From owner-freebsd-current@freebsd.org Wed Feb 21 03:56:57 2018 Return-Path: Delivered-To: freebsd-current@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id D3D2EF27D3B for ; Wed, 21 Feb 2018 03:56:56 +0000 (UTC) (envelope-from tommi.pernila@gmail.com) Received: from mail-qk0-x243.google.com (mail-qk0-x243.google.com [IPv6:2607:f8b0:400d:c09::243]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 5FCAB831F9; Wed, 21 Feb 2018 03:56:56 +0000 (UTC) (envelope-from tommi.pernila@gmail.com) Received: by mail-qk0-x243.google.com with SMTP id z197so389395qkb.6; Tue, 20 Feb 2018 19:56:56 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=IyvBkC1rOFCJQfQnoWezlBF30S/DwXSX+c040DyCK2k=; b=MMUfpdc/516LaEEH+pUXQocBgkmNeE1hov2+526D8qKK6DUyPZi2KRfBBQukqh825p b7P2WqlnDese+wvB1yC6AihC6PjOCNBTRehiANSPbhhSv3AGKxBFLEij4Z1VzDMvtBb7 gk/5Jh54GJMSIudcUlTeTRSLa+P3oplpyNVWSjkj/uFVnvTBoAeQ3Dwk5Q7u6A/BfrEV uNQZg27gCXJlxutQanuQmkUjkUzK1RaD6LhZUZRehXjOihDDvOoWuEXfSy/w5aXwtVdD S1r3ZaQxrdtn5F7H8jywtOmpFqSYLbF/0McYmZyELemqggiIHrPu3gq1PcbzJm91rURc t25w== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=IyvBkC1rOFCJQfQnoWezlBF30S/DwXSX+c040DyCK2k=; b=CCPE9OG24BVPPy2fcld56bc4rwpR9ExsZgSfMlmhrnDRLowQ1n47vw4dyaLQ5No9xS HgGgeNhRj82gqRAevbnCWfwj0/QKH/Cp6OAp1Qi1C6dtA8RwE/NX1Q/73OTRtwVDmWDH PJ2tr0WiKYjhHmgclKRL/wjAn+53BmhM3Brq+krWGPaR+phhJKOF/l8N+YqS5mZe8ieT t0z/f0p31XtlpqVGqx7rMwM3nYvTfLF2Dz4Q6/lZdEPv+6XvJIYhYpDj45x2lGVIxW+Y ycG3rl8ESSLjQ1hBj7H541ggj7sJWeXHpoWwknz/NH/vrVF+7FMuXP5s7iJynyERhVA6 jPEw== X-Gm-Message-State: APf1xPDPJtEGUFObcPki5fUVB106MJ0omnhm2IbG6yoAIaIK500DpxVk Xp/c6q6RO+u0pNlWUbPhZy9bj31vyxvXwhT/yF2uUg== X-Google-Smtp-Source: AG47ELtyFc14ZnNwZwbXd7utPP83NswK8DPKDkJEEKT09JFIDCCeIwoNTRE7vY9xbB7SX+XwFGxCT0/pBsuxZi7HDFE= X-Received: by 10.55.169.1 with SMTP id s1mr3021989qke.96.1519185415574; Tue, 20 Feb 2018 19:56:55 -0800 (PST) MIME-Version: 1.0 Sender: tommi.pernila@gmail.com Received: by 10.200.6.196 with HTTP; Tue, 20 Feb 2018 19:56:54 -0800 (PST) Received: by 10.200.6.196 with HTTP; Tue, 20 Feb 2018 19:56:54 -0800 (PST) In-Reply-To: <0e75a2ba-9a59-8301-a678-68a822025bd6@metricspace.net> References: <0e75a2ba-9a59-8301-a678-68a822025bd6@metricspace.net> From: Tommi Pernila Date: Wed, 21 Feb 2018 05:56:54 +0200 X-Google-Sender-Auth: sP_f_ku5fn6xcO4UeHciS7YcWF0 Message-ID: Subject: Re: GELI with UEFI supporting Boot Environments goes to HEAD when? To: Eric McCorkle Cc: Warner Losh , "[ScaleEngine] Allan Jude" , freebsd-current , imp@freebsd.org Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.25 X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 21 Feb 2018 03:56:57 -0000 Hi Eric, could you provide a brief update how the work is going? Br, Tommi On Nov 16, 2017 04:29, "Eric McCorkle" wrote: Right, so basically, the remaining GELI patches are against loader, and most of them can go in independently of the work on removing boot1. There's a unanimous consensus on getting rid of boot1 which includes its original author, so that's going to happen. For GELI, we have the following (not necessarily in order): a) Adding the KMS interfaces, pseudo-device, and kernel keybuf interactions b) Modifications to the efipart driver c) boot crypto d) GELI partition types (not strictly necessary) Then there's the GELI driver itself. (a) and (c) are good to land, (b) needs some more work after Toomas Soome pointed out a legitimate problem, and (d) actually needs a good bit more code (but again, it's more cosmetic). Additionally, the GELI driver will need further mods to efipart to be written (nothing too big). But we could go ahead with (a) and (c), as they've already been proven to work. I'd wanted to have this stuff shaped up sooner, but I'm preoccupied with the 7th RISC-V workshop at the end of the month. Once this stuff is all in, loader should handle any GELI volumes it finds, and it should Just Work once boot1 is gone.