diff --git a/mkinitrd b/mkinitrd index 1cff4e0..2b22513 100755 --- a/mkinitrd +++ b/mkinitrd @@ -56,6 +56,8 @@ PROBE="yes" MODULES="" PREMODS="" DMDEVS="" +ncryptodevs=0 + NET_LIST="" LD_SO_CONF=/etc/ld.so.conf LD_SO_CONF_D=/etc/ld.so.conf.d/ @@ -367,32 +369,6 @@ findmodule() { fi } -finddmmods() { - line=$(/sbin/dmsetup table "$1" 2>/dev/null) - [ -z "$line" ] && return 1 - type=$(echo "$line" | awk '{ print $3 }') - [ -z "$type" ] && return 1 - case "$type" in - mirror) - findmodule -dm-mirror - ;; - emc) - findmodule -dm-emc - findmodule -dm-round-robin - ;; - multipath) - findmodule -dm-multipath - findmodule -dm-round-robin - ;; - crypt) - findmodule -dm-crypt - ;; - zero) - findmodule -dm-zero - ;; - esac -} - readlink() { echo nash-readlink "$1" | /sbin/nash --force --quiet } @@ -497,6 +473,14 @@ findblockdevinsys() { if [[ "$devname" =~ ^/sys/block/ ]]; then echo "$devname" fi + # check if it's a dm-crypt device. if so, just return the /dev/mapper path + if [[ "$devname" =~ ^/dev/mapper/ ]]; then + type=$(/sbin/dmsetup table $(basename $devname) | awk '{print $3}') + if [ "$type" == "crypt" ]; then + echo "$devname" + return 0 + fi + fi majmin=$(get_numeric_dev dec $devname) finddevnoinsys "$majmin" } @@ -533,7 +517,7 @@ findstoragedriver () { continue ;; *) handleddevices="$handleddevices $device" ;; esac - if [[ "$device" =~ "md[0-9]+" ]]; then + if [[ "$device" =~ "^md[0-9]+$" ]]; then vecho "Found RAID component $device" handleraid "$device" continue @@ -542,6 +526,7 @@ findstoragedriver () { if [[ "$device" =~ ^mapper/ ]]; then majmin=$(get_numeric_dev dec "/dev/$device") sysfs=$(finddevnoinsys $majmin) + handledm "$device" else sysfs=$(findone -type d /sys/block -name $device) fi @@ -652,6 +637,29 @@ is_iscsi() { fi } +handledm() { + dmname="${1##*/}" ; shift + while read dmstart dmend dmtype r0 r1 r2 r3 r4 r5 r6 r7 r8 r9 ; do + case "$type" in + crypt) + slavedev=$(finddevnoinsys $r3) + slavedev=${slavedev##*/} + cryptsetup isLuks "/dev/$slavedev" 2>/dev/null || continue + find_base_dm_mods + findmodule dm-crypt + for mod in $(echo $r0 | tr ':-' ' ') ; do + findmodule --skiperrors $mod + done + cryptodev[${ncryptodevs}]="/dev/$slavedev $dmname" + let ncryptodevs++ + findstoragedriver "$slavedev" + ;; + esac + done << EOF + $(dmsetup table "${dmname}" 2>/dev/null) +EOF +} + handleiscsi() { vecho "Found iscsi component $1" findmodule iscsi_tcp @@ -1081,7 +1089,7 @@ if [ "x$PROBE" == "xyes" ]; then "$rootdev" != "${rootdev##UUID=}" ]; then rootopts=$(echo $rootopts | sed -e 's/^r[ow],//' -e 's/,_netdev//' -e 's/_netdev//' -e 's/,r[ow],$//' -e 's/,r[ow],/,/' -e 's/^r[ow]$/defaults/' -e 's/$/,ro/') physdev=$(findblockdevinsys "$rootdev") - physdev=${physdev##*/} + physdev=${physdev##*/dev/} if [ -n "$physdev" ]; then vecho "Found root device $physdev for $rootdev" else @@ -1102,7 +1110,7 @@ if [ "x$PROBE" == "xyes" ]; then if [ "$swsuspdev" != "${swsuspdev##LABEL=}" -o \ "$swsuspdev" != "${swsuspdev##UUID=}" ]; then suspdev=$(findblockdevinsys "$swsuspdev") - suspdev=${suspdev##*/} + suspdev=${suspdev##*/dev/} if [ -n "$suspdev" ]; then swsuspdev="$suspdev" fi @@ -1380,6 +1388,10 @@ if [ -z "$nolvm" -a -n "$vg_list" ]; then fi fi +if [ $ncryptodevs -ne 0 ]; then + inst /sbin/cryptsetup "$MNTIMAGE" +fi + echo -n >| $RCFILE cemit << EOF #!/bin/nash @@ -1504,7 +1516,7 @@ EOF done unset usb_mounted -if [ -z "$nolvm" -a -n "$vg_list" ]; then +if [ -z "$nolvm" -a -n "$vg_list" -o $ncryptodevs -ne 0 ]; then emit "echo Making device-mapper control node" emit "mkdmnod" fi @@ -1537,6 +1549,16 @@ if [ -n "$raiddevices" ]; then done fi +emitcrypto() +{ + emit "echo Setting up disk encryption: $1" + emit "cryptsetup luksOpen $1 $2" +} + +for idx in ${!cryptodev[@]} ; do + emitcrypto ${cryptodev[$idx]} +done + if [ -z "$nolvm" -a -n "$vg_list" ]; then emit "echo Scanning logical volumes" emit "lvm vgscan --ignorelockingfailure"