| #
925f1573 |
| 18-Sep-2024 |
Colin Percival <cperciva@FreeBSD.org> |
loader: Make pkcs5v2 unconditionally available
This was previously only available if GELI support was included, but I
want to use it for processing entropy from EFI
Reviewed by: imp
MFC after: 1 we
loader: Make pkcs5v2 unconditionally available
This was previously only available if GELI support was included, but I
want to use it for processing entropy from EFI
Reviewed by: imp
MFC after: 1 week
Sponsored by: Amazon
Differential Revision: https://reviews.freebsd.org/D46634
show more ...
|
|
Revision tags: release/13.4.0, release/14.1.0, release/13.3.0 |
|
| #
fd577b59 |
| 01-Feb-2024 |
Warner Losh <imp@FreeBSD.org> |
libsa: Move hash functions up a level
This should have no functional change. Move compiling the sha256, sha512
and md5 hash functions up into libsa to allow them to be used elsewhere
in the boot loa
libsa: Move hash functions up a level
This should have no functional change. Move compiling the sha256, sha512
and md5 hash functions up into libsa to allow them to be used elsewhere
in the boot loader when geli isn't configured. Since libsa is a .a, these
won't wind up in any boot loader that doesn't reference them, so should
be a nop.
Sponsored by: Netflix
show more ...
|
|
Revision tags: release/14.0.0 |
|
| #
d0b2dbfa |
| 16-Aug-2023 |
Warner Losh <imp@FreeBSD.org> |
Remove $FreeBSD$: one-line sh pattern
Remove /^\s*#[#!]?\s*\$FreeBSD\$.*$\n/
|
|
Revision tags: release/13.2.0, release/12.4.0 |
|
| #
f863970a |
| 03-Aug-2022 |
Warner Losh <imp@FreeBSD.org> |
stand: Reduce number of files that need -I${LDRSRC}
geliboot.c and geliboot_crypto.c don't need anything from stand/common,
so remove them from the list of things to add it.
Sponsored by: Netflix
stand: Reduce number of files that need -I${LDRSRC}
geliboot.c and geliboot_crypto.c don't need anything from stand/common,
so remove them from the list of things to add it.
Sponsored by: Netflix
Differential Revision: https://reviews.freebsd.org/D35921
show more ...
|
| #
bb7ddd07 |
| 22-Jul-2022 |
John Baldwin <jhb@FreeBSD.org> |
stand geli: Restore include path to LDRSRC.
Various GELI sources need bootstrap.h and disk.h. In theory they
shouldn't need anything outside of libsa, but disk.h and bootstrap.h are
currently requir
stand geli: Restore include path to LDRSRC.
Various GELI sources need bootstrap.h and disk.h. In theory they
shouldn't need anything outside of libsa, but disk.h and bootstrap.h are
currently required.
This fixes the build with MK_LOADER_ZFS=no.
Obtained from: CheriBSD
Fixes: eaf7aabddcde stand: geli CFLAGS tightening
Sponsored by: DARPA
Reviewed by: imp
Differential Revision: https://reviews.freebsd.org/D35861
show more ...
|
| #
eaf7aabd |
| 08-Jul-2022 |
Warner Losh <imp@FreeBSD.org> |
stand: geli CFLAGS tightening
Only add -DWEAK_REFS to sha256.c and sha512.c instead of
everything. Remove redundant include that's not needed.
Minor formatting tweak.
Sponsored by: Netflix
|
|
Revision tags: release/13.1.0, release/12.3.0, release/13.0.0, release/12.2.0, release/11.4.0, release/12.1.0, release/11.3.0, release/12.0.0 |
|
| #
c1418270 |
| 13-Jul-2018 |
Ian Lepore <ian@FreeBSD.org> |
Extend loader(8) geli support to all architectures and all disk-like devices.
This moves the bulk of the geli support from lib386/biosdisk.c into a new
geli/gelidev.c which implements a devsw-type d
Extend loader(8) geli support to all architectures and all disk-like devices.
This moves the bulk of the geli support from lib386/biosdisk.c into a new
geli/gelidev.c which implements a devsw-type device whose dv_strategy()
function handles geli decryption. Support for all arches comes from moving
the taste-and-attach code to the devopen() function in libsa.
After opening any DEVT_DISK device, devopen() calls the new function
geli_probe_and_attach(), which will "attach" the geli code to the open_file
struct by creating a geli_devdesc instance to replace the disk_devdesc
instance in the open_file. That routes all IO for the device through the
geli code.
A new public geli_add_key() function is added, to allow arch/vendor-specific
code to add keys obtained from custom hardware or other sources.
With these changes, geli support will be compiled into all variations of
loader(8) on all arches because the default is WITH_LOADER_GELI.
Relnotes: yes
Sponsored by: Microchip Technology Inc
Differential Revision: https://reviews.freebsd.org/D15743
show more ...
|
|
Revision tags: release/11.2.0 |
|
| #
62bd02ce |
| 18-Jun-2018 |
Warner Losh <imp@FreeBSD.org> |
stand: move libgeliboot into libsa.
Reduce by 1 the number of crazy libraries we need in stand by moving
geli into libsa (where architecturally it belonged all along). This
just moves things around
stand: move libgeliboot into libsa.
Reduce by 1 the number of crazy libraries we need in stand by moving
geli into libsa (where architecturally it belonged all along). This
just moves things around without any code changes.
show more ...
|