*bump*
On Fri, May 24, 2019 at 07:17:29PM +0200, Jesper Wallin wrote:
> Hi tech@
>
> A few days ago, I decided to set kern.securelevel=2 just for the sake
> of locking down my machine as much as possible. Today I learned that
> this affects bioctl(8) when trying to attach a crypto RAID.
>
> So, bioctl(8) gave me "softraid0: invalid metadata format" and I had
> a minor panic attack, thinking my backup disk was corrupt. I then
> remembered increasing securelevel and tried again with a lower value.
>
> This patch makes sr_meta_probe() print an error if the device can't
> be opened with read/write. It also returns SR_META_F_NOOPEN to
> prevent giving the normal SR_META_F_INVALID error. I guess the error
> could be moved to the function above, but then we don't know the
> device name.
>
>
> Jesper Wallin
>
>
> Index: sys/dev/softraid.c
> ===================================================================
> RCS file: /cvs/src/sys/dev/softraid.c,v
> retrieving revision 1.394
> diff -u -p -r1.394 softraid.c
> --- sys/dev/softraid.c 18 May 2019 14:02:27 -0000 1.394
> +++ sys/dev/softraid.c 24 May 2019 10:57:50 -0000
> @@ -337,10 +337,9 @@ sr_meta_probe(struct sr_discipline *sd,
> */
> error = VOP_OPEN(vn, FREAD | FWRITE, NOCRED, curproc);
> if (error) {
> - DNPRINTF(SR_D_META,"%s: sr_meta_probe can't "
> - "open %s\n", DEVNAME(sc), devname);
> + sr_error(sc, "sr_meta_probe can't open %s",
> devname);
> vput(vn);
> - goto unwind;
> + return (SR_META_F_NOOPEN);
> }
>
> strlcpy(ch_entry->src_devname, devname,
> @@ -3365,8 +3364,8 @@ sr_ioctl_createraid(struct sr_softc *sc,
> sr_error(sc, "invalid metadata format");
> goto unwind;
> }
> -
> - if (sr_meta_attach(sd, no_chunk, bc->bc_flags & BIOC_SCFORCE))
> + if (sd->sd_meta_type == SR_META_F_NOOPEN ||
> + sr_meta_attach(sd, no_chunk, bc->bc_flags & BIOC_SCFORCE))
> goto unwind;
>
> /* force the raid volume by clearing metadata region */
> Index: sys/dev/softraidvar.h
> ===================================================================
> RCS file: /cvs/src/sys/dev/softraidvar.h,v
> retrieving revision 1.168
> diff -u -p -r1.168 softraidvar.h
> --- sys/dev/softraidvar.h 6 Jan 2019 14:59:56 -0000 1.168
> +++ sys/dev/softraidvar.h 24 May 2019 10:57:50 -0000
> @@ -102,6 +102,7 @@ struct sr_crypto_kdfpair {
>
> #define SR_META_F_NATIVE 0 /* Native metadata format. */
> #define SR_META_F_INVALID -1
> +#define SR_META_F_NOOPEN -2
>
> #define SR_HEADER_SIZE (SR_META_SIZE + SR_BOOT_SIZE)
> #define SR_DATA_OFFSET (SR_META_OFFSET + SR_HEADER_SIZE)
>
