Date: Fri, 08 Apr 2016 01:25:35 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-bugs@FreeBSD.org Subject: [Bug 208251] [regression] Bogus geli passphrase prompts after r296963 Message-ID: <bug-208251-8-mfqWxYZJwT@https.bugs.freebsd.org/bugzilla/> In-Reply-To: <bug-208251-8@https.bugs.freebsd.org/bugzilla/> References: <bug-208251-8@https.bugs.freebsd.org/bugzilla/>
next in thread | previous in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D208251 --- Comment #10 from commit-hook@freebsd.org --- A commit references this bug: Author: allanjude Date: Fri Apr 8 01:25:26 UTC 2016 New revision: 297691 URL: https://svnweb.freebsd.org/changeset/base/297691 Log: Create the GELIBOOT GEOM_ELI flag This flag indicates that the user wishes to use the GELIBOOT feature to b= oot from a fully encrypted root file system. Currently, GELIBOOT does not support key files, and in the future when it does, they will be loaded differently. Due to the design of GELI, and the desire for secrecy, the GELI metadata = does not know if key files are used or not, it just adds the key material (if an= y) to the HMAC before the optional passphrase, so there is no way to tell if a GELI partition requires key files or not. Since the GELIBOOT code in boot2 and the loader does not support keys, th= ey will now only attempt to attach if this flag is set. This will stop GELIBOOT from prompting for passwords to GELIs that it cannot decrypt, disrupting the boot process PR: 208251 Reviewed by: ed, oshogbo, wblock Sponsored by: ScaleEngine Inc. Differential Revision: https://reviews.freebsd.org/D5867 Changes: head/sbin/geom/class/eli/geli.8 head/sbin/geom/class/eli/geom_eli.c head/sys/geom/eli/g_eli.c head/sys/geom/eli/g_eli.h head/sys/geom/eli/g_eli_ctl.c --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-208251-8-mfqWxYZJwT>