diff options
Diffstat (limited to 'install-sd-encrypt')
-rw-r--r-- | install-sd-encrypt | 57 |
1 files changed, 31 insertions, 26 deletions
diff --git a/install-sd-encrypt b/install-sd-encrypt index 42ee25fe98d2..ca68f53de701 100644 --- a/install-sd-encrypt +++ b/install-sd-encrypt @@ -3,48 +3,53 @@ build() { local mod - add_module "dm-crypt" - add_module "dm-integrity" + add_module 'dm-crypt' + add_module 'dm-integrity' if [[ $CRYPTO_MODULES ]]; then for mod in $CRYPTO_MODULES; do add_module "$mod" done else - add_all_modules "/crypto/" + add_all_modules '/crypto/' fi - add_checked_modules "/drivers/char/tpm/" + add_checked_modules '/drivers/char/tpm/' - add_udev_rule "10-dm.rules" - add_udev_rule "13-dm-disk.rules" - add_udev_rule "60-fido-id.rules" - add_udev_rule "95-dm-notify.rules" - add_udev_rule "/usr/lib/initcpio/udev/11-dm-initramfs.rules" + map add_udev_rule \ + '10-dm.rules' \ + '13-dm-disk.rules' \ + '60-fido-id.rules' \ + '95-dm-notify.rules' \ + '/usr/lib/initcpio/udev/11-dm-initramfs.rules' - add_systemd_unit "cryptsetup.target" - add_binary "/usr/lib/systemd/system-generators/systemd-cryptsetup-generator" - add_binary "/usr/lib/systemd/systemd-cryptsetup" - - add_systemd_unit "systemd-ask-password-console.path" - add_systemd_unit "systemd-ask-password-console.service" + map add_systemd_unit 'cryptsetup.target' \ + 'systemd-ask-password-console.path' \ + 'systemd-ask-password-console.service' + map add_binary \ + '/usr/lib/systemd/system-generators/systemd-cryptsetup-generator' \ + '/usr/lib/systemd/systemd-cryptsetup' \ + '/usr/lib/cryptsetup/libcryptsetup-token-systemd-fido2.so' \ + '/usr/lib/cryptsetup/libcryptsetup-token-systemd-pkcs11.so' \ + '/usr/lib/cryptsetup/libcryptsetup-token-systemd-tpm2.so' # cryptsetup calls pthread_create(), which dlopen()s libgcc_s.so.1 - add_binary "/usr/lib/libgcc_s.so.1" + add_binary '/usr/lib/libgcc_s.so.1' + + # cryptsetup loads the legacy provider which is required for whirlpool + add_binary '/usr/lib/ossl-modules/legacy.so' # add libraries dlopen()ed by systemd-cryptsetup - for LIB in fido2 tss2-{{esys,rc,mu},tcti-'*'}; do - for FILE in $(find /usr/lib/ -maxdepth 1 -name "lib${LIB}.so*"); do - if [[ -L "${FILE}" ]]; then - add_symlink "${FILE}" - else - add_binary "${FILE}" - fi - done + for FILE in $(find /usr/lib/ -maxdepth 1 -name "libfido2.so*"); do + if [[ -L "${FILE}" ]]; then + add_symlink "${FILE}" + else + add_binary "${FILE}" + fi done # add mkswap for creating swap space on the fly (see 'swap' in crypttab(5)) - add_binary "mkswap" + add_binary 'mkswap' - [[ -f /etc/crypttab.initramfs ]] && add_file "/etc/crypttab.initramfs" "/etc/crypttab" + [[ -f /etc/crypttab.initramfs ]] && add_file '/etc/crypttab.initramfs' '/etc/crypttab' } help() { |