From 75cfcc62f58f84cb68e982980407d6033e8feece Mon Sep 17 00:00:00 2001 From: Ricardo Salveti Date: Sun, 24 Jul 2022 23:14:52 -0300 Subject: [PATCH] base: resize-helper: add support for luks based rootfs LUKS2-based devices requires an additional resize (cryptsetup resize) before performing the actual file system resize with resize2fs. Signed-off-by: Ricardo Salveti --- .../resize-helper/resize-helper/resize-helper | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) diff --git a/meta-lmp-base/recipes-support/resize-helper/resize-helper/resize-helper b/meta-lmp-base/recipes-support/resize-helper/resize-helper/resize-helper index 4616b5a9e..abf8545fd 100644 --- a/meta-lmp-base/recipes-support/resize-helper/resize-helper/resize-helper +++ b/meta-lmp-base/recipes-support/resize-helper/resize-helper/resize-helper @@ -38,8 +38,16 @@ RESIZE2FS=$(which resize2fs) || { echo "E: You must have resize2fs" && exit 1; } # find root device ROOT_DEVICE=$(findmnt --noheadings --output=SOURCE / | cut -d'[' -f1) +# identify a possible mapper-based device (e.g. luks) +if echo ${ROOT_DEVICE} | grep -q "^/dev/mapper/"; then + DM_NAME=`basename ${ROOT_DEVICE}` +fi # prune root device (for example UUID) ROOT_DEVICE=$(realpath ${ROOT_DEVICE}) +# check if root device is available via device-mapper / luks +if basename ${ROOT_DEVICE} | grep -q "^dm-"; then + ROOT_DEVICE="/dev/`dmsetup deps -o devname ${ROOT_DEVICE} | cut -d'(' -f2 | cut -d')' -f1`" +fi # get the partition number and type INFO=$(udevadm info --query=property --name=${ROOT_DEVICE}) PART_ENTRY_NUMBER=$(echo "${INFO}" | grep '^ID_PART_ENTRY_NUMBER=' | cut -d'=' -f2) @@ -78,4 +86,11 @@ if [ -n "${PART_ENTRY_NAME}" ]; then fi ${PARTX} -u ${DEVICE} -${RESIZE2FS} "${ROOT_DEVICE}" +if [ -n "${DM_NAME}" ] && cryptsetup isLuks ${ROOT_DEVICE}; then + # OP-TEE: use TEE Identity for pkcs11 authentication + export CKTEEC_LOGIN_TYPE=user + cryptsetup resize --token-only ${DM_NAME} + ${RESIZE2FS} "/dev/mapper/${DM_NAME}" +else + ${RESIZE2FS} "${ROOT_DEVICE}" +fi