aboutsummaryrefslogtreecommitdiffstats
path: root/main/mkinitfs/0001-Add-support-for-signed-modloop-images.patch
blob: 0e4dd9b08d9e5d502e1a66592e01db362fac07b0 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72

From 7f538f1e2f33dd44c66693442e7713ca16e26d8b Mon Sep 17 00:00:00 2001
From: Carlo Landmeter <clandmeter@alpinelinux.org>
Date: Wed, 4 Jul 2018 12:29:28 +0000
Subject: [PATCH 1/5] Add support for signed modloop images

---
 initramfs-init.in | 7 +++++++
 mkinitfs.in       | 9 ++++++++-
 2 files changed, 15 insertions(+), 1 deletion(-)

diff --git a/initramfs-init.in b/initramfs-init.in
index 8233af4..fd78fcf 100755
--- a/initramfs-init.in
+++ b/initramfs-init.in
@@ -656,6 +656,13 @@ else
 	rc_add swclock boot
 fi
 
+# enable support for modloop verification
+if [ -f /var/cache/misc/*modloop*.SIGN.RSA.*.pub ]; then
+	mkdir -p "$sysroot"/var/cache/misc
+	cp /var/cache/misc/*modloop*.SIGN.RSA.*.pub "$sysroot"/var/cache/misc
+	pkgs="$pkgs libressl"
+fi
+
 apkflags="--initramfs-diskless-boot --progress"
 if [ -z "$ALPINE_REPO" ]; then
 	apkflags="$apkflags --no-network"
diff --git a/mkinitfs.in b/mkinitfs.in
index 9bffa01..8cd3de3 100755
--- a/mkinitfs.in
+++ b/mkinitfs.in
@@ -54,6 +54,11 @@ initfs_base() {
 	# copy init
 	cd "$startdir"
 	install -m755 "$init" "$tmpdir"/init || return 1
+	# copy modloop signature
+	if [ -n "$modloop_sig" ]; then
+		install -Dm644 "$modloop_sig" \
+			"$tmpdir"/var/cache/misc/${modloop_sig##*/}
+	fi
 	for i in "$fstab" "$passwd" "$group"; do
 		install -Dm644 "$i" "$tmpdir"/etc/${i##*/} || return 1
 	done
@@ -181,6 +186,7 @@ options:
 	-o  set another outfile
 	-P  prepend features.d search path
 	-q  Quiet mode
+	-s  Include modloop signature
 	-t  use tempdir when creating initramfs image
 
 EOF
@@ -190,7 +196,7 @@ EOF
 # main
 features_dirs=${features_dir:-"${basedir%/:-}/${sysconfdir#/}/features.d"}
 
-while getopts "b:c:C:f:F:hi:kKLlno:P:qt:" opt; do
+while getopts "b:c:C:f:F:hi:kKLlno:P:qs:t:" opt; do
 	case "$opt" in
 		b) basedir="$OPTARG";;
 		c) config="$OPTARG";;
@@ -207,6 +213,7 @@ while getopts "b:c:C:f:F:hi:kKLlno:P:qt:" opt; do
 		o) outfile="$OPTARG";;
 		P) features_dirs="$OPTARG $features_dirs";;
 		q) quiet=1;;
+		s) modloop_sig="$OPTARG";;
 		t) tmpdir="$OPTARG";;
 		*) usage;;
 	esac
-- 
2.18.0
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-02 08:22:49 +0000