On Wed, Jan 02, 2019 at 08:42:33PM +0000, Alexander Nasonov wrote: > Alexander Nasonov wrote: > > m...@netbsd.org wrote: > > > Why are we using a memory disk for full disk encryption? I am under the > > > impression that it shouldn't be required. > > > > We use a memory disk because cgdconfig functionality isn't available in > > the bootloader. > > https://wiki.netbsd.org/projects/project/transparent-cgd/ > > This page describes limitations of cgdroot.kmod. > > In my opinion, aes-xts should be added to efi bootloader and paramsfile > should be merged into boot.cfg.
If you aren't doing this, it's a *really* good beginner project. Perhaps adjust the wiki page to be less exploratory and more with do X,Y,Z and add it to the GSoC-able list?
