denes
/
genkernel_fork
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Added a patch from Nelson Batalha <nelson_batalha@hotmail.com> from bug #174294 to enable the use of encryption on a CD and the location of a key.

Browse Source 
git-svn-id: svn+ssh://svn.gentoo.org/var/svnroot/genkernel/trunk@516 67a159dc-881f-0410-a524-ba9dfbe2cb84
cleanup-cruft
Chris Gianelloni 18 years ago
parent 505cb92dc6
commit 4cfc3f4bf8
3 changed files with 149 additions and 53 deletions
Show Stats Download Patch File Download Diff File

5
ChangeLog
Unescape View File

@ -2,6 +2,11 @@
# Copyright 2006-2007 Gentoo Foundation; Distributed under the GPL v2
# $Header: $
21 Jun 2007; Chris Gianelloni <wolf31o2@gentoo.org>
generic/initrd.scripts, generic/linuxrc:
Added a patch from Nelson Batalha <nelson_batalha@hotmail.com> from bug
#174294 to enable the use of encryption on a CD and the location of a key.
21 Jun 2007; Chris Gianelloni <wolf31o2@gentoo.org> gen_determineargs.sh,
gen_funcs.sh, genkernel, genkernel.8, genkernel.conf:
Added two patches from John R. Graham <john_r_graham@mindspring.com> from

50
generic/initrd.scripts
Unescape View File

@ -100,6 +100,39 @@ findcdmount() {
fi
}
findkeymount() {
if [ "$#" -gt "0" ]
then
for x in $*
do
# Check for a block device to mount
if [ -b "${x}" ]
then
good_msg "Attempting to mount key media:- ${x}"
mount -r -t auto ${x} ${NEW_ROOT}/mnt/key \
> /dev/null 2>&1
fi
if [ "$?" = '0' ]
then
# Check for the key
if [ -e ${NEW_ROOT}/mnt/key/${SUBDIR}/${KEYNAME} ]
then
KEY_ROOT="${x}"
break
else
umount ${NEW_ROOT}/mnt/key
fi
fi
fi
done
if [ "${KEY_ROOT}" != '' ]
then
good_msg "Key media found on ${x}"
fi
fi
}
cache_cd_contents() {
# Check loop file exists and cache to ramdisk if DO_cache is enabled
if [ "${LOOPTYPE}" != "noloop" ] && [ "${LOOPTYPE}" != "sgimips" ]
@ -357,6 +390,23 @@ bootstrapCD() {
findcdmount $DEVICES
}
bootstrapKey() {
# Locate the device with our key on it.
# USB Keychain/Storage
KEYDEVS="/dev/sd*"
# CDROM DEVICES
KEYDEVS="${KEYDEVS} /dev/cdroms/* /dev/ide/cd/* /dev/sr*"
# IDE devices
KEYDEVS="${KEYDEVS} /dev/hd*"
# USB using the USB Block Driver
KEYDEVS="${KEYDEVS} /dev/ubd* /dev/ubd/*"
# iSeries devices
KEYDEVS="${KEYDEVs} /dev/iseries/vcd*"
findkeymount ${KEYDEVS}
}
cmdline_hwopts() {
# Scan CMDLINE for any "doscsi" or "noscsi"-type arguments

47
generic/linuxrc
Unescape View File

@ -72,13 +72,16 @@ do
CDROOT=1
CDROOT_DEV=`parse_opt "${x}"`
;;
# Start livecd loop and looptype options
# Start livecd loop, looptype options and encryption
loop\=*)
LOOP=`parse_opt "${x}"`
;;
looptype\=*)
LOOPTYPE=`parse_opt "${x}"`
;;
loop_crypt\=*)
LOOP_CRYPT=`parse_opt "${x}"`
;;
# Start Device Manager options
devfs)
USE_DEVFS_NORMAL=1
@ -261,7 +264,7 @@ then
mount -t tmpfs tmpfs ${NEW_ROOT}
fi
for i in dev mnt mnt/cdrom mnt/livecd tmp tmp/.initrd mnt/gentoo sys
for i in dev mnt mnt/cdrom mnt/livecd mnt/key tmp tmp/.initrd mnt/gentoo sys
do
mkdir -p ${NEW_ROOT}/$i
chmod 755 ${NEW_ROOT}/$i
@ -490,8 +493,46 @@ then
fi
cache_cd_contents
# Setup the loopback mounts
# If encrypted, find key and mount, otherwise mount as usual
if [ "${LOOP_CRYPT}" != '' ]
then
good_msg 'You booted an encrypted livecd'
KEYNAME=$(head -n 1 ${NEW_ROOT}/mnt/cdrom/livecd)
if [ "${KEYNAME}" = '' ]
then
good_msg 'It's not locked with a gpg key, attempting to decrypt manually'
losetup -e ${LOOP_CRYPT} /dev/loop1 ${NEW_ROOT}/mnt/cdrom/${LOOPEXT}${LOOP}
else
good_msg 'Livecd locked with gpg key'
bootstrapKey
good_msg 'Attempting to decrypt with key'
losetup -K ${NEW_ROOT}/mnt/key/${SUBDIR}/${KEYNAME} -e ${LOOP_CRYPT} /dev/loop1 \
${NEW_ROOT}/mnt/cdrom/${LOOPEXT}${LOOP}
fi
test_success 'Unencrypting loop'
case ${LOOPTYPE} in
squashfs)
MOUNTTYPE="squashfs"
normal)
MOUNTTYPE="ext2"
esac
mount -t ${MOUNTTYPE} -o ro /dev/loop1 ${NEW_ROOT}/mnt/livecd
test_success 'Mount filesystem, checking key'
FS_LOCATION='mnt/livecd'
# Setup the loopback mounts, if unencrypted
else
if [ "${LOOPTYPE}" = 'normal' ]
then
good_msg 'Mounting loop filesystem'

Write Preview
Loading…
Cancel
Save