EFI GELI support ready for testers
Konstantin Belousov
kostikbel at gmail.com
Sat May 28 08:37:03 UTC 2016
On Fri, May 27, 2016 at 07:39:57PM -0400, Eric McCorkle wrote:
> I am pleased to announce that my work to add support for GELI in the EFI boot loader (as well as perform more general refactoring) is now ready for testing. I am able to successfully detect multiple GELI partitions in boot1 and pass the keys into the kernel.
Can somebody explain in which way this is useful ?
Same question for the GELI code for non-EFI loader.
BIOS cannot read raw data from the encrypted partition, so you need
either old boot or the loader and some additional data on EFI boot
partition anyway.
Features adds significant amount of code, which must be maintained in
parallel with the kernel code.
More information about the freebsd-hackers
mailing list