d/freebsd-nq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
219,855 Commits 6 Branches 133 Tags 2.6 GiB
2ffb582a45
Commit Graph

9 Commits

Author SHA1 Message Date
Allan Jude
452bd5bf51 GELIBoot may attempt to read past the end of the disk 
Usually there is some slack after the last partition due to 4k alignment
In the 10.3 EC2 images, there was not. EC2 seems to hang if you try to
read past the end of the disk in the loader, resulting in an unbootable
instance after upgrading to 11.0

PR:		213196
Reported by:	Peter Ankerstal <peter@pean.org>
Tested by:	cperciva
Reviewed by:	tsoome
MFC after:	3 days
Sponsored by:	ScaleEngine Inc.
Differential Revision:	https://reviews.freebsd.org/D8144
 2016-10-04 16:33:03 +00:00
Enji Cooper
224a4bba59 Add missing libc includes to fix -Wimplicit-function-declaration warnings 
MFC after: 2 weeks
Reported by: clang
Sponsored by: EMC / Isilon Storage Division
 2016-05-31 06:24:09 +00:00
Enji Cooper
e20f435517 Fix a -Wformat warning by using %d, not %ld for md_iterations 
md_iterations is int32_t, not long.

Reported by: clang
MFC after: 1 week
Sponsored by: EMC / Isilon Storage Division
 2016-05-13 11:27:49 +00:00
Enji Cooper
e108b91da7 Add geliboot_crypt(..) definition to geliboot.h to mute a -Wimplicit-function-declaration 
warning

Reported by: clang
MFC after: 1 week
Sponsored by: EMC / Isilon Storage Division
 2016-05-13 11:24:55 +00:00
Allan Jude
4b90244c21 GELIBoot should only prompt for the GELI passphrase if the provider has the G_ELI_FLAG_GELIBOOT set 
PR:		208251
Sponsored by:	ScaleEngine Inc.
Differential Revision:	https://reviews.freebsd.org/D5870
 2016-04-08 01:27:40 +00:00
Allan Jude
f33ff2af70 Fix GELIBoot support for GELI sector size is > 512 
Add support for 4k sector GELI encrypted partitions to the bootloader
This is the default created by the installer

Because the IV is different for each sector, and the XTS tweak carries forward you can not decrypt a partial sector if the starting offset is not 0

Make boot2 and the loader read in 4k aligned chunks

Reviewed by:	ed, oshogbo
Sponsored by:	ScaleEngine Inc.
Differential Revision:	https://reviews.freebsd.org/D5820
 2016-04-06 23:21:44 +00:00
Allan Jude
7156379416 Do not prompt for GELI passphrase is encrypted with keys only 
PR:		208251
Submitted by:	Fabian Keil <fk@fabiankeil.de>
Sponsored by:	ScaleEngine Inc.
 2016-03-26 15:39:48 +00:00
Bryan Drewery
a774e11017 DIRDEPS_BUILD: Update dependencies. 
Sponsored by:	EMC / Isilon Storage Division
 2016-03-21 18:02:26 +00:00
Allan Jude
b996592c3e Implement GELI (AES-XTS and AES-CBC only) in gptboot and gptzfsboot 
Allows booting from a GELI encrypted root file system, via UFS or ZFS

Reviewed by:	gnn, smh (previous version), delphij (previous version)
Relnotes:	yes
Sponsored by:	ScaleEngine Inc.
Differential Revision:	https://reviews.freebsd.org/D4593
 2016-03-16 23:12:19 +00:00