softraid encryption

[Sunnz]

I have been using vnconfig for disk encryption but I am aware that softraid is the new thing for some years, so I decide to try it in a virtual machine before actually using it on my real system. (Is it still "new" or am I just slow?)

Anyway I was able to have encrypted disk (sd1, sd2) created from partitions (sd0j, sd0k) and all is good.

I got some n00bish questions though... I haven't really used raid before...

What is softraid0? Is it just a controller of some kind? I was able to make 2 encrypted volumes both using softraid0 (bioctl -c C -l /dev/sd0j softraid0; bioctl -c C -l /dev/sd0k softraid0; ) but I heard that you can have more... (like softraid1, 2, etc...) but why? Is there a limit or something?

How do to "undo" an encrypted volume? Say I did bioctl -c C -l /dev/sd0j softraid0; and sd0 appears but I want to undo that... is this just something you don't do with a RAID configuration?

Lastly is there a way to create an encrypted volume using a file? Like with vnconfig you can create a sparse disk image as a file like /img/disk.img that have a capacity of 10 GB but only takes up as much disk space as the file inside takes... I have tried to do something like,

mount_vnd /img/test.img svnd0 #no encryption
fdisk -i svnd0
disklabel -E svnd0 # svnd0a is RAID
bioctl -c C -l /dev/svnd0a softraid0
##kernel panic##

[jggimi]

Quote:

Originally Posted by Sunnz

... I haven't really used raid before...

Stop right there. RAID has nothing to do with cryptographics. The softraid(4) driver can do some things which provide software RAID capability, and it can also conduct cryptographics.

RAID stands for Redundant Array of Inexpensive Disks, or Redundant Array of Independent Disks. It was devised at the University of California, Berkeley. As initially concieved, there were a number of different methodologies devised, and assigned a series of different numbers, such as RAID 1 (mirroring) or RAID 5 (parity data interspersed with user data). This even included something they called RAID 0, which has no redundancy capability at all, and should have been called "AID" instead of "RAID". See http://en.wikipedia.org/wiki/RAID for details.

Quote:

What is softraid0? Is it just a controller of some kind?

A driver. See above.

Quote:

I was able to make 2 encrypted volumes both using softraid0 (bioctl -c C -l /dev/sd0j softraid0; bioctl -c C -l /dev/sd0k softraid0; ) but I heard that you can have more... (like softraid1, 2, etc...) but why? Is there a limit or something?

Only one softraid pseudo device is defined in /usr/src/sys/conf/GENERIC. There should be no need for additional softraid devices. The softraid(4) man page is the definitive place to go for understanding.

Quote:

How do to "undo" an encrypted volume? Say I did bioctl -c C -l /dev/sd0j softraid0; and sd0 appears but I want to undo that... is this just something you don't do with a RAID configuration?

Per the bioctl(8) man page, see the "-d" option. The sd device will be deleted, and the unencrypted data will no longer be available to the OS.

Quote:

Lastly is there a way to create an encrypted volume using a file? ...

No. Please read the bioctl(8) man page. A -device- is required.

[BSDfan666]

But yeah, softraid(4) is supposed to be a better replacement for the RAIDframe driver, with a uniform set of utilities shared between it and hardware RAID drivers (..bio(4)/bioctl(8)).

EDIT: I had a erroneously stated that RAID0 was equal to JBOD, this was wrong.. apologies.

[jggimi]

Eventually, BSDfan. We have different opinions about the state of softraid(4);

[BSDfan666]

My opinions are based solely on speculation, I don't use disk arrays.. so I concede to your experiences on the matter.

[Sunnz]

Quote:

Originally Posted by jggimi

Stop right there. RAID has nothing to do with cryptographics.

I know, I thought I mentioned that I am not experienced with RAID though.

Quote:

Only one softraid pseudo device is defined in /usr/src/sys/conf/GENERIC. There should be no need for additional softraid devices. The softraid(4) man page is the definitive place to go for understanding.

I see.

Quote:

Per the bioctl(8) man page, see the "-d" option. The sd device will be deleted, and the unencrypted data will no longer be available to the OS.

Oh yes I was reading both man pages over and over again, I was doing it wrong... I did something like bioctl -d softraid0 and bioctl -d -l /dev/sd0j softraid0... no, it is just bioctl -d sd1 which works now, what was I thinking!!

Quote:

No. Please read the bioctl(8) man page. A -device- is required.

Ok I read them again more carefully and thoroughly. Thanks for the help.

[ocicat]

Quote:

Originally Posted by Sunnz

Ok I read them again more carefully and thoroughly.

It would also be worth your time searching through the misc@ archives for related information. I recall that Marco Peerboom has stepped a few people through configuration issues within the last year.