I'm in the middle of moving to a new apartment right now. It's
going to
be a bit before I can get to this.
On 04/11/2018 20:31, Warner Losh wrote:
OK. I've pushed in the main part of it. The additional work I
have
shouldn't affect any of this stuff. I was going to look at what
part(s)
of your open reviewed needed to be redone tomorrow and send you
feedback, but if you wanted to get a start before then, I'm happy
to
answer questions. All the rest of my work is going to be
selecting the
root partition when we're told to us a specific partition, so
will be
very constrained.
Warner
On Wed, Apr 11, 2018 at 6:02 PM, Eric McCorkle <eric@metricspace.
net
<mailto:e...@metricspace.net>> wrote:
I think the thing to do at this point is to wait for the
current
work on
loader.efi to land, then adapt my patches to apply against
that work.
On 04/11/2018 15:06, Warner Losh wrote:
> Still reviewing the code. I'm worried it's too i386
specific and it
> conflicts with some work I'm doing. I'll have a list of
actionable
> critiques this week.
>
> Warner
>
> On Wed, Apr 11, 2018 at 1:03 PM, Oliver Pinter
> <oliver.pin...@hardenedbsd.org
<mailto:oliver.pin...@hardenedbsd.org>
<mailto:oliver.pin...@hardenedbsd.org
<mailto:oliver.pin...@hardenedbsd.org>>>
> wrote:
>
> Hi!
>
> Is there any update regarding the rebase or the
inclusion to
base
> system?
> On 3/28/18, Eric McCorkle <e...@metricspace.net
<mailto:
e...@metricspace.net>
> <mailto:e...@metricspace.net <mailto:eric@metricspace.n
et>>>
wrote:
> > I'll do another rebase from head just to be sure
> >
> > On March 28, 2018 3:23:23 PM EDT, Warner Losh <
i...@bsdimp.com <mailto:i...@bsdimp.com>
> <mailto:i...@bsdimp.com <mailto:i...@bsdimp.com>>> wrote:
> >>It's on my list for nexr, finally. I have an
alternate patch
for
> >>loader.efi
> >>from ESP, but i don't think it will affect the GELI
stuff. I
have some
> >>time
> >>slotted for integration issues though.
> >>
> >>I am quite mindful of the freeze dates.... I have
some uefi
boot
> >>loader
> >>protocol changes that I need to get in.
> >>
> >>Warner
> >>
> >>On Feb 21, 2018 11:18 PM, "Tommi Pernila" <
tommi.pern...@iki.fi <mailto:tommi.pern...@iki.fi>
> <mailto:tommi.pern...@iki.fi <mailto:tommi.pernila@iki.
fi>>>
wrote:
> >>
> >>> Awesome, thanks for the update and the work that
you have
done!
> >>>
> >>> Now we just need some more reviewers eyes on the
code :)
> >>>
> >>> Br,
> >>>
> >>> Tommi
> >>>
> >>> On Thu, 22 Feb 2018 at 2.03, Eric McCorkle <
e...@metricspace.net <mailto:e...@metricspace.net>
> <mailto:e...@metricspace.net <mailto:eric@metricspace.n
et>>>
> >>wrote:
> >>>
> >>>> FYI, I just IFC'ed everything, and the current
patches
are still
> >>fine.
> >>>>
> >>>> Also, the full GELI + standalone loader has been
deployed
on one of
> >>my
> >>>> laptops for some time now.
> >>>>
> >>>> On 02/21/2018 18:15, Eric McCorkle wrote:
> >>>> > The GELI work could be merged at this point,
though it
won't be
> >>usable
> >>>> > without an additional patch to enable loader-
only
operation. The
> >>>> > patches are currently up for review:
> >>>> >
> >>>> > This is the order in which they'd need to be
merged:
> >>>> >
> >>>> >
> >>>> > https://reviews.freebsd.org/D12732
<https://reviews.freebsd.org/D12732>
> <https://reviews.freebsd.org/D12732
<https://reviews.freebsd.org/D12732>>
> >>>> >
> >>>> > This one changes the efipart device. Toomas
Soome
identified
> some
> >>>> > problems, which I have addressed. He has not
re-reviewed it,
> >>however.
> >>>> >
> >>>> >
> >>>> > https://reviews.freebsd.org/D12692
<https://reviews.freebsd.org/D12692>
> <https://reviews.freebsd.org/D12692
<https://reviews.freebsd.org/D12692>>
> >>>> >
> >>>> > This adds some crypto code needed for GELI. It
simply
adds new
> >>code,
> >>>> > and doesn't conflict with anything.
> >>>> >
> >>>> >
> >>>> > https://reviews.freebsd.org/D12698
<https://reviews.freebsd.org/D12698>
> <https://reviews.freebsd.org/D12698
<https://reviews.freebsd.org/D12698>>
> >>>> >
> >>>> > This adds the EFI KMS interface code, and has
the EFI
loader pass
> >>keys
> >>>> > into the keybuf interface.
> >>>> >
> >>>> >
> >>>> > I can't post the main GELI driver until those
get
merged, as it
> >>depends
> >>>> > on them. It can be found on the geli branch on
my
github freebsd
> >>>> > repository, however.
> >>>> >
> >>>> >
> >>>> > Additionally, you need this patch, which allows
loader.efi to
> >>function
> >>>> > when installed directly to the ESP:
> >>>> >
> >>>> > https://reviews.freebsd.org/D13497
<https://reviews.freebsd.org/D13497>
> <https://reviews.freebsd.org/D13497
<https://reviews.freebsd.org/D13497>>
> >>>> >
> >>>> > On 02/20/2018 22:56, Tommi Pernila wrote:
> >>>> >> Hi Eric,
> >>>> >>
> >>>> >> could you provide a brief update how the work
is going?
> >>>> >>
> >>>> >>
> >>>> >> Br,
> >>>> >>
> >>>> >> Tommi
> >>>> >>
> >>>> >>
> >>>> >> On Nov 16, 2017 04:29, "Eric McCorkle"
<e...@metricspace.net <mailto:e...@metricspace.net>
> <mailto:e...@metricspace.net <mailto:eric@metricspace.n
et>>
> >>>> >> <mailto:e...@metricspace.net
<mailto:e...@metricspace.net> <mailto:e...@metricspace.net
<mailto:e...@metricspace.net>>>>
> wrote:
> >>>> >>
> >>>> >> Right, so basically, the remaining GELI
patches
are against
> >>>> loader, and
> >>>> >> most of them can go in independently of the
work
on removing
> >>boot1.
> >>>> >> There's a unanimous consensus on getting
rid of
boot1 which
> >>>> includes its
> >>>> >> original author, so that's going to happen.
> >>>> >>
> >>>> >>
> >>>> >> For GELI, we have the following (not
necessarily
in order):
> >>>> >>
> >>>> >> a) Adding the KMS interfaces, pseudo-
device, and
kernel
> >>keybuf
> >>>> >> interactions
> >>>> >> b) Modifications to the efipart driver
> >>>> >> c) boot crypto
> >>>> >> d) GELI partition types (not strictly
necessary)
> >>>> >>
> >>>> >> Then there's the GELI driver itself. (a)
and (c)
are
> good to
> >>>> land, (b)
> >>>> >> needs some more work after Toomas Soome
pointed
out a
> >>legitimate
> >>>> >> problem, and (d) actually needs a good bit
more
code (but
> >>again,
> >>>> it's
> >>>> >> more cosmetic). Additionally, the GELI
driver
will need
> >>further
> >>>> mods to
> >>>> >> efipart to be written (nothing too
big). But we
could go
> >>ahead
> >>>> with (a)
> >>>> >> and (c), as they've already been proven to
work.
> >>>> >>
> >>>> >> I'd wanted to have this stuff shaped up
sooner,
but I'm
> >>>> preoccupied with
> >>>> >> the 7th RISC-V workshop at the end of the
month.
> >>>> >>
> >>>> >> Once this stuff is all in, loader should
handle
any GELI
> >>volumes it
> >>>> >> finds, and it should Just Work once boot1
is gone.
> >>>> >>
> >>>> >>
> >>>> > _______________________________________________
> >>>> > freebsd-current@freebsd.org
<mailto:freebsd-current@freebsd.org>
> <mailto:freebsd-current@freebsd.org
<mailto:freebsd-current@freebsd.org>> mailing list
> >>>> > https://lists.freebsd.org/mailman/listinfo/freeb
sd-
current
<https://lists.freebsd.org/mailman/listinfo/freebsd-current>
> <https://lists.freebsd.org/mailman/listinfo/freebsd-cur
rent
<https://lists.freebsd.org/mailman/listinfo/freebsd-current>>
> >>>> > To unsubscribe, send any mail to
"freebsd-current-unsubscribe@
> >>>> freebsd.org <http://freebsd.org>
<http://freebsd.org>"
> >>>> >
> >>>>
> >>>
> >
> > --
> > Sent from my Android device with K-9 Mail. Please
excuse my
brevity.
> > _______________________________________________
> > freebsd-current@freebsd.org
<mailto:freebsd-current@freebsd.org>
<mailto:freebsd-current@freebsd.org
<mailto:freebsd-current@freebsd.org>>
> mailing list
> > https://lists.freebsd.org/mailman/listinfo/freebsd-cu
rrent
<https://lists.freebsd.org/mailman/listinfo/freebsd-current>
> <https://lists.freebsd.org/mailman/listinfo/freebsd-cur
rent
<https://lists.freebsd.org/mailman/listinfo/freebsd-current>>
> > To unsubscribe, send any mail to
> "freebsd-current-unsubscr...@freebsd.org
<mailto:freebsd-current-unsubscr...@freebsd.org>
> <mailto:freebsd-current-unsubscr...@freebsd.org
<mailto:freebsd-current-unsubscr...@freebsd.org>>"
> >
>
>
