Re: Support for plain dm-crypt and detached LUKS header

[Mat628]

>Am I correct in stating that your patches would only require:

>- command line options on each invocation of grub-install to reference a config file of sorts - a config file in a dedicated directory that would allow this config to persist

Xen, yes you are correct. The config file (${prefix}/etc/mattle_opts.cfg) persists in that directory and is opened in "read-only" mode by both grub-install and grub-mkconfig automatically.

Once the config file has been set for a particular setup it does not need to be modified.

Example:

To install grub to /boot/grub on the OS rootfs of a LUKS device (dev/sda1) with detached header file (/mnt/usb/sda1_header.bin) and have boot.img and core.img on usb (/dev/sdb)

----------------

mount /dev/sdb1 /mnt/usb

grub-install --crypto-device=/dev/sda1 --crypto-header=/mnt/usb/sda1_header.bin /dev/sdb

----------------

Then for grub-mkconfig to auto-generate grub.cfg to /boot/grub

----------------

grub-mkconfig -o /boot/grub/grub.cfg

----------------

That is all that would be required of the user for each invocation of grub-install and grub-mkconfig.

The contents of mattle_opts.cfg are fprintf'ed into load.cfg which is inside core.img.

Simply put one thing my patches can do is "reconnect" the detached header to the LUKS device (only in memory, the header is not wrote back to the disk) and from that point on grub-utils will be able to treat the LUKS device as normal.

best regards,

matt

p.s. I hope the formatting was a bit better this time.