diff mbox series

[isar-cip-core,RFC,01/10] initramfs-crypt-hook: Add support for btrfs

Message ID e06e86fb58915dd43f79a73da790324aa9be13a2.1738229957.git.jan.kiszka@siemens.com (mailing list archive)
State New
Headers show
Series Provide A/B snapshot support for persistent /var | expand

Commit Message

Jan Kiszka Jan. 30, 2025, 9:39 a.m. UTC 
From: Jan Kiszka <jan.kiszka@siemens.com>

Add the required bits to support reencryption of btrfs, thus resizing.
To avoid bloating the initramfs if this filesystem is not used, make it
opt-in.

Signed-off-by: Jan Kiszka <jan.kiszka@siemens.com>
---
 .../initramfs-crypt-hook/files/local-top-complete          | 7 +++++++
 .../initramfs-crypt-hook/initramfs-crypt-hook_0.5.bb       | 6 ++++++
 2 files changed, 13 insertions(+)
diff mbox series

Patch

diff --git a/recipes-initramfs/initramfs-crypt-hook/files/local-top-complete b/recipes-initramfs/initramfs-crypt-hook/files/local-top-complete
index 8adc4e58..54b8a6e0 100644
--- a/recipes-initramfs/initramfs-crypt-hook/files/local-top-complete
+++ b/recipes-initramfs/initramfs-crypt-hook/files/local-top-complete
@@ -85,6 +85,13 @@  EOF
 			panic "reencryption of partition $1 cannot continue - resizing of the partition failed!"
 		fi
 		;;
+	btrfs)
+		mkdir /.mnt-tmp
+		mount -t btrfs "$1" /.mnt-tmp
+		btrfs filesystem resize "${reduced_size_in_kb}" /.mnt-tmp
+		umount /.mnt-tmp
+		rmdir /.mnt-tmp
+		;;
 	squashfs|swap|erofs|"")
 		[ "$debug" = "y" ] && echo "skip disk resize as it is not supported or unnecessary for fstype: '$partition_fstype'"
 		;;
diff --git a/recipes-initramfs/initramfs-crypt-hook/initramfs-crypt-hook_0.5.bb b/recipes-initramfs/initramfs-crypt-hook/initramfs-crypt-hook_0.5.bb
index 71ee44db..df335c9f 100644
--- a/recipes-initramfs/initramfs-crypt-hook/initramfs-crypt-hook_0.5.bb
+++ b/recipes-initramfs/initramfs-crypt-hook/initramfs-crypt-hook_0.5.bb
@@ -82,6 +82,8 @@  INITRAMFS_WATCHDOG_DEVICE ??= "/dev/watchdog"
 CRYPT_HASH_TYPE ??= "sha256"
 CRYPT_KEY_ALGORITHM ??= "ecc"
 CRYPT_ENCRYPTION_OPTIONAL ??= "false"
+# add support for btrfs encryption
+CRYPT_BTRFS_SUPPORT ??= "0"
 
 TEMPLATE_VARS += "CRYPT_PARTITIONS CRYPT_CREATE_FILE_SYSTEM_CMD \
     CRYPT_SETUP_TIMEOUT INITRAMFS_WATCHDOG_DEVICE CRYPT_HASH_TYPE \
@@ -92,6 +94,10 @@  OVERRIDES .= "${@':expand-on-crypt' if ':expand' in d.getVar('CRYPT_PARTITIONS')
 DEBIAN_DEPENDS:append:expand-on-crypt = ", fdisk, util-linux"
 HOOK_COPY_EXECS:append:expand-on-crypt = " sed sfdisk tail cut dd partx rm"
 
+OVERRIDES .= "${@':btrfs-support' if bb.utils.to_boolean(d.getVar('CRYPT_BTRFS_SUPPORT')) else ''}"
+DEBIAN_DEPENDS:append:btrfs-support = ", btrfs-progs"
+HOOK_COPY_EXECS:append:btrfs-support = " mkdir rmdir btrfs"
+
 do_install[cleandirs] += "${D}/usr/share/encrypt_partition"
 do_install:prepend() {
     install -m 0600 "${WORKDIR}/encrypt_partition.env" "${D}/usr/share/encrypt_partition/encrypt_partition.env"