rpms / dracut

Clone
Source Code
GIT

Blame 0046.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8 c8-beta c8s c8s-sig-hyperscale c9 c9-beta c9s-sig-hyperscale
  1.   e965b21ea91e2a79a995fd1fbbaac0b371d0f644
  2.   0046.patch
Blob History Raw
Harald Hoyer 308914 
From 5bfebf0f04c8e88a0447d5f75c7ec13951fa610d Mon Sep 17 00:00:00 2001
Harald Hoyer 308914 
From: Harald Hoyer <harald@redhat.com>
Harald Hoyer 308914 
Date: Tue, 7 Apr 2020 22:26:25 +0200
Harald Hoyer 308914 
Subject: [PATCH] 90crypt/module-setup.sh: try to catch kernel config changes
Harald Hoyer 308914
Harald Hoyer 308914 
If a crypto kernel module changes from compiled in to module, the
Harald Hoyer 308914 
encrypted disk might fail to open, because the kernel module was
Harald Hoyer 308914 
not included in the initramfs.
Harald Hoyer 308914
Harald Hoyer 308914 
This patch tries heuristically to catch such modules.
Harald Hoyer 308914
Harald Hoyer 308914 
Fixes https://github.com/dracutdevs/dracut/issues/706
Harald Hoyer 308914 
---
Harald Hoyer 308914 
 modules.d/90crypt/module-setup.sh | 25 +++++++++++++++++++++++++
Harald Hoyer 308914 
 1 file changed, 25 insertions(+)
Harald Hoyer 308914
Harald Hoyer 308914 
diff --git a/modules.d/90crypt/module-setup.sh b/modules.d/90crypt/module-setup.sh
Harald Hoyer 308914 
index a9dda734..3bce2411 100755
Harald Hoyer 308914 
--- a/modules.d/90crypt/module-setup.sh
Harald Hoyer 308914 
+++ b/modules.d/90crypt/module-setup.sh
Harald Hoyer 308914 
@@ -26,6 +26,31 @@ depends() {
Harald Hoyer 308914 
 installkernel() {
Harald Hoyer 308914 
     hostonly="" instmods drbg
Harald Hoyer 308914 
     instmods dm_crypt
Harald Hoyer 308914 
+
Harald Hoyer 308914 
+    # in case some of the crypto modules moved from compiled in
Harald Hoyer 308914 
+    # to module based, try to install those modules
Harald Hoyer 308914 
+    # best guess
Harald Hoyer 308914 
+    [[ $hostonly ]] || [[ $mount_needs ]] && {
Harald Hoyer 308914 
+        # dmsetup returns s.th. like
Harald Hoyer 308914 
+        # cryptvol: 0 2064384 crypt aes-xts-plain64 :64:logon:cryptsetup:....
Harald Hoyer 308914 
+        dmsetup table | while read name _ _ is_crypt cipher _; do
Harald Hoyer 308914 
+            [[ $is_crypt != "crypt" ]] && continue
Harald Hoyer 308914 
+            # get the device name
Harald Hoyer 308914 
+            name=/dev/$(dmsetup info -c --noheadings -o blkdevname ${name%:})
Harald Hoyer 308914 
+            # check if the device exists as a key in our host_fs_types
Harald Hoyer 308914 
+            if [[ ${host_fs_types[$name]+_} ]]; then
Harald Hoyer 308914 
+                # split the cipher aes-xts-plain64 in pieces
Harald Hoyer 308914 
+                _OLD_IFS=$IFS
Harald Hoyer 308914 
+                IFS='-:'
Harald Hoyer 308914 
+                set -- $cipher
Harald Hoyer 308914 
+                IFS=$_OLD_IFS
Harald Hoyer 308914 
+                # try to load the cipher part with "crypto-" prepended
Harald Hoyer 308914 
+                # in non-hostonly mode
Harald Hoyer 308914 
+                hostonly= instmods $(for k in "$@"; do echo "crypto-$k";done)
Harald Hoyer 308914 
+            fi
Harald Hoyer 308914 
+        done
Harald Hoyer 308914 
+    }
Harald Hoyer 308914 
+    return 0
Harald Hoyer 308914 
 }
Harald Hoyer 308914
Harald Hoyer 308914 
 # called by dracut
Harald Hoyer 308914

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation