[gentoo-commits] proj/genkernel:master commit in: defaults/, doc/ - gentoo-commits

From:	Thomas Deutschmann <whissi@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] proj/genkernel:master commit in: defaults/, doc/
Date:	Wed, 02 Sep 2020 13:52:41
Message-Id:	`1599052420.97b3a9235fdba36bfc6197baf1f47fd472fb74b6.whissi@gentoo`

1

commit:     97b3a9235fdba36bfc6197baf1f47fd472fb74b6

2

Author:     Thomas Deutschmann <whissi <AT> gentoo <DOT> org>

3

AuthorDate: Wed Sep  2 13:13:40 2020 +0000

4

Commit:     Thomas Deutschmann <whissi <AT> gentoo <DOT> org>

5

CommitDate: Wed Sep  2 13:13:40 2020 +0000

6

URL:        https://gitweb.gentoo.org/proj/genkernel.git/commit/?id=97b3a923

7

8

defaults/initrd.scripts: openLUKS(): Trigger module loading when mounting {root,swap}_keydev

9

10

We need to do the same we do for rootfs since commit 05f968fda2c6839744b36c442b3feaa6de974e63

11

also for {root,swap}_keydev.

12

13

Signed-off-by: Thomas Deutschmann <whissi <AT> gentoo.org>

14

15

 defaults/initrd.defaults |  2 ++

16

 defaults/initrd.scripts  | 15 +++++++++++----

17

 defaults/linuxrc         |  6 ++++++

18

 doc/genkernel.8.txt      |  6 ++++++

19

 4 files changed, 25 insertions(+), 4 deletions(-)

20

21

diff --git a/defaults/initrd.defaults b/defaults/initrd.defaults

22

index cf7406d..cd485ca 100644

23

--- a/defaults/initrd.defaults

24

+++ b/defaults/initrd.defaults

25

@@ -101,8 +101,10 @@ GK_UDEV_TIMEOUT=120

26

 GK_USERINTERACTION_DISABLED_STATEFILE='/tmp/user-interaction.disabled'

27

28

 CRYPT_ENV_FILE='/etc/CRYPT_ENV.conf'

29

+CRYPT_ROOT_KEYDEV_FSTYPE='auto'

30

 CRYPT_ROOT_KEYFILE='/tmp/root.key'

31

 CRYPT_ROOT_OPENED_LOCKFILE='/tmp/ROOT.opened'

32

+CRYPT_SWAP_KEYDEV_FSTYPE='auto'

33

 CRYPT_SWAP_KEYFILE='/tmp/swap.key'

34

 CRYPT_SWAP_OPENED_LOCKFILE='/tmp/SWAP.opened'

35

36

37

diff --git a/defaults/initrd.scripts b/defaults/initrd.scripts

38

index 7a84755..5181d6c 100644

39

--- a/defaults/initrd.scripts

40

+++ b/defaults/initrd.scripts

41

@@ -1780,7 +1780,7 @@ openLUKS() {

42

 		exit 1

43

fi

44

45

-	case $1 in

46

+	case ${1} in

47

 		root)

48

 			local TYPE=ROOT

49

;;

50

@@ -1789,8 +1789,12 @@ openLUKS() {

51

;;

52

 	esac

53

54

-	eval local LUKS_DEVICE='"${CRYPT_'${TYPE}'}"' LUKS_NAME="$1" LUKS_KEY='"${CRYPT_'${TYPE}'_KEY}"'

55

-	eval local LUKS_KEYDEV='"${CRYPT_'${TYPE}'_KEYDEV}"' LUKS_TRIM='"${CRYPT_'${TYPE}'_TRIM}"'

56

+	local LUKS_NAME="${1}"

57

+	eval local LUKS_DEVICE='"${CRYPT_'${TYPE}'}"'

58

+	eval local LUKS_KEY='"${CRYPT_'${TYPE}'_KEY}"'

59

+	eval local LUKS_KEYDEV='"${CRYPT_'${TYPE}'_KEYDEV}"'

60

+	eval local LUKS_KEYDEV_FSTYPE='"${CRYPT_'${TYPE}'_KEYDEV_FSTYPE}"'

61

+	eval local LUKS_TRIM='"${CRYPT_'${TYPE}'_TRIM}"'

62

 	eval local OPENED_LOCKFILE='"${CRYPT_'${TYPE}'_OPENED_LOCKFILE}"'

63

 	local DEV_ERROR=0 KEY_ERROR=0 KEYDEV_ERROR=0

64

 	local mntkey="/mnt/key/" crypt_filter_ret=

65

@@ -1886,7 +1890,10 @@ openLUKS() {

66

 						# At this point a device was recognized, now let's see if the key is there

67

 						[ ! -d "${mntkey}" ] && mkdir -p "${mntkey}" >/dev/null 2>&1

68

69

-						if ! run mount -n -o ro ${REAL_LUKS_KEYDEV} ${mntkey} >/dev/null 2>&1

70

+						# determine fs -- 'auto' will not trigger module loading!

71

+						LUKS_KEYDEV_FSTYPE=$(determine_fs "${REAL_LUKS_KEYDEV}" "${LUKS_KEYDEV_FSTYPE}")

72

+

73

+						if ! run mount -n -t ${LUKS_KEYDEV_FSTYPE} -o ro ${REAL_LUKS_KEYDEV} ${mntkey} >/dev/null 2>&1

74

 						then

75

 							KEYDEV_ERROR=1

76

 							bad_msg "Mounting of device ${REAL_LUKS_KEYDEV} failed." ${CRYPT_SILENT}

77

78

diff --git a/defaults/linuxrc b/defaults/linuxrc

79

index bab54e1..6d07d9b 100644

80

--- a/defaults/linuxrc

81

+++ b/defaults/linuxrc

82

@@ -257,6 +257,9 @@ do

83

 		root_keydev=*)

84

 			CRYPT_ROOT_KEYDEV=${x#*=}

85

;;

86

+		root_keydev_fstype=*)

87

+			CRYPT_ROOT_KEYDEV_FSTYPE=${x#*=}

88

+		;;

89

 		root_trim=*)

90

 			CRYPT_ROOT_TRIM=${x#*=}

91

;;

92

@@ -266,6 +269,9 @@ do

93

 		swap_keydev=*)

94

 			CRYPT_SWAP_KEYDEV=${x#*=}

95

;;

96

+		swap_keydev_fstype=*)

97

+			CRYPT_SWAP_KEYDEV_FSTYPE=${x#*=}

98

+		;;

99

 		real_resume=*|resume=*)

100

 			REAL_RESUME=${x#*=}

101

;;

102

103

diff --git a/doc/genkernel.8.txt b/doc/genkernel.8.txt

104

index 7ce7391..5d7b74d 100644

105

--- a/doc/genkernel.8.txt

106

+++ b/doc/genkernel.8.txt

107

@@ -646,6 +646,9 @@ recognized by the kernel itself.

108

     root_key.   If unset while using root_key, it will automatically

109

     look for the device in every boot.

110

111

+*root_keydev_fstype*=<...>::

112

+    Used filesystem for *root_keydev*. See *rootfstype* for more details.

113

+

114

 *root_trim*=(yes|no)::

115

     Enables TRIM support for a LUKS-based root device.  Only useful

116

     with SSD setups.  Have a look at 'https://en.wikipedia.org/wiki/TRIM'

117

@@ -657,6 +660,9 @@ recognized by the kernel itself.

118

 *swap_keydev*=<...>::

119

     Same as root_keydev for swap.

120

121

+*swap_keydev_fstype*=<...>::

122

+    Used filesystem for *swap_keydev*. See *rootfstype* for more details.

123

+

124

 *crypt_silent*::

125

     Set this to silent all the output related to the cryptographic

126

     software,  and in case your encrypted device isn't open with the

1	commit: 97b3a9235fdba36bfc6197baf1f47fd472fb74b6
2	Author: Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
3	AuthorDate: Wed Sep 2 13:13:40 2020 +0000
4	Commit: Thomas Deutschmann <whissi <AT> gentoo <DOT> org>
5	CommitDate: Wed Sep 2 13:13:40 2020 +0000
6	URL: https://gitweb.gentoo.org/proj/genkernel.git/commit/?id=97b3a923
7
8	defaults/initrd.scripts: openLUKS(): Trigger module loading when mounting {root,swap}_keydev
9
10	We need to do the same we do for rootfs since commit 05f968fda2c6839744b36c442b3feaa6de974e63
11	also for {root,swap}_keydev.
12
13	Signed-off-by: Thomas Deutschmann <whissi <AT> gentoo.org>
14
15	defaults/initrd.defaults \| 2 ++
16	defaults/initrd.scripts \| 15 +++++++++++----
17	defaults/linuxrc \| 6 ++++++
18	doc/genkernel.8.txt \| 6 ++++++
19	4 files changed, 25 insertions(+), 4 deletions(-)
20
21	diff --git a/defaults/initrd.defaults b/defaults/initrd.defaults
22	index cf7406d..cd485ca 100644
23	--- a/defaults/initrd.defaults
24	+++ b/defaults/initrd.defaults
25	@@ -101,8 +101,10 @@ GK_UDEV_TIMEOUT=120
26	GK_USERINTERACTION_DISABLED_STATEFILE='/tmp/user-interaction.disabled'
27
28	CRYPT_ENV_FILE='/etc/CRYPT_ENV.conf'
29	+CRYPT_ROOT_KEYDEV_FSTYPE='auto'
30	CRYPT_ROOT_KEYFILE='/tmp/root.key'
31	CRYPT_ROOT_OPENED_LOCKFILE='/tmp/ROOT.opened'
32	+CRYPT_SWAP_KEYDEV_FSTYPE='auto'
33	CRYPT_SWAP_KEYFILE='/tmp/swap.key'
34	CRYPT_SWAP_OPENED_LOCKFILE='/tmp/SWAP.opened'
35
36
37	diff --git a/defaults/initrd.scripts b/defaults/initrd.scripts
38	index 7a84755..5181d6c 100644
39	--- a/defaults/initrd.scripts
40	+++ b/defaults/initrd.scripts
41	@@ -1780,7 +1780,7 @@ openLUKS() {
42	exit 1
43	fi
44
45	- case $1 in
46	+ case ${1} in
47	root)
48	local TYPE=ROOT
49	;;
50	@@ -1789,8 +1789,12 @@ openLUKS() {
51	;;
52	esac
53
54	- eval local LUKS_DEVICE='"${CRYPT_'${TYPE}'}"' LUKS_NAME="$1" LUKS_KEY='"${CRYPT_'${TYPE}'_KEY}"'
55	- eval local LUKS_KEYDEV='"${CRYPT_'${TYPE}'_KEYDEV}"' LUKS_TRIM='"${CRYPT_'${TYPE}'_TRIM}"'
56	+ local LUKS_NAME="${1}"
57	+ eval local LUKS_DEVICE='"${CRYPT_'${TYPE}'}"'
58	+ eval local LUKS_KEY='"${CRYPT_'${TYPE}'_KEY}"'
59	+ eval local LUKS_KEYDEV='"${CRYPT_'${TYPE}'_KEYDEV}"'
60	+ eval local LUKS_KEYDEV_FSTYPE='"${CRYPT_'${TYPE}'_KEYDEV_FSTYPE}"'
61	+ eval local LUKS_TRIM='"${CRYPT_'${TYPE}'_TRIM}"'
62	eval local OPENED_LOCKFILE='"${CRYPT_'${TYPE}'_OPENED_LOCKFILE}"'
63	local DEV_ERROR=0 KEY_ERROR=0 KEYDEV_ERROR=0
64	local mntkey="/mnt/key/" crypt_filter_ret=
65	@@ -1886,7 +1890,10 @@ openLUKS() {
66	# At this point a device was recognized, now let's see if the key is there
67	[ ! -d "${mntkey}" ] && mkdir -p "${mntkey}" >/dev/null 2>&1
68
69	- if ! run mount -n -o ro ${REAL_LUKS_KEYDEV} ${mntkey} >/dev/null 2>&1
70	+ # determine fs -- 'auto' will not trigger module loading!
71	+ LUKS_KEYDEV_FSTYPE=$(determine_fs "${REAL_LUKS_KEYDEV}" "${LUKS_KEYDEV_FSTYPE}")
72	+
73	+ if ! run mount -n -t ${LUKS_KEYDEV_FSTYPE} -o ro ${REAL_LUKS_KEYDEV} ${mntkey} >/dev/null 2>&1
74	then
75	KEYDEV_ERROR=1
76	bad_msg "Mounting of device ${REAL_LUKS_KEYDEV} failed." ${CRYPT_SILENT}
77
78	diff --git a/defaults/linuxrc b/defaults/linuxrc
79	index bab54e1..6d07d9b 100644
80	--- a/defaults/linuxrc
81	+++ b/defaults/linuxrc
82	@@ -257,6 +257,9 @@ do
83	root_keydev=*)
84	CRYPT_ROOT_KEYDEV=${x#*=}
85	;;
86	+ root_keydev_fstype=*)
87	+ CRYPT_ROOT_KEYDEV_FSTYPE=${x#*=}
88	+ ;;
89	root_trim=*)
90	CRYPT_ROOT_TRIM=${x#*=}
91	;;
92	@@ -266,6 +269,9 @@ do
93	swap_keydev=*)
94	CRYPT_SWAP_KEYDEV=${x#*=}
95	;;
96	+ swap_keydev_fstype=*)
97	+ CRYPT_SWAP_KEYDEV_FSTYPE=${x#*=}
98	+ ;;
99	real_resume=\|resume=)
100	REAL_RESUME=${x#*=}
101	;;
102
103	diff --git a/doc/genkernel.8.txt b/doc/genkernel.8.txt
104	index 7ce7391..5d7b74d 100644
105	--- a/doc/genkernel.8.txt
106	+++ b/doc/genkernel.8.txt
107	@@ -646,6 +646,9 @@ recognized by the kernel itself.
108	root_key. If unset while using root_key, it will automatically
109	look for the device in every boot.
110
111	+root_keydev_fstype=<...>::
112	+ Used filesystem for root_keydev. See rootfstype for more details.
113	+
114	root_trim=(yes\|no)::
115	Enables TRIM support for a LUKS-based root device. Only useful
116	with SSD setups. Have a look at 'https://en.wikipedia.org/wiki/TRIM'
117	@@ -657,6 +660,9 @@ recognized by the kernel itself.
118	swap_keydev=<...>::
119	Same as root_keydev for swap.
120
121	+swap_keydev_fstype=<...>::
122	+ Used filesystem for swap_keydev. See rootfstype for more details.
123	+
124	crypt_silent::
125	Set this to silent all the output related to the cryptographic
126	software, and in case your encrypted device isn't open with the

Gentoo Archives: gentoo-commits