From owner-freebsd-current@freebsd.org Fri Jan 27 17:35:26 2017 Return-Path: Delivered-To: freebsd-current@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 6FA46CBF1E5 for ; Fri, 27 Jan 2017 17:35:26 +0000 (UTC) (envelope-from allanjude@freebsd.org) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id 4F99E1C02 for ; Fri, 27 Jan 2017 17:35:26 +0000 (UTC) (envelope-from allanjude@freebsd.org) Received: by mailman.ysv.freebsd.org (Postfix) id 4C0E0CBF1E4; Fri, 27 Jan 2017 17:35:26 +0000 (UTC) Delivered-To: current@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 4BAEDCBF1E3 for ; Fri, 27 Jan 2017 17:35:26 +0000 (UTC) (envelope-from allanjude@freebsd.org) Received: from mx1.scaleengine.net (mx1.scaleengine.net [209.51.186.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 2277C1C01 for ; Fri, 27 Jan 2017 17:35:25 +0000 (UTC) (envelope-from allanjude@freebsd.org) Received: from [10.1.1.2] (unknown [10.1.1.2]) (Authenticated sender: allanjude.freebsd@scaleengine.com) by mx1.scaleengine.net (Postfix) with ESMTPSA id B15C91384C; Fri, 27 Jan 2017 17:35:24 +0000 (UTC) Subject: Re: gptzfsboot grew a lot after skein support was added; need knob to control bloat To: Shawn Webb References: <444df1a4-1f27-49a8-6fa6-81f5853e6d80@freebsd.org> <20170127173338.wv6dul7zhxaaw4f4@mutt-hardenedbsd> Cc: Warner Losh , Toomas Soome , "Ngie Cooper (yaneurabeya)" , FreeBSD Current From: Allan Jude Message-ID: <94f227b6-1f94-e54a-825a-dd9554c3bea3@freebsd.org> Date: Fri, 27 Jan 2017 12:35:21 -0500 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.6.0 MIME-Version: 1.0 In-Reply-To: <20170127173338.wv6dul7zhxaaw4f4@mutt-hardenedbsd> Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="ff0MENSl4bD8gTb0Ml85oATaWChfbCdTk" X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 27 Jan 2017 17:35:26 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --ff0MENSl4bD8gTb0Ml85oATaWChfbCdTk Content-Type: multipart/mixed; boundary="KPco8us3Eosrt3tqmBjCOcJoasgDjHld1"; protected-headers="v1" From: Allan Jude To: Shawn Webb Cc: Warner Losh , Toomas Soome , "Ngie Cooper (yaneurabeya)" , FreeBSD Current Message-ID: <94f227b6-1f94-e54a-825a-dd9554c3bea3@freebsd.org> Subject: Re: gptzfsboot grew a lot after skein support was added; need knob to control bloat References: <444df1a4-1f27-49a8-6fa6-81f5853e6d80@freebsd.org> <20170127173338.wv6dul7zhxaaw4f4@mutt-hardenedbsd> In-Reply-To: <20170127173338.wv6dul7zhxaaw4f4@mutt-hardenedbsd> --KPco8us3Eosrt3tqmBjCOcJoasgDjHld1 Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: quoted-printable On 2017-01-27 12:33, Shawn Webb wrote: > On Fri, Jan 27, 2017 at 12:30:17PM -0500, Allan Jude wrote: >> On 2017-01-27 12:05, Warner Losh wrote: >>> On Fri, Jan 27, 2017 at 12:34 AM, Toomas Soome wrote:= >>>> >>>>> On 27. jaan 2017, at 1:40, Ngie Cooper (yaneurabeya) wrote: >>>>> >>>>> Hi, >>>>> I tried upgrading one of my workstations and unfortunately th= e freebsd-boot partition is too small (I follow manpage directions, exact= ly, and those seem to be too small as of 10.3-RELEASE timeframe), and I d= on???t have enough space or ability to resize the partition and make it b= igger. So, I???m in need of a build knob to control the bloat, and/or hav= ing an alternative boot loader without geli/skein/crypto support compiled= in. Would you be opposed to the work? >>>>> Thanks, >>>>> -Ngie >>>> >>>> >>>> I do agree that since the geli knob is already there, it may do. Of = course we also can think of additional knobs, but there is an issue - it = wont help just to exclude some files, the additional features also do sit= in the code, so the replacement stubs will be needed, also testing them = all over will take some time. And the preprocessor spaghetti really is na= sty thing to deal with;) >>>> >>>> And then there is another issue (partly why I did the feature suppor= t in first place) - as the kernel does not block user from enabling the f= eatures, the user can end up facing non-bootable setup which is also not = good, as user is using perfectly legal options, and still the whole thing= is just rendered unusable??? >>> >>> I'm curious why you can't find the space for a bigger partition? >>> Almost all drives these days are partitioned with a little wasted >>> space, and that wasted space should be more than enough to cover us >>> here. Also, most drives have a swap partition that can be shrunk a >>> trivial amount to get space for this... >>> >>> Warner >>> >> >> I need to do some testing to make a recipe that works for it, but the >> other option is to use the ZFS bootcode area. >> >> ZFS it self, reserves something like 3.5 mb of space in the ZFS >> partition, for boot code. This is how we boot ZFS on MBR. >> >> It should be possible to use this on GPT as well, we just don't. >=20 > In the future, maybe it'd be a good idea for the installer to leave > more space (a few MB, perhaps?) between the freebsd-boot and > freebsd-swap partitions? At least, for ZFS installs. >=20 > Thanks, >=20 The PMBR code has a limitation for 536kb, and it all has to fit under the 640k barrier, so the current 512kb size is plenty. The issue is some people are upgrading from systems that were isntalled long ago, when 64kb or less was the default. --=20 Allan Jude --KPco8us3Eosrt3tqmBjCOcJoasgDjHld1-- --ff0MENSl4bD8gTb0Ml85oATaWChfbCdTk Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (MingW32) iQIcBAEBAgAGBQJYi4TZAAoJEBmVNT4SmAt+tn4P/2RFuITn8AOBFbOuw2ODoEF6 UPK8e/dzm3mKMCHRBlDhCkzjmQdFo322h/NPW22mG4sZoB49Ls6xQyH/fXd6jVDm vbtDcXFxJhCEOrJ/NypzrHWm2+Xu2+6zUgID720OorevqRGR7ZWfhM17km+ZfQ6x OFcKTszI463pNOk+phciPBfSwNzjxXwxErmqR0jZ9AFnh8eQ8kX2I67BKDyqIphc LIc3nxVDa/AGEEPcaNMQ1t4fvS6UN/iPyqQHZ3e4R4zn2VCw0I1ZEaL7txfMYkcA +KBVPpcCmt+KboVGUlVXzSgurER083Epd5NocRfSO4tzYtVEXrmdFwkg54DL7eVy AOeLuNV+tZjO4YI4WZltUchwhGQVTmx3QtJd/bZ7T+APQ+SWJy40qPL4GfT1M40P kMFd5vN52BrbfYDcAK5lTBzCgIFR1uiXmwPw3GJJxBtGbmKufLl0l8NKQIB42kFj 25rIVw9VrPF/sG43KHdbCHe/iS2EbhPlVaIvo7Q2bc+ncoMOH1vJQuH59zseCR37 hkH4Gh/y4TXXaWQhsHsKtpIWSVyqULi7gXLgWvgzXA5ZXNad54ftyIW+6qqIFfph RScXcBm3ShultVN4+KNS5v7+iXPH/c2H5FVsaIvVVHbYeC5OUrQj+/Fk0M/XyQET I7GMKMwmffHiPprBTHbG =AFDS -----END PGP SIGNATURE----- --ff0MENSl4bD8gTb0Ml85oATaWChfbCdTk--