Add myinitramfs encryption use

3 files changed, 100 insertions, 2 deletions

diff --git a/sys-boot/myinitramfs/files/init b/sys-boot/myinitramfs/files/init.enc
index 134d85c..134d85c 100755
--- a/sys-boot/myinitramfs/files/init
+++ b/sys-boot/myinitramfs/files/init.enc
diff --git a/sys-boot/myinitramfs/files/init.plain b/sys-boot/myinitramfs/files/init.plain
new file mode 100755
index 0000000..08a47b8
--- /dev/null
+++ b/sys-boot/myinitramfs/files/init.plain
@@ -0,0 +1,94 @@
+#!/bin/busybox sh
+# vim:ft=sh
+
+# Init must have pid 1 otherwise switch_root won't work.
+if [ $$ -ne 1 ]; then
+	echo "init must have pid 1!"
+	exit 1
+fi
+
+# Predefice colors
+C_NO="\e[0m"
+C_GRAY="\e[1;30m"
+C_RED="\e[1;31m"
+C_GREEN="\e[1;32m"
+C_YELLOW="\e[1;33m"
+
+PATH="$PATH:/bin:/sbin"
+
+# disable kernel message from terminal and clear screen
+echo 0 > /proc/sys/kernel/printk
+clear
+
+# TODO print some welcome ascii art :-)
+
+# Function called if we fail. Argument is error message.
+fail() {
+	echo -e "${C_RED}$@${C_NO}"
+	echo -e "${C_YELLOW}Dropping to interactive shell${C_NO}"
+	busybox --install -s
+	while true; do
+		echo -e "${C_GRAY}Mount root to /mnt/root and exit shell to switch root.${C_NO}"
+		# Note: this is hack to enable job control
+		setsid sh -c 'exec sh </dev/tty1 >/dev/tty1 2>&1'
+		echo
+		exec switch_root /mnt/root /sbin/init || echo -e "${C_RED}Root switch failed!${C_NO}"
+	done
+}
+
+# Preliminary mounts
+busybox mount -t proc none /proc || fail "/proc mount failed!"
+busybox mount -t sysfs none /sys || fail "/sys mount failed!"
+busybox mount -t devtmpfs none /dev || fail "/dev mount failed!"
+
+# Now open and mount root
+root=""
+rootflags=""
+recovery=false
+
+for opt in $(cat /proc/cmdline); do
+	case "$opt" in
+		root=*)
+			root=${opt:5}
+			;;
+		rootflags=*)
+			rootflags=${opt:10}
+			;;
+		recovery)
+			recovery=true
+			;;
+		BOOT_IMAGE=*|initrd=*)
+			# Ignore those
+			;;
+		*)
+			echo -e "${C_YELLOW}Unknown kernel argument: $opt${C_NO}"
+			;;
+	esac
+done
+
+$recovery && fail "Requested recovery."
+
+[ -z "$root" ] && fail "Missing root argument!"
+
+echo -ne "${C_GRAY}Waiting for root ($root)..."
+CNT=10
+while [ ! -e "$root" ] && [ $CNT -gt 0 ]; do
+	CNT=$(expr $CNT - 1)
+	sleep 1
+	echo -n " $CNT"
+done
+echo -e "${C_NO}"
+[ -e "$root" ] || fail "Root not located!"
+
+echo -e "${C_GREEN}Mounting root...${C_NO}"
+mount -t btrfs -o "$rootflags" "$root" /mnt/root \
+	|| fail "Mounting root failed! /proc/cmdline=$(cat /proc/cmdline)"
+
+
+echo -e "${C_GREEN}Switching to real root${C_NO}"
+
+# First clean up. The init process will remount proc, sys and dev later on
+busybox umount /dev /sys /proc || fail "Unmouns failed!"
+
+# Now do switch
+exec switch_root /mnt/root /sbin/init || fail "Root switch failed!"
diff --git a/sys-boot/myinitramfs/myinitramfs-1.1.ebuild b/sys-boot/myinitramfs/myinitramfs-1.2.ebuild
index 9e8e999..8d1ed52 100644
--- a/sys-boot/myinitramfs/myinitramfs-1.1.ebuild
+++ b/sys-boot/myinitramfs/myinitramfs-1.2.ebuild
@@ -12,7 +12,7 @@ SRC_URI=""
 LICENSE="GPLv2"
 SLOT="0"
 KEYWORDS="amd64 x86"
-IUSE=""
+IUSE="+encrypted"
 
 DEPEND="sys-fs/cryptsetup
 sys-fs/btrfs-progs
@@ -28,7 +28,11 @@ src_unpack() {
 src_compile() {
 	# TODO generate list dynamically
 	cp "${FILESDIR}"/list list
-	echo "file /init ${FILESDIR}/init 755 0 0" >> list
+	if use encrypted; then
+		echo "file /init ${FILESDIR}/init.enc 755 0 0" >> list
+	else
+		echo "file /init ${FILESDIR}/init.plain 755 0 0" >> list
+	fi
 	gen_init_cpio list > initramfs.cpio
 	gzip initramfs.cpio
 }