Bug 217810 - bhyveloader and zfs encryption fails
Summary: bhyveloader and zfs encryption fails
Status: New
Alias: None
Product: Base System
Classification: Unclassified
Component: kern (show other bugs)
Version: 11.0-RELEASE
Hardware: Any Any
: --- Affects Only Me
Assignee: freebsd-virtualization mailing list
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2017-03-15 15:48 UTC by David Fox
Modified: 2017-03-31 22:07 UTC (History)
2 users (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description David Fox 2017-03-15 15:48:26 UTC
bhyveloader fails if you decide to enable encryption within the installer.

If you select zfs encryption from the partitioning menu and installation and let it complete. Upon reboot the bhyveloader will fail with "can't load kernel"

All drives are present. 
ZVOL - Sparse is in use
bhyve-vm - as management software

more info: https://lists.freebsd.org/pipermail/freebsd-virtualization/2017-March/005383.html

If I enable ZFS encryption at install, it breaks with the "can't load kernel" 
If I disable ZFS encryption at install, it starts and works perfectly.

workaround:
turn off ZFS encryption, however this leaves your system unencrypted.
Comment 1 Jan Bramkamp 2017-03-15 16:26:23 UTC
It is possible to use GELI full disk encryption in bhyve guests with the UEFI bootrom. For some reason the bootloader GELI prompt doesn't work, but the old prompt by the GELI module works. You have to use either the VNC framebuffer or set console=comconsole in your loader.conf to get a working system console.