initial luks support

config

@@ -5,14 +5,14 @@
 # parse fstab
 #use_fstab=0
 
-# root fs
+# root fs ( device,partuuid,uuid,label )
-root="UUID=28305682-0dfe-40a9-bf39-5df42123b749"
+root="UUID=07729c48-25d8-4096-acaf-ce5322915680"
 
-# root fs type
+# root type
-#rootfstype=""
+#root_type=""
 
-# root fs mount options
+# root mount options
-#rootflags=""
+#root_args=""
 
 # drivers
 #drivers=""
@@ -24,22 +24,28 @@ root="UUID=28305682-0dfe-40a9-bf39-5df42123b749"
 use_lvm=1
 
 # LVM include config
-use_lvmconf=0
+#use_lvmconf=0
 
 # LVM issue_discards
-lvm_discard=0
+lvm_discard=1
 
 # LUKS support
-#use_luks=0
+use_luks=1
 
 # parse crypttab
 #use_crypttab=0
 
-# LUKS header
+# LUKS encrypted root ( device,partuuid,uuid,label )
-#luks_header=/path/to/header
+luks_root="PARTUUID=b04395be-f467-458b-8630-9a429b487600"
+
+# LUKS detached header
+#luks_header="/path/to/header"
 
 # LUKS keyfile
-#luks_keyfile=/path/to/keyfile
+#luks_keyfile="/path/to/keyfile"
 
 # LUKS allow_discards
-#luks_discard=0
+luks_discard=1
+
+# LUKS unlock options
+#luks_args=""

generate

@@ -28,7 +28,7 @@ fi
 tmpdir="$(mktemp -d /tmp/initramfs.XXXXXXXX)"
 kernel="$(uname -r)"
 moddir="/lib/modules"
-binaries="./busybox udevd udevadm mount modprobe umount $binaries"
+binaries="./busybox findfs blkid udevd udevadm mount modprobe umount $binaries"
 
 # structure
 for d in dev var run etc usr/lib usr/bin mnt/root proc root sys; do
@@ -49,6 +49,7 @@ done
 # TODO parse fstab | crypttab
 #while [ "$use_fstab" -eq 1 ] && read fs dir type opts; do thing; done < /etc/fstab
 
+# TODO implement busybox mdev/mdevd
 # install mdev
 #mkdir "$tmpdir/usr/lib/mdev"
 #cp ./mdev/mdev.conf ./mdev/passwd ./mdev/group "$tmpdir/etc"
@@ -79,21 +80,39 @@ find "/usr/lib/udev" -type f | grep -v "rc_keymaps\|hwdb.d" | cpio -pd "$tmpdir"
 #nobody:x:99:99::/dev/null:/bin/false
 #EOF
 
-# TODO implement use_lvmconf
 # handle lvm
 if [ "$use_lvm" = 1 ] && [ -x "$(command -v lvm)" ]; then
     binaries="lvm dmsetup $binaries"
     mkdir "$tmpdir/etc/lvm"
+
+    # avoid lvmetad warning message
     echo "use_lvmetad = 0" >> "$tmpdir/etc/lvm/lvm.conf"
+
     if [ "$lvm_discard" = 1 ]; then
 	echo "issue_discards = 1" >> "$tmpdir/etc/lvm/lvm.conf"
     fi
+    # TODO implement use_lvmconf
 fi
 
-# TODO handle luks
+# handle luks
-#if [ "$use_luks" = 1 ] && [ -x "$(command -v cryptsetup)" ]; then
+if [ "$use_luks" = 1 ] && [ -x "$(command -v cryptsetup)" ]; then
-#    binaries="cryptsetup $binaries"
+    binaries="cryptsetup dmsetup $binaries"
-#fi
+
+    # avoid locking directory missing warning message
+    mkdir "$tmpdir/run/cryptsetup"
+
+    # TODO get rid of this workaround
+    # workaround for luks2
+    cp "$(readlink -f libgcc_s.so.1)" "$tmpdir/usr/lib"
+    cp -a /usr/lib/libgcc_s.so.1 "$tmpdir/usr/lib"
+
+    if [ "$luks_discard" = 1 ]; then
+	luks_args="--allow-discards $luks_args"
+    fi
+
+    # TODO detached header
+    # TODO keyfile
+fi
 
 # TODO rewrite drivers installing | handle $drivers config var
 # install drivers
@@ -162,17 +181,20 @@ chmod +x "$tmpdir/init"
 # initialize config
 cat <<EOF > "$tmpdir/config"
 root="$root"
-rootfstype="$rootfstype"
+root_type="$root_type"
-rootflags="$rootflags"
+root_args="$root_args"
-drivers="$drivers"
+#drivers="$drivers"
-#use_lvm="$use_lvm"
+use_lvm="$use_lvm"
-#lvm_discard="$lvm_discard"
+lvm_discard="$lvm_discard"
-#use_luks="$use_luks"
+use_luks="$use_luks"
-#luks_header="$luks_header"
+luks_root="$luks_root"
-#luks_keyfile="$luks_keyfile"
+luks_header="$luks_header"
-#luks_discard="$luks_discard"
+luks_keyfile="$luks_keyfile"
+luks_discard="$luks_discard"
+luks_args="$luks_args"
 EOF
 
+# TODO add another compession tools
 # packing
 if ! ( cd "$tmpdir" && find . | cpio --create --verbose --format=newc | gzip --best ) > "./initramfs-$kernel.img.gz" 2>/dev/null; then
     echo "failed"

init

@@ -4,7 +4,7 @@
 set -x
 
 # install busybox
-/usr/bin/busybox --install -s /usr/bin
+/usr/bin/busybox --install
 
 panic() { echo "bruh moment :(" && sh; }
 
@@ -19,8 +19,9 @@ mount -t proc none /proc
 mount -t sysfs none /sys
 mount -t devtmpfs none /dev
 
+# TODO implement busybox mdev/mdevd
 # setup mdev
-#echo "/sbin/mdev" >/proc/sys/kernel/hotplug
+#echo /sbin/mdev >/proc/sys/kernel/hotplug
 #mdev -s
 
 # setup udev
@@ -31,23 +32,27 @@ udevadm settle
 
 # TODO parse /proc/cmdline
 
+# unlock cryptsetup container
+[ "$use_luks" = 1 ] && {
+    luks_root="$(findfs $luks_root)"
+    # TODO improve mapper name ( crypttab or config option )
+    cryptsetup $luks_args luksOpen "$luks_root" luks_root || panic
+}
+
 # load drivers
 #modprobe -a $drivers
 
 # merge mount flags
-[ -n "$rootflags" ] && mountargs="$rootflags"
+[ -n "$root_args" ] && mount_args="$root_args"
-[ -n "$rootfstype" ] && mountargs="$mountargs -t $rootfstype"
+[ -n "$root_type" ] && mount_args="$mount_args -t $root_type"
 
 # mount rootfs
-mount $mountargs "$root" "/mnt/root" || panic
+mount $mount_args "$root" /mnt/root || panic
 
 # clean up
 udevadm control --exit
-
+umount /dev /sys /proc
-umount "/dev"
-umount "/sys"
-umount "/proc"
 
 # boot system
 echo SUCCESS
-exec switch_root "/mnt/root" "/sbin/init"
+exec switch_root /mnt/root /sbin/init