On Wed, Jan 02, 2019 at 09:08:50PM +0000, Alexander Nasonov wrote: > m...@netbsd.org wrote: > > On Wed, Jan 02, 2019 at 08:42:33PM +0000, Alexander Nasonov wrote: > > > https://wiki.netbsd.org/projects/project/transparent-cgd/ > > > > > > This page describes limitations of cgdroot.kmod. > > > > > > In my opinion, aes-xts should be added to efi bootloader and paramsfile > > > should be merged into boot.cfg. > > > > If you aren't doing this, it's a *really* good beginner project. > > Perhaps adjust the wiki page to be less exploratory and more with do > > X,Y,Z and add it to the GSoC-able list? > > Adding a cgd layer on top of ffs code in libsa isn't straightforward > but it should be doable. It's also not clear to me how to pass a > raw encryption key from the bootloader to the kernel but I'm not very > familiar with that code. Overall it would be a good GCoC project.
We are passing things around with BI_ADD in the bootloader, and lookup_btinfo in the kernel.
