Right, so basically, the remaining GELI patches are against loader, and most of them can go in independently of the work on removing boot1. There's a unanimous consensus on getting rid of boot1 which includes its original author, so that's going to happen.
For GELI, we have the following (not necessarily in order): a) Adding the KMS interfaces, pseudo-device, and kernel keybuf interactions b) Modifications to the efipart driver c) boot crypto d) GELI partition types (not strictly necessary) Then there's the GELI driver itself. (a) and (c) are good to land, (b) needs some more work after Toomas Soome pointed out a legitimate problem, and (d) actually needs a good bit more code (but again, it's more cosmetic). Additionally, the GELI driver will need further mods to efipart to be written (nothing too big). But we could go ahead with (a) and (c), as they've already been proven to work. I'd wanted to have this stuff shaped up sooner, but I'm preoccupied with the 7th RISC-V workshop at the end of the month. Once this stuff is all in, loader should handle any GELI volumes it finds, and it should Just Work once boot1 is gone.
Description: OpenPGP digital signature