[arch-general] Rerun bootloader from initramfs

Mauro Santos registo.mailling at gmail.com
Fri Nov 20 17:46:18 UTC 2015


On 20-11-2015 16:24, Jayesh Badwaik wrote:
>> Because I'm talking about this [1] and not software based encryption.
>> [1] https://en.wikipedia.org/wiki/Hardware-based_full_disk_encryption
> Shouldn't BIOS take care of that? 
> 

Not really, BIOS is old and it doesn't know anything about OPAL drives.
I don't know about UEFI machines but I suspect not many know about
SEDs/OPAL either.

On the other hand, you don't know what kind of treatment the BIOS would
do to the password before sending it to the SED, one bios could send it
plaintext, others could send key scancodes, you don't want to get
anywhere near that kind of nonsense. This would mean that you might not
be able to unlock the disk if you move it to another machine.

-- 
Mauro Santos


More information about the arch-general mailing list