GELI changes?
Krassimir Slavchev
krassi at bulinfo.net
Wed Feb 21 15:13:10 UTC 2018
Hi All,
On FreeBSD 8 & 9 I was able to use GELI on preloaded image providing
keys either via loader.conf or via custom usb driver.
On FreeBSD 11 & CURRENT I can not make usb drivers to load before GELI
(e.g. MODULE_DEPEND(g_eli, my_usb_device, 1, 1, 1) in g_eli.c). Also,
loading keys from loader.conf is not working (Cannot decrypt Master Key)
which may be related to current EFI changes. On CURRENT loading keys
from loader.conf produces kernel panic because cryptosoft is not
initialized (opencrypto/crypto.c:497, CRYPTO_DRIVER_LOCK() spin mutex
(null)).
So, could we load USB layer before GELI?
Is there a way to re-taste a GEOM provider a bit later but before root
mount?
Best regards,
--
Krassimir Slavchev Bulinfo Ltd.
krassi at bulinfo.net (+359 2) 9699 166
http://www.bulinfo.net (+359 2) 9699 160
More information about the freebsd-current
mailing list