I've attached two patches to add more modules to the base-initrd.
The first adds the 'hid-generic' and 'hid-apple' modules, which are
needed to allow the user's disk encryption passphrase to be entered
during early boot on a MacBook 2,1 running Libreboot. 'hid-apple' is
needed for the machine's internal keyboard, and 'hid-generic' is needed
to support an external USB keyboard on that machine.
The second patch adds the 'serpent_generic' and 'wp512' crypto modules,
which support the Serpent cipher and Whirlpool digest algorithms. These
are needed to mount an encrypted root partition set up with the
following command:
cryptsetup -v --cipher serpent-xts-plain64 --key-size 512
--hash whirlpool --use-random --verify-passphrase luksFormat
This is the command suggested in the documentation recently posted here
by Petter <pet...@mykolab.ch>, who runs GuixSD on Libreboot machines
with fully encrypted disks (including / and /boot), and to my knowledge
is the first person to do so.
Petter's documentation was used by Albin <al...@fripost.org> to install
GuixSD with fully encrypted disks on a MacBook 2,1 running Libreboot,
but we found that more modules needed to be added to his initrd, hence
these patches.
Mark
>From 511bfba7541cbd396955a8f88e50c42ae60a6b34 Mon Sep 17 00:00:00 2001
From: Mark H Weaver <m...@netris.org>
Date: Fri, 22 Jan 2016 18:29:40 -0500
Subject: [PATCH 1/2] linux-initrd: Add hid-generic and hid-apple to the
default set of modules.
Fixes keyboard of MacBook2,1 during early boot, e.g. for typing a password to
mount an encrypted root partition.
* gnu/system/linux-initrd.scm (base-initrd)[linux-modules]: Add "hid-generic"
and "hid-apple".
---
gnu/system/linux-initrd.scm | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/gnu/system/linux-initrd.scm b/gnu/system/linux-initrd.scm
index b1ea637..96c64cd 100644
--- a/gnu/system/linux-initrd.scm
+++ b/gnu/system/linux-initrd.scm
@@ -1,5 +1,6 @@
;;; GNU Guix --- Functional package management for GNU
;;; Copyright © 2013, 2014, 2015, 2016 Ludovic Courtès <l...@gnu.org>
+;;; Copyright © 2016 Mark H Weaver <m...@netris.org>
;;;
;;; This file is part of GNU Guix.
;;;
@@ -179,7 +180,7 @@ loaded at boot time in the order in which they appear."
;; Modules added to the initrd and loaded from the initrd.
`("ahci" ;for SATA controllers
"usb-storage" "uas" ;for the installation image etc.
- "usbhid" ;USB keyboards, for debugging
+ "usbhid" "hid-generic" "hid-apple" ;USB keyboards, for debugging
"dm-crypt" "xts" ;for encrypted root partitions
,@(if (string-match "^(x86_64|i[3-6]86)-" (%current-system))
'("pata_acpi" "pata_atiixp" ;for ATA controllers
--
2.6.3
>From 1aa4aa1441003d0bee4103163d29857a9682035e Mon Sep 17 00:00:00 2001
From: Mark H Weaver <m...@netris.org>
Date: Fri, 22 Jan 2016 20:53:04 -0500
Subject: [PATCH 2/2] linux-initrd: Add serpent_generic and wp512 to the
default set of modules.
Adds modules needed for encrypted root partitions using the Serpent cipher or
Whirlpool digest algorithms.
* gnu/system/linux-initrd.scm (base-initrd)[linux-modules]: Add
"serpent_generic" and "wp512".
---
gnu/system/linux-initrd.scm | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/gnu/system/linux-initrd.scm b/gnu/system/linux-initrd.scm
index 96c64cd..45ac058 100644
--- a/gnu/system/linux-initrd.scm
+++ b/gnu/system/linux-initrd.scm
@@ -181,7 +181,7 @@ loaded at boot time in the order in which they appear."
`("ahci" ;for SATA controllers
"usb-storage" "uas" ;for the installation image etc.
"usbhid" "hid-generic" "hid-apple" ;USB keyboards, for debugging
- "dm-crypt" "xts" ;for encrypted root partitions
+ "dm-crypt" "xts" "serpent_generic" "wp512" ;for encrypted root partitions
,@(if (string-match "^(x86_64|i[3-6]86)-" (%current-system))
'("pata_acpi" "pata_atiixp" ;for ATA controllers
"isci") ;for SAS controllers like Intel C602
--
2.6.3
