MFC r290406:

Fix g_eli error loss conditions

Sponsored by: Multiplay

MFC r273489 (cperciva):
Populate the GELI passphrase cache with the kern.geom.eli.passphrase
variable (if any) provided in the boot environment. Unset it from
the kernel environment after doing this, so that the passphrase is
no longer present in kernel memory once we enter userland.

This will make it possible to provide a GELI passphrase via the boot
loader.

Note: head and stable/10 differ as a result of r273174, which renames
the getenv(), setenv(), and unsetenv() functions with kern_getenv(),
kern_setenv(), and kern_unsetenv(), which was reverted in the relevant
parts of this change in 10-STABLE.

PR: 200448
Approved by: re (kib)
Sponsored by: The FreeBSD Foundation

Revert r285249, pending further investigation on how the build
broke.

Approved by: re (implicit)
Pointyhat: gjb (self)
Sponsored by: The FreeBSD Foundation

MFC r273489 (cperciva):
Populate the GELI passphrase cache with the kern.geom.eli.passphrase
variable (if any) provided in the boot environment. Unset it from
the kernel environment after doing this, so that the passphrase is
no longer present in kernel memory once we enter userland.

This will make it possible to provide a GELI passphrase via the boot
loader.

PR: 200448
Approved by: re (kib)
Sponsored by: The FreeBSD Foundation

MFC r271664:
Cache GELI passphrases entered at the console during the boot process,
in order to improve user-friendliness when a system has multiple disks
encrypted using the same passphrase.

Relnotes: yes
Approved by: re (gjb)

MFC: r267145

Fix the keyfile being cleared prematurely after r259428 (MFCed to stable/10
in r266749).

PR: 185084
Submitted by: fk@fabiankeil.de
Reviewed by: pjd

MFC: r259428

Clear content of keyfiles loaded by the loader after processing them.

MFC: r259429

Clear some more places with potentially sensitive data.

MFC r257965:
Add missing line breaks.

PR: 181900

MFC r273489 (cperciva):
Populate the GELI passphrase cache with the kern.geom.eli.passphrase
variable (if any) provided in the boot environment. Unset it from
the kernel environment after doing this, so that the passphrase is
no longer present in kernel memory once we enter userland.

This will make it possible to provide a GELI passphrase via the boot
loader.

Note: head and stable/10 differ as a result of r273174, which renames
the getenv(), setenv(), and unsetenv() functions with kern_getenv(),
kern_setenv(), and kern_unsetenv(), which was reverted in the relevant
parts of this change in 10-STABLE.

PR: 200448
Approved by: re (kib)
Sponsored by: The FreeBSD Foundation

Revert r285249, pending further investigation on how the build
broke.

Approved by: re (implicit)
Pointyhat: gjb (self)
Sponsored by: The FreeBSD Foundation

MFC r273489 (cperciva):
Populate the GELI passphrase cache with the kern.geom.eli.passphrase
variable (if any) provided in the boot environment. Unset it from
the kernel environment after doing this, so that the passphrase is
no longer present in kernel memory once we enter userland.

This will make it possible to provide a GELI passphrase via the boot
loader.

PR: 200448
Approved by: re (kib)
Sponsored by: The FreeBSD Foundation

MFC r271664:
Cache GELI passphrases entered at the console during the boot process,
in order to improve user-friendliness when a system has multiple disks
encrypted using the same passphrase.

Relnotes: yes
Approved by: re (gjb)

MFC: r267145

Fix the keyfile being cleared prematurely after r259428 (MFCed to stable/10
in r266749).

PR: 185084
Submitted by: fk@fabiankeil.de
Reviewed by: pjd

MFC: r259428

Clear content of keyfiles loaded by the loader after processing them.

MFC: r259429

Clear some more places with potentially sensitive data.

MFC r257965:
Add missing line breaks.

PR: 181900