Re: Patch to support GELI passphrase passthrough

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Andrei Borzenkov <arvidjaar@gmail.com>
To: Kris Moore <kris@pcbsd.org>
Cc: grub-devel@gnu.org
Subject: Re: Patch to support GELI passphrase passthrough
Date: Wed, 22 Oct 2014 21:47:24 +0400	[thread overview]
Message-ID: <20141022214724.19df0c1f@opensuse.site> (raw)
In-Reply-To: <5447E580.1010409@pcbsd.org>

В Wed, 22 Oct 2014 13:12:32 -0400
Kris Moore <kris@pcbsd.org> пишет:

> 
> 
> Hey, just a small patch to submit today. If you rather I send this to
> the bug tracker then I can do that also.
> 
> This patch allows exporting the FreeBSD GELI passphrase to the kernel
> environment, which we will be doing in PC-BSD to avoid prompting for the
> passphrase a second time at bootup.
> 

>    if (!grub_password_get (passphrase, MAX_PASSPHRASE))
>      return grub_error (GRUB_ERR_BAD_ARGUMENT, "Passphrase not supplied");
>  
> +  /* Set the GELI passphrase to GRUB env, for passing to FreeBSD kernel */
> +  grub_env_set ("gelipassphrase", passphrase);
> +

If I read BSD loader correctly, this should be kFreeBSD.gelipassphrase.
Is geli freebsd-specific?

>    /* Calculate the PBKDF2 of the user supplied passphrase.  */
>    if (grub_le_to_cpu32 (header.niter) != 0)
>      {

It sounds more logical to export it after it has been verified?

I tried to find out about this "gelipassphrase" kernel variable but did
not find anything. Is it already used anywhere?

> Let me know if you have any suggestions or need any changes. I'm
> currently hacking on support for EFI framebuffer settings to be passed
> to FreeBSD kernel as well, will send patches once I get things working
> there.
>

next prev parent reply	other threads:[~2014-10-22 17:47 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2014-10-22 17:12 Patch to support GELI passphrase passthrough Kris Moore
2014-10-22 17:47 ` Andrei Borzenkov [this message]
2014-10-22 17:50   ` Kris Moore
2014-10-27 14:56     ` Kris Moore
2014-11-28 19:36       ` Vladimir 'φ-coder/phcoder' Serbinenko
2014-12-08 22:20         ` Kris Moore

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20141022214724.19df0c1f@opensuse.site \
    --to=arvidjaar@gmail.com \
    --cc=grub-devel@gnu.org \
    --cc=kris@pcbsd.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.