emacs-bug-tracker
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#51514: closed ([PATCH 0/2] Add support for LUKS2 root partition)

From: GNU bug Tracking System
Subject: bug#51514: closed ([PATCH 0/2] Add support for LUKS2 root partition)
Date: Wed, 01 Dec 2021 16:23:01 +0000 
Your message dated Wed, 01 Dec 2021 17:22:20 +0100
with message-id <87sfvc1eir.fsf_-_@gnu.org>
and subject line Re: bug#51514: [PATCH 0/2] Add support for LUKS2 root partition
has caused the debbugs.gnu.org bug report #51514,
regarding [PATCH 0/2] Add support for LUKS2 root partition
to be marked as done.

(If you believe you have received this mail in error, please contact
help-debbugs@gnu.org.)


-- 
51514: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=51514
GNU Bug Tracking System
Contact help-debbugs@gnu.org with problems
--- Begin Message --- Subject: [PATCH 0/2] Add support for LUKS2 root partition Date: Sat, 30 Oct 2021 15:56:33 +0000 
Hi,

This patchset adds support for a LUKS2 root partition, leveraging its
Grub support since 2.06, and making sure that the Cryptsetup run-time
locking directory /var/cryptsetup/ exists before trying to unlock
devices (this is required for LUKS2): this used to fail in early
userspace because /var/ did not exist. I've also added some
documentation on the limited support: Grub only supports PKBDF2 and
not Argon2i which is the default key derivation function. The example
given in the Disk Partitioning section was updated as well to use
LUKS2.

My testing setup was: using a Guix VM, install onto a qcow2 disk which
is itself launched with QEMU. It felt a bit convoluted (especially
transferring the WIP guix to the VM, then building it), and I'll see if
I can simplify this workflow a bit, but everything worked fine with
those patches.

Best,
Josselin Poiret

Josselin Poiret (2):
  gnu: system: Add LUKS2 support for the root file system.
  doc: Document LUKS2 Grub support and shortcomings

 doc/guix.texi                 | 19 ++++++++++++++-----
 gnu/bootloader/grub.scm       |  3 +--
 gnu/system/mapped-devices.scm | 10 ++++++++--
 3 files changed, 23 insertions(+), 9 deletions(-)

-- 
2.33.1

--- End Message ---
--- Begin Message --- Subject: Re: bug#51514: [PATCH 0/2] Add support for LUKS2 root partition Date: Wed, 01 Dec 2021 17:22:20 +0100 User-agent: Gnus/5.13 (Gnus v5.13) Emacs/27.2 (gnu/linux) 
Hello Josselin,

Josselin Poiret <dev@jpoiret.xyz> skribis:

> Here is an updated patchset, which includes the changes you suggested,
> as well as update the installer to use LUKS2 by default (I tested it
> in a VM and it works pretty well).  I don't think there's any reason
> not to use LUKS2 by default now that GRUB 2.06 supports it, and in any
> case if there are specific needs they can be addressed by a manual
> installation.
>
> Best,
>
> Josselin Poiret (3):
>   gnu: system: Add LUKS2 support for the root file system.
>   doc: Document LUKS2 GRUB support and shortcomings
>   installer: Make LUKS2 the default format for encrypted devices

Applied it all after checking:

  make check-system TESTS=encrypted-root-os

Thank you!

Ludo’.

--- End Message ---
reply via email to
[Prev in Thread] Current Thread [Next in Thread]