Bug 205691 - After a period of inactivity at the boot loader prompt for a GELI passphrase, the computer should shut down
Summary: After a period of inactivity at the boot loader prompt for a GELI passphrase,...
Status: Closed Works As Intended
Alias: None
Product: Base System
Classification: Unclassified
Component: kern (show other bugs)
Version: 10.2-STABLE
Hardware: Any Any
: --- Affects Some People
Assignee: freebsd-bugs mailing list
URL:
Keywords: feature, needs-patch
Depends on:
Blocks:
 
Reported: 2015-12-29 10:43 UTC by Graham Perrin
Modified: 2018-06-17 03:21 UTC (History)
3 users (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Graham Perrin 2015-12-29 10:43:27 UTC
Recent discussion in IRC suggests that there's no timeout. 

If the computer is unattended when the prompt appears, or if the user is interrupted before completing entry of the passphrase/password, then the prompt may be endless: 

* with a risk of 'burn' to some types of display. 

I suggest a timeout of five minutes, after which the computer should automatically shut down. 

(The period that applies with FileVault 2 on OS X is probably five minutes.)
Comment 1 Graham Perrin 2015-12-29 10:58:59 UTC
From IRC: 

> which modern types of screen actually burn anyway?

Screen types aside, for a moment: an endless prompt may be undesirable in other situations. A notebook drawing power from a battery, for example.
Comment 2 Marie Helene Kvello-Aune 2016-01-02 09:39:21 UTC
Making some notes:
sys/geom/eli.c:g_eli_taste(...):ln1147, calls cngets(...) to retrieve passphrase.
sys/kern/kern_cons.c:cngets(...):ln423, implementation of cngets(...)

Will probably need an alternate implementation of cngets() which does timekeeping to implement this feature request. Will do more research on this soon. 

I suggest the exact time to wait to be defined in a loader tunable, and that the default setting should probably be around 10 minutes. Enough to grab a cup of coffee/tea/other between powering on and entering passphrase, and little enough to not drain battery too much.

I don't have an opinion whether the feature as a whole should be enabled by default.
Comment 3 Chris Rees freebsd_committer 2016-01-02 09:47:40 UTC
I'm sorry to be repeatedly negative here, but I really don't think the case is made here strongly enough.  Do we do anything by default at the login screen too?  I think this is a POLA violation, and the nonexistent risk of screen burn (actually takes years anyway on a CRT) and battery drain just don't justify this for me.  Please ensure this is off by default if implemented.
Comment 4 Allan Jude freebsd_committer 2018-06-17 03:21:47 UTC
It is unfortunate that in the legacy boot case, the password prompt runs the CPU at 100% doing nothing but waiting for you to type the passphrase, but there isn't much that can be done about it.

UEFI support is coming soon, and maybe that'll be gentler on your battery.