mbox series

[0/5] Initramfs-crypt-hook patches, encryption on update

Message ID 20250226095921.168962-1-ch@denx.de (mailing list archive)
Headers show
Series Initramfs-crypt-hook patches, encryption on update | expand

Message

Claudius Heine Feb. 26, 2025, 9:59 a.m. UTC 
Hi,

I have a couple patches for initramfs-crypt-hook scripts. The first
three are general fixes/cleanup patches and the last two are about
enabling support for encryption via and update, while not touching the
fallback system.

I also have a patch that makes the 'reencrypt' continue, if the power
fails while it happens, but to do that, the initramfs needs to know the
temporary password that was used after a reboot, which currently does
not work with the random temporary passwords used here. My current
solution is to use a static temporary password for the reencryption
process. Any ideas?

kind regards,
Claudius

Claudius Heine (5):
  initramfs-crypt-hook: make sure that mount path exists
  initramfs-crypt-hook: fix inconsistent whitespace
  initramfs-crypt-hook: use real device path in luksFormat case
  initramfs-crypt-hook: implement 'noencrypt' option
  initramfs-crypt-hook: add 'format-if-empty' feature

 doc/README.tpm2.encryption.md                 |  4 +-
 .../files/local-bottom-complete               |  1 +
 .../files/local-top-complete                  | 49 ++++++++++++++++---
 .../initramfs-crypt-hook_0.6.bb               |  2 +-
 4 files changed, 47 insertions(+), 9 deletions(-)