CFT: Crypto key intake metadata and GELI BIOS boot
Eric McCorkle
eric at metricspace.net
Wed Feb 15 14:15:46 UTC 2017
Hello everyone,
Attached is a patch that provides a flexible mechanism for providing
encryption keys to a kernel from the boot loader. This patch also
modifies the current BIOS GELI support to use this mechanism. The git
repo can be found here: https://github.com/emc2/freebsd/tree/keybuf (the
branch is the "keybuf" branch).
Please test this patch with a GELI BIOS boot setup and report the results.
Note that I have been encountering a strange problem with the BIOS GELI
support that causes gptboot to crash with an illegal instruction. This
seems to manifest on an unmodified copy of master.
Also note that this patch is already under review on phabricator.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: keybuf.diff
Type: text/x-patch
Size: 25266 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-amd64/attachments/20170215/6ffacb9f/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 228 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freebsd.org/pipermail/freebsd-amd64/attachments/20170215/6ffacb9f/attachment.sig>
More information about the freebsd-amd64
mailing list