On Mon, Apr 18, 2011 at 08:24:57AM -0400, John Baldwin wrote:
> On Saturday, April 16, 2011 10:24:44 am firstname.lastname@example.org wrote:
> > After compilation of kernel and world in MUM, kernel is installed in MUM,
> > but to install world, we reboot into SUM, then install world. (HANDBOOK)
> > Now, in case of GELI usage AND if upgrading is taking place, i.e; 8.2 ->
> > 8.3, once you reboot into SUM to install world, you are doomed, BECAUSE
> > ...
> > Kernel will bitch (GELI part), about world->kernel mismatch and you won't
> > be able to install world as you cant decrypt geom providers!!
> > The only way to save yourself in that case is to restore /boot/kernel.old,
> > or one is doomed.
> This seems broken to me. An 8.3 kernel+modules should be able to handle GELI
> devices with an 8.2 world. If they can't, it means someone broke the ABI.
> Even a 9.0 kernel should work fine with an 8.x-stable world.
This is generally not expected to have a bit of the system encrypted.
You either have whole root encrypted and there is no userland involved
to attach it or you have some secure partition encrypted.
I don't fully understand how you can boot your system and then need to
attach GELI provider to be able to install world. If you booted fine
then your system is available and not encrypted.
Pawel Jakub Dawidek http://www.wheelsystems.com
FreeBSD committer http://www.FreeBSD.org
Am I Evil? Yes, I Am! http://yomoli.com