| specing | I'd say a fpga based system that costs a small fortune and cannot even be stuck into a 3.5" slot cannot really be called an open ssd | 00:00 |
|---|---|---|
| specing | the problem is that all the dedicated controllers are absolutely proprietary | 00:01 |
| Jookia | esad: i run full disk encryption on my imx6 and it doesn't slow down noticably | 00:01 |
| specing | and the one that was opening up was quickly bought up and nothing was heard ever since | 00:01 |
| mntmn | Jookia cool, how did you set it up? dm-crypt? | 00:01 |
| Jookia | yep! i think caam integrates with the kernel crypto API | 00:01 |
| mntmn | cool | 00:01 |
| Jookia | so even things like openssl should be accelerated | 00:01 |
| Jookia | you can also install hwrng and to get entropy from CAAM | 00:02 |
| mntmn | ohh | 00:03 |
| mntmn | part of rng-tools? | 00:03 |
| Jookia | yeah | 00:04 |
| - esad (QUIT: Quit: My MacBook has gone to sleep. ZZZzzz…) (~textual@84-113-242-212.cable.dynamic.surfer.at) | 00:04 | |
| mntmn | ah yeah i do have /dev/hwrng | 00:05 |
| Jookia | you need to modprobe caamrng and caamhash i think | 00:08 |
| mntmn | looks like i did include them in the last kernel i shipped | 00:11 |
| Jookia | it kind of only matters because linux's weird idea of entropy exists | 00:12 |
| Jookia | once you have enough initial entropy then you don't need any more | 00:13 |
| Jookia | but linux thinks you do | 00:13 |
| mntmn | ah | 00:13 |
| mntmn | do you know if cryptdevice=... is a kernel feature or is it something that the bootloader interprets? | 00:14 |
| mntmn | like, is it the kernel that asks for decrypting a device or is it something in initramfs? | 00:14 |
| Jookia | the initramfs | 00:14 |
| Jookia | decryption/key handling is done in userspace using dm-crypt so the initramfs has to run it | 00:15 |
| Jookia | all the kernel does is map a block device based on a key | 00:15 |
| Jookia | the actual unlocking is done using cryptsetup which reads the LUKS header on the encrypted system | 00:16 |
| mntmn | ah, sad | 00:16 |
| mntmn | but thanks for the explanation | 00:16 |
| Jookia | LUKS contains a single key for the disk decryption, and key slots that decrypt that key so you can have multiple keys | 00:16 |
| mntmn | (sad because the current setup does not have an initramfs) | 00:16 |
| Jookia | yeah, the novena doesn't ship with an initramfs either | 00:17 |
| mntmn | how are you doing it? retrofitted an initramfs? | 00:17 |
| Jookia | i think what the kernel does interpret is root= and sets /dev/root to that | 00:17 |
| Jookia | i have debian generate the initramfs as normal | 00:17 |
| Jookia | then u-boot set to load it | 00:18 |
| mntmn | ok | 00:18 |
| mntmn | i'll try that | 00:18 |
| Jookia | This isn't the ideal setup I want, but it shall do for now :) | 00:18 |
| Jookia | If you're in the future with a u-boot newer than 2015 you may want to try adding an extlinux.conf | 00:18 |
| Jookia | u-boot will see your extlinux.conf that specifies the kernel, device tree and initramfs and boot it | 00:19 |
| Jookia | https://github.com/LeMaker/u-boot/blob/master/doc/README.distro | 00:21 |
| mntmn | ah, my u-boot is pretty bleeding edge | 00:21 |
| mntmn | but i haven't tried anything with extlinux.conf yet | 00:22 |
| mntmn | btw is novena just not updated anymore? | 00:22 |
| Jookia | Pretty much, though february I'll be rebasing everything and updating | 00:23 |
| Jookia | The Buster soft freeze happens 2019-02-12 so I'll get a base for it | 00:25 |
| mntmn | ok cool | 00:29 |
| Jookia | There's some Novena packages in the official Debian repo that need a maintainer so I might try that | 00:30 |
| Jookia | s/some/one | 00:31 |
| - Jookia (QUIT: Ping timeout: 256 seconds) (~Jookia@gateway/tor-sasl/jookia) | 00:40 | |
| + Jookia (~Jookia@gateway/tor-sasl/jookia) | 00:56 | |
| - Jookia (QUIT: Quit: Jookia) (~Jookia@gateway/tor-sasl/jookia) | 06:14 | |
| + Jookia (~Jookia@gateway/tor-sasl/jookia) | 07:07 | |
| + esad (~textual@84-113-242-212.cable.dynamic.surfer.at) | 08:28 | |
| - esad (QUIT: Quit: My MacBook has gone to sleep. ZZZzzz…) (~textual@84-113-242-212.cable.dynamic.surfer.at) | 08:49 | |
| + esad (~textual@84-113-242-212.cable.dynamic.surfer.at) | 08:54 | |
| - esad (QUIT: Quit: My MacBook has gone to sleep. ZZZzzz…) (~textual@84-113-242-212.cable.dynamic.surfer.at) | 09:12 | |
| + Jookia1 (~Jookia@gateway/tor-sasl/jookia) | 10:35 | |
| - Jookia (QUIT: Ping timeout: 256 seconds) (~Jookia@gateway/tor-sasl/jookia) | 10:35 | |
| + esad (~textual@84-113-242-212.cable.dynamic.surfer.at) | 10:58 | |
| - wiedi (QUIT: Quit: ^C) (~wiedi@91.64.239.199) | 11:02 | |
| - esad (QUIT: Quit: My MacBook has gone to sleep. ZZZzzz…) (~textual@84-113-242-212.cable.dynamic.surfer.at) | 11:25 | |
| * Jookia1 -> Jookia | 11:29 | |
| + esad (~textual@84-113-242-212.cable.dynamic.surfer.at) | 11:37 | |
| - esad (QUIT: Quit: My MacBook has gone to sleep. ZZZzzz…) (~textual@84-113-242-212.cable.dynamic.surfer.at) | 11:58 | |
| + esad (~textual@193.43.158.229) | 14:36 | |
| - esad (QUIT: Read error: Connection reset by peer) (~textual@193.43.158.229) | 14:40 | |
| - Jookia (QUIT: Remote host closed the connection) (~Jookia@gateway/tor-sasl/jookia) | 15:44 | |
| + erlehmann (~erlehmann@x59cc8a51.dyn.telefonica.de) | 16:32 | |
| - erlehmann (QUIT: Read error: Connection reset by peer) (~erlehmann@x59cc8a51.dyn.telefonica.de) | 17:29 | |
| - opan (PART: "User left") (soundmatri@gateway/shell/matrix.org/x-yszrfaannoxjjfhw) | 18:48 | |
| mntmn | many changes+fixes coming for etnaviv | 21:39 |
| + Jookia (~Jookia@gateway/tor-sasl/jookia) | 22:17 | |
| mntmn | also an interesting experimental thing https://patchwork.freedesktop.org/series/46197/ | 22:18 |
Generated by irclog2html.py 2.17.2 by Marius Gedminas - find it at https://mg.pov.lt/irclog2html/!