14 жил өмнө · 73e97e5a40
--- a/package/cryptinit/Makefile
+++ b/package/cryptinit/Makefile
@@ -8,13 +8,16 @@ PKG_VERSION:=		2.0
 
				 PKG_RELEASE:=		1
			
 
				 PKG_DESCR:=		init for encrypted rootfilesystem
			
 
				 PKG_SECTION:=		base
			
 
				-PKG_DEPENDS:=		cryptsetup opensc pcsc-lite
			
 
				+PKG_DEPENDS:=		cryptsetup
			
 
				 
			
 
				 PKG_CFLINE_CRYPTINIT:=	select BUSYBOX_STTY@
			
 
				 PKG_CFLINE_CRYPTINIT+=	select BUSYBOX_SWITCH_ROOT@
			
 
				 
			
 
				-PKG_FLAVOURS_CRYPTINIT:=NO_GRUB
			
 
				+PKG_FLAVOURS_CRYPTINIT:=SC NO_GRUB
			
 
				 PKGFD_NO_GRUB:=		predefine root/swap partition (without grub)
			
 
				+PKGFD_SC:=		with smartcard support
			
 
				+PKGFS_SC:=		ccid openct opensc pcsc-lite
			
 
				+PKGFB_SC:=		ccid openct opensc pcsc-lite
			
 
				 
			
 
				 PKG_FLAVOURS_STRING_CRYPTINIT:=	ROOT SWAP
			
 
				 PKGFD_ROOT:=		root partition
			
@@ -39,6 +42,10 @@ do-install:
 
				 	$(INSTALL_DIR) $(IDIR_CRYPTINIT)/sbin
			
 
				 	$(TARGET_CC) $(TARGET_CFLAGS) -Wall -o $(IDIR_CRYPTINIT)/sbin/p \
			
 
				 		./src/p.c
			
 
				+ifeq ($(ADK_PACKAGE_CRYPTINIT_SC),y)
			
 
				+	$(INSTALL_BIN) ./src/cryptinitsc $(IDIR_CRYPTINIT)/cryptinit
			
 
				+else
			
 
				 	$(INSTALL_BIN) ./src/cryptinit $(IDIR_CRYPTINIT)/
			
 
				+endif
			
 
				 
			
 
				 include ${TOPDIR}/mk/pkg-bottom.mk
			
--- a/package/cryptinit/src/cryptinitsc
+++ b/package/cryptinit/src/cryptinitsc
@@ -0,0 +1,65 @@
 
				+#!/bin/sh
			
 
				+
			
 
				+load_modules() {
			
 
				+	(sed "s,^[^#][^[:space:]]*,insmod /lib/modules/$(uname -r)/&.ko," $* | sh 2>&- || :)
			
 
				+}
			
 
				+
			
 
				+echo -n "Kernel currently running: "
			
 
				+uname -rsmo
			
 
				+echo -n "Kernel parameters: "; cat /proc/cmdline
			
 
				+for word in $(cat /proc/cmdline) ; do
			
 
				+    case $word in
			
 
				+         [a-z]*=*)
			
 
				+             eval "export $word"
			
 
				+             ;;
			
 
				+    esac
			
 
				+done
			
 
				+
			
 
				+echo 0 > /proc/sys/kernel/printk
			
 
				+
			
 
				+load_modules /etc/modules
			
 
				+for f in /etc/modules.d/*; do
			
 
				+	[[ -e $f ]] && load_modules /etc/modules.d/*
			
 
				+	break
			
 
				+done
			
 
				+
			
 
				+mount /dev/sda1 /boot
			
 
				+mkdir -p /var/run/openct
			
 
				+openct-control init
			
 
				+pcscd -f &
			
 
				+sleep 2
			
 
				+
			
 
				+fail=0
			
 
				+count=0
			
 
				+while true; do
			
 
				+	pkcs15-crypt --decipher --input /boot/key  --pkcs1 --raw >/tmp/skey
			
 
				+	cryptsetup -d /tmp/skey --batch-mode luksOpen $swap swapcrypt
			
 
				+	if [ $? = 0 ];then
			
 
				+		break
			
 
				+	fi
			
 
				+	if [ $count = 2 ];then
			
 
				+		echo "You are not allowed"
			
 
				+		sleep 3
			
 
				+		fail=1
			
 
				+		break
			
 
				+	fi
			
 
				+	count=$(($count+1))
			
 
				+done
			
 
				+
			
 
				+if [ $fail -eq 1 ];then
			
 
				+	echo "Poweroff."
			
 
				+	p
			
 
				+fi
			
 
				+
			
 
				+echo "Try to resume from hibernation"
			
 
				+echo "254:0" > /sys/power/resume
			
 
				+
			
 
				+cryptsetup -d /tmp/skey --batch-mode luksOpen $root rootcrypt
			
 
				+swapon /dev/mapper/swapcrypt
			
 
				+mount /dev/mapper/rootcrypt /mnt
			
 
				+umount /proc
			
 
				+umount /sys
			
 
				+umount /dev/pts
			
 
				+rm /tmp/skey
			
 
				+pkill pcscd
			
 
				+umount /tmp