summaryrefslogtreecommitdiff
path: root/system-profiles
diff options
context:
space:
mode:
authorGregor Kleen <gkleen@yggdrasil.li>2021-06-06 16:38:59 +0200
committerGregor Kleen <gkleen@yggdrasil.li>2021-06-06 16:38:59 +0200
commit821e8ba80a751375a719954c0908ad51eb9f8615 (patch)
tree69eebe1ed1e71bdef6b0b5476b9c830147283fa1 /system-profiles
parent95a32657eab8ee9c0700da68ba863925b48dc4a7 (diff)
downloadnixos-821e8ba80a751375a719954c0908ad51eb9f8615.tar
nixos-821e8ba80a751375a719954c0908ad51eb9f8615.tar.gz
nixos-821e8ba80a751375a719954c0908ad51eb9f8615.tar.bz2
nixos-821e8ba80a751375a719954c0908ad51eb9f8615.tar.xz
nixos-821e8ba80a751375a719954c0908ad51eb9f8615.zip
bump
Diffstat (limited to 'system-profiles')
-rw-r--r--system-profiles/initrd-all-crypto-modules.nix18
1 files changed, 14 insertions, 4 deletions
diff --git a/system-profiles/initrd-all-crypto-modules.nix b/system-profiles/initrd-all-crypto-modules.nix
index 6b1da298..ede68e9f 100644
--- a/system-profiles/initrd-all-crypto-modules.nix
+++ b/system-profiles/initrd-all-crypto-modules.nix
@@ -1,7 +1,17 @@
1{...}: 1{ pkgs, config, ...}:
2{ 2let
3 boot.initrd.luks.cryptoModules = [ 3 moduleList = builtins.fromJSON (builtins.readFile (pkgs.runCommandCC "crypto-modules" { buildInputs = with pkgs; [ jq ]; } ''
4 "serpent_generic" "algif_rng" "authencesn" "crct10dif_generic" "blowfish_generic" "aegis128" "crc32c_generic" "md4" "lz4hc" "cbc" "adiantum" "authenc" "seqiv" "ecdh_generic" "842" "pcbc" "curve25519-generic" "sha256_generic" "cmac" "async_tx" "async_raid6_recov" "async_memcpy" "async_xor" "gcm" "ccm" "async_pq" "sha512_generic" "echainiv" "anubis" "blowfish_common" "algif_hash" "tgr192" "ghash-generic" "crypto_simd" "michael_mic" "ansi_cprng" "cast_common" "rmd128" "sm4_generic" "twofish_common" "wp512" "zstd" "cast5_generic" "algif_skcipher" "crc32_generic" "sm3_generic" "nhpoly1305" "cryptd" "twofish_generic" "crypto_user" "af_alg" "des_generic" "rmd320" "salsa20_generic" "xts" "xxhash_generic" "ecrdsa_generic" "deflate" "rmd256" "camellia_generic" "lrw" "xor" "gf128mul" "ecc" "arc4" "crypto_engine" "ecb" "lz4" "xcbc" "aes_ti" "khazad" "streebog_generic" "cast6_generic" "blake2b_generic" "keywrap" "chacha_generic" "tea" "aes_generic" "fcrypt" "cts" "chacha20poly1305" "essiv" "hmac" "vmac" "poly1305_generic" "sha3_generic" "rmd160" "algif_aead" "ctr" "crct10dif_common" "jitterentropy_rng" "pcrypt" "serpent-avx-x86_64" "cast5-avx-x86_64" "twofish-x86_64-3way" "sha1-ssse3" "seed" "cfb" "blake2s_generic" "ofb" "cast6-avx-x86_64" "twofish-x86_64" "drbg" "serpent-sse2-x86_64" "camellia-aesni-avx2" "crct10dif-pclmul" "sha256-ssse3" "sha512-ssse3" "crc32-pclmul" "camellia-x86_64" "curve25519-x86_64" "nhpoly1305-avx2" "ghash-clmulni-intel" "poly1305-x86_64" "aegis128-aesni" "camellia-aesni-avx-x86_64" "blowfish-x86_64" "nhpoly1305-sse2" "crc32c-intel" "aesni-intel" "blake2s-x86_64" "twofish-avx-x86_64" "glue_helper" "chacha-x86_64" "serpent-avx2" "des3_ede-x86_64" "asym_tpm" "pkcs7_test_key" "tpm_key_parser" 4 echo "[]" > $out
5 while IFS= read -r -d $'\0' file; do
6 unpacked=$(basename "''${file}" .xz)
7 xz -cd "''${file}" > "''${unpacked}"
8
9 module=$(readelf -Wp .gnu.linkonce.this_module "''${unpacked}" | sed -rn '/\[\s*[0-9]+\] /{ s/^[^]]*\]\s*//; p; q; }')
10 jq '. + [ $name ]' $out --arg name "''${module}" > out.json && mv out.json $out
11 done < <(find ${config.system.modulesTree}/lib/modules/*/kernel{,/arch/*}/crypto -iname '*.ko.xz' -print0 | sort -z)
12 ''));
13in {
14 boot.initrd.luks.cryptoModules = moduleList ++ [
5 "encrypted_keys" 15 "encrypted_keys"
6 ]; 16 ];
7} 17}