diff options
Diffstat (limited to '')
-rw-r--r-- | source/a/mkinitrd/mkinitrd | 117 | ||||
-rw-r--r-- | source/a/mkinitrd/mkinitrd.8 | 57 | ||||
-rwxr-xr-x | source/a/mkinitrd/mkinitrd.SlackBuild | 27 | ||||
-rw-r--r-- | source/a/mkinitrd/mkinitrd.conf.5 | 39 | ||||
-rw-r--r-- | source/a/mkinitrd/mkinitrd.conf.sample | 4 |
5 files changed, 197 insertions, 47 deletions
diff --git a/source/a/mkinitrd/mkinitrd b/source/a/mkinitrd/mkinitrd index 96e0e388d..c594ed2df 100644 --- a/source/a/mkinitrd/mkinitrd +++ b/source/a/mkinitrd/mkinitrd @@ -1,7 +1,7 @@ #!/bin/sh # Copyright 2004 Slackware Linux, Inc., Concord, CA, USA # Copyright 2004 Patrick J. Volkerding, Concord, CA, USA -# Copyright 2007, 2008, 2009, 2010, 2011, 2015, 2016 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2007, 2008, 2009, 2010, 2011, 2015, 2016, 2017 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -44,8 +44,17 @@ # Yada yada yada. # Modified by Patrick Volkerding <volkerdi@slackware.com> 21 August 2012 # Add Btrfs multi-device filesystem support option (-B). +# Modified by Robby Workman <rworkman@slackware.com> 08 March 2017 +# to add support for TRIM on LUKS root devs +# Modified by Patrick Volkerding <volkerdi@slackware.com> 29 June 2017 +# Add support for prepending a microcode update archive (-P). +# Modified by Patrick Volkerding <volkerdi@slackware.com> 12 July 2017 +# Add support for including Slackware and kernel versions in the +# output filename. Thanks to SeB. -MKINITRD_VERSION=1.4.8 +MKINITRD_VERSION=1.4.11 + +COMMAND_LINE="$0 $*" # Don't include these things from /lib/udev/ in the initrd image LIBUDEV_BLACKLIST="\ @@ -55,6 +64,7 @@ LIBUDEV_BLACKLIST="\ check-ptp-camera \ udev-configure-printer \ rules.d/60-openobex.rules \ + rules.d/85-regulatory.rules \ " print_usage() { @@ -92,6 +102,11 @@ initrd, and the script is easy to modify. Be creative. :-) unlocked by the initrd using cryptsetup. All devices that must be unlocked in order to access the root filesystem must be specified. (Use with '-r' parameter). + -T A colon (:) delimited list of luks encrypted block devices to be + passed the "--allow-discards" option when unlocked by the initrd + using cryptsetup. This has the effect of allowing TRIM on SSD drives. + Be sure your SSD supports this feature (correctly) before enabling + it. See fstrim(8) for more information. -L Add support for LVM partitions -K Use a USB key (fat-formatted) to unlock the root LUKS volume The parameter value is filename of a keyfile, as well as the label @@ -105,6 +120,7 @@ initrd, and the script is easy to modify. Be creative. :-) -B Add /sbin/btrfs to enable scanning for a root filesystem that is part of a Btrfs multi-device filesystem. -M Add the files in /etc/modprobe.d/ and /lib/modprobe.d/ to the initrd + -P Prepend the output image with the microcode CPIO archive given in arguments. -R Add support for RAID partitions -V Display version number @@ -183,6 +199,11 @@ build_initrd_image() { rm -f $OUTPUT_IMAGE find . | cpio -o -H newc | gzip -9c > $OUTPUT_IMAGE ) + + if [ ! -z "${MICROCODE_ARCH}" ] ; then + cat ${MICROCODE_ARCH} ${OUTPUT_IMAGE} > ${OUTPUT_IMAGE}.2 + mv ${OUTPUT_IMAGE}.2 ${OUTPUT_IMAGE} + fi echo "$OUTPUT_IMAGE created." echo "Be sure to run lilo again if you use it." } @@ -245,7 +266,19 @@ copy_modconf() { cp -a /etc/modprobe.d $SOURCE_TREE/etc cp -a /lib/modprobe.d $SOURCE_TREE/lib/ } - + +# Normalize the string $1 by replacing occurences of +# recognized tags by their current values. +# +# this version take the following tags into account: +# %KVER% (kernel version) +# %SLACKVER% (slackware version) +# +function normalize_string() { + echo "$1" | sed -e "s?%KVER%?${KERNEL_VERSION}?g" \ + -e "s?%SLACKVER%?$(cat /etc/slackware-version|cut -f2 -d" ")?g" +} + # If --help is given, print_usage and exit: if echo $* | grep -wq '\--help' ; then print_usage @@ -269,7 +302,7 @@ UDEV=1 # Default actions without options: if [ -z "$1" ]; then # We need a sensible default for this special case: - OUTPUT_IMAGE=${OUTPUT_IMAGE:-/boot/initrd.gz} + OUTPUT_IMAGE=$(normalize_string ${OUTPUT_IMAGE:-/boot/initrd.gz}) # If the output tree doesn't exist, create it and then exit: if [ ! -d $SOURCE_TREE ]; then echo "Nothing found at location $SOURCE_TREE, so we will create an" @@ -362,6 +395,10 @@ while [ ! -z "$1" ]; do LUKSKEY="$2" shift 2 ;; + -T) + LUKSTRIM="$2" + shift 2 + ;; -L) LVM=1 shift @@ -374,6 +411,16 @@ while [ ! -z "$1" ]; do MODCONF=1 shift ;; + -P) + # canonicalize filename: + MICROCODE_ARCH="$(readlink -m $2)" + if [ ! -e "${MICROCODE_ARCH}" ] ; then + echo "Error, the microcode cpio archive ${MICROCODE_ARCH} does not exist." + exit 1 + fi + shift 2 + ;; + -R) RAID=1 shift @@ -384,6 +431,19 @@ while [ ! -z "$1" ]; do esac done +# Resolve TAGS (i.e %KVER%, %SLACKVER%) found in OUTPUT_IMAGE. +# +# Note: +# ---- +# This must be done after all options have been handled and +# not when handling case '-o' because -k can be passed after +# -o in which case, the tag %KVER% would be replaced with the +# current kernel version instead of version passed with -k. +# +if echo "$OUTPUT_IMAGE" | grep -qE "%KVER%|%SLACKVER%" ; then + OUTPUT_IMAGE="$(normalize_string $OUTPUT_IMAGE)" +fi + # If kernel modules are needed but the kernel version is absent, exit now: if [ ! -d /lib/modules/$KERNEL_VERSION ]; then echo "ERROR: No /lib/modules/$KERNEL_VERSION kernel modules tree found for kernel \"$KERNEL_VERSION\"" @@ -420,6 +480,17 @@ if [ ! -z "$ROOTFS" ]; then echo $ROOTFS > $SOURCE_TREE/rootfs fi +# Put a copy of the command line used to create this initrd in +# initrd-tree/command_line: +echo "$COMMAND_LINE" > $SOURCE_TREE/command_line + +# If /etc/mkinitrd.conf exists, put a copy of that in there as well. +# (May or may not have been used according to the -F option, but we'll +# save a copy anyway just in case): +if [ -e /etc/mkinitrd.conf ]; then + cp -a /etc/mkinitrd.conf $SOURCE_TREE/mkinitrd.conf +fi + # If $WAIT is not set, assume we need only one second # to have all devices done # (unless we find that value is already set in the initrd-tree): @@ -435,7 +506,7 @@ if [ ! -z "$WAIT" ]; then fi # If no OUTPUT_IMAGE was specified, read it from the SOURCE_TREE if possible: -OUTPUT_IMAGE=${OUTPUT_IMAGE:-"$(cat $SOURCE_TREE/initrd-name)"} +OUTPUT_IMAGE=$(normalize_string ${OUTPUT_IMAGE:-"$(cat $SOURCE_TREE/initrd-name)"}) # If we still have no value, apply the default: OUTPUT_IMAGE=${OUTPUT_IMAGE:-"/boot/initrd.gz"} # Finally, write the image name into the SOURCE_TREE: @@ -457,6 +528,11 @@ if [ ! -z "$LUKSDEV" ]; then CRYPT=1 fi +# Check for LUKSTRIM +if [ ! -z "$LUKSTRIM" ]; then + echo $LUKSTRIM > $SOURCE_TREE/lukstrim +fi + # If LUKSKEY was set in the config file, then give it a warm welcome: if [ ! -z "$LUKSKEY" ]; then # $SOURCE_TREE/wait-for-root may have been configured earlier in the script, @@ -524,21 +600,12 @@ if [ ! -z "$LVM" ]; then if [ -f /sbin/lvm ]; then mkdir -p $SOURCE_TREE/sbin cp /sbin/lvm $SOURCE_TREE/sbin/lvm - cp /sbin/dmsetup $SOURCE_TREE/sbin/dmsetup - find /lib /lib64 -name "libdevmapper*so*" 2> /dev/null | xargs -I'{}' cp -P --parents '{}' $SOURCE_TREE/ ( cd $SOURCE_TREE/sbin ln -s lvm vgchange 2>/dev/null ln -s lvm vgscan 2>/dev/null ) - if [ -z "${MODULE_LIST}" ] ; then - MODULE_LIST="dm-mod" - elif ! echo ${MODULE_LIST} | grep -q dm-mod ; then - MODULE_LIST="$MODULE_LIST:dm-mod" - fi - mkdir -p $SOURCE_TREE/lib/udev/rules.d - echo 'KERNEL=="dm-[0-9]*", OPTIONS+="db_persist"' > \ - $SOURCE_TREE/lib/udev/rules.d/95-dm-initrd.rules else echo "LVM binary is missing, LVM support isn't installed" + LVM="" fi fi @@ -555,16 +622,26 @@ EOF chmod 0755 $SOURCE_TREE/sbin/udevadm fi - if [ -z "${MODULE_LIST}" ] ; then - MODULE_LIST="dm-mod" - elif ! echo ${MODULE_LIST} | grep -q dm-mod ; then - MODULE_LIST="$MODULE_LIST:dm-mod" - fi # Write the underlying luks device to the initrd-tree: echo $LUKSDEV > $SOURCE_TREE/luksdev else echo "Cryptsetup binary is missing, CRYPT support isn't installed" + CRYPT="" + fi +fi + +# Include device mapper in initrd (needed for LUKS and LVM) +if [ ! -z "$CRYPT" -o ! -z "$LVM" ]; then + cp /sbin/dmsetup $SOURCE_TREE/sbin/dmsetup + find /lib /lib64 -name "libdevmapper*so*" 2> /dev/null | xargs -I'{}' cp -P --parents '{}' $SOURCE_TREE/ + if [ -z "${MODULE_LIST}" ] ; then + MODULE_LIST="dm-mod" + elif ! echo ${MODULE_LIST} | grep -q dm-mod ; then + MODULE_LIST="$MODULE_LIST:dm-mod" fi + mkdir -p $SOURCE_TREE/lib/udev/rules.d + echo 'KERNEL=="dm-[0-9]*", OPTIONS+="db_persist"' > \ + $SOURCE_TREE/lib/udev/rules.d/95-dm-initrd.rules fi # Make module directory: diff --git a/source/a/mkinitrd/mkinitrd.8 b/source/a/mkinitrd/mkinitrd.8 index 6ee25bdde..7e0247a09 100644 --- a/source/a/mkinitrd/mkinitrd.8 +++ b/source/a/mkinitrd/mkinitrd.8 @@ -52,6 +52,9 @@ mkinitrd \- create or rebuilt an initrd (initial ramdisk) using initramfs (simpl .B \-K luks_keyfile ] [ +.B \-P microcode_archive +] +[ .B \-B ] [ @@ -68,15 +71,15 @@ mkinitrd \- create or rebuilt an initrd (initial ramdisk) using initramfs (simpl is used to build an initial ramdisk. An initial ramdisk is a very small set of files that are loaded into RAM and "mounted" (as initramfs doesn't actually use a filesystem) as the kernel boots (before the main root -filesystem is mounted). The usual reason to use an initrd is because -you need to load kernel modules before mounting the root partition. -Usually these modules are required to support the filesystem used by the -root partition (ext3, reiserfs, xfs), or perhaps the controller that the -hard drive is attached to (SCSI, RAID, etc). Essentially, there are so many -different options available in modern Linux kernels that it isn't practical -to try to ship many different kernels to try to cover everyone's needs. -It's a lot more flexible to ship a generic kernel and a set of kernel -modules for it. +filesystem is mounted). The usual reason to use an initrd is to load kernel +kernel modules in order to access the root partition. An initrd might also +be required to unlock an encrypted device. Usually these modules are +required to support the filesystem used by the root partition (e.g., ext4, +jfs, xfs), or perhaps the controller that the hard drive is attached to +(SCSI, RAID, etc). Essentially, there are so many different options +available in modern Linux kernels that it isn't practical to try to ship +many different kernels to try to cover everyone's needs. It's a lot more +flexible to ship a generic kernel and a set of kernel modules for it. .SH OPTIONS .TP .B \-F @@ -121,10 +124,12 @@ Additional options may be added to use when loading the kernel modules .B \-o output image The file to write the initrd to. (default: /boot/initrd.gz) .TP -.B \-r root partition +.BI \-r \ root_device Specify the device to be used as the root partition. If this isn't given, the kernel default will be used (which is usually fine). This option must be used together with the \-f option in order to be beneficial. +.I root_device +can be a device node path, UUID, or LABEL. See examples for \fB\-C\fR below. .TP .B \-s source tree The directory to use as the source for the initrd. (default: /boot/initrd-tree/) @@ -136,16 +141,22 @@ Include udev in the initrd. The -w option specifies how long to wait in seconds before assuming that all the drives are spun up and ready to go. .TP -.B \-C device list +.BI \-C \ device_list A colon (:) delimited list of luks encrypted block devices to be unlocked by -the initrd using cryptsetup. All devices that must be unlocked in order to -access the root filesystem must be specified. e.g. +the initrd using cryptsetup. +.I device_list +may include any of: device node path, UUID, or LABEL. All devices that must be +unlocked in order to access the root filesystem must be specified. For example: -C /dev/sda2:/dev/sda3 +.br + -C UUID=ec6dea40-c8d8-4590-850a-a757be60e45a +.br + -C LABEL=darkstar Each unlocked device will be assigned an automatically generated luks device name of the form luks<device> where '<device>' will be the basename of the -encrypted device. e.g. +encrypted device node path. For example: /dev/mapper/lukssda2 @@ -174,6 +185,24 @@ you need to set: -K LABEL=TRAVELSTICK:/keys/alien.luks .TP +.B \-T device list +A colon (:) delimited list of luks encrypted block devices to be passed the +"--allow-discards" option when unlocked by the initrd using cryptsetup, e.g. + + -T /dev/sda2:/dev/sda4 + +This has the effect of allowing TRIM on SSD drives. Be sure your SSD supports +this feature (correctly) before enabling it. See fstrim(8) for more information. +.TP +.B \-P microcode_archive +This option specifies a cpio archive containing updated microcode for your CPU. +CPU manufacturers occasionally release such updates to fix bugs in the microcode +currently embedded in the CPU. The microcode archive will be prepended to the +output initrd, where the kernel will find it for early patching: + + -P /boot/intel-ucode.cpio + +.TP .B \-B This option adds the btrfs utility to the initrd so that multi-device filesystems will be picked up by a scan (/sbin/btrfs device scan). This is needed if the diff --git a/source/a/mkinitrd/mkinitrd.SlackBuild b/source/a/mkinitrd/mkinitrd.SlackBuild index 8983f34d4..22fa7344f 100755 --- a/source/a/mkinitrd/mkinitrd.SlackBuild +++ b/source/a/mkinitrd/mkinitrd.SlackBuild @@ -1,6 +1,6 @@ -#!/bin/sh +#!/bin/bash -# Copyright 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2015, 2016 Patrick J. Volkerding, Sebeka, MN, USA +# Copyright 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2015, 2016, 2017, 2018 Patrick J. Volkerding, Sebeka, MN, USA # All rights reserved. # # Redistribution and use of this script, with or without modification, is @@ -20,10 +20,12 @@ # OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF # ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +cd $(dirname $0) ; CWD=$(pwd) -VERSION=${VERSION:-1.4.8} -BB=1.20.2 -BUILD=${BUILD:-8} +PKGNAM=mkinitrd +VERSION=${VERSION:-1.4.11} +BB=1.28.3 +BUILD=${BUILD:-6} # Automatically determine the architecture we're building on: if [ -z "$ARCH" ]; then @@ -35,8 +37,15 @@ if [ -z "$ARCH" ]; then esac fi +# If the variable PRINT_PACKAGE_NAME is set, then this script will report what +# the name of the created package would be, and then exit. This information +# could be useful to other scripts. +if [ ! -z "${PRINT_PACKAGE_NAME}" ]; then + echo "$PKGNAM-$VERSION-$ARCH-$BUILD.txz" + exit 0 +fi + NUMJOBS=${NUMJOBS:--j7} -CWD=$(pwd) TMP=${TMP:-/tmp} PKG=$TMP/package-mkinitrd @@ -51,8 +60,8 @@ rm -rf $PKG mkdir -p $TMP $PKG cd $TMP rm -rf busybox-$BB -tar xvf $CWD/busybox-$BB.tar.?z* || exit 1 -cd busybox-$BB +tar xvf $CWD/busybox-$BB.tar.bz2 || exit 1 +cd busybox-$BB || exit 1 if [ -d $CWD/fixes-$BB ]; then for pfile in $CWD/fixes-$BB/*.patch ; do @@ -64,7 +73,7 @@ chown -R root:root . sed -e \ 's#^CONFIG_PREFIX=.*#CONFIG_PREFIX="'$PKG'/usr/share/mkinitrd/initrd-tree"#' \ $CWD/busybox-dot-config > .config -make oldconfig +make oldconfig || exit 1 make $NUMJOBS || make || exit 1 mkdir -p $PKG/usr/share/mkinitrd/initrd-tree/{bin,sbin} diff --git a/source/a/mkinitrd/mkinitrd.conf.5 b/source/a/mkinitrd/mkinitrd.conf.5 index 6cfef91ad..b28a6e080 100644 --- a/source/a/mkinitrd/mkinitrd.conf.5 +++ b/source/a/mkinitrd/mkinitrd.conf.5 @@ -58,6 +58,10 @@ image. This is the location for the initrd image that is created. .br Defaults to "/boot/initrd.gz" +.br +If %KVER% and/or %SLACKVER% are present in the string, they will be replaced +with $KERNEL_VERSION (e.g. "4.4.75-smp") and Slackware Version (e.g. "14.2") +respectively in the name of the generated file. .TP 5 .I KERNEL_VERSION @@ -90,10 +94,15 @@ Example: MODULE_LIST="module1:module2 option=1:module3" .TP 5 .I LUKSDEV Contains a colon (:) delimited list of luks encrypted block devices to be -unlocked by the initrd using cryptsetup. All devices that must be unlocked -in order to access the root filesystem must be specified. -.br +unlocked by the initrd using cryptsetup. The list may include any of: device +node path, UUID, or LABEL. All devices that must be unlocked in order to +access the root filesystem must be specified. +.sp Example: LUKSDEV="/dev/sda2:/dev/sda3" +.br +Example: LUKSDEV="UUID=ec6dea40-c8d8-4590-850a-a757be60e45a" +.br +Example: LUKSDEV="LABEL=darkstar" Each unlocked device will be assigned an automatically generated luks device name of the form luks<device> where '<device>' will be the basename of the @@ -113,6 +122,7 @@ then and .I "ROOTDEV=/dev/mapper/lukssda2" are equivalent. + .TP 5 .I LUKSKEY When using cryptsetup to encrypt your partition, you can use a keyfile instead @@ -129,8 +139,20 @@ you need to set: LUKSKEY="LABEL=TRAVELSTICK:/keys/alien.luks" .TP 5 +.I LUKSTRIM +Contains a colon (:) delimited list of luks encrypted block devices to be +passed the "--allow-discards" option when unlocked by the initrd using +cryptsetup. This has the effect of allowing TRIM on SSD drives. Be sure +your SSD supports this feature (correctly) before enabling it. +.br +See fstrim(8) for more information. +.br +Example: LUKSTRIM="/dev/sda2:/dev/sda4" + +.TP 5 .I ROOTDEV The device on which your root filesystem is located. +May be a device node path, UUID, or LABEL. See LUKSDEV examples. .br Example: ROOTDEV="/dev/sda2" @@ -206,6 +228,17 @@ MODCONF="0" # Do not add /etc/modprobe.d/* to the initrd .br MODCONF="1" # Add /etc/modprobe.d/* to the initrd +.TP 5 +.I MICROCODE_ARCH +This option specifies a cpio archive containing updated microcode for your CPU. +CPU manufacturers occasionally release such updates to fix bugs in the microcode +currently embedded in the CPU. The microcode archive will be prepended to the +output initrd, where the kernel will find it for early patching. +.br +Examples: +.br +MICROCODE_ARCH="/boot/intel-ucode.cpio" + .SH FILES .I /etc/mkinitrd.conf .br diff --git a/source/a/mkinitrd/mkinitrd.conf.sample b/source/a/mkinitrd/mkinitrd.conf.sample index 9bb9f14c6..70256ef38 100644 --- a/source/a/mkinitrd/mkinitrd.conf.sample +++ b/source/a/mkinitrd/mkinitrd.conf.sample @@ -8,12 +8,14 @@ #KEYMAP="us" #MODULE_LIST="ext4" #LUKSDEV="/dev/sda2" +#LUKSTRIM="/dev/sda2" # verify support with 'hdparm -I $dev | grep TRIM' #LUKSKEY="LABEL=TRAVELSTICK:/keys/alienbob.luks" #ROOTDEV="/dev/sda1" -#ROOTFS="ext3" +#ROOTFS="ext4" #RESUMEDEV="/dev/sda2" #RAID="0" #LVM="0" #UDEV="1" #MODCONF="0" +#MICROCODE_ARCH="/boot/intel-ucode.cpio" #WAIT="1" |