[isar-cip-core,0/4] initramfs-crypt-hook: Fix disk encryption

Message

Stefan Koch July 28, 2023, 2:33 p.m. UTC

Hi

This is a patch set of 4 patches that will fix several issues with the initramfs-crypt-hook.

- The most important patch avoids data loss in case of resize2fs failure. At failure the disk encryption process will be aborted before any random data is written to the disk.

- A further patch checks and repairs the filesystem to prevent resize2fs failure to ensure that resize2fs will succeed. So the mentioned disk encryption cancellation will not reached.

- Another patch fixes an error with libcryptsetup-token-systemd-tpm2.so when using systemd from bullseye-backports. The library is missing and is not needed there.
The patch ensures that the generation of the initrd continues and makes the lib optional.

- The last patch avoids calling of a tiny mke2fs version from busybox, because the tiny mke2fs does not support the used -t parameter.
The tiny one resides at /bin/mke2fs, the full version resides at /sbin/mke2fs. So the full version is called explicit.

Best regards

Stefan

Stefan Koch (4):
  initramfs-crypt-hook: Avoid data loss in case of resize2fs failure
  initramfs-crypt-hook: Check and repair filesystem to prevent resize2fs
    failure
  initramfs-crypt-hook: Avoid calling of tiny mke2fs from busybox
  initramfs-crypt-hook: Fix error with
    libcryptsetup-token-systemd-tpm2.so

 .../files/encrypt_partition.systemd.hook                   | 2 +-
 .../files/encrypt_partition.systemd.script                 | 7 +++++--
 .../initramfs-crypt-hook/initramfs-crypt-hook_0.1.bb       | 2 +-
 3 files changed, 7 insertions(+), 4 deletions(-)