Changeset 86461b1


Ignore:
Timestamp:
11/10/14 08:41:37 (6 months ago)
Author:
Kris Moore <kris@…>
Branches:
master, releng/10.1.1, releng/10.1.2
Children:
0b2cdde
Parents:
f5743e3
Message:

Add support for doing GELI encrypted ZFS mirrored disks, this
*should* work with GRUB, but it may prompt for the additional disk
passphrases during ZFS init of kernel boot

Location:
src-sh/pc-sysinstall/backend
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • src-sh/pc-sysinstall/backend/functions-bsdlabel.sh

    rdb84e3d r86461b1  
    106106  _nZFS="" 
    107107  SOUT="$4" 
     108  ENC="$5" 
    108109 
    109110  # Check if the target disk is using GRUB 
     
    140141        rc_halt "gpart bootcode -b /boot/pmbr -p /boot/gptzfsboot -i 1 ${_zvars}" >/dev/null 2>/dev/null 
    141142      fi 
    142       _nZFS="$_nZFS ${_zvars}p2"         
     143      # If GELI is enabled 
     144      if [ "$ENC" = "ON" ] ; then 
     145        _nZFS="$_nZFS ${_zvars}p2.eli" 
     146      else 
     147        _nZFS="$_nZFS ${_zvars}p2" 
     148      fi 
    143149    else 
    144       _nZFS="$_nZFS ${_zvars}"   
     150      _nZFS="$_nZFS ${_zvars}" 
    145151    fi   
     152 
    146153  done 
    147154 
     
    391398      if [ $? -eq 0 -a "$FS" = "ZFS" ] ; then 
    392399        if [ "${_pType}" = "gpt" -o "${_pType}" = "gptslice" ] ; then 
    393           setup_zfs_mirror_parts "${XTRAOPTS}" "${_pDisk}p${CURPART}" "${_pDisk}" "${SOUT}" 
     400          setup_zfs_mirror_parts "${XTRAOPTS}" "${_pDisk}p${CURPART}" "${_pDisk}" "${SOUT}" "$ENC" 
    394401          XTRAOPTS="${ZXTRAOPTS}" 
    395402        elif [ "${_pType}" = "apm" ] ; then 
    396           setup_zfs_mirror_parts "${XTRAOPTS}" "${_pDisk}s${CURPART}" "${_pDisk}" "${SOUT}" 
     403          setup_zfs_mirror_parts "${XTRAOPTS}" "${_pDisk}s${CURPART}" "${_pDisk}" "${SOUT}" "$ENC" 
    397404          XTRAOPTS="${ZXTRAOPTS}" 
    398405        else 
    399           setup_zfs_mirror_parts "${XTRAOPTS}" "${_wSlice}${PARTLETTER}" "${_pDisk}" "${SOUT}" 
     406          setup_zfs_mirror_parts "${XTRAOPTS}" "${_wSlice}${PARTLETTER}" "${_pDisk}" "${SOUT}" "$ENC" 
    400407          XTRAOPTS="${ZXTRAOPTS}" 
    401408        fi 
     
    439446            echo_log "Cloning disk layout to ZFS disk ${zC}" 
    440447            rc_halt "gpart add -a 4k ${SOUT} -t ${PARTYPE} ${zC}" 
     448            if [ "$ENC" = "ON" -a "$PARTYPE" = "freebsd-zfs" ] ; then 
     449               export GELI_CLONE_ZFS_DEV="${_pDisk}p${CURPART}" 
     450               export GELI_CLONE_ZFS_DISKS="$GELI_CLONE_ZFS_DISKS $zC" 
     451            fi 
    441452            if [ "$PARTYPE" = "freebsd-swap" ] ; then 
    442453               # If this is the first device, save the original swap dev 
  • src-sh/pc-sysinstall/backend/functions-newfs.sh

    r4aeb042 r86461b1  
    151151    fi 
    152152 
     153    # If we are doing mirrored ZFS disks 
     154    if [ -n "$GELI_CLONE_ZFS_DISKS" -a "$GELI_CLONE_ZFS_DEV" = "$PARTDEV" ] ; then 
     155       for gC in $GELI_CLONE_ZFS_DISKS 
     156       do 
     157         echo_log "Setting up GELI on mirrored disks: ${gC}" 
     158         rc_halt "geli init -V 5 -b -J ${PARTDIR}-enc/${PART}-encpass ${gC}" 
     159         rc_halt "geli attach -j ${PARTDIR}-enc/${PART}-encpass ${gC}" 
     160       done 
     161    fi 
     162 
    153163    case ${PARTFS} in 
    154164      UFS) 
Note: See TracChangeset for help on using the changeset viewer.