46e3447026
GELI is used on a SSD or inside virtual machine, so that guest can tell host that it is no longer using some of the storage. Enabling BIO_DELETE passthru comes with a small security consequence - an attacker can tell how much space is being really used on encrypted device and has less data no analyse then. This is why the -T option can be given to the init subcommand to turn off this behaviour and -t/T options for the configure subcommand can be used to adjust this setting later. PR: 198863 Submitted by: Matthew D. Fuller fullermd at over-yonder dot net This commit also includes a fix from Fabian Keil freebsd-listen at fabiankeil.de for 'configure' on onetime providers which is not strictly related, but is entangled in the same code, so would cause conflicts if separated out. |
||
|---|---|---|
| .. | ||
| g_eli_crypto.c | ||
| g_eli_ctl.c | ||
| g_eli_integrity.c | ||
| g_eli_key_cache.c | ||
| g_eli_key.c | ||
| g_eli_privacy.c | ||
| g_eli.c | ||
| g_eli.h | ||
| pkcs5v2.c | ||
| pkcs5v2.h | ||