diff options
author | lemmarathon <lemmarathon@protonmail.com> | 2018-04-30 20:51:50 -0400 |
---|---|---|
committer | Natanael Copa <ncopa@alpinelinux.org> | 2018-06-12 17:34:46 +0000 |
commit | fdc28f072ae269ab9c3f876ed452c6c3d5a769aa (patch) | |
tree | 15961c7ab86722293264aa6a149bd13145e4c277 /initramfs-init.in | |
parent | 7e7fed4fee4c2e0bafd4a9714649b185b8696921 (diff) | |
download | mkinitfs-fdc28f072ae269ab9c3f876ed452c6c3d5a769aa.tar.bz2 mkinitfs-fdc28f072ae269ab9c3f876ed452c6c3d5a769aa.tar.xz |
Add support for keyfiles
The "cryptkey" boot parameter enables keyfile decryption. By default,
init will look for a keyfile named "/crypto_keyfile.bin". Another file
may be specified like so: "cryptkey=/path/to/keyfile.bin". If keyfile
decryption fails, init will fall back to passphrase mode.
Diffstat (limited to 'initramfs-init.in')
-rwxr-xr-x | initramfs-init.in | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/initramfs-init.in b/initramfs-init.in index fd3c50c..df704d5 100755 --- a/initramfs-init.in +++ b/initramfs-init.in @@ -274,9 +274,9 @@ setup_nbd() { set -- $(cat /proc/cmdline) myopts="alpine_dev autodetect autoraid chart cryptroot cryptdm cryptheader cryptoffset - cryptdiscards debug_init dma init_args keep_apk_new modules ovl_dev pkgs quiet - root_size root usbdelay ip alpine_repo apkovl alpine_start splash blacklist - overlaytmpfs rootfstype rootflags nbd resume s390x_net dasd ssh_key" + cryptdiscards cryptkey debug_init dma init_args keep_apk_new modules ovl_dev + pkgs quiet root_size root usbdelay ip alpine_repo apkovl alpine_start splash + blacklist overlaytmpfs rootfstype rootflags nbd resume s390x_net dasd ssh_key" for opt; do case "$opt" in @@ -397,6 +397,11 @@ if [ -n "$KOPT_cryptroot" ]; then if [ -n "$KOPT_cryptoffset" ]; then cryptopts="$cryptopts -o ${KOPT_cryptoffset}" fi + if [ "$KOPT_cryptkey" = "yes" ]; then + cryptopts="$cryptopts -k /crypto_keyfile.bin" + elif [ -n "$KOPT_cryptkey" ]; then + cryptopts="$cryptopts -k ${KOPT_cryptkey}" + fi fi if [ -n "$KOPT_nbd" ]; then |