User Eric McCorkle follows up on work in refactoring the FreeBSD EFI boot / loader code. In this blog, he discusses his findings in EFI refactoring, boot crypto framework, GELI support, and kernel key injection. See the link below for his full report.

I have completed my work to add support for the GELI disk encryption system to the FreeBSD EFI boot loader.  This work started off intending to be a “simple” patch, but it became a much larger undertaking that ended up refactoring a significant portion of the EFI boot loader.

Regardless, the changeset is now usable and ready for testing.  It can be accessed on my GitHub.  I will be merging this periodically with the FreeBSD master in order to keep it up to date.

I am not recommending this for inclusion in the 11 release; it’s too big a change to incorporate this late in the game.

Design/Implementation Notes

This work breaks down into roughly four different components: …

Original blog: https://ericmccorkleblog.wordpress.com/2016/05/28/freebsd-geli-support/