User Eric McCorkle follows up on work in refactoring the FreeBSD EFI boot / loader code. In this blog, he discusses his findings in EFI refactoring, boot crypto framework, GELI support, and kernel key injection. See the link below for his full report.
I have completed my work to add support for the GELI disk encryption system to the FreeBSD EFI boot loader. This work started off intending to be a “simple” patch, but it became a much larger undertaking that ended up refactoring a significant portion of the EFI boot loader.
Regardless, the changeset is now usable and ready for testing. It can be accessed on my GitHub. I will be merging this periodically with the FreeBSD master in order to keep it up to date.
I am not recommending this for inclusion in the 11 release; it’s too big a change to incorporate this late in the game.
This work breaks down into roughly four different components: …