From owner-freebsd-current@freebsd.org Thu Nov 16 02:29:56 2017 Return-Path: Delivered-To: freebsd-current@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 4E71DDB9244 for ; Thu, 16 Nov 2017 02:29:56 +0000 (UTC) (envelope-from eric@metricspace.net) Received: from mail.metricspace.net (mail.metricspace.net [IPv6:2001:470:1f11:617::107]) by mx1.freebsd.org (Postfix) with ESMTP id 1C15268129; Thu, 16 Nov 2017 02:29:56 +0000 (UTC) (envelope-from eric@metricspace.net) Received: from [IPv6:2001:470:1f11:617:3210:b3ff:fe77:becd] (unknown [IPv6:2001:470:1f11:617:3210:b3ff:fe77:becd]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client did not present a certificate) (Authenticated sender: eric) by mail.metricspace.net (Postfix) with ESMTPSA id E07321B8C; Thu, 16 Nov 2017 02:29:48 +0000 (UTC) Subject: Re: GELI with UEFI supporting Boot Environments goes to HEAD when? To: Tommi Pernila , Warner Losh Cc: "[ScaleEngine] Allan Jude" , freebsd-current , "imp@freebsd.org" References: From: Eric McCorkle Message-ID: <0e75a2ba-9a59-8301-a678-68a822025bd6@metricspace.net> Date: Wed, 15 Nov 2017 21:29:44 -0500 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:52.0) Gecko/20100101 Thunderbird/52.4.0 MIME-Version: 1.0 In-Reply-To: Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="TuJl2cvUGugu9FKn7FNqgU3PR8SRBD3wm" X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 16 Nov 2017 02:29:56 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --TuJl2cvUGugu9FKn7FNqgU3PR8SRBD3wm Content-Type: multipart/mixed; boundary="aSdmjuiWiegWiQkoIfkT5ugO08cMQUc7w"; protected-headers="v1" From: Eric McCorkle To: Tommi Pernila , Warner Losh Cc: "[ScaleEngine] Allan Jude" , freebsd-current , "imp@freebsd.org" Message-ID: <0e75a2ba-9a59-8301-a678-68a822025bd6@metricspace.net> Subject: Re: GELI with UEFI supporting Boot Environments goes to HEAD when? References: In-Reply-To: --aSdmjuiWiegWiQkoIfkT5ugO08cMQUc7w Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: quoted-printable Right, so basically, the remaining GELI patches are against loader, and most of them can go in independently of the work on removing boot1. There's a unanimous consensus on getting rid of boot1 which includes its original author, so that's going to happen. For GELI, we have the following (not necessarily in order): a) Adding the KMS interfaces, pseudo-device, and kernel keybuf interactio= ns b) Modifications to the efipart driver c) boot crypto d) GELI partition types (not strictly necessary) Then there's the GELI driver itself. (a) and (c) are good to land, (b) needs some more work after Toomas Soome pointed out a legitimate problem, and (d) actually needs a good bit more code (but again, it's more cosmetic). Additionally, the GELI driver will need further mods to efipart to be written (nothing too big). But we could go ahead with (a) and (c), as they've already been proven to work. I'd wanted to have this stuff shaped up sooner, but I'm preoccupied with the 7th RISC-V workshop at the end of the month. Once this stuff is all in, loader should handle any GELI volumes it finds, and it should Just Work once boot1 is gone. --aSdmjuiWiegWiQkoIfkT5ugO08cMQUc7w-- --TuJl2cvUGugu9FKn7FNqgU3PR8SRBD3wm Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- iIsEARYIADMWIQTp6hWnRH4nHb9/QN/kI/o6qzq6mAUCWgz4HBUcZXJpY0BtZXRy aWNzcGFjZS5uZXQACgkQ5CP6Oqs6uph1VwEA0/1XCpe5ATbW1m3TKtFPEjRHPvTz dPCXkADdIZ6CJuYA/1jucALr9LRVSUsSe+gy288Tv7T2E35GDFFOOeqKlxkE =P/s0 -----END PGP SIGNATURE----- --TuJl2cvUGugu9FKn7FNqgU3PR8SRBD3wm--