~nabijaczleweli/tzpfms

24f59ec47a79e783957273c43ecf7de0103415cd — наб 23 days ago da2d469
Handle plymouth in i-t
2 files changed, 28 insertions(+), 14 deletions(-)

M initrd/initramfs-tools/hook
M initrd/initramfs-tools/zfs-patch.sh
M initrd/initramfs-tools/hook => initrd/initramfs-tools/hook +5 -3
@@ 6,12 6,14 @@ PREREQ="zfs"
. /usr/share/initramfs-tools/hook-functions


# Bit of a hack: replace zfs-intramfs' decrypt_fs() in /scripts/zfs with our version that understands tzpfms datasets
sed -Ei 's/decrypt_fs\(\)/__tzpfms__&/' "$DESTDIR/scripts/zfs"
# Bit of a hack: replace zfs-intramfs' decrypt_fs() in /scripts/zfs with our version that understands tzpfms datasets,
#                should be compatible with, other hooks doing the same thing
[ "${verbose:-n}" = "y" ] && echo "Patching /scripts/zfs"
sed -Ei 's/^decrypt_fs\(\)/__tzpfms__&/' "$DESTDIR/scripts/zfs"
cat /usr/share/tzpfms/initramfs-tools-zfs-patch.sh  >> "$DESTDIR/scripts/zfs"


for x in zfs-tpm-list zfs-tpm2-load-key zfs-tpm1x-load-key; do
for x in zfs-tpm-list zfs-tpm2-load-key zfs-tpm1x-load-key tcsd; do
	xloc="$(command -v "$x")"
	[ "$xloc" = "" ] || copy_exec "$xloc"
done

M initrd/initramfs-tools/zfs-patch.sh => initrd/initramfs-tools/zfs-patch.sh +23 -11
@@ 23,8 23,10 @@ decrypt_fs() {
			fi

			if command -v zfs-tpm1x-load-key > /dev/null && ! [ "$(zfs-tpm-list -Hub TPM1.X "$ENCRYPTIONROOT")" = "" ]; then
				with_promptable_tty zfs-tpm1x-load-key "$ENCRYPTIONROOT"
				return
				[ -z "$TZPFMS_TPM1X" ] && command -v tcsd > /dev/null && tcsd -f &
				with_promptable_tty zfs-tpm1x-load-key "$ENCRYPTIONROOT"; err="$?"
				[ -z "$TZPFMS_TPM1X" ] && command -v tcsd > /dev/null && kill %+
				return "$err"
			fi

			__tzpfms__decrypt_fs "${fs}"


@@ 35,18 37,28 @@ decrypt_fs() {
	return 0
}

# Mimic /scripts/zfs#decrypt_fs(): setting "printk" temporarily to "7" will allow prompt even if kernel option "quiet"
# TODO?: /scripts/zfs#decrypt_fs() checks for plymouth and systemd,
# but we don't know how many passphrases we're gonna read (anywhere between 0 and 2 best-base or 0 and 6 worst-case);
# can we "disable" plymouth somehow?
# This sucks a lot of ass, since we don't know the questions or the amount thereof beforehand
# (0-2 (owner hierarchy/ownership + sealed object, both optional) best-case and 0-6 worst-case (both entered wrong twice)).
# Plymouth doesn't allow us to actually check what the splash status was, and ioctl(KDGETMODE) isn't reliable;
# ideally, we'd only clear the screen if we were making the switch, but not if the user was already switched to the log output.
# Instead, clear if there's a "quiet", leave alone otherwise, and always restore;
# cmdline option "plymouth.ignore-show-splash" can be used to disable splashes alltogether, if desired.
with_promptable_tty() {
	printk="$(awk '{print $1}' /proc/sys/kernel/printk)"
	echo 7 > /proc/sys/kernel/printk
	if command -v plymouth > /dev/null && plymouth --ping; then
		plymouth hide-splash
		grep -q 'quiet' /proc/cmdline && printf '\033c'

		"$@"; ret="$?"

	"$@"
	ret="$?"
		plymouth show-splash
	else
		# Mimic /scripts/zfs#decrypt_fs(): setting "printk" temporarily to "7" will allow prompt even if kernel option "quiet"
		printk="$(awk '{print $1}' /proc/sys/kernel/printk)"
		[ "$printk" = "7" ] || echo 7 > /proc/sys/kernel/printk

	echo "$printk" > /proc/sys/kernel/printk
		"$@"; ret="$?"

		[ "$printk" = "7" ] || echo 7 > /proc/sys/kernel/printk
	fi
	return "$ret"
}