Document geli(8) loader variables conventions

The geli(8) manual page has an example for preloading keyfiles during boot. There is no detail though on how the lookup of these variables actually works. Let's document that the name of a device does not have to be a part of the variable. PR: 243261 Submitted by: johannes@jo-t.de Approved by: bcr (mentor) MFC after: 3 weeks Differential Revision: https://reviews.freebsd.org/D24114
svn path=/head/; revision=359125
2020-03-19 09:23:26 +00:00 · 2020-03-19 09:23:26 +00:00 · 9168ef5be3 · 2020-12-20 02:59:44 +00:00
commit 9168ef5be3
parent d76ca5b15c
1 changed files with 30 additions and 1 deletions
--- a/lib/geom/eli/geli.8
+++ b/lib/geom/eli/geli.8
@ -24,7 +24,7 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd May 23, 2019
+.Dd March 19, 2020
 .Dt GELI 8
 .Os
 .Sh NAME
@ -1013,6 +1013,35 @@ geli_da1s3a_keyfile_type="da1s3a:geli_keyfile"
 geli_da1s3a_keyfile_name="/boot/keys/da1s3a.key"
 .Ed
 .Pp
+By convention, these loader variables are called
+.Sm off
+.Va geli_ No < Ar device No > Va _load .
+.Sm on
+However, the actual name prefix before
+.Va _load , _type ,
+or
+.Va _name
+does not matter.
+At boot time, the
+.Nm
+module searches through all
+.Sm off
+.No < Va prefix No > Va _type No -like
+.Sm on
+variables that have a value of
+.Sm off
+.Dq < Ar device No > :geli_keyfile .
+.Sm on
+The paths to keyfiles are then extracted from
+.Sm off
+.No < Ar prefix No > Va _name
+.Sm on
+variables.
+In the example above,
+.Ar prefix
+is
+.Dq Li geli_da1s3a_keyfile .
+.Pp
 Not only configure encryption, but also data integrity verification using
 .Nm HMAC/SHA256 .
 .Bd -literal -offset indent