[dm-crypt] ing rootfs without initramfs

Milan Broz gmazyland at gmail.com
Sat Jul 20 22:06:12 CEST 2013


On 07/20/2013 09:36 PM, ebelcrom ebelcrom wrote:

> I played around with dm-crypt without using initramfs for
> en-/decryption of my root file system. The rootfs is encrypted plain
> with cryptsetup and the key is stored at the disk containing the
> rootfs between MBR and the partition. The kernel parameter given to
> it from the bootloader is configured as it should be (cryptdevice,
> cryptkey, root mapper). The disk driver (loaded before) is built-in
> as well as dm-crypt (loaded after). The message I got at boot time is
> this (cr_rootfs is the encrypted rootfs):
> 
> VFS: Cannot open root device "mapper/cr_rootfs" or
> unknown-block(0,0)
> 
> According to some hints in the web there is no need to have an
> initramfs. Is that true? If yes what are the steps to get there and
> what should I keep into account?

I think the only possibility is to use GRUB2 which should understand
LUKS directly and boot from it. (Not sure about plain dmcrypt device).

I do not think you can create device-mapper block device without
initramfs (there were some patches to add some kernel options
but IIRC it never reached upstream).

Milan


More information about the dm-crypt mailing list