From 3186bfc54c5e5db508d47340012a320f607bd8f3 Mon Sep 17 00:00:00 2001 From: Chris Gianelloni Date: Fri, 9 Jun 2006 14:34:09 +0000 Subject: [PATCH] Add a modified version of the two LUKS patches that made their way into bugzilla for bug #122421. git-svn-id: svn+ssh://svn.gentoo.org/var/svnroot/genkernel/trunk@405 67a159dc-881f-0410-a524-ba9dfbe2cb84 --- gen_cmdline.sh | 6 ++++++ gen_determineargs.sh | 5 +++++ gen_initramfs.sh | 35 ++++++++++++++++++++++++++++------- gen_initrd.sh | 23 +++++++++++++++++++++-- generic/initrd.scripts | 4 ++-- generic/linuxrc | 21 +++++++++++++++++++++ 6 files changed, 83 insertions(+), 11 deletions(-) diff --git a/gen_cmdline.sh b/gen_cmdline.sh index 86d381e..998378a 100755 --- a/gen_cmdline.sh +++ b/gen_cmdline.sh @@ -81,6 +81,8 @@ longusage() { echo " --linuxrc= Specifies a user created linuxrc" echo " --disklabel Include disk label and uuid support in your" echo " initrd" + echo " --luks Include LUKS support" + echo " --> 'emerge cryptsetup-luks' with USE=-dynamic" echo " Internals" echo " --arch-override= Force to arch instead of autodetect" echo " --cachedir= Override the default cache location" @@ -469,6 +471,10 @@ parse_cmdline() { CMD_DISKLABEL=1 print_info 2 "CMD_DISKLABEL: $CMD_DISKLABEL" ;; + --luks) + CMD_LUKS=1 + print_info 2 "CMD_LUKS: $CMD_LUKS" + ;; all) BUILD_KERNEL=1 BUILD_MODULES=1 diff --git a/gen_determineargs.sh b/gen_determineargs.sh index cb3b1b2..93e5bab 100644 --- a/gen_determineargs.sh +++ b/gen_determineargs.sh @@ -60,6 +60,11 @@ get_KV() { else DISKLABEL=0 fi + + if isTrue "${CMD_LUKS}" + then + LUKS=1 + fi } determine_real_args() { diff --git a/gen_initramfs.sh b/gen_initramfs.sh index a7e9806..80d1d1a 100644 --- a/gen_initramfs.sh +++ b/gen_initramfs.sh @@ -173,9 +173,9 @@ create_unionfs_tools_cpio(){ mkdir -p "${TEMP}/initramfs-unionfs-tools-temp/bin/" /bin/tar -jxpf "${UNIONFS_BINCACHE}" -C "${TEMP}/initramfs-unionfs-tools-temp" || gen_die "Could not extract unionfs tools binary cache!"; - cd "${TEMP}/initramfs-unionfs-tools-temp/" - find . -print | cpio --quiet -o -H newc | gzip -9 > ${CACHE_CPIO_DIR}/initramfs-unionfs-${UNIONFS_VER}-tools.cpio.gz - rm -r "${TEMP}/initramfs-unionfs-tools-temp/" + cd "${TEMP}/initramfs-unionfs-tools-temp/" + find . -print | cpio --quiet -o -H newc | gzip -9 > ${CACHE_CPIO_DIR}/initramfs-unionfs-${UNIONFS_VER}-tools.cpio.gz + rm -r "${TEMP}/initramfs-unionfs-tools-temp/" fi } @@ -192,9 +192,9 @@ create_dmraid_cpio(){ mkdir -p "${TEMP}/initramfs-dmraid-temp/" /bin/tar -jxpf "${DMRAID_BINCACHE}" -C "${TEMP}/initramfs-dmraid-temp" || gen_die "Could not extract dmraid binary cache!"; - cd "${TEMP}/initramfs-dmraid-temp/" - find . -print | cpio --quiet -o -H newc | gzip -9 > ${CACHE_CPIO_DIR}/initramfs-dmraid-${DMRAID_VER}.cpio.gz - rm -r "${TEMP}/initramfs-dmraid-temp/" + cd "${TEMP}/initramfs-dmraid-temp/" + find . -print | cpio --quiet -o -H newc | gzip -9 > ${CACHE_CPIO_DIR}/initramfs-dmraid-${DMRAID_VER}.cpio.gz + rm -r "${TEMP}/initramfs-dmraid-temp/" fi } @@ -323,6 +323,7 @@ create_gensplash(){ fi fi } + create_initramfs_overlay_cpio(){ cd ${INITRAMFS_OVERLAY} find . -print | cpio --quiet -o -H newc | gzip -9 > ${CACHE_CPIO_DIR}/initramfs-overlay.cpio.gz @@ -380,6 +381,12 @@ create_initramfs_modules() { rm -r "${TEMP}/initramfs-modules-${KV}-temp/" } +# check for static linked file with objdump +is_static() { + objdump -T $1 2>&1 | grep "not a dynamic object" > /dev/null + return $? +} + create_initramfs_aux() { if [ -d "${TEMP}/initramfs-aux-temp" ] then @@ -403,7 +410,8 @@ create_initramfs_aux() { # Make sure it's executable chmod 0755 "${TEMP}/initramfs-aux-temp/init" - # Make a symlink to init .. incase we are bundled inside the kernel as one big cpio. + # Make a symlink to init .. incase we are bundled inside the kernel as one + # big cpio. cd ${TEMP}/initramfs-aux-temp ln -s init linuxrc # ln ${TEMP}/initramfs-aux-temp/init ${TEMP}/initramfs-aux-temp/linuxrc @@ -445,6 +453,19 @@ create_initramfs_aux() { then echo 'MY_HWOPTS="${MY_HWOPTS} slowusb"' >> ${TEMP}/initramfs-aux-temp/etc/initrd.defaults fi + if isTrue ${LUKS} + then + if is_static /bin/cryptsetup + then + print_info "Including LUKS support" + rm -f ${TEMP}/initramfs-aux-temp/sbin/cryptsetup + cp /bin/cryptsetup ${TEMP}/initramfs-aux-temp/sbin/cryptsetup + chmod +x "${TEMP}/initramfs-aux-temp/sbin/cryptsetup" + else + print_info "LUKS support requires static cryptsetup at /bin/cryptsetup" + print_info "Not including LUKS support" + fi + fi cd ${TEMP}/initramfs-aux-temp/sbin && ln -s ../init init cd ${TEMP} diff --git a/gen_initrd.sh b/gen_initrd.sh index 59a944b..d2147dd 100644 --- a/gen_initrd.sh +++ b/gen_initrd.sh @@ -27,6 +27,12 @@ move_initrd_to_loop() mv * "${TEMP}/initrd-mount" >> ${DEBUGFILE} 2>&1 } +# check for static linked file with objdump +is_static() { + objdump -T $1 2>&1 | grep "not a dynamic object" > /dev/null + return $? +} + create_base_initrd_sys() { rm -rf "${TEMP}/initrd-temp" > /dev/null mkdir -p ${TEMP}/initrd-temp/dev @@ -227,10 +233,23 @@ create_base_initrd_sys() { ln ${TEMP}/initrd-temp/bin/busybox ${TEMP}/initrd-temp/bin/$i || gen_die "Busybox error: could not link ${i}!" done + + if isTrue ${LUKS} + then + if is_static /bin/cryptsetup + then + print_info "Including LUKS support" + rm -f ${TEMP}/initrd-temp/sbin/cryptsetup + cp /bin/cryptsetup ${TEMP}/initrd-temp/sbin/cryptsetup + chmod +x "${TEMP}/initrd-temp/sbin/cryptsetup" + else + print_info "LUKS support requires static cryptsetup at /bin/cryptsetup" + print_info "Not including LUKS support" + fi + fi } -print_list() -{ +print_list() { local x for x in ${*} do diff --git a/generic/initrd.scripts b/generic/initrd.scripts index ea03023..4ded9ff 100644 --- a/generic/initrd.scripts +++ b/generic/initrd.scripts @@ -575,10 +575,10 @@ setup_md_device() { [ -z "$1" ] && device="${REAL_ROOT}" || device="$1" [ -z "${device}" ] && return # LiveCD - if [ `echo ${device}|sed -e 's#\(/dev/md\)[[:digit:]]\+#\1#'` = "/dev/md" ] + if [ `echo ${device}|sed -e 's#\(luks:\)\?\(/dev/md\)[[:digit:]]\+#\2#'` = "/dev/md" ] then good_msg 'Detected real_root as a md device. Setting up the device node...' - MD_NUMBER=`echo ${device}|sed -e 's#/dev/md\([[:digit:]]\+\)#\1#'` + MD_NUMBER=`echo ${device}|sed -e 's#\(luks:\)\?/dev/md\([[:digit:]]\+\)#\2#'` if [ ! -e /dev/md${MD_NUMBER} ] then mknod /dev/md${MD_NUMBER} b 9 ${MD_NUMBER} >/dev/null 2>&1 diff --git a/generic/linuxrc b/generic/linuxrc index 99d1219..d0ff83b 100644 --- a/generic/linuxrc +++ b/generic/linuxrc @@ -365,6 +365,27 @@ do elif [ -b "${REAL_ROOT}" ] || [ "${REAL_ROOT}" = "/dev/nfs" ] then got_good_root=1 + + #check if LUKS setup is needed + elif [ `echo ${REAL_ROOT} | sed -e "s/\([^:]*\):.*/\1/"` = "luks" ] + then + LUKSdev=`echo ${REAL_ROOT} | sed -e "s/luks:\(.*\)/\1/"` + if [ -e /sbin/cryptsetup ] + then + if cryptsetup isLuks ${LUKSdev} + then + good_msg "LUKS partition - opening $LUKSdev" + cryptsetup luksOpen ${LUKSdev} root && + REAL_ROOT=/dev/mapper/root && + got_good_root=1 + else + bad_msg "${LUKSDEV} is not a LUKS partition" + REAL_ROOT="" + fi + else + bad_msg "This initrd does not support LUKS" + REAL_ROOT="" + fi else bad_msg "Block device ${REAL_ROOT} is not a valid root device..." REAL_ROOT=""