Date: Sat, 28 May 2016 11:36:57 +0300 From: Konstantin Belousov <kostikbel@gmail.com> To: Eric McCorkle <eric@metricspace.net> Cc: "freebsd-hackers@freebsd.org" <freebsd-hackers@freebsd.org> Subject: Re: EFI GELI support ready for testers Message-ID: <20160528083656.GT38613@kib.kiev.ua> In-Reply-To: <519CC1FC-84DF-4710-8E62-AF26D8AED2CF@metricspace.net> References: <519CC1FC-84DF-4710-8E62-AF26D8AED2CF@metricspace.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, May 27, 2016 at 07:39:57PM -0400, Eric McCorkle wrote: > I am pleased to announce that my work to add support for GELI in the EFI boot loader (as well as perform more general refactoring) is now ready for testing. I am able to successfully detect multiple GELI partitions in boot1 and pass the keys into the kernel. Can somebody explain in which way this is useful ? Same question for the GELI code for non-EFI loader. BIOS cannot read raw data from the encrypted partition, so you need either old boot or the loader and some additional data on EFI boot partition anyway. Features adds significant amount of code, which must be maintained in parallel with the kernel code.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20160528083656.GT38613>