NetBSD Problem Report #22774
Received: (qmail 29196 invoked by uid 605); 13 Sep 2003 15:29:10 -0000
Message-Id: <200309131527.h8DFR7fl001015@server.duh.org>
Date: Sat, 13 Sep 2003 11:27:07 -0400 (EDT)
From: tv@pobox.com
Sender: gnats-bugs-owner@NetBSD.org
Reply-To: tv@pobox.com
To: gnats-bugs@gnats.netbsd.org
Subject: there is no way to swapctl -a to a wrongly typed partition
X-Send-Pr-Version: 3.95
>Number: 22774
>Category: kern
>Synopsis: there is no way to swapctl -a to a wrongly typed partition
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: kern-bug-people
>State: open
>Class: change-request
>Submitter-Id: net
>Arrival-Date: Sat Sep 13 15:30:00 +0000 2003
>Closed-Date:
>Last-Modified: Mon Sep 15 20:50:01 +0000 2003
>Originator: Todd Vierling
>Release: NetBSD 1.6.1_STABLE
>Organization:
DUH.ORG: Pointing out the obvious since 1994.
>Environment:
System: NetBSD server.duh.org 1.6.1_STABLE NetBSD 1.6.1_STABLE (SERVER) #1: Fri Sep 12 11:28:14 EDT 2003 tv@server.duh.org:/export/SRC/duh/netbsd-kernels/SERVER i386
Architecture: i386
Machine: i386
>Description:
Devices such as vnd, ccd, cgd provide fake disklabels with the raw
partition typed as "4.2BSD" to make it possible to newfs and mount the
devices without creating a real disklabel. However, mount(2) isn't the
only thing that checks the partition type; swapctl(2) appears to do so as
well.
This makes it impossible to use cgd, ccd, etc. for encrypted or
interleave-striped swap purposes without somehow munging the faked
disklabel. Problem is, the faked disklabel cannot be written to the disk,
since swap does not typically leave the disklabel space alone at the start
of the disk (unlike ffs).
>How-To-Repeat:
# cgdconfig -s cgd0 /dev/wd1e aes-cbc 192 </dev/urandom
# swapctl -a /dev/cgd0d
swapctl: /dev/cgd0d: Device not configured
...or...
# ccdconfig ccd0 /dev/wd1e
# swapctl -a /dev/ccd0d
swapctl: /dev/ccd0d: Device not configured
>Fix:
Two possibilities:
* Change cgd, ccd, and vnd to create a "b" fake partition that is also the
whole disk but of type swap. (vnd already creates a b partition, but of
type 4.2BSD.)
* Add a "force" flag to swapctl(2) and matching command line option and
fstab flag to allow swapctl to turn on swap to a wrongly typed partition.
Thoughts?
>Release-Note:
>Audit-Trail:
From: Alan Barrett <apb@cequrux.com>
To: tv@pobox.com
Cc: gnats-bugs@gnats.netbsd.org, netbsd-bugs@netbsd.org
Subject: Re: kern/22774: there is no way to swapctl -a to a wrongly typed partition
Date: Sat, 13 Sep 2003 17:54:04 +0200
On Sat, 13 Sep 2003, tv@pobox.com wrote:
> # cgdconfig -s cgd0 /dev/wd1e aes-cbc 192 </dev/urandom
> # swapctl -a /dev/cgd0d
> swapctl: /dev/cgd0d: Device not configured
I know I sent a PR about this months ago, but I can't find it now.
Even a search for "dksubr" fails to find the PR.
Anyway, the appended patch to sys/dev/dksubr.c
allows swap to /dev/cgd0d to work.
--apb (Alan Barrett)
Index: sys/dev/dksubr.c
--- sys/dev/dksubr.c 14 Jul 2003 15:47:03 -0000 1.10
+++ sys/dev/dksubr.c 15 Jul 2003 12:54:59 -0000
@@ -224,6 +224,9 @@
return -1;
part = DISKPART(dev);
+ if (part == RAW_PART)
+ return dksc->sc_size;
+
is_open = dksc->sc_dkdev.dk_openmask & (1 << part);
if (!is_open && di->di_open(dev, 0, S_IFBLK, curproc))
From: Roland Dowdeswell <elric@imrryr.org>
To: Alan Barrett <apb@cequrux.com>
Cc: tv@pobox.com, gnats-bugs@gnats.netbsd.org, netbsd-bugs@netbsd.org
Subject: Re: kern/22774: there is no way to swapctl -a to a wrongly typed partition
Date: Sat, 13 Sep 2003 13:07:04 -0400
On 1063468444 seconds since the Beginning of the UNIX epoch
Alan Barrett wrote:
>
>I know I sent a PR about this months ago, but I can't find it now.
>Even a search for "dksubr" fails to find the PR.
>
>Anyway, the appended patch to sys/dev/dksubr.c
>allows swap to /dev/cgd0d to work.
This isn't how the rest of the disk devices work, though, which is why
I did not do it. I posted a note about some strategies that could be
taken to tech-kern quite some time back:
http://mail-index.netbsd.org/tech-kern/2003/04/17/0004.html
No conclusion was reached.
The decision to not allow swap directly to the raw partition is [I
think] quite deliberate, since it would allow typos to destroy the
contents of the disk. But, as I mentioned in the referenced e-mail,
I think that in the absence of a valid disklabel it would be safe
to allow swapping directly to RAW_PART.
--
Roland Dowdeswell http://www.Imrryr.ORG/~elric/
From: Alan Barrett <apb@cequrux.com>
To: gnats-bugs@gnats.netbsd.org, netbsd-bugs@netbsd.org
Cc:
Subject: Re: kern/22774: there is no way to swapctl -a to a wrongly typed partition
Date: Sat, 13 Sep 2003 19:38:36 +0200
On Sat, 13 Sep 2003, Roland Dowdeswell wrote:
> Alan Barrett wrote:
> >Anyway, the appended patch to sys/dev/dksubr.c
> >allows swap to /dev/cgd0d to work.
>
> This isn't how the rest of the disk devices work, though, which is why
> I did not do it.
I believe that my patch would allow swap to /dev/${any_disk}${rawpart)
to work. It make dk_size() understand that, whether or not there's a
disklabel, the size of the raw partition is the same as the size of the
disk.
> I posted a note about some strategies that could be
> taken to tech-kern quite some time back:
>
> http://mail-index.netbsd.org/tech-kern/2003/04/17/0004.html
>
> No conclusion was reached.
My patch implements something similar to your first suggested strategy.
> The decision to not allow swap directly to the raw partition is [I
> think] quite deliberate, since it would allow typos to destroy the
> contents of the disk.
If it's deliberate, it would be nice if it were implemented via a
deliberate test, rather than as a side effect of what looks like a bug
in dk_size() [returning zero for the size of the raw partition of an
unlabeled disk].
If you are worried about typos destroying disks, dd(8) can do that just
as easily as enabling swap.
--apb (Alan Barrett)
From: Todd Vierling <tv@duh.org>
To: Roland Dowdeswell <elric@imrryr.org>
Cc: Alan Barrett <apb@cequrux.com>, gnats-bugs@gnats.netbsd.org,
netbsd-bugs@netbsd.org
Subject: Re: kern/22774: there is no way to swapctl -a to a wrongly typed
partition
Date: Sat, 13 Sep 2003 13:39:36 -0400 (EDT)
On Sat, 13 Sep 2003, Roland Dowdeswell wrote:
: This isn't how the rest of the disk devices work, though, which is why
: I did not do it. I posted a note about some strategies that could be
: taken to tech-kern quite some time back:
:
: http://mail-index.netbsd.org/tech-kern/2003/04/17/0004.html
Of those, populating the "b" partition in the generated disklabel seems to
be the least impact and cleanest (most isolated from the rest of the disk
code). I'd personally be happy with that.
--
-- Todd Vierling <tv@duh.org> <tv@pobox.com>
From: Roland Dowdeswell <elric@imrryr.org>
To: Alan Barrett <apb@cequrux.com>
Cc: gnats-bugs@gnats.netbsd.org, netbsd-bugs@netbsd.org
Subject: Re: kern/22774: there is no way to swapctl -a to a wrongly typed partition
Date: Sat, 13 Sep 2003 17:13:34 -0400
On 1063474716 seconds since the Beginning of the UNIX epoch
Alan Barrett wrote:
>
>My patch implements something similar to your first suggested strategy.
Yeah, I've a very similar patch in my tree.
>> The decision to not allow swap directly to the raw partition is [I
>> think] quite deliberate, since it would allow typos to destroy the
>> contents of the disk.
>
>If it's deliberate, it would be nice if it were implemented via a
>deliberate test, rather than as a side effect of what looks like a bug
>in dk_size() [returning zero for the size of the raw partition of an
>unlabeled disk].
Yes, I found that a little obscure when I saw what was going on.
It is relying on the fact that the only code that calls that function
is the swap code.
>If you are worried about typos destroying disks, dd(8) can do that just
>as easily as enabling swap.
Actually, I'm not worried about typos destroying disks---I was just
following the established conventions.
Solving this problem is a good idea, but I think that we should be
consistent with the other disk devices and the established conventions
[to the largest degree possible]. I mean, I think that it would
be quite counter-intuitive if you you could swap to RAW_PART on
cgd(4) but not on sd(4) or wd(4).
--
Roland Dowdeswell http://www.Imrryr.ORG/~elric/
From: Roland Dowdeswell <elric@imrryr.org>
To: Todd Vierling <tv@duh.org>
Cc: Alan Barrett <apb@cequrux.com>, gnats-bugs@gnats.netbsd.org,
netbsd-bugs@netbsd.org
Subject: Re: kern/22774: there is no way to swapctl -a to a wrongly typed partition
Date: Sat, 13 Sep 2003 17:14:55 -0400
On 1063474776 seconds since the Beginning of the UNIX epoch
Todd Vierling wrote:
>
>Of those, populating the "b" partition in the generated disklabel seems to
>be the least impact and cleanest (most isolated from the rest of the disk
>code). I'd personally be happy with that.
I think that's the one that I liked as well.
--
Roland Dowdeswell http://www.Imrryr.ORG/~elric/
From: Lubomir Sedlacik <salo@Xtrmntr.org>
To: Roland Dowdeswell <elric@imrryr.org>
Cc: Todd Vierling <tv@duh.org>, Alan Barrett <apb@cequrux.com>,
netbsd-bugs@netbsd.org, gnats-bugs@gnats.netbsd.org
Subject: Re: kern/22774: there is no way to swapctl -a to a wrongly typed partition
Date: Sun, 14 Sep 2003 16:08:44 +0200
On Sat, Sep 13, 2003 at 05:14:55PM -0400, Roland Dowdeswell wrote:
> On 1063474776 seconds since the Beginning of the UNIX epoch Todd
> Vierling wrote:
> >
> > Of those, populating the "b" partition in the generated disklabel
> > seems to be the least impact and cleanest (most isolated from the
> > rest of the disk code). I'd personally be happy with that.
>
> I think that's the one that I liked as well.
<aol> me too! </aol>
i'd happily get rid of the ugly hack i am using now to make encrypted
swap to work.
http://mail-index.netbsd.org/tech-security/2003/04/17/0000.html
regards,
--
-- Lubomir Sedlacik <salo@Xtrmntr.org> --
-- <salo@silcnet.org> --
From: Todd Vierling <tv@duh.org>
To: Roland Dowdeswell <elric@imrryr.org>
Cc: Alan Barrett <apb@cequrux.com>, gnats-bugs@gnats.netbsd.org,
netbsd-bugs@netbsd.org
Subject: Re: kern/22774: there is no way to swapctl -a to a wrongly typed
partition
Date: Sun, 14 Sep 2003 10:37:07 -0400 (EDT)
As to prepopulating the "b" partition, here's a diff. It doesn't munge the
default disklabel as returned by the DEFLABEL ioctl, only the in-core
disklabel used when no label at all is present.
Index: dksubr.c
===================================================================
RCS file: /cvsroot/src/sys/dev/dksubr.c,v
retrieving revision 1.4
diff -u -r1.4 dksubr.c
--- dksubr.c 2002/12/17 01:55:44 1.4
+++ dksubr.c 2003/09/14 14:24:07
@@ -480,7 +480,14 @@
{
struct disklabel *lp = dksc->sc_dkdev.dk_label;
+ /* change raw partition type to 4.2BSD */
lp->d_partitions[RAW_PART].p_fstype = FS_BSDFFS;
+
+ /* set fictitious swap partition "b" as whole disk */
+ lp->d_partitions[1].p_offset = 0;
+ lp->d_partitions[1].p_size = dksc->sc_size;
+ lp->d_partitions[1].p_fstype = FS_SWAP;
+
strncpy(lp->d_packname, "default label", sizeof(lp->d_packname));
lp->d_checksum = dkcksum(lp);
}
--
-- Todd Vierling <tv@duh.org> <tv@pobox.com>
From: Simon Burge <simonb@wasabisystems.com>
To: tv@pobox.com
Cc: gnats-bugs@gnats.netbsd.org, netbsd-bugs@gnats.netbsd.org
Subject: Re: kern/22774: there is no way to swapctl -a to a wrongly typed partition
Date: Mon, 15 Sep 2003 01:03:13 +1000
tv@pobox.com wrote:
> >Number: 22774
> >Category: kern
> >Synopsis: there is no way to swapctl -a to a wrongly typed partition
> [ ... ] Problem is, the faked disklabel cannot be written to the disk,
> since swap does not typically leave the disklabel space alone at the start
> of the disk (unlike ffs).
This isn't true. See the comments in uvm_swap.c:
* for block special files, we want to make sure that leave
* the disklabel and bootblocks alone, so we arrange to skip
* over them (arbitrarily choosing to skip PAGE_SIZE bytes).
* note that because of this the "size" can be less than the
* actual number of blocks on the device.
The raid1 set that I swap on is set up so that the swap partition
starts at the start of the "disk":
4 partitions:
# size offset fstype [fsize bsize cpg/sgs]
b: 4194176 0 swap # (Cyl. 0 - 4095*)
c: 4194176 0 4.2BSD 0 0 0 # (Cyl. 0 - 4095*)
d: 4194176 0 4.2BSD 0 0 0 # (Cyl. 0 - 4095*)
Simon.
--
Simon Burge <simonb@wasabisystems.com>
NetBSD Support and Service: http://www.wasabisystems.com/
From: matthew green <mrg@eterna.com.au>
To: tv@pobox.com
Cc: gnats-bugs@gnats.netbsd.org
Subject: re: kern/22774: there is no way to swapctl -a to a wrongly typed partition
Date: Tue, 16 Sep 2003 05:20:22 +1000
This makes it impossible to use cgd, ccd, etc. for encrypted or
interleave-striped swap purposes without somehow munging the faked
disklabel. Problem is, the faked disklabel cannot be written to the disk,
since swap does not typically leave the disklabel space alone at the start
of the disk (unlike ffs).
this is false. from uvm_swap.c:
/*
* for block special files, we want to make sure that leave
* the disklabel and bootblocks alone, so we arrange to skip
* over them (arbitrarily choosing to skip PAGE_SIZE bytes).
* note that because of this the "size" can be less than the
* actual number of blocks on the device.
*/
if (vp->v_type == VBLK) {
/* we use pages 1 to (size - 1) [inclusive] */
size = npages - 1;
addr = 1;
} else {
/* we use pages 0 to (size - 1) [inclusive] */
size = npages;
addr = 0;
}
>How-To-Repeat:
# cgdconfig -s cgd0 /dev/wd1e aes-cbc 192 </dev/urandom
# swapctl -a /dev/cgd0d
swapctl: /dev/cgd0d: Device not configured
...or...
# ccdconfig ccd0 /dev/wd1e
# swapctl -a /dev/ccd0d
swapctl: /dev/ccd0d: Device not configured
hmmm... i can repeat this with a vnd (which has no "b" partition for me,
just 'a' == 4.2BSD && 'd' = unused on i386), but i'm not yet sure who is
generating that error....
note that there is a 3rd solution - the faked disklabel can be changed
without writing it to disk as long as someone has the disk open...
.mrg.
From: Todd Vierling <tv@duh.org>
To: matthew green <mrg@eterna.com.au>
Cc: gnats-bugs@gnats.netbsd.org
Subject: re: kern/22774: there is no way to swapctl -a to a wrongly typed
partition
Date: Mon, 15 Sep 2003 16:41:38 -0400 (EDT)
On Tue, 16 Sep 2003, matthew green wrote:
: swapctl: /dev/ccd0d: Device not configured
:
: hmmm... i can repeat this with a vnd (which has no "b" partition for me,
: just 'a' == 4.2BSD && 'd' = unused on i386), but i'm not yet sure who is
: generating that error....
Yeah, ENODEV seems ... odd for this particular case (wrong fs type).
: note that there is a 3rd solution - the faked disklabel can be changed
: without writing it to disk as long as someone has the disk open...
I posted a patch to this bug that implements a "b" partition in the faked
disklabel, in sys/dev/dksubr.c.
--
-- Todd Vierling <tv@duh.org> <tv@pobox.com>
>Unformatted:
(Contact us)
$NetBSD: query-full-pr,v 1.39 2013/11/01 18:47:49 spz Exp $
$NetBSD: gnats_config.sh,v 1.8 2006/05/07 09:23:38 tsutsui Exp $
Copyright © 1994-2007
The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.