[prev in list] [next in list] [prev in thread] [next in thread] 

List:       freebsd-hackers
Subject:    Re: Add SUM sysctl
From:       Pawel Jakub Dawidek <pjd () freebsd ! org>
Date:       2011-04-18 18:03:16
Message-ID: 20110418180316.GA3097 () garage ! freebsd ! pl
[Download RAW message or body]


On Mon, Apr 18, 2011 at 08:24:57AM -0400, John Baldwin wrote:
> On Saturday, April 16, 2011 10:24:44 am rank1seeker@gmail.com wrote:
> > After compilation of kernel and world in MUM, kernel is installed in MUM, 
> > but to install world, we reboot into SUM, then install world. (HANDBOOK)
> > Now, in case of GELI usage AND if upgrading is taking place, i.e; 8.2 -> 
> > 8.3, once you reboot into SUM to install world, you are doomed, BECAUSE 
> > ...
> > Kernel will bitch (GELI part), about world->kernel mismatch and you won't 
> > be able to install world as you cant decrypt geom providers!!
> > The only way to save yourself in that case is to restore /boot/kernel.old, 
> > or one is doomed.
> 
> This seems broken to me.  An 8.3 kernel+modules should be able to handle GELI 
> devices with an 8.2 world.  If they can't, it means someone broke the ABI.  
> Even a 9.0 kernel should work fine with an 8.x-stable world.

This is generally not expected to have a bit of the system encrypted.
You either have whole root encrypted and there is no userland involved
to attach it or you have some secure partition encrypted.
I don't fully understand how you can boot your system and then need to
attach GELI provider to be able to install world. If you booted fine
then your system is available and not encrypted.

-- 
Pawel Jakub Dawidek                       http://www.wheelsystems.com
FreeBSD committer                         http://www.FreeBSD.org
Am I Evil? Yes, I Am!                     http://yomoli.com

[Attachment #3 (application/pgp-signature)]

[prev in list] [next in list] [prev in thread] [next in thread]