diff mbox series

initramfs-crypt-hook: Load necessary crypto modules for intel platforms

Message ID 20231002112105.2929311-1-Quirin.Gylstorff@siemens.com (mailing list archive)
State New
Headers show
Series initramfs-crypt-hook: Load necessary crypto modules for intel platforms | expand

Commit Message

Gylstorff Quirin Oct. 2, 2023, 11:21 a.m. UTC
From: Quirin Gylstorff <quirin.gylstorff@siemens.com>

To support the encryption on intel platforms with add the crypto module
'aesni-intel' to the hooks of clevis and systemd.

If the modules are not available(not build or compiled in) the build
will succeed.

Reported-by: Sari Sercan <sari.sercan@siemens.com>
Signed-off-by: Quirin Gylstorff <quirin.gylstorff@siemens.com>
---
 .../initramfs-crypt-hook/files/encrypt_partition.clevis.hook   | 3 +++
 .../initramfs-crypt-hook/files/encrypt_partition.systemd.hook  | 3 +++
 2 files changed, 6 insertions(+)

Comments

Jan Kiszka Oct. 4, 2023, 2:16 p.m. UTC | #1
On 02.10.23 13:21, Quirin Gylstorff wrote:
> From: Quirin Gylstorff <quirin.gylstorff@siemens.com>
> 
> To support the encryption on intel platforms with add the crypto module
> 'aesni-intel' to the hooks of clevis and systemd.
> 
> If the modules are not available(not build or compiled in) the build
> will succeed.
> 
> Reported-by: Sari Sercan <sari.sercan@siemens.com>
> Signed-off-by: Quirin Gylstorff <quirin.gylstorff@siemens.com>
> ---
>  .../initramfs-crypt-hook/files/encrypt_partition.clevis.hook   | 3 +++
>  .../initramfs-crypt-hook/files/encrypt_partition.systemd.hook  | 3 +++
>  2 files changed, 6 insertions(+)
> 
> diff --git a/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.clevis.hook b/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.clevis.hook
> index 23dce93..37b373c 100755
> --- a/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.clevis.hook
> +++ b/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.clevis.hook
> @@ -34,6 +34,9 @@ manual_add_modules tpm_crb
>  manual_add_modules dm_mod
>  manual_add_modules dm_crypt
>  
> +# add crypto modules for debian upstream kernel
> +manual_add_modules aesni-intel
> +
>  copy_exec /usr/bin/openssl || hook_error "/usr/bin/openssl not found"
>  copy_exec /usr/sbin/mke2fs || hook_error "/usr/sbin/mke2fs not found"
>  copy_exec /usr/bin/grep || hook_error "/usr/bin/grep not found"
> diff --git a/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.systemd.hook b/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.systemd.hook
> index 08ea631..0a39da6 100755
> --- a/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.systemd.hook
> +++ b/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.systemd.hook
> @@ -31,6 +31,9 @@ manual_add_modules tpm_crb
>  manual_add_modules dm_mod
>  manual_add_modules dm_crypt
>  
> +# add crypto modules for debian upstream kernel
> +manual_add_modules aesni-intel
> +
>  copy_exec /usr/bin/openssl || hook_error "/usr/bin/openssl not found"
>  copy_exec /usr/sbin/mke2fs || hook_error "/usr/sbin/mke2fs not found"
>  copy_exec /usr/bin/grep || hook_error "/usr/bin/grep not found"

Thanks, applied.

Jan
diff mbox series

Patch

diff --git a/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.clevis.hook b/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.clevis.hook
index 23dce93..37b373c 100755
--- a/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.clevis.hook
+++ b/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.clevis.hook
@@ -34,6 +34,9 @@  manual_add_modules tpm_crb
 manual_add_modules dm_mod
 manual_add_modules dm_crypt
 
+# add crypto modules for debian upstream kernel
+manual_add_modules aesni-intel
+
 copy_exec /usr/bin/openssl || hook_error "/usr/bin/openssl not found"
 copy_exec /usr/sbin/mke2fs || hook_error "/usr/sbin/mke2fs not found"
 copy_exec /usr/bin/grep || hook_error "/usr/bin/grep not found"
diff --git a/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.systemd.hook b/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.systemd.hook
index 08ea631..0a39da6 100755
--- a/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.systemd.hook
+++ b/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.systemd.hook
@@ -31,6 +31,9 @@  manual_add_modules tpm_crb
 manual_add_modules dm_mod
 manual_add_modules dm_crypt
 
+# add crypto modules for debian upstream kernel
+manual_add_modules aesni-intel
+
 copy_exec /usr/bin/openssl || hook_error "/usr/bin/openssl not found"
 copy_exec /usr/sbin/mke2fs || hook_error "/usr/sbin/mke2fs not found"
 copy_exec /usr/bin/grep || hook_error "/usr/bin/grep not found"