FS#76661 - [cryptsetup] mkinitcpio autodetect does not work for (sd-)encrypt

Attached to Project: Arch Linux
Opened by Seth VanHeulen (svanheulen) - Thursday, 24 November 2022, 16:07 GMT
Last edited by Buggy McBugFace (bugbot) - Saturday, 25 November 2023, 20:14 GMT
Task Type Bug Report
Category Packages: Core
Status Closed
Assigned To Christian Hesse (eworm)
Architecture All
Severity Low
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 0
Private No

Details

Description:

The 'encrypt' and 'sd-encrypt' hooks use the 'add_all_modules' function to include every crypto module available. The 'add_checked_modules' function should be used instead, which will filter the added modules with the whitelist created by the 'autodetect' hook.

The 'sd-encrypt' hook already does this for TPM modules, just not for the crypto modules for some reason. Currently the only way to prevent unneeded crypto modules from being added is to manually list the ones you need in the undocumented 'CRYPTO_MODULES' variable.
This task depends upon

Closed by  Buggy McBugFace (bugbot)
Saturday, 25 November 2023, 20:14 GMT
Reason for closing:  Moved
Additional comments about closing:  https://gitlab.archlinux.org/archlinux/p ackaging/packages/cryptsetup/issues/4
Comment by Toolybird (Toolybird) - Friday, 25 November 2022, 05:30 GMT
mkinitcpio development has moved to the Arch Linux GitLab instance [1]. Any chance you could please open a new issue over there?

[1] https://gitlab.archlinux.org/archlinux/mkinitcpio/mkinitcpio
Comment by Seth VanHeulen (svanheulen) - Friday, 25 November 2022, 17:46 GMT
Sorry, I was mistaken, the 'encrypt' and 'sd-encrypt' hook scripts are owned by the 'cryptsetup' package so I selected the wrong package when creating the issue. Also it looks like these scripts are added by Arch Linux and not part of upstream.

It doesn't look like there's any way for me to modify the issue title, but I have a button to request closure. Should I do that and create a new issue for the correct package, or can someone fix this one for me?

Loading...