From owner-freebsd-hackers@freebsd.org  Wed Jun  1 14:40:38 2016
Return-Path: <owner-freebsd-hackers@freebsd.org>
Delivered-To: freebsd-hackers@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 75DB0B60059
 for <freebsd-hackers@mailman.ysv.freebsd.org>;
 Wed,  1 Jun 2016 14:40:38 +0000 (UTC)
 (envelope-from eric@metricspace.net)
Received: from mail.metricspace.net (mail.metricspace.net
 [IPv6:2001:470:1f11:617::107])
 by mx1.freebsd.org (Postfix) with ESMTP id 527321A5C;
 Wed,  1 Jun 2016 14:40:38 +0000 (UTC)
 (envelope-from eric@metricspace.net)
Received: from [IPv6:2001:470:1f11:617:8fe:6a13:797b:e9c9] (unknown
 [IPv6:2001:470:1f11:617:8fe:6a13:797b:e9c9])
 (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits))
 (Client did not present a certificate) (Authenticated sender: eric)
 by mail.metricspace.net (Postfix) with ESMTPSA id AFEA11F05;
 Wed,  1 Jun 2016 14:40:37 +0000 (UTC)
References: <519CC1FC-84DF-4710-8E62-AF26D8AED2CF@metricspace.net>
 <20160528083656.GT38613@kib.kiev.ua>
 <d6b96a6c-4e92-35a5-e78b-cc674b6d2f25@freebsd.org>
 <20160528172618.GB38613@kib.kiev.ua>
 <6A9DADE0-B214-424A-BB14-0B0848F0D08D@metricspace.net>
 <20160529091827.GD38613@kib.kiev.ua>
 <46B3F9E2-A25B-4F9D-B35F-11AC782495B1@metricspace.net>
 <alpine.BSF.2.20.1606011623410.3503@laptop.wojtek.intra>
Mime-Version: 1.0 (1.0)
In-Reply-To: <alpine.BSF.2.20.1606011623410.3503@laptop.wojtek.intra>
Content-Type: text/plain;
	charset=us-ascii
Content-Transfer-Encoding: quoted-printable
Message-Id: <AFC9FE3D-AFB3-42A5-9D54-A54F1CC87A7F@metricspace.net>
Cc: Konstantin Belousov <kostikbel@gmail.com>, freebsd-hackers@freebsd.org,
 Allan Jude <allanjude@freebsd.org>
X-Mailer: iPad Mail (13D15)
From: Eric McCorkle <eric@metricspace.net>
Subject: Re: EFI GELI support ready for testers
Date: Wed, 1 Jun 2016 10:40:37 -0400
To: Wojciech Puchar <wojtek@puchar.net>
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
 <freebsd-hackers.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-hackers>, 
 <mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers/>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-hackers>, 
 <mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 01 Jun 2016 14:40:38 -0000

On Jun 1, 2016, at 10:29, Wojciech Puchar <wojtek@puchar.net> wrote:

>> It's undesirable because the whole point of ZFS is to have one ZFS volume=
 for the whole system.
> This sounds more like a religious dogma than anything else.
>=20
> what if i run single disk (or mirrored 2 disk) system, no ZFS but i want e=
verything encrypted by GELI and want only ona partition?

So do it.  I don't see the problem.

> Will you write special bootloader that would be hidden unencrypted on geli=
 volume?

No, the boot block lives either on the ESP or the boot sector.  Same as it a=
lways has.

> Will you write 10000 special bootloaders to cope with 10000 cases of confi=
guration FreeBSD admins want to have in the world?
>=20
> Or maybe - in the future admins would not be allowed to decide and there w=
ill be only one allowed storage configuration - ZFS volume occupying all dis=
ks, with bootloader designed for that one case?

These are just straw-man arguments, and nobody has suggested anything of the=
 sort.=