Mark H Weaver <m...@netris.org> skribis: > I've attached two patches to add more modules to the base-initrd. > > The first adds the 'hid-generic' and 'hid-apple' modules, which are > needed to allow the user's disk encryption passphrase to be entered > during early boot on a MacBook 2,1 running Libreboot. 'hid-apple' is > needed for the machine's internal keyboard, and 'hid-generic' is needed > to support an external USB keyboard on that machine.
Good! I was going to do that but didn’t have time to check whether it would cause problems on my non-Apple laptop (unlikely I guess.) I guess you didn’t notice any regression, right? > The second patch adds the 'serpent_generic' and 'wp512' crypto modules, > which support the Serpent cipher and Whirlpool digest algorithms. These > are needed to mount an encrypted root partition set up with the > following command: > > cryptsetup -v --cipher serpent-xts-plain64 --key-size 512 > --hash whirlpool --use-random --verify-passphrase luksFormat > > This is the command suggested in the documentation recently posted here > by Petter <pet...@mykolab.ch>, who runs GuixSD on Libreboot machines > with fully encrypted disks (including / and /boot), and to my knowledge > is the first person to do so. Excellent! > Petter's documentation was used by Albin <al...@fripost.org> to install > GuixSD with fully encrypted disks on a MacBook 2,1 running Libreboot, > but we found that more modules needed to be added to his initrd, hence > these patches. Great. I’m really happy that you’ve been working on this; it was a glaring hole of GuixSD. > From 511bfba7541cbd396955a8f88e50c42ae60a6b34 Mon Sep 17 00:00:00 2001 > From: Mark H Weaver <m...@netris.org> > Date: Fri, 22 Jan 2016 18:29:40 -0500 > Subject: [PATCH 1/2] linux-initrd: Add hid-generic and hid-apple to the > default set of modules. > > Fixes keyboard of MacBook2,1 during early boot, e.g. for typing a password to > mount an encrypted root partition. > > * gnu/system/linux-initrd.scm (base-initrd)[linux-modules]: Add "hid-generic" > and "hid-apple". Please add: Fixes <http://bugs.gnu.org/20433>. > ;; Modules added to the initrd and loaded from the initrd. > `("ahci" ;for SATA controllers > "usb-storage" "uas" ;for the installation image > etc. > - "usbhid" ;USB keyboards, for debugging > + "usbhid" "hid-generic" "hid-apple" ;USB keyboards, for debugging I think ‘hid-*’ is not just USB, is it? > From 1aa4aa1441003d0bee4103163d29857a9682035e Mon Sep 17 00:00:00 2001 > From: Mark H Weaver <m...@netris.org> > Date: Fri, 22 Jan 2016 20:53:04 -0500 > Subject: [PATCH 2/2] linux-initrd: Add serpent_generic and wp512 to the > default set of modules. > > Adds modules needed for encrypted root partitions using the Serpent cipher or > Whirlpool digest algorithms. > > * gnu/system/linux-initrd.scm (base-initrd)[linux-modules]: Add > "serpent_generic" and "wp512". OK. Thank you! Ludo’.
