@@ -0,0 +1,19 | |||||
|
1 | #!/bin/sh | |||
|
2 | ||||
|
3 | set -e | |||
|
4 | ||||
|
5 | # Check for cryptdevice variable | |||
|
6 | if [ -z "$cryptdevice" ] ; then | |||
|
7 | echo "unable to get cryptdevice variable (local-premount)" | |||
|
8 | exit 1 | |||
|
9 | fi | |||
|
10 | ||||
|
11 | if [ -n "$ROOT" ] ; then | |||
|
12 | # Resize encrypted root partition | |||
|
13 | cryptsetup resize "${ROOT}" | |||
|
14 | e2fsck -fp "${ROOT}" | |||
|
15 | resize2fs -f "${ROOT}" | |||
|
16 | e2fsck -fp "${ROOT}" | |||
|
17 | fi | |||
|
18 | ||||
|
19 | exit 0 |
@@ -464,7 +464,7 Start QEMU full system emulation and output to console: | |||||
464 | qemu-system-arm -m 2048M -M vexpress-a15 -cpu cortex-a15 -kernel kernel7.img -no-reboot -dtb vexpress-v2p-ca15_a7.dtb -sd ${IMAGE_NAME}.qcow2 -append "root=/dev/mmcblk0p2 rw rootfstype=ext4 console=ttyAMA0,115200 init=/bin/systemd" -serial stdio |
|
464 | qemu-system-arm -m 2048M -M vexpress-a15 -cpu cortex-a15 -kernel kernel7.img -no-reboot -dtb vexpress-v2p-ca15_a7.dtb -sd ${IMAGE_NAME}.qcow2 -append "root=/dev/mmcblk0p2 rw rootfstype=ext4 console=ttyAMA0,115200 init=/bin/systemd" -serial stdio | |
465 | ``` |
|
465 | ``` | |
466 |
|
466 | |||
467 |
Start QEMU full system emulation with cryptfs, initramfs and output to console |
|
467 | Start QEMU full system emulation with cryptfs, initramfs and output to console: | |
468 | ```shell |
|
468 | ```shell | |
469 | qemu-system-arm -m 2048M -M vexpress-a15 -cpu cortex-a15 -kernel kernel7.img -no-reboot -dtb vexpress-v2p-ca15_a7.dtb -sd ${IMAGE_NAME}.qcow2 -initrd "initramfs-${KERNEL_VERSION}" -append "root=/dev/mapper/secure cryptdevice=/dev/mmcblk0p2:secure rw rootfstype=ext4 console=ttyAMA0,115200 init=/bin/systemd" -serial stdio |
|
469 | qemu-system-arm -m 2048M -M vexpress-a15 -cpu cortex-a15 -kernel kernel7.img -no-reboot -dtb vexpress-v2p-ca15_a7.dtb -sd ${IMAGE_NAME}.qcow2 -initrd "initramfs-${KERNEL_VERSION}" -append "root=/dev/mapper/secure cryptdevice=/dev/mmcblk0p2:secure rw rootfstype=ext4 console=ttyAMA0,115200 init=/bin/systemd" -serial stdio | |
470 | ``` |
|
470 | ``` |
@@ -91,6 +91,23 if [ "$BUILD_KERNEL" = true ] ; then | |||||
91 | if [ "$ENABLE_QEMU" = true ] ; then |
|
91 | if [ "$ENABLE_QEMU" = true ] ; then | |
92 | echo "CONFIG_FHANDLE=y" >> ${KERNEL_DIR}/.config |
|
92 | echo "CONFIG_FHANDLE=y" >> ${KERNEL_DIR}/.config | |
93 | echo "CONFIG_LBDAF=y" >> ${KERNEL_DIR}/.config |
|
93 | echo "CONFIG_LBDAF=y" >> ${KERNEL_DIR}/.config | |
|
94 | ||||
|
95 | if [ "$ENABLE_CRYPTFS" = true ] ; then | |||
|
96 | echo "CONFIG_EMBEDDED=y" >> ${KERNEL_DIR}/.config | |||
|
97 | echo "CONFIG_EXPERT=y" >> ${KERNEL_DIR}/.config | |||
|
98 | echo "CONFIG_DAX=y" >> ${KERNEL_DIR}/.config | |||
|
99 | echo "CONFIG_MD=y" >> ${KERNEL_DIR}/.config | |||
|
100 | echo "CONFIG_BLK_DEV_MD=y" >> ${KERNEL_DIR}/.config | |||
|
101 | echo "CONFIG_MD_AUTODETECT=y" >> ${KERNEL_DIR}/.config | |||
|
102 | echo "CONFIG_BLK_DEV_DM=y" >> ${KERNEL_DIR}/.config | |||
|
103 | echo "CONFIG_BLK_DEV_DM_BUILTIN=y" >> ${KERNEL_DIR}/.config | |||
|
104 | echo "CONFIG_DM_CRYPT=y" >> ${KERNEL_DIR}/.config | |||
|
105 | echo "CONFIG_CRYPTO_BLKCIPHER=y" >> ${KERNEL_DIR}/.config | |||
|
106 | echo "CONFIG_CRYPTO_CBC=y" >> ${KERNEL_DIR}/.config | |||
|
107 | echo "CONFIG_CRYPTO_XTS=y" >> ${KERNEL_DIR}/.config | |||
|
108 | echo "CONFIG_CRYPTO_SHA512=y" >> ${KERNEL_DIR}/.config | |||
|
109 | echo "CONFIG_CRYPTO_MANAGER=y" >> ${KERNEL_DIR}/.config | |||
|
110 | fi | |||
94 | fi |
|
111 | fi | |
95 |
|
112 | |||
96 | # Copy custom kernel configuration file |
|
113 | # Copy custom kernel configuration file |
@@ -60,14 +60,22 if [ -z "$PART_START" ] ; then | |||||
60 | return 1 |
|
60 | return 1 | |
61 | fi |
|
61 | fi | |
62 |
|
62 | |||
|
63 | # Get the current last sector of the root partition | |||
|
64 | PART_END=$(parted /dev/${ROOT_DEV} -ms unit s p | grep "^${PART_NUM}" | cut -f 3 -d: | sed 's/[^0-9]//g') | |||
|
65 | if [ -z "$PART_END" ] ; then | |||
|
66 | log_warning_msg "${ROOT_DEV} unable to get last sector of the partition" | |||
|
67 | return 1 | |||
|
68 | fi | |||
|
69 | ||||
63 | # Get the possible last sector for the root partition |
|
70 | # Get the possible last sector for the root partition | |
64 | PART_LAST=$(fdisk -l /dev/${ROOT_DEV} | grep '^Disk.*sectors' | awk '{ print $7 - 1 }') |
|
71 | PART_LAST=$(fdisk -l /dev/${ROOT_DEV} | grep '^Disk.*sectors' | awk '{ print $7 - 1 }') | |
65 | if [ -z "$PART_LAST" ] ; then |
|
72 | if [ -z "$PART_LAST" ] ; then | |
66 | log_warning_msg "${ROOT_DEV} unable to get last sector of the partition" |
|
73 | log_warning_msg "${ROOT_DEV} unable to get last possible sector of the partition" | |
67 | return 1 |
|
74 | return 1 | |
68 | fi |
|
75 | fi | |
69 |
|
76 | |||
70 | ### Since rc.local is run with "sh -e", let's add "|| true" to prevent premature exit |
|
77 | ### Since rc.local is run with "sh -e", let's add "|| true" to prevent premature exit | |
|
78 | if [ $PART_END != $PART_LAST ] ; then | |||
71 | fdisk /dev/${ROOT_DEV} 2> /dev/null <<EOF2 || true |
|
79 | fdisk /dev/${ROOT_DEV} 2> /dev/null <<EOF2 || true | |
72 | p |
|
80 | p | |
73 | d |
|
81 | d | |
@@ -83,3 +91,6 EOF2 | |||||
83 |
|
91 | |||
84 | partprobe |
|
92 | partprobe | |
85 | log_success_msg "Root partition successfully resized." |
|
93 | log_success_msg "Root partition successfully resized." | |
|
94 | else | |||
|
95 | log_success_msg "Root partition already resized." | |||
|
96 | fi |
@@ -526,8 +526,10 fi | |||||
526 | # Configure qemu compatible kernel |
|
526 | # Configure qemu compatible kernel | |
527 | if [ "$ENABLE_QEMU" = true ] ; then |
|
527 | if [ "$ENABLE_QEMU" = true ] ; then | |
528 | KERNEL_DEFCONFIG="vexpress_defconfig" |
|
528 | KERNEL_DEFCONFIG="vexpress_defconfig" | |
|
529 | if [ "$KERNEL_MENUCONFIG" = false ] ; then | |||
529 | KERNEL_OLDDEFCONFIG=true |
|
530 | KERNEL_OLDDEFCONFIG=true | |
530 | fi |
|
531 | fi | |
|
532 | fi | |||
531 |
|
533 | |||
532 | # Execute bootstrap scripts |
|
534 | # Execute bootstrap scripts | |
533 | for SCRIPT in bootstrap.d/*.sh; do |
|
535 | for SCRIPT in bootstrap.d/*.sh; do |
General Comments 0
Vous devez vous connecter pour laisser un commentaire.
Se connecter maintenant