#
291195 |
|
23-Nov-2015 |
smh |
MFC r290406:
Fix g_eli error loss conditions
Sponsored by: Multiplay
|
#
285263 |
|
08-Jul-2015 |
gjb |
MFC r273489 (cperciva): Populate the GELI passphrase cache with the kern.geom.eli.passphrase variable (if any) provided in the boot environment. Unset it from the kernel environment after doing this, so that the passphrase is no longer present in kernel memory once we enter userland.
This will make it possible to provide a GELI passphrase via the boot loader.
Note: head and stable/10 differ as a result of r273174, which renames the getenv(), setenv(), and unsetenv() functions with kern_getenv(), kern_setenv(), and kern_unsetenv(), which was reverted in the relevant parts of this change in 10-STABLE.
PR: 200448 Approved by: re (kib) Sponsored by: The FreeBSD Foundation
|
#
285255 |
|
07-Jul-2015 |
gjb |
Revert r285249, pending further investigation on how the build broke.
Approved by: re (implicit) Pointyhat: gjb (self) Sponsored by: The FreeBSD Foundation
|
#
285249 |
|
07-Jul-2015 |
gjb |
MFC r273489 (cperciva): Populate the GELI passphrase cache with the kern.geom.eli.passphrase variable (if any) provided in the boot environment. Unset it from the kernel environment after doing this, so that the passphrase is no longer present in kernel memory once we enter userland.
This will make it possible to provide a GELI passphrase via the boot loader.
PR: 200448 Approved by: re (kib) Sponsored by: The FreeBSD Foundation
|
#
272006 |
|
22-Sep-2014 |
cperciva |
MFC r271664: Cache GELI passphrases entered at the console during the boot process, in order to improve user-friendliness when a system has multiple disks encrypted using the same passphrase.
Relnotes: yes Approved by: re (gjb)
|
#
267860 |
|
25-Jun-2014 |
marius |
MFC: r267145
Fix the keyfile being cleared prematurely after r259428 (MFCed to stable/10 in r266749).
PR: 185084 Submitted by: fk@fabiankeil.de Reviewed by: pjd
|
#
266749 |
|
27-May-2014 |
marius |
MFC: r259428
Clear content of keyfiles loaded by the loader after processing them.
MFC: r259429
Clear some more places with potentially sensitive data.
|
#
259383 |
|
14-Dec-2013 |
ae |
MFC r257965: Add missing line breaks.
PR: 181900
|
#
285263 |
|
08-Jul-2015 |
gjb |
MFC r273489 (cperciva): Populate the GELI passphrase cache with the kern.geom.eli.passphrase variable (if any) provided in the boot environment. Unset it from the kernel environment after doing this, so that the passphrase is no longer present in kernel memory once we enter userland.
This will make it possible to provide a GELI passphrase via the boot loader.
Note: head and stable/10 differ as a result of r273174, which renames the getenv(), setenv(), and unsetenv() functions with kern_getenv(), kern_setenv(), and kern_unsetenv(), which was reverted in the relevant parts of this change in 10-STABLE.
PR: 200448 Approved by: re (kib) Sponsored by: The FreeBSD Foundation
|
#
285255 |
|
07-Jul-2015 |
gjb |
Revert r285249, pending further investigation on how the build broke.
Approved by: re (implicit) Pointyhat: gjb (self) Sponsored by: The FreeBSD Foundation
|
#
285249 |
|
07-Jul-2015 |
gjb |
MFC r273489 (cperciva): Populate the GELI passphrase cache with the kern.geom.eli.passphrase variable (if any) provided in the boot environment. Unset it from the kernel environment after doing this, so that the passphrase is no longer present in kernel memory once we enter userland.
This will make it possible to provide a GELI passphrase via the boot loader.
PR: 200448 Approved by: re (kib) Sponsored by: The FreeBSD Foundation
|
#
272006 |
|
22-Sep-2014 |
cperciva |
MFC r271664: Cache GELI passphrases entered at the console during the boot process, in order to improve user-friendliness when a system has multiple disks encrypted using the same passphrase.
Relnotes: yes Approved by: re (gjb)
|
#
267860 |
|
25-Jun-2014 |
marius |
MFC: r267145
Fix the keyfile being cleared prematurely after r259428 (MFCed to stable/10 in r266749).
PR: 185084 Submitted by: fk@fabiankeil.de Reviewed by: pjd
|
#
266749 |
|
27-May-2014 |
marius |
MFC: r259428
Clear content of keyfiles loaded by the loader after processing them.
MFC: r259429
Clear some more places with potentially sensitive data.
|
#
259383 |
|
14-Dec-2013 |
ae |
MFC r257965: Add missing line breaks.
PR: 181900
|