guix-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCHES] Add more modules to the base-initrd

From: Ludovic Courtès
Subject: Re: [PATCHES] Add more modules to the base-initrd
Date: Sun, 31 Jan 2016 10:55:23 +0100
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/24.5 (gnu/linux) 
Mark H Weaver <address@hidden> skribis:

> I've attached two patches to add more modules to the base-initrd.
>
> The first adds the 'hid-generic' and 'hid-apple' modules, which are
> needed to allow the user's disk encryption passphrase to be entered
> during early boot on a MacBook 2,1 running Libreboot.  'hid-apple' is
> needed for the machine's internal keyboard, and 'hid-generic' is needed
> to support an external USB keyboard on that machine.

Good!  I was going to do that but didn’t have time to check whether it
would cause problems on my non-Apple laptop (unlikely I guess.)  I guess
you didn’t notice any regression, right?

> The second patch adds the 'serpent_generic' and 'wp512' crypto modules,
> which support the Serpent cipher and Whirlpool digest algorithms.  These
> are needed to mount an encrypted root partition set up with the
> following command:
>
>   cryptsetup -v --cipher serpent-xts-plain64 --key-size 512
>     --hash whirlpool --use-random --verify-passphrase luksFormat
>
> This is the command suggested in the documentation recently posted here
> by Petter <address@hidden>, who runs GuixSD on Libreboot machines
> with fully encrypted disks (including / and /boot), and to my knowledge
> is the first person to do so.

Excellent!

> Petter's documentation was used by Albin <address@hidden> to install
> GuixSD with fully encrypted disks on a MacBook 2,1 running Libreboot,
> but we found that more modules needed to be added to his initrd, hence
> these patches.

Great.  I’m really happy that you’ve been working on this; it was a
glaring hole of GuixSD.

> From 511bfba7541cbd396955a8f88e50c42ae60a6b34 Mon Sep 17 00:00:00 2001
> From: Mark H Weaver <address@hidden>
> Date: Fri, 22 Jan 2016 18:29:40 -0500
> Subject: [PATCH 1/2] linux-initrd: Add hid-generic and hid-apple to the
>  default set of modules.
>
> Fixes keyboard of MacBook2,1 during early boot, e.g. for typing a password to
> mount an encrypted root partition.
>
> * gnu/system/linux-initrd.scm (base-initrd)[linux-modules]: Add "hid-generic"
>   and "hid-apple".

Please add:

  Fixes <http://bugs.gnu.org/20433>.

>      ;; Modules added to the initrd and loaded from the initrd.
>      `("ahci"                                  ;for SATA controllers
>        "usb-storage" "uas"                     ;for the installation image 
> etc.
> -      "usbhid"                                ;USB keyboards, for debugging
> +      "usbhid" "hid-generic" "hid-apple"      ;USB keyboards, for debugging

I think ‘hid-*’ is not just USB, is it?

> From 1aa4aa1441003d0bee4103163d29857a9682035e Mon Sep 17 00:00:00 2001
> From: Mark H Weaver <address@hidden>
> Date: Fri, 22 Jan 2016 20:53:04 -0500
> Subject: [PATCH 2/2] linux-initrd: Add serpent_generic and wp512 to the
>  default set of modules.
>
> Adds modules needed for encrypted root partitions using the Serpent cipher or
> Whirlpool digest algorithms.
>
> * gnu/system/linux-initrd.scm (base-initrd)[linux-modules]: Add
>   "serpent_generic" and "wp512".

OK.

Thank you!

Ludo’.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]