ref: e5d09818787635bcb8f91e46cdbd8f1b16b698d2
parent: fa54730644827b80e9dcbbe9fb094e2c99d3d8bd
author: Michael Zhou <zhoumichaely@gmail.com>
date: Fri Jun 3 00:46:25 CDT 2011
add encrypted root support
--- a/Makefile
+++ b/Makefile
@@ -13,6 +13,7 @@
modules.d/btrfs \
modules.d/cdrom \
modules.d/cramfs \
+ modules.d/cryptsetup \
modules.d/ext2 \
modules.d/ext3 \
modules.d/ext4 \
@@ -31,6 +32,7 @@
modules.d/xfs \
files.d/bootchart \
files.d/base \
+ files.d/cryptsetup \
files.d/kms \
files.d/lvm
--- /dev/null
+++ b/files.d/cryptsetup
@@ -1,0 +1,18 @@
+/sbin/cryptsetup
+/lib/libcryptsetup.so.1.2.0
+/lib/libcryptsetup.so.1
+/lib/libpopt.so.0.0.0
+/lib/libpopt.so.0
+/lib/libuClibc-0.9.32-rc3.so
+/lib/libc.so.0.9.32
+/lib/libuuid.so.1.3.0
+/lib/libuuid.so.1
+/lib/libdevmapper.so.1.02
+/lib/libssl.so.1.0.0
+/lib/libcrypto.so.1.0.0
+/lib/libdl-0.9.32-rc3.so
+/lib/libdl.so.0.9.32
+/lib/libz.so.1.2.5
+/lib/libz.so.1
+/lib/ld64-uClibc-0.9.32-rc3.so
+/lib/ld64-uClibc.so.0.9.32
--- a/initramfs-init.in
+++ b/initramfs-init.in
@@ -196,6 +196,17 @@
fi
}
+# start cryptsetup if exists
+start_cryptsetup() {
+ [ -x /sbin/cryptsetup ] || return
+ modprobe dm-crypt
+ if [ -n "$KOPT_cryptroot" ]; then
+ modprobe dm-crypt
+ for map in /etc/keymap/*; do if [ -f "$map" ]; then zcat "$map" | loadkmap && break; fi ; done
+ cryptsetup luksOpen "$KOPT_cryptroot" "$KOPT_cryptdm"
+ fi
+}
+
# start lvm if exists
start_lvm() {
[ -x /sbin/lvm ] || return
@@ -317,6 +328,7 @@
[ -n "$KOPT_usbdelay" ] && sleep "$KOPT_usbdelay"
wait_usb
start_raid
+ start_cryptsetup
start_lvm
ebegin "Mounting root"
retry_mount -o ro $KOPT_root $sysroot 2>/dev/null
@@ -340,6 +352,7 @@
# incase we have alpine_dev on raid device...
start_raid
+start_cryptsetup
start_lvm
# locate boot media and mount it
--- /dev/null
+++ b/modules.d/cryptsetup
@@ -1,0 +1,2 @@
+kernel/crypto/*
+kernel/drivers/md/dm-crypt.ko