From owner-freebsd-current@freebsd.org Fri Jan 27 17:33:41 2017 Return-Path: Delivered-To: freebsd-current@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id F3AAFCBF0DB for ; Fri, 27 Jan 2017 17:33:41 +0000 (UTC) (envelope-from shawn.webb@hardenedbsd.org) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id CA8A21A28 for ; Fri, 27 Jan 2017 17:33:41 +0000 (UTC) (envelope-from shawn.webb@hardenedbsd.org) Received: by mailman.ysv.freebsd.org (Postfix) id C6ECCCBF0DA; Fri, 27 Jan 2017 17:33:41 +0000 (UTC) Delivered-To: current@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id C68D1CBF0D9 for ; Fri, 27 Jan 2017 17:33:41 +0000 (UTC) (envelope-from shawn.webb@hardenedbsd.org) Received: from mail-qt0-x22b.google.com (mail-qt0-x22b.google.com [IPv6:2607:f8b0:400d:c0d::22b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 56FCC1A27 for ; Fri, 27 Jan 2017 17:33:41 +0000 (UTC) (envelope-from shawn.webb@hardenedbsd.org) Received: by mail-qt0-x22b.google.com with SMTP id x49so144659363qtc.2 for ; Fri, 27 Jan 2017 09:33:41 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hardenedbsd-org.20150623.gappssmtp.com; s=20150623; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to:user-agent; bh=lUnwN6OJF6EKrfIquGc+54OgnA6VfcjHE2rIHgarefY=; b=Rz/lJagaD50O13s3PBKXvc/yLewUKhQNX/MIyic+3mQgWfb3kFS2t5NB8+QObUK/p4 3Z5fq5l+avpN80fAcZcjyVBy68FJpg8U1eV3Ks3S46br/23unvM5CTJAfGeYMJ/w54Ca Mpsa3xW6e3KDZcPuvAute3lVdcd0wvy/GGsnlJfr2HEWifd5QYNulMaBP4Knu6vzW4a2 9VOlJeV5mqcoysBcYIvOaPiavfD5JGouiRmtxZqsUWtdIL4XJFu63eZotbSXxIwfzLOj nxhgZOJMgqIdS81ZrRgpvwt7nDpPxT8JKuG27euwEYIPOP28Z3xwp7c/tfBjX7/m2bLl P++A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to:user-agent; bh=lUnwN6OJF6EKrfIquGc+54OgnA6VfcjHE2rIHgarefY=; b=Tlx+6Rs487eg8CRXDkgMT+PG2V0LbvcVvbdY2tWCwqCklOgJBDitoz9jqHL4a51QSN fiqKT8lPteArGxf3dz3g3h4d6V609sfuseD1yGCa6vQVLHoP/JZl1NwtYoHXzRcRIr6l ZNJ5Kge5os22hxCP3tXyeWON6TEGRGKLU6DMEvjfpTIJdmG6KU1NCyEI7Jnk0POvzNlO VL0UH/tjHm680807Tv5P41wIbCs27pOLrsL4ASoSfvwlUZ0CRO3Gwpn0KXNqaR4bQL00 4in0OAwlMM4sSgloexh5iWE7s1dfu0/h1aCkw/MefwYaoI75tIoQe8bhDPNNSNfLna1V fYOQ== X-Gm-Message-State: AIkVDXI3ef+SaZRh3vkwFzKpnNs5HpvV41BTHnEiruTzx/6Z+GaEa7Iw48rNeqMKToeRxmif X-Received: by 10.55.26.42 with SMTP id a42mr8740139qka.312.1485538419866; Fri, 27 Jan 2017 09:33:39 -0800 (PST) Received: from mutt-hardenedbsd ([63.88.83.66]) by smtp.gmail.com with ESMTPSA id w41sm4628831qtw.34.2017.01.27.09.33.39 (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Fri, 27 Jan 2017 09:33:39 -0800 (PST) Date: Fri, 27 Jan 2017 12:33:38 -0500 From: Shawn Webb To: Allan Jude Cc: Warner Losh , Toomas Soome , "Ngie Cooper (yaneurabeya)" , FreeBSD Current Subject: Re: gptzfsboot grew a lot after skein support was added; need knob to control bloat Message-ID: <20170127173338.wv6dul7zhxaaw4f4@mutt-hardenedbsd> References: <444df1a4-1f27-49a8-6fa6-81f5853e6d80@freebsd.org> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="xu7ii3maskdfee2p" Content-Disposition: inline In-Reply-To: <444df1a4-1f27-49a8-6fa6-81f5853e6d80@freebsd.org> X-Operating-System: FreeBSD mutt-hardenedbsd 12.0-CURRENT-HBSD FreeBSD 12.0-CURRENT-HBSD X-PGP-Key: http://pgp.mit.edu/pks/lookup?op=vindex&search=0x6A84658F52456EEE User-Agent: NeoMutt/20161126 (1.7.1) X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 27 Jan 2017 17:33:42 -0000 --xu7ii3maskdfee2p Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Jan 27, 2017 at 12:30:17PM -0500, Allan Jude wrote: > On 2017-01-27 12:05, Warner Losh wrote: > > On Fri, Jan 27, 2017 at 12:34 AM, Toomas Soome wrote: > >> > >>> On 27. jaan 2017, at 1:40, Ngie Cooper (yaneurabeya) wrote: > >>> > >>> Hi, > >>> I tried upgrading one of my workstations and unfortunately the = freebsd-boot partition is too small (I follow manpage directions, exactly, = and those seem to be too small as of 10.3-RELEASE timeframe), and I don???t= have enough space or ability to resize the partition and make it bigger. S= o, I???m in need of a build knob to control the bloat, and/or having an alt= ernative boot loader without geli/skein/crypto support compiled in. Would y= ou be opposed to the work? > >>> Thanks, > >>> -Ngie > >> > >> > >> I do agree that since the geli knob is already there, it may do. Of co= urse we also can think of additional knobs, but there is an issue - it wont= help just to exclude some files, the additional features also do sit in th= e code, so the replacement stubs will be needed, also testing them all over= will take some time. And the preprocessor spaghetti really is nasty thing = to deal with;) > >> > >> And then there is another issue (partly why I did the feature support = in first place) - as the kernel does not block user from enabling the featu= res, the user can end up facing non-bootable setup which is also not good, = as user is using perfectly legal options, and still the whole thing is just= rendered unusable??? > >=20 > > I'm curious why you can't find the space for a bigger partition? > > Almost all drives these days are partitioned with a little wasted > > space, and that wasted space should be more than enough to cover us > > here. Also, most drives have a swap partition that can be shrunk a > > trivial amount to get space for this... > >=20 > > Warner > >=20 >=20 > I need to do some testing to make a recipe that works for it, but the > other option is to use the ZFS bootcode area. >=20 > ZFS it self, reserves something like 3.5 mb of space in the ZFS > partition, for boot code. This is how we boot ZFS on MBR. >=20 > It should be possible to use this on GPT as well, we just don't. In the future, maybe it'd be a good idea for the installer to leave more space (a few MB, perhaps?) between the freebsd-boot and freebsd-swap partitions? At least, for ZFS installs. Thanks, --=20 Shawn Webb Cofounder and Security Engineer HardenedBSD GPG Key ID: 0x6A84658F52456EEE GPG Key Fingerprint: 2ABA B6BD EF6A F486 BE89 3D9E 6A84 658F 5245 6EEE --xu7ii3maskdfee2p Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEKrq2ve9q9Ia+iT2eaoRlj1JFbu4FAliLhHAACgkQaoRlj1JF bu6IdQ/9EdpvDFnSQ1R+czCdXQavro6ogcASbrqg5fHgQVp3dZzTRH6pGKhgdAO/ 18T6na3YkmrwGw/+ydWj6S6yA0pzpZH3SitoTdCWfYF5fNhVjvEqwj7aK83FHAJk ppQn2sfS5HUdesWZrCJjE/MVF6Dn7s6BMXQd/mipmPIKdD7e8bKsriwa056lSNKb Zy6sNAzfimYJjtZabaDxp5cVomeJuOnIalE3Kpz8Zd//kjO8xuPQRBh3n/qrmyVW nLKkGaPAH1qJ8Bfg6522F11gpzC1VNuR28ffGE+IjDgFrXr67bEUibq58bYcWtBp Yi628SwmhyudeZgyUScVzObgREz5cngPDmBeuexUbYU8eXNBtGvkutUNSKIp91Rf CGIW18aqZoYqhPysxS3+jaRAbfV5Z6crUaylA45i9vtE5KFTq7QFTAeaEzYKQGbT TrC8mAVwiCSw/xcL85rou4ZKSF3CQpki9B9pb4QDhiO7ICcOYNHNble3+X/u99o0 6/Yon7QOc9CM9GTsgsroX0xVu0dk/Q/GUovN8khNS7r4AIFwbMU9EKIAA6/p52kG 87sYZEjf7t3lohSkBFw1cKUnXkYJBSX7V9I7XPB8x/95+tVYlAXy7RpxQfOD5a/z Yoe6yRQvBJJtK0sSuKYJovgX/MVHeMQEO0LjLem0ntsk652AvEU= =Jchw -----END PGP SIGNATURE----- --xu7ii3maskdfee2p--