From owner-freebsd-hackers@FreeBSD.ORG  Wed Mar 18 18:50:21 2015
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
Delivered-To: freebsd-hackers@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115])
 (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
 (No client certificate requested)
 by hub.freebsd.org (Postfix) with ESMTPS id D7C10908
 for <freebsd-hackers@freebsd.org>; Wed, 18 Mar 2015 18:50:21 +0000 (UTC)
Received: from mail-we0-x22f.google.com (mail-we0-x22f.google.com
 [IPv6:2a00:1450:400c:c03::22f])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 6C6868B2
 for <freebsd-hackers@freebsd.org>; Wed, 18 Mar 2015 18:50:21 +0000 (UTC)
Received: by webcq43 with SMTP id cq43so39611314web.2
 for <freebsd-hackers@freebsd.org>; Wed, 18 Mar 2015 11:50:19 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
 h=mime-version:date:message-id:subject:from:to:content-type;
 bh=iodLs5nOm16PsK+7R18rGS/TJBmQ4iu3Gz4fNJTMDTI=;
 b=JEI/Xy3vLd5P1T25Gua3TNkyXPevynynyUUQB36JEildZwtdJUiAlRH+jYFjTDlt/M
 UzZ/ClQjQCq00j+xsil3BFrMX5hzjAPnn6GSqzWNrwZXqisoFwKZ0g2PPhy/om3V8AiG
 plVmb12udTx/6A5v1mmmOzdF41PcpAchGwjeny4pZwdae+FfLg2gEzwH/UCkSqHdpb4d
 wpidUDQOSm5n7o3kVnpkE49hPhXX4rG0Bx+Y9OMgk1qZr96gl+15T1+8RTqL1e4FsYYd
 bDq+c6H9Ls65mRKeInrEz/qIunKxzVhiLo/HT6PBJKmtBcxaA+wjv/V4uvKr9O+Yk+D0
 sJLA==
MIME-Version: 1.0
X-Received: by 10.194.80.40 with SMTP id o8mr142013317wjx.34.1426704619877;
 Wed, 18 Mar 2015 11:50:19 -0700 (PDT)
Received: by 10.194.18.37 with HTTP; Wed, 18 Mar 2015 11:50:19 -0700 (PDT)
Date: Wed, 18 Mar 2015 15:50:19 -0300
Message-ID: <CAKN1MR54TCWZa_wSLAe63fxVF6248yr_aKkg-T0WtxHzaiLkyw@mail.gmail.com>
Subject: GELI support on /boot folder
From: Pedro Arthur <bygrandao@gmail.com>
To: "<freebsd-hackers@freebsd.org>" <freebsd-hackers@freebsd.org>
Content-Type: text/plain; charset=UTF-8
X-Content-Filtered-By: Mailman/MimeDel 2.1.18-1
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.18-1
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
 <freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/options/freebsd-hackers>, 
 <mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers/>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
 <mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 18 Mar 2015 18:50:21 -0000

Hi,
I was discussing with Kris Moore about adding support for GELI in
bootloader as a GSoC project,
thus the /boot folder could be encrypted.
However the stage 2 boot program has a limit size of  ~8 Kb which is almost
reached in the default
HEAD src.
Thus I would like to know your thoughts about this project, if it is
viable, and what can be done to
overcome these 8 Kb limit.


Thanks,
Pedro.