Date
1 - 2 of 2
[isar-cip-core][RFC 3/5] wic/x86-efibootguard: add partition to encrypted
Quirin Gylstorff
From: Quirin Gylstorff <quirin.gylstorff@...>
This extra partition will store the encrypted file system
Signed-off-by: Quirin Gylstorff <quirin.gylstorff@...>
---
wic/qemu-amd64-efibootguard-secureboot.wks.in | 1 +
wic/x86-efibootguard.wks.in | 1 +
2 files changed, 2 insertions(+)
diff --git a/wic/qemu-amd64-efibootguard-secureboot.wks.in b/wic/qemu-amd64-efibootguard-secureboot.wks.in
index 5c41116..44f9c77 100644
--- a/wic/qemu-amd64-efibootguard-secureboot.wks.in
+++ b/wic/qemu-amd64-efibootguard-secureboot.wks.in
@@ -6,5 +6,6 @@ part --source empty --align 1024 --fixed-size 1G --uuid "${ABROOTFS_PART_UUID_B}
# home and var are extra partitions
part /home --source rootfs --rootfs-dir=${IMAGE_ROOTFS}/home --fstype=ext4 --label home --align 1024 --size 1G
part /var --source rootfs --rootfs-dir=${IMAGE_ROOTFS}/var --fstype=ext4 --label var --align 1024 --size 2G
+part /crypt --label crypt-data --align 1024 --fstype=ext4 --size 2G
bootloader --ptable gpt --append="console=tty0 console=ttyS0,115200 rootwait earlyprintk panic=5"
diff --git a/wic/x86-efibootguard.wks.in b/wic/x86-efibootguard.wks.in
index b635a8b..bad6ff5 100644
--- a/wic/x86-efibootguard.wks.in
+++ b/wic/x86-efibootguard.wks.in
@@ -9,5 +9,6 @@ part --source empty --align 1024 --fixed-size 1G --uuid "${ABROOTFS_PART_UUID_B}
# home and var are extra partitions
part /home --source rootfs --rootfs-dir=${IMAGE_ROOTFS}/home --fstype=ext4 --label home --align 1024 --size 1G
part /var --source rootfs --rootfs-dir=${IMAGE_ROOTFS}/var --fstype=ext4 --label var --align 1024 --size 2G
+part /crypt --label crypt-data --align 1024 --fstype=ext4 --size 2G
bootloader --ptable gpt --append="console=tty0 console=ttyS0,115200 rootwait earlyprintk"
--
2.39.0
This extra partition will store the encrypted file system
Signed-off-by: Quirin Gylstorff <quirin.gylstorff@...>
---
wic/qemu-amd64-efibootguard-secureboot.wks.in | 1 +
wic/x86-efibootguard.wks.in | 1 +
2 files changed, 2 insertions(+)
diff --git a/wic/qemu-amd64-efibootguard-secureboot.wks.in b/wic/qemu-amd64-efibootguard-secureboot.wks.in
index 5c41116..44f9c77 100644
--- a/wic/qemu-amd64-efibootguard-secureboot.wks.in
+++ b/wic/qemu-amd64-efibootguard-secureboot.wks.in
@@ -6,5 +6,6 @@ part --source empty --align 1024 --fixed-size 1G --uuid "${ABROOTFS_PART_UUID_B}
# home and var are extra partitions
part /home --source rootfs --rootfs-dir=${IMAGE_ROOTFS}/home --fstype=ext4 --label home --align 1024 --size 1G
part /var --source rootfs --rootfs-dir=${IMAGE_ROOTFS}/var --fstype=ext4 --label var --align 1024 --size 2G
+part /crypt --label crypt-data --align 1024 --fstype=ext4 --size 2G
bootloader --ptable gpt --append="console=tty0 console=ttyS0,115200 rootwait earlyprintk panic=5"
diff --git a/wic/x86-efibootguard.wks.in b/wic/x86-efibootguard.wks.in
index b635a8b..bad6ff5 100644
--- a/wic/x86-efibootguard.wks.in
+++ b/wic/x86-efibootguard.wks.in
@@ -9,5 +9,6 @@ part --source empty --align 1024 --fixed-size 1G --uuid "${ABROOTFS_PART_UUID_B}
# home and var are extra partitions
part /home --source rootfs --rootfs-dir=${IMAGE_ROOTFS}/home --fstype=ext4 --label home --align 1024 --size 1G
part /var --source rootfs --rootfs-dir=${IMAGE_ROOTFS}/var --fstype=ext4 --label var --align 1024 --size 2G
+part /crypt --label crypt-data --align 1024 --fstype=ext4 --size 2G
bootloader --ptable gpt --append="console=tty0 console=ttyS0,115200 rootwait earlyprintk"
--
2.39.0
Jan Kiszka
On 30.01.23 16:02, Quirin Gylstorff wrote:
an extra one?
Jan
Siemens AG, Technology
Competence Center Embedded Linux
From: Quirin Gylstorff <quirin.gylstorff@...>I thought we would encrypt all our persistent partitions? Why now just
This extra partition will store the encrypted file system
an extra one?
Jan
--
Signed-off-by: Quirin Gylstorff <quirin.gylstorff@...>
---
wic/qemu-amd64-efibootguard-secureboot.wks.in | 1 +
wic/x86-efibootguard.wks.in | 1 +
2 files changed, 2 insertions(+)
diff --git a/wic/qemu-amd64-efibootguard-secureboot.wks.in b/wic/qemu-amd64-efibootguard-secureboot.wks.in
index 5c41116..44f9c77 100644
--- a/wic/qemu-amd64-efibootguard-secureboot.wks.in
+++ b/wic/qemu-amd64-efibootguard-secureboot.wks.in
@@ -6,5 +6,6 @@ part --source empty --align 1024 --fixed-size 1G --uuid "${ABROOTFS_PART_UUID_B}
# home and var are extra partitions
part /home --source rootfs --rootfs-dir=${IMAGE_ROOTFS}/home --fstype=ext4 --label home --align 1024 --size 1G
part /var --source rootfs --rootfs-dir=${IMAGE_ROOTFS}/var --fstype=ext4 --label var --align 1024 --size 2G
+part /crypt --label crypt-data --align 1024 --fstype=ext4 --size 2G
bootloader --ptable gpt --append="console=tty0 console=ttyS0,115200 rootwait earlyprintk panic=5"
diff --git a/wic/x86-efibootguard.wks.in b/wic/x86-efibootguard.wks.in
index b635a8b..bad6ff5 100644
--- a/wic/x86-efibootguard.wks.in
+++ b/wic/x86-efibootguard.wks.in
@@ -9,5 +9,6 @@ part --source empty --align 1024 --fixed-size 1G --uuid "${ABROOTFS_PART_UUID_B}
# home and var are extra partitions
part /home --source rootfs --rootfs-dir=${IMAGE_ROOTFS}/home --fstype=ext4 --label home --align 1024 --size 1G
part /var --source rootfs --rootfs-dir=${IMAGE_ROOTFS}/var --fstype=ext4 --label var --align 1024 --size 2G
+part /crypt --label crypt-data --align 1024 --fstype=ext4 --size 2G
bootloader --ptable gpt --append="console=tty0 console=ttyS0,115200 rootwait earlyprintk"
Siemens AG, Technology
Competence Center Embedded Linux