diff options
author | Thomas Deutschmann <whissi@gentoo.org> | 2021-02-07 19:02:29 +0100 |
---|---|---|
committer | Thomas Deutschmann <whissi@gentoo.org> | 2021-02-07 19:02:29 +0100 |
commit | a0a6d6313874a7567a26c405713aaf610695285d (patch) | |
tree | e57c7e63dff1864bd631b79b89f1854094367109 /defaults/initrd.scripts | |
parent | genkernel: make sure GREP_OPTIONS is unset (diff) | |
download | genkernel-a0a6d6313874a7567a26c405713aaf610695285d.tar.gz genkernel-a0a6d6313874a7567a26c405713aaf610695285d.tar.bz2 genkernel-a0a6d6313874a7567a26c405713aaf610695285d.zip |
linuxrc: add kernel command-line argument to allow user to pass additional options to cryptsetup
Cryptsetup supports additional options like "--perf-no_read_workqueue" or
"--perf-no_write_workqueue". While it is recommended to use LUKS2 format
and make these activiation flags permanent, you can also make use of
the new kernel command-line arguments "crypt_root_options" for root device
or "crypt_swap_options" for swap device to pass additional options
to cryptsetup.
These arguments can be specified multiple times or separate multiple
options with a comma.
Bug: https://bugs.gentoo.org/755587
Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>
Diffstat (limited to 'defaults/initrd.scripts')
-rw-r--r-- | defaults/initrd.scripts | 16 |
1 files changed, 7 insertions, 9 deletions
diff --git a/defaults/initrd.scripts b/defaults/initrd.scripts index f6e84fc7..5d744ee5 100644 --- a/defaults/initrd.scripts +++ b/defaults/initrd.scripts @@ -1193,7 +1193,7 @@ write_env_file() { for varname in $* do eval varvalue=\$${varname} - echo "${varname}=${varvalue}" >> "${env_file}" + echo "${varname}='${varvalue}'" >> "${env_file}" done } @@ -1774,15 +1774,13 @@ openLUKS() { eval local LUKS_KEY='"${CRYPT_'${TYPE}'_KEY}"' eval local LUKS_KEYDEV='"${CRYPT_'${TYPE}'_KEYDEV}"' eval local LUKS_KEYDEV_FSTYPE='"${CRYPT_'${TYPE}'_KEYDEV_FSTYPE}"' - eval local LUKS_TRIM='"${CRYPT_'${TYPE}'_TRIM}"' + eval local cryptsetup_options='"${CRYPT_'${TYPE}'_OPTIONS}"' eval local OPENED_LOCKFILE='"${CRYPT_'${TYPE}'_OPENED_LOCKFILE}"' local DEV_ERROR=0 KEY_ERROR=0 KEYDEV_ERROR=0 local mntkey="/mnt/key/" crypt_filter_ret= while true do - local cryptsetup_options='' - local gpg_cmd="" if [ -e "${OPENED_LOCKFILE}" ] then @@ -1819,10 +1817,9 @@ openLUKS() { DEV_ERROR=1 continue else - if [ "x${LUKS_TRIM}" = "xyes" ] + if [ -n "${cryptsetup_options}" ] then - good_msg "Enabling TRIM support for ${LUKS_NAME} ..." ${CRYPT_SILENT} - cryptsetup_options="${cryptsetup_options} --allow-discards" + good_msg "Using the following cryptsetup options for ${LUKS_NAME}: ${cryptsetup_options}" ${CRYPT_SILENT} fi # Handle keys @@ -2333,9 +2330,10 @@ start_sshd() { write_env_file \ "${CRYPT_ENV_FILE}" \ CRYPT_ROOT \ - CRYPT_ROOT_TRIM \ + CRYPT_ROOT_OPTIONS \ CRYPT_SILENT \ - CRYPT_SWAP + CRYPT_SWAP \ + CRYPT_SWAP_OPTIONS run touch /var/log/lastlog |