Re: Depreciate and remove gbde

2015-10-19 Thread Anton Shterenlikht 
I use gbde.
Can switch to geli, if required,
but please provide detailed instructions
for switching before removing gbde.

Anton
___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: Depreciate and remove gbde

2015-10-19 Thread Slawa Olhovchenkov 
On Mon, Oct 19, 2015 at 01:52:05AM -0700, Perry Hutchison wrote:

> Anton Shterenlikht  wrote:
> 
> > I use gbde.
> > Can switch to geli, if required,
> > but please provide detailed instructions
> > for switching before removing gbde.
> 
> Such instructions would presumably be included in the UPDATING
> entry.
> 
> An additional consideration:  If there is no convert-in-place
> mechanism -- i.e. the only way to convert a gbde FS to geli is to
> backup, wipe, and restore (thus involving considerable downtime)
> -- it will give some unknown number of production users a strong
> motivation to freeze at [last version of FreeBSD to include gbde
> support].

This must be show-stoper for removing gbde.
___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: Depreciate and remove gbde

2015-10-19 Thread Perry Hutchison 
Anton Shterenlikht  wrote:

> I use gbde.
> Can switch to geli, if required,
> but please provide detailed instructions
> for switching before removing gbde.

Such instructions would presumably be included in the UPDATING
entry.

An additional consideration:  If there is no convert-in-place
mechanism -- i.e. the only way to convert a gbde FS to geli is to
backup, wipe, and restore (thus involving considerable downtime)
-- it will give some unknown number of production users a strong
motivation to freeze at [last version of FreeBSD to include gbde
support].
___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: Depreciate and remove gbde

2015-10-19 Thread Julian H. Stacey 
Slawa Olhovchenkov wrote:
> On Mon, Oct 19, 2015 at 01:52:05AM -0700, Perry Hutchison wrote:
> 
> > Anton Shterenlikht  wrote:
> > 
> > > I use gbde.
> > > Can switch to geli, if required,
> > > but please provide detailed instructions
> > > for switching before removing gbde.
> > 
> > Such instructions would presumably be included in the UPDATING
> > entry.
> > 
> > An additional consideration:  If there is no convert-in-place
> > mechanism -- i.e. the only way to convert a gbde FS to geli is to
> > backup, wipe, and restore (thus involving considerable downtime)
> > -- it will give some unknown number of production users a strong
> > motivation to freeze at [last version of FreeBSD to include gbde
> > support].
> 
> This must be show-stoper for removing gbde.

Yes.

Someone with a commit bit could hopefully add a line or 2 to man gbde, that
as gbde was around in 5.0-RELEASE 2003, gbde is No Longer experimental,
it's stable & in use; newbies need not be scared.

https://www.freebsd.org/cgi/man.cgi?query=gbde=0=0=FreeBSD+5.0-RELEASE=default=html

which was released pre 2006
https://www.freebsd.org/security/unsupported.html
Jan 16 2003
https://svnweb.freebsd.org/base/release/5.0.0/README?view=markup

Jan 16 16:56:23 2003 
https://svnweb.freebsd.org/base/release/5.0.0/sbin/gbde/gbde.8?revision=109388=markup

Cheers,
Julian
--
Julian Stacey,  BSD Linux Unix Sys. Eng. Consultant Munich http://berklix.com
 Reply After previous text to preserve context, as in a play script.
 Indent previous text with >Insert new lines before 80 chars.
 Use plain text, Not quoted-printable, Not HTML, Not base64, Not MS.doc.
___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: Depreciate and remove gbde

2015-10-19 Thread Ed Maste 
On 19 October 2015 at 16:50, John-Mark Gurney  wrote:
> O. Hartmann wrote this message on Mon, Oct 19, 2015 at 06:19 +0200:
>> For me, I'd like to know what is the benefit/performance of each technique 
>> and
>> a clear preparation of each ones advantages over the other. That would make 
>> the
>> decission process much easier and hopefully would not scare people away and
>> announce "FreeBSD does not have a, b, c, ..." ...
>
> So, one thing that the docs talk about is that geli uses the crypto(9)
> framework.  This doesn't mean much on it's own, but if you have a machine
> with AES-NI instructions or an accelerator card that supports the cipher
> mode used, then you can get faster performance of hardware off load,
> while gbde uses the software only routines which are slow..

John-Mark, thanks for listing these differences. This is the sort of
information we should have available for end users to help choose one
or the other -- this info ought to make it into the handbook.
___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: Depreciate and remove gbde

2015-10-19 Thread Julian H. Stacey 
Hi, Reference:
> From: John-Mark Gurney 
> Date: Mon, 19 Oct 2015 13:50:08 -0700

John-Mark Gurney wrote:
> So, one thing that the docs talk about is that geli uses the crypto(9)

Interesting.
https://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/disks-encrypting.html
Could benefit from a link to John-Mark Gurney's 
http://lists.freebsd.org/pipermail/freebsd-current/2015-October/057855.html

Cheers,
Julian
--
Julian Stacey,  BSD Linux Unix Sys. Eng. Consultant Munich http://berklix.com
 Reply After previous text to preserve context, as in a play script.
 Indent previous text with >Insert new lines before 80 chars.
 Use plain text, Not quoted-printable, Not HTML, Not base64, Not MS.doc.
___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: Depreciate and remove gbde

2015-10-19 Thread John-Mark Gurney 
O. Hartmann wrote this message on Mon, Oct 19, 2015 at 06:19 +0200:
> For me, I'd like to know what is the benefit/performance of each technique and
> a clear preparation of each ones advantages over the other. That would make 
> the
> decission process much easier and hopefully would not scare people away and
> announce "FreeBSD does not have a, b, c, ..." ...

So, one thing that the docs talk about is that geli uses the crypto(9)
framework.  This doesn't mean much on it's own, but if you have a machine
with AES-NI instructions or an accelerator card that supports the cipher
mode used, then you can get faster performance of hardware off load,
while gbde uses the software only routines which are slow..

I have put work into making AES-XTS very fast on AES-NI capable
machines...  On my test machine, I get about 1GB/sec on gzero... This
is close to real world (assuming infitely fast disc) vs. just running
the algorithm and posting those results (which result in 2GB/sec+ on
the same machine)...  You will not be able to achive that level of
performance w/ gbde.

Also, gbde uses CBC, while having some better crypto properties than
XTS, would require significant rewrite of gbde to make it perform...

I just noticed that the handbook also fails to mention that geli has
a mode that will verify the integrity of data which gbde does not have..

As we have discovered, if you can't authenticate your data, you really
can't trust it...  I personally have decided that I will use ZFS's sha256
checksums of the data as my integrity protection mechanism..  It is
highly unlikely that an attacker would be able to corrupt two AES-XTS
blocks to cause the sha256 checksum to match what they corrupted other
blocks to become...

So, in this reguard, if you run gbde w/ ZFS w/ sha256 checksums, then
are equivalent (besides the performance difference)...

I personally run geli encryption on my 8 drive ZFS array at home.

-- 
  John-Mark Gurney  Voice: +1 415 225 5579

 "All that I will do, has been done, All that I have, has not."
___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

[patch] bug 187081 (swaplate fix)

2015-10-19 Thread Volodymyr Kostyrko 

Hi all.

I recently added my own patch to bug 
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=187081


Can anyone take a look?

--
Sphinx of black quartz judge my vow.
___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: Depreciate and remove gbde

2015-10-19 Thread Yonas Yanfa 
Hi Martin, thanks, that raises some interesting points. After reading PHK's
paper on GBDE, I can see enough differences between GDBE and GELI that
warrant keeping GDBE.

[ At this point for me, this part is theoretical, but it's still
interesting ] I've seen the concerned made a few times that we need to
support existing users. That's true up to a point. There's always going to
be a way to transition from GDBE to GELI if we really want to (eg. a
conversion tool), or were forced to for any reason (full decrypt and
re-encrypt), so we shouldn't be keeping GDBE in the tree solely for this
reason alone. GDBE should be in the tree for it's technical merits (which
I've found it does have). However, if it turns out in X years from today
GELI can do everything GDBE can do and better, then I would say we should
figure out a way to remove GDBE.

On Mon, Oct 19, 2015 at 7:44 PM, Martin Cracauer  wrote:

> Yonas Yanfa wrote on Sun, Oct 18, 2015 at 06:36:19AM -0400:
> >
> > Is there any objection to removing gbde? How many people use gbde? When
> > have you used gbde over geli, and why?
>
> You would exclude all current users from accessing their existing
> filesystems or whatever they put into that block device.
>
> A conversion tool would pretty much be forced to use the current
> kernel layers (doing the block chaining in userspace would be
> annoying), and it would be fundamentally unsafe to have your
> half-converted filesystem on disk in case of an interruption.  Plus I
> think GELI uses a bigger header so you might fall short by a couple of
> bytes and you can't do anything about it on the block level with no
> access to the filesystem.
>
> And people might not have their gbde units accessible right now, it
> might be on a laptop in a closet on a different continent.
>
> Martin
> --
> %%%
> Martin Cracauer    http://www.cons.org/cracauer/
>
___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: Depreciate and remove gbde

2015-10-19 Thread Martin Cracauer 
Yonas Yanfa wrote on Sun, Oct 18, 2015 at 06:36:19AM -0400: 
> 
> Is there any objection to removing gbde? How many people use gbde? When 
> have you used gbde over geli, and why?

You would exclude all current users from accessing their existing
filesystems or whatever they put into that block device.

A conversion tool would pretty much be forced to use the current
kernel layers (doing the block chaining in userspace would be
annoying), and it would be fundamentally unsafe to have your
half-converted filesystem on disk in case of an interruption.  Plus I
think GELI uses a bigger header so you might fall short by a couple of
bytes and you can't do anything about it on the block level with no
access to the filesystem.

And people might not have their gbde units accessible right now, it
might be on a laptop in a closet on a different continent.

Martin
-- 
%%%
Martin Cracauer    http://www.cons.org/cracauer/
___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: Depreciate and remove gbde

2015-10-19 Thread RW 
On Mon, 19 Oct 2015 06:19:30 +0200
O. Hartmann wrote:


> When I looked for FreeBSD's encryption, I stopped by GELI. Because of
> it's easy-to-use AND the 'experimental' tag in the handbook! 
> 
> For me, I'd like to know what is the benefit/performance of each
> technique and a clear preparation of each ones advantages over the
> other.

IIRC gbde allows the passphrase to be verified even after the
master-keys have been deleted. The point is to demonstrate that the
passphrase is not being withheld, and the data unrecoverable.

AFAIK that's the only advantage it has over geli. geli supports
hardware acceleration, it's faster in software too. It's more resistant
to dictionary/brute force attacks against the passphrase because of
its PKCS #5 support. It supports a wider range of options and
ciphers/modes. And though it's newer, it's undoubtedly had far more
user-hours of use. Also I don't remember the details, but I think
there's an operation that's atomic in geli, but not in gbde, that gives
gbde a greater risk of data corruption.

I certainly wouldn't like to see gbde removed but I think it is
unfortunate that it's given slightly greater prominence in the handbook
than geli. geli is the right choice for most people.

___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: Depreciate and remove gbde

2015-10-19 Thread NGie Cooper 
On Mon, Oct 19, 2015 at 4:44 PM, Martin Cracauer  wrote:
> Yonas Yanfa wrote on Sun, Oct 18, 2015 at 06:36:19AM -0400:
>>
>> Is there any objection to removing gbde? How many people use gbde? When
>> have you used gbde over geli, and why?
>
> You would exclude all current users from accessing their existing
> filesystems or whatever they put into that block device.
>
> A conversion tool would pretty much be forced to use the current
> kernel layers (doing the block chaining in userspace would be
> annoying), and it would be fundamentally unsafe to have your
> half-converted filesystem on disk in case of an interruption.  Plus I
> think GELI uses a bigger header so you might fall short by a couple of
> bytes and you can't do anything about it on the block level with no
> access to the filesystem.
>
> And people might not have their gbde units accessible right now, it
> might be on a laptop in a closet on a different continent.

For the number of replies Yonas received saying "no, don't do that --
someone might be using it" -- the reason why Yonas asked the question
is valid given the information that was presented.

1. Why are there 2 competing technologies?
2. Is one technologically superior to the other (performance, capability, etc)?
3. Is there a gain/loss for removing gbde?
4. Why is it marked experimental [still]?

Thanks!
-NGie
___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: Depreciate and remove gbde

2015-10-19 Thread John-Mark Gurney 
Ed Maste wrote this message on Mon, Oct 19, 2015 at 17:13 -0400:
> On 19 October 2015 at 16:50, John-Mark Gurney  wrote:
> > O. Hartmann wrote this message on Mon, Oct 19, 2015 at 06:19 +0200:
> >> For me, I'd like to know what is the benefit/performance of each technique 
> >> and
> >> a clear preparation of each ones advantages over the other. That would 
> >> make the
> >> decission process much easier and hopefully would not scare people away and
> >> announce "FreeBSD does not have a, b, c, ..." ...
> >
> > So, one thing that the docs talk about is that geli uses the crypto(9)
> > framework.  This doesn't mean much on it's own, but if you have a machine
> > with AES-NI instructions or an accelerator card that supports the cipher
> > mode used, then you can get faster performance of hardware off load,
> > while gbde uses the software only routines which are slow..
> 
> John-Mark, thanks for listing these differences. This is the sort of
> information we should have available for end users to help choose one
> or the other -- this info ought to make it into the handbook.

I'm working on updating the section now...

Also realized we should include verbage to say that it's best to use
page size sectors when possible to reduce overhead of the crypto...

-- 
  John-Mark Gurney  Voice: +1 415 225 5579

 "All that I will do, has been done, All that I have, has not."
___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: Depreciate and remove gbde

2015-10-19 Thread Poul-Henning Kamp 

In message 
, NGie 
Cooper writes:

>1. Why are there 2 competing technologies?

They are not competing, they support two very different threat models.

>3. Is there a gain/loss for removing gbde?

Yes, you alienate a lot of users who very often are not even in a
position to tell you they run FreeBSD.

Think human rights activists for instance.

>4. Why is it marked experimental [still]?

To make people think.

-- 
Poul-Henning Kamp   | UNIX since Zilog Zeus 3.20
p...@freebsd.org | TCP/IP since RFC 956
FreeBSD committer   | BSD since 4.3-tahoe
Never attribute to malice what can adequately be explained by incompetence.
___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: Depreciate and remove gbde

2015-10-19 Thread Warren Block 

On Mon, 19 Oct 2015, John-Mark Gurney wrote:


Ed Maste wrote this message on Mon, Oct 19, 2015 at 17:13 -0400:

On 19 October 2015 at 16:50, John-Mark Gurney  wrote:

O. Hartmann wrote this message on Mon, Oct 19, 2015 at 06:19 +0200:

For me, I'd like to know what is the benefit/performance of each technique and
a clear preparation of each ones advantages over the other. That would make the
decission process much easier and hopefully would not scare people away and
announce "FreeBSD does not have a, b, c, ..." ...


So, one thing that the docs talk about is that geli uses the crypto(9)
framework.  This doesn't mean much on it's own, but if you have a machine
with AES-NI instructions or an accelerator card that supports the cipher
mode used, then you can get faster performance of hardware off load,
while gbde uses the software only routines which are slow..


John-Mark, thanks for listing these differences. This is the sort of
information we should have available for end users to help choose one
or the other -- this info ought to make it into the handbook.


I'm working on updating the section now...

Also realized we should include verbage to say that it's best to use
page size sectors when possible to reduce overhead of the crypto...


I can help with markup and editing.
___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"

Re: Depreciate and remove gbde

2015-10-19 Thread Poul-Henning Kamp 

In message <20151019234855.4ed82...@gumby.homeunix.com>, RW writes:

>I certainly wouldn't like to see gbde removed but I think it is
>unfortunate that it's given slightly greater prominence in the handbook
>than geli. geli is the right choice for most people.

This I fully agree with.

GELI is fine if your threatmodel is a stolen laptop.

GBDE is for when the user is in danger.

-- 
Poul-Henning Kamp   | UNIX since Zilog Zeus 3.20
p...@freebsd.org | TCP/IP since RFC 956
FreeBSD committer   | BSD since 4.3-tahoe
Never attribute to malice what can adequately be explained by incompetence.
___
freebsd-current@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"