[pkg-cryptsetup-devel] cryptsetup and hibernation
Guilhem Moulin
guilhem at debian.org
Sun Mar 26 00:05:44 GMT 2023
Hi,
On Sun, 26 Mar 2023 at 00:44:08 +0100, Christoph Anton Mitterer wrote:
> - cryptsetup always tries to bring up the root-, resume- (if any was
> detected) and any "initramfs"-crypttab-option-marked devices at
> either local-top or local-block stages[0].
> -> thus before, the resume script is run?
Correct
> - noearly-crypttab-option is not used for the initramfs at all, so no
> difference at when the device is opened?
Correct
> - initramfs-crypttab-option doesn't make a difference at which stage
> the dm-crytp device is opened in the initamfs, just *that* it is.
>
> - The order in which cryptsetup devices are unlocked/"decrypted"
> depends on their order in crypttab,...
> So it simply takes any root, resume, initramfs-option devices from
> that and opens them in their order from crypttab?
> Or does it always open root first?
The order is not documented so may not be be relied on, but IIRC from
the top of my head the devices backing / are recursively (depth-first
traversal of the block device tree, lexicographic order) opened first,
then those for /usr, then those for the resume device(s), and finally
those marked with the ‘initramfs’ keyword set (in the order specified in
crypttab(5)).
> - AFAIU, local-premount/resume is - if there is a resume - the last
> script run from the initramfs, as the system gets then completely
> replaced.
> So the initramfs will not even mount the rootfs anymore (in the
> replacement it's already mounted).
Correct
--
Guilhem.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-cryptsetup-devel/attachments/20230326/3acf6efa/attachment.sig>
More information about the pkg-cryptsetup-devel
mailing list