[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[PATCH] Support encrypted RAID member devices. (#429600)



With this we should handle all the partitioning setups we handled
before with the addition of encrypted devices. We can have encrypted
partitions, including RAID members and LVM PVs, encrypted RAID
devices, and encrypted LVM LVs. It should all be stackable to the
extent that it was before encryption was introduced into the
equation.
---
 mkinitrd |   46 ++++++++++++++++++++++++++++------------------
 1 files changed, 28 insertions(+), 18 deletions(-)

diff --git a/mkinitrd b/mkinitrd
index 4185f15..a6cbaad 100755
--- a/mkinitrd
+++ b/mkinitrd
@@ -69,7 +69,9 @@ MODULES=""
 PREMODS=""
 DMDEVS=""
 ncryptodevs=0
-nlatecryptodevs=0
+ncryptoparts=0
+ncryptolvs=0
+ncryptoraids=0
 
 NET_LIST=""
 LD_SO_CONF=/etc/ld.so.conf
@@ -694,13 +696,17 @@ handledm() {
                 #  if not, add the device to cryptodevs
                 local vg=$(lvshow /dev/$slavedev)
                 if [ -n "$vg" ]; then
-                    eval latecryptodev${nlatecryptodevs}='"'/dev/$slavedev $dmname'"'
-                    let nlatecryptodevs++
+                    eval cryptolv${ncryptolvs}='"'/dev/$slavedev $dmname'"'
+                    let ncryptolvs++
+                elif grep -q "^$slavedev :" /proc/mdstat ; then
+                    eval cryptoraid${ncryptoraids}='"'/dev/$slavedev $dmname'"'
+                    let ncryptoraids++
                 else
-                    eval cryptodev${ncryptodevs}='"'/dev/$slavedev $dmname'"'
-                    let ncryptodevs++
+                    eval cryptoparts${ncryptoparts}='"'/dev/$slavedev $dmname'"'
+                    let ncryptoparts++
                 fi
 
+                let ncryptodevs++
                 handlelvordev "/dev/$slavedev"
                 ;;
         esac
@@ -1559,7 +1565,7 @@ findkeymap () {
     done
 }
 
-if [ $ncryptodevs -ne 0 -o $nlatecryptodevs -ne 0 ]; then
+if [ $ncryptodevs -ne 0 ]; then
     inst /sbin/cryptsetup "$MNTIMAGE"
 
     KEYTABLE=
@@ -1758,24 +1764,28 @@ emit "mkblkdevs"
 
 emitdms
 
-if [ -n "$raiddevices" ]; then
-    for dev in $raiddevices; do
-        emit "mdadm -As --auto=yes --run /dev/${dev}"
-    done
-fi
+emitcrypto()
+{
+    emit "echo Setting up disk encryption: $1"
+    emit "cryptsetup luksOpen $1 $2"
+}
 
 if [ -n "$KEYMAP" ]; then
     emit "echo Loading keymap."
     emit "$LOADKEYS $KEYMAP"
 fi
 
-emitcrypto()
-{
-    emit "echo Setting up disk encryption: $1"
-    emit "cryptsetup luksOpen $1 $2"
-}
+for cryptdev in ${!cryptopart } ; do
+    emitcrypto `eval echo '$'$cryptdev`
+done
+
+if [ -n "$raiddevices" ]; then
+    for dev in $raiddevices; do
+        emit "mdadm -As --auto=yes --run /dev/${dev}"
+    done
+fi
 
-for cryptdev in ${!cryptodev } ; do
+for cryptdev in ${!cryptoraid } ; do
     emitcrypto `eval echo '$'$cryptdev`
 done
 
@@ -1786,7 +1796,7 @@ if [ -z "$nolvm" -a -n "$vg_list" ]; then
     emit "lvm vgchange -ay --ignorelockingfailure $vg_list"
 fi
 
-for cryptdev in ${!latecryptodev } ; do
+for cryptdev in ${!cryptolv } ; do
     emitcrypto `eval echo '$'$cryptdev`
 done
 
-- 
1.5.4.1


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]