Date: Thu, 13 Jan 2022 16:38:25 UTC
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=261172 --- Comment #2 from John Baldwin <jhb@FreeBSD.org> --- The issue is that the compile fix exposed an assertion that was previously unchecked. Hmm, the code in geliboot_crypto.c is a bit incorrect (but probably not harmfully so). This (untested) patch will fix the assertion, but it should also use a better IV size. The IV size is not the same as the key size (for AES-CBC the IV is a block, and for AES-XTS the IV is actually smaller than a block) -- You are receiving this mail because: You are the assignee for the bug.