keystrokes unreliable for geli passphrase input at boot on ThinkpadX60

Hiroharu Tamaru tamaru at myn.rcast.u-tokyo.ac.jp
Sun Mar 2 05:02:41 UTC 2008


Hi, Pawel and mobile people,

I've been running geom_eli root fs on my note book for some time.

It happened that keyboard input for the geom_eli passphrase
input is very unreliable when it is prompted from the kernel
at boot time to capture the passphrase for the root filesystem:
not every keystroke is recognized, and since there are no
echo backs, it is very hard, if possible at all, to type it
correctly.

For such an emergency, 

kern.geom.eli.visible_passphrase=1

surely helps by echoing back the keys actually recognized,
but it leaves the plaintext passphrase in the log file.

I've been running a patched version of libkern/gets.c to
echo back *'s instead of the actual input.  It worked well
for me on my old CASIO Casiopeia FIVA, and I just thought it
was some BIOS or timing issue on an old note book.

Now, it turns out that a newer Thinkpad X60 also suffers
from this issue, and I wondered how other people are going
along.

If this is something more universal, I'd appreciate if you
could commit this workaround patch and MFC.

The patch also prevents to log the number of characters in
your passphrase.

Thanks.

Hiroharu Tamaru

--- sys/libkern/gets.c-	Sun Mar  2 12:56:48 2008
+++ sys/libkern/gets.c	Sun Mar  2 13:08:31 2008
@@ -43,27 +43,32 @@
 	for (;;) {
 		c = cngetc() & 0177;
 		switch (c) {
 		case '\n':
 		case '\r':
-			printf("%c", c);
 			*lp = '\0';
+			if (!visible) {
+				for (; lp < end; ++lp)
+					printf("*");
+			}
+			printf("%c", c);
 			return;
 		case '\b':
 		case '\177':
 			if (lp > cp) {
-				if (visible)
-					printf("%c \b", c);
+				printf("%c \b", c);
 				lp--;
 			}
 			continue;
 		case '\0':
 			continue;
 		default:
 			if (lp < end) {
 				if (visible)
 					printf("%c", c);
+				else
+					printf("*");
 				*lp++ = c;
 			}
 		}
 	}
 }



More information about the freebsd-mobile mailing list