[dm-crypt] ing rootfs without initramfs

Thomas Bächler thomas at archlinux.org
Sun Jul 21 11:01:14 CEST 2013

Am 21.07.2013 10:47, schrieb Milan Broz:
> I think using some initramfs is the only solution now for mapping
> encrypted root fs (for now).

I would remove "for now" from your statement. Unlocking the volume from
kernel code itself requires that the kernel learns how to ask for
passphrases and/or find key files, do LUKS header processing and accept
device-mapper parameters in some way.

This is very complicated to do in kernel code and adds tons of kernel
code for tasks that do not belong into the kernel. Such patches will
never be accepted upstream, since there is a more flexible and less
error-prone mechanism to solve the problem (it's called "initramfs", if
you didn't guess it already).

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 901 bytes
Desc: OpenPGP digital signature
URL: <http://www.saout.de/pipermail/dm-crypt/attachments/20130721/a582d6e8/attachment.asc>

More information about the dm-crypt mailing list