[bug#51514] [PATCH 1/2] gnu: system: Add LUKS2 support for the root file system.

all messages for Guix-related lists mirrored at yhetil.org
 help / color / mirror / code / Atom feed

From: Josselin Poiret via Guix-patches via <guix-patches@gnu.org>
To: 51514@debbugs.gnu.org
Cc: Josselin Poiret <dev@jpoiret.xyz>
Subject: [bug#51514] [PATCH 1/2] gnu: system: Add LUKS2 support for the root file system.
Date: Sat, 30 Oct 2021 16:12:36 +0000	[thread overview]
Message-ID: <20211030161237.28298-1-dev@jpoiret.xyz> (raw)
In-Reply-To: <87tugypkum.fsf@jpoiret.xyz>

* gnu/bootloader/grub.scm (grub-configuration-file): Add 'insmod
luks2'.
* gnu/system/mapped-devices.scm (open-luks-device): Create
'/run/cryptsetup/' directory.
---
 gnu/bootloader/grub.scm       |  3 +--
 gnu/system/mapped-devices.scm | 10 ++++++++--
 2 files changed, 9 insertions(+), 4 deletions(-)

diff --git a/gnu/bootloader/grub.scm b/gnu/bootloader/grub.scm
index d8e888ff40..42f71aa4db 100644
--- a/gnu/bootloader/grub.scm
+++ b/gnu/bootloader/grub.scm
@@ -415,8 +415,7 @@ (define (crypto-device->cryptomount dev)
           ;; Other type of devices aren't implemented.
           #~()))
     (let ((devices (map crypto-device->cryptomount store-crypto-devices))
-          ;; XXX: Add luks2 when grub 2.06 is packaged.
-          (modules #~(format port "insmod luks~%")))
+          (modules #~(format port "insmod luks~%insmod luks2~%")))
       (if (null? devices)
           devices
           (cons modules devices))))
diff --git a/gnu/system/mapped-devices.scm b/gnu/system/mapped-devices.scm
index 518dbc4fe8..95944b03c8 100644
--- a/gnu/system/mapped-devices.scm
+++ b/gnu/system/mapped-devices.scm
@@ -192,7 +192,8 @@ (define (open-luks-device source targets)
   "Return a gexp that maps SOURCE to TARGET as a LUKS device, using
 'cryptsetup'."
   (with-imported-modules (source-module-closure
-                          '((gnu build file-systems)))
+                          '((gnu build file-systems)
+			    (guix build utils))) ;; For mkdir-p
     (match targets
       ((target)
        #~(let ((source #$(if (uuid? source)
@@ -201,7 +202,12 @@ (define (open-luks-device source targets)
            ;; XXX: 'use-modules' should be at the top level.
            (use-modules (rnrs bytevectors) ;bytevector?
                         ((gnu build file-systems)
-                         #:select (find-partition-by-luks-uuid)))
+                         #:select (find-partition-by-luks-uuid))
+			((guix build utils) #:select (mkdir-p)))
+
+	   ;; Create '/run/cryptsetup/' if it does not exist, as device locking
+	   ;; is mandatory for LUKS2.
+	   (mkdir-p "/run/cryptsetup/")
 
            ;; Use 'cryptsetup-static', not 'cryptsetup', to avoid pulling the
            ;; whole world inside the initrd (for when we're in an initrd).
-- 
2.33.1

next prev parent reply	other threads:[~2021-10-30 16:13 UTC|newest]

Thread overview: 9+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-10-30 15:56 [bug#51514] [PATCH 0/2] Add support for LUKS2 root partition Josselin Poiret via Guix-patches via
2021-10-30 16:12 ` Josselin Poiret via Guix-patches via [this message]
2021-10-30 16:12   ` [bug#51514] [PATCH 2/2] doc: Document LUKS2 Grub support and shortcomings Josselin Poiret via Guix-patches via
2021-11-12 22:32     ` [bug#51514] [PATCH 0/2] Add support for LUKS2 root partition Ludovic Courtès
2021-11-15 20:53       ` [bug#51514] [PATCH v2 0/3] " Josselin Poiret via Guix-patches via
2021-11-15 20:53         ` [bug#51514] [PATCH v2 1/3] gnu: system: Add LUKS2 support for the root file system Josselin Poiret via Guix-patches via
2021-11-15 20:53         ` [bug#51514] [PATCH v2 2/3] doc: Document LUKS2 GRUB support and shortcomings Josselin Poiret via Guix-patches via
2021-11-15 20:53         ` [bug#51514] [PATCH v2 3/3] installer: Make LUKS2 the default format for encrypted devices Josselin Poiret via Guix-patches via
2021-12-01 16:22         ` bug#51514: [PATCH 0/2] Add support for LUKS2 root partition Ludovic Courtès

find likely ancestor, descendant, or conflicting patches for this message:
dfblob:d8e888ff4 dfblob:518dbc4fe dfblob:42f71aa4d dfblob:95944b03c
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20211030161237.28298-1-dev@jpoiret.xyz \
    --to=guix-patches@gnu.org \
    --cc=51514@debbugs.gnu.org \
    --cc=dev@jpoiret.xyz \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

Code repositories for project(s) associated with this external index

	https://git.savannah.gnu.org/cgit/guix.git

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.