0-RELEASE 2003, gbde is No Longer experimental, it's stable & in use; newbies need not be scared. https://www.freebsd.org/cgi/man.cgi?query=gbde&apropos=0&sektion=0&manpath=FreeBSD+5.0-RELEASE&arch=default&format=html which was released pre 2006 https://www.freebsd.org/security/unsupported.html Jan 16 2003 https://svnweb.freebsd.org/base/release/5.0.0/README?view=markup Jan 16 16:56:23 2003 https://svnweb.freebsd.org/base/release/5.0.0/sbin/gbde/gbde.8?revision=109388&view=markup Cheers, Julian -- Julian Stacey, BSD Linux Unix Sys. Eng. Consultant Munich http://berklix.com Reply After previous text to preserve context, as in a play script. Indent previous text with >Insert new lines before 80 chars. Use plain text, Not quoted-printable, Not HTML, Not base64, Not MS.doc. ___ freebsd-current@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"
Re: Depreciate and remove gbde
On 19 October 2015 at 16:50, John-Mark Gurney wrote: > O. Hartmann wrote this message on Mon, Oct 19, 2015 at 06:19 +0200: >> For me, I'd like to know what is the benefit/performance of each technique >> and >> a clear preparation of each ones advantages over the other. That would make >> the >> decission process much easier and hopefully would not scare people away and >> announce "FreeBSD does not have a, b, c, ..." ... > > So, one thing that the docs talk about is that geli uses the crypto(9) > framework. This doesn't mean much on it's own, but if you have a machine > with AES-NI instructions or an accelerator card that supports the cipher > mode used, then you can get faster performance of hardware off load, > while gbde uses the software only routines which are slow.. John-Mark, thanks for listing these differences. This is the sort of information we should have available for end users to help choose one or the other -- this info ought to make it into the handbook. ___ freebsd-current@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"
Re: Depreciate and remove gbde
Hi, Reference: > From: John-Mark Gurney > Date: Mon, 19 Oct 2015 13:50:08 -0700 John-Mark Gurney wrote: > So, one thing that the docs talk about is that geli uses the crypto(9) Interesting. https://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/disks-encrypting.html Could benefit from a link to John-Mark Gurney's http://lists.freebsd.org/pipermail/freebsd-current/2015-October/057855.html Cheers, Julian -- Julian Stacey, BSD Linux Unix Sys. Eng. Consultant Munich http://berklix.com Reply After previous text to preserve context, as in a play script. Indent previous text with >Insert new lines before 80 chars. Use plain text, Not quoted-printable, Not HTML, Not base64, Not MS.doc. ___ freebsd-current@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"
Re: Depreciate and remove gbde
O. Hartmann wrote this message on Mon, Oct 19, 2015 at 06:19 +0200: > For me, I'd like to know what is the benefit/performance of each technique and > a clear preparation of each ones advantages over the other. That would make > the > decission process much easier and hopefully would not scare people away and > announce "FreeBSD does not have a, b, c, ..." ... So, one thing that the docs talk about is that geli uses the crypto(9) framework. This doesn't mean much on it's own, but if you have a machine with AES-NI instructions or an accelerator card that supports the cipher mode used, then you can get faster performance of hardware off load, while gbde uses the software only routines which are slow.. I have put work into making AES-XTS very fast on AES-NI capable machines... On my test machine, I get about 1GB/sec on gzero... This is close to real world (assuming infitely fast disc) vs. just running the algorithm and posting those results (which result in 2GB/sec+ on the same machine)... You will not be able to achive that level of performance w/ gbde. Also, gbde uses CBC, while having some better crypto properties than XTS, would require significant rewrite of gbde to make it perform... I just noticed that the handbook also fails to mention that geli has a mode that will verify the integrity of data which gbde does not have.. As we have discovered, if you can't authenticate your data, you really can't trust it... I personally have decided that I will use ZFS's sha256 checksums of the data as my integrity protection mechanism.. It is highly unlikely that an attacker would be able to corrupt two AES-XTS blocks to cause the sha256 checksum to match what they corrupted other blocks to become... So, in this reguard, if you run gbde w/ ZFS w/ sha256 checksums, then are equivalent (besides the performance difference)... I personally run geli encryption on my 8 drive ZFS array at home. -- John-Mark Gurney Voice: +1 415 225 5579 "All that I will do, has been done, All that I have, has not." ___ freebsd-current@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"
[patch] bug 187081 (swaplate fix)
Hi all. I recently added my own patch to bug https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=187081 Can anyone take a look? -- Sphinx of black quartz judge my vow. ___ freebsd-current@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"
Re: Depreciate and remove gbde
On Mon, Oct 19, 2015 at 01:52:05AM -0700, Perry Hutchison wrote: > Anton Shterenlikht wrote: > > > I use gbde. > > Can switch to geli, if required, > > but please provide detailed instructions > > for switching before removing gbde. > > Such instructions would presumably be included in the UPDATING > entry. > > An additional consideration: If there is no convert-in-place > mechanism -- i.e. the only way to convert a gbde FS to geli is to > backup, wipe, and restore (thus involving considerable downtime) > -- it will give some unknown number of production users a strong > motivation to freeze at [last version of FreeBSD to include gbde > support]. This must be show-stoper for removing gbde. ___ freebsd-current@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"
Re: Depreciate and remove gbde
Anton Shterenlikht wrote: > I use gbde. > Can switch to geli, if required, > but please provide detailed instructions > for switching before removing gbde. Such instructions would presumably be included in the UPDATING entry. An additional consideration: If there is no convert-in-place mechanism -- i.e. the only way to convert a gbde FS to geli is to backup, wipe, and restore (thus involving considerable downtime) -- it will give some unknown number of production users a strong motivation to freeze at [last version of FreeBSD to include gbde support]. ___ freebsd-current@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-current To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"