Blame 0014-luks-key-on-ext-dev-wait-for-luks.patch

Harald Hoyer 55891e
From c70f6415f8df27565540a1ec1b3a65c09ce3253b Mon Sep 17 00:00:00 2001
Harald Hoyer 55891e
From: =?UTF-8?q?Przemys=C5=82aw=20Rudy?= <prudy1@o2.pl>
Harald Hoyer 55891e
Date: Tue, 7 Jun 2011 20:22:51 +0200
Harald Hoyer 55891e
Subject: [PATCH] luks key on ext dev - wait for luks
Harald Hoyer 55891e
Harald Hoyer 55891e
This asks for the luks passphrase if key is not found for defined time (if defined with rd.luks.tout cmd line):
Harald Hoyer 55891e
Harald Hoyer 55891e
 modules.d/90crypt/cryptroot-ask.sh |   21 ++++++++++++++++++---
Harald Hoyer 55891e
 modules.d/90crypt/parse-crypt.sh   |    5 +++--
Harald Hoyer 55891e
 2 files changed, 21 insertions(+), 5 deletions(-)
Harald Hoyer 55891e
---
Harald Hoyer 55891e
 modules.d/90crypt/cryptroot-ask.sh |   21 ++++++++++++++++++---
Harald Hoyer 55891e
 modules.d/90crypt/parse-crypt.sh   |    5 +++--
Harald Hoyer 55891e
 2 files changed, 21 insertions(+), 5 deletions(-)
Harald Hoyer 55891e
Harald Hoyer 55891e
diff --git a/modules.d/90crypt/cryptroot-ask.sh b/modules.d/90crypt/cryptroot-ask.sh
Harald Hoyer 55891e
index f8e1bd8..9b8f8c2 100755
Harald Hoyer 55891e
--- a/modules.d/90crypt/cryptroot-ask.sh
Harald Hoyer 55891e
+++ b/modules.d/90crypt/cryptroot-ask.sh
Harald Hoyer 55891e
@@ -22,6 +22,9 @@ NEWROOT=${NEWROOT:-"/sysroot"}
Harald Hoyer 55891e
 # default luksname - luks-UUID
Harald Hoyer 55891e
 luksname=$2
Harald Hoyer 55891e
 
Harald Hoyer 55891e
+# fallback to passphrase
Harald Hoyer 55891e
+ask_passphrase=1
Harald Hoyer 55891e
+
Harald Hoyer 55891e
 # if device name is /dev/dm-X, convert to /dev/mapper/name
Harald Hoyer 55891e
 if [ "${1##/dev/dm-}" != "$1" ]; then
Harald Hoyer 55891e
     device="/dev/mapper/$(dmsetup info -c --noheadings -o name "$1")"
Harald Hoyer 55891e
@@ -63,12 +66,21 @@ fi
Harald Hoyer 55891e
 
Harald Hoyer 55891e
 info "luksOpen $device $luksname"
Harald Hoyer 55891e
 
Harald Hoyer 55891e
-if [ -n "$(getarg rd.luks.key)" ]; then
Harald Hoyer 55891e
+while [ -n "$(getarg rd.luks.key)" ]; do
Harald Hoyer 55891e
     if tmp=$(getkey /tmp/luks.keys $device); then
Harald Hoyer 55891e
         keydev="${tmp%%:*}"
Harald Hoyer 55891e
         keypath="${tmp#*:}"
Harald Hoyer 55891e
     else
Harald Hoyer 55891e
-        info "No key found for $device.  Will try later."
Harald Hoyer 55891e
+        if [ $# -eq 3 ]; then
Harald Hoyer 55891e
+            if [ $3 -eq 0 ]; then
Harald Hoyer 55891e
+                info "No key found for $device.  Fallback to passphrase mode."
Harald Hoyer 55891e
+                break
Harald Hoyer 55891e
+            fi
Harald Hoyer 55891e
+            info "No key found for $device.  Will try $3 time(s) more later."
Harald Hoyer 55891e
+            set -- "$1" "$2" "$(($3 - 1))"
Harald Hoyer 55891e
+        else
Harald Hoyer 55891e
+            info "No key found for $device.  Will try later."
Harald Hoyer 55891e
+        fi
Harald Hoyer 55891e
         initqueue --unique --onetime --settled \
Harald Hoyer 55891e
             --name cryptroot-ask-$luksname \
Harald Hoyer 55891e
             $(command -v cryptroot-ask) "$@"
Harald Hoyer 55891e
@@ -80,7 +92,10 @@ if [ -n "$(getarg rd.luks.key)" ]; then
Harald Hoyer 55891e
     readkey "$keypath" "$keydev" "$device" \
Harald Hoyer 55891e
         | cryptsetup -d - luksOpen "$device" "$luksname"
Harald Hoyer 55891e
     unset keypath keydev
Harald Hoyer 55891e
-else
Harald Hoyer 55891e
+    ask_passphrase=0
Harald Hoyer 55891e
+    break
Harald Hoyer 55891e
+done    
Harald Hoyer 55891e
+if [ $ask_passphrase -ne 0 ]; then
Harald Hoyer 55891e
     luks_open="$(command -v cryptsetup) luksOpen"
Harald Hoyer 55891e
     ask_for_password --ply-tries 5 \
Harald Hoyer 55891e
         --ply-cmd "$luks_open -T1 $device $luksname" \
Harald Hoyer 55891e
diff --git a/modules.d/90crypt/parse-crypt.sh b/modules.d/90crypt/parse-crypt.sh
Harald Hoyer 55891e
index 7ec232a..c76fb23 100755
Harald Hoyer 55891e
--- a/modules.d/90crypt/parse-crypt.sh
Harald Hoyer 55891e
+++ b/modules.d/90crypt/parse-crypt.sh
Harald Hoyer 55891e
@@ -11,6 +11,7 @@ else
Harald Hoyer 55891e
     } > /etc/udev/rules.d/70-luks.rules.new
Harald Hoyer 55891e
 
Harald Hoyer 55891e
     LUKS=$(getargs rd.luks.uuid rd_LUKS_UUID)
Harald Hoyer 55891e
+    tout=$(getarg rd.luks.tout)
Harald Hoyer 55891e
 
Harald Hoyer 55891e
     if [ -n "$LUKS" ]; then
Harald Hoyer 55891e
         for luksid in $LUKS; do
Harald Hoyer 55891e
@@ -20,7 +21,7 @@ else
Harald Hoyer 55891e
                 printf -- 'ENV{ID_FS_UUID}=="*%s*", ' $luksid
Harald Hoyer 55891e
                 printf -- 'RUN+="%s --unique --onetime ' $(command -v initqueue)
Harald Hoyer 55891e
                 printf -- '--name cryptroot-ask-%%k %s ' $(command -v cryptroot-ask)
Harald Hoyer 55891e
-                printf -- '$env{DEVNAME} luks-$env{ID_FS_UUID}"\n'
Harald Hoyer 55891e
+                printf -- '$env{DEVNAME} luks-$env{ID_FS_UUID} %s"\n' $tout
Harald Hoyer 55891e
             } >> /etc/udev/rules.d/70-luks.rules.new
Harald Hoyer 55891e
 
Harald Hoyer 55891e
             printf -- '[ -e /dev/disk/by-uuid/*%s* ]\n' $luksid \
Harald Hoyer 55891e
@@ -34,7 +35,7 @@ else
Harald Hoyer 55891e
         {
Harald Hoyer 55891e
             printf -- 'ENV{ID_FS_TYPE}=="crypto_LUKS", RUN+="%s ' $(command -v initqueue)
Harald Hoyer 55891e
             printf -- '--unique --onetime --name cryptroot-ask-%%k '
Harald Hoyer 55891e
-            printf -- '%s $env{DEVNAME} luks-$env{ID_FS_UUID}"\n' $(command -v cryptroot-ask)
Harald Hoyer 55891e
+            printf -- '%s $env{DEVNAME} luks-$env{ID_FS_UUID} %s"\n' $(command -v cryptroot-ask) $tout
Harald Hoyer 55891e
         } >> /etc/udev/rules.d/70-luks.rules.new
Harald Hoyer 55891e
     fi
Harald Hoyer 55891e