Signed-off-by: Danct12 <danct12@disroot.org>
(cherry picked from commit f509c39642341c7d4fb5d0d215a6cb581b4156d1)
[ci:skip-build] Takes too long. Builds fine locally
Enable CONFIG_CRYPTO_XTS for each kernel, so we can switch to using
aes-xts-plain64 as default cipher for cryptsetup (override with
"pmbootstrap --cipher"), instead of aes-cbc-plain64 (pmbootstrap#1940).
I have executed "pmbootstrap kconfig edit" on each kernel, and manually
toggled the option. The diff is not always clean, because for some
kernels it is apparently the first time, that menuconfig was executed on
the configs like that. In a few instances, it turned out that
CONFIG_ANDROID_PARANOID_NETWORK needed to be disabled too (this is
already a requirement, but as the config was incomplete, it was not
visible that this option was enabled). Very few times, I had to enable
CONFIG_EXPERIMENTAL in order to see and enable CONFIG_CRYPTO_XTS.
It would be great if we could automate such mass kconfig edits in the
future, see pmbootstrap#1942.
[skip ci]: I have verified, that every single one of these kernels builds.
CI will likely run out of time while downloading source tarballs.
Seems like "pmbootstrap kconfig edit" causes unrelated kernel config
changes for some reason (probably because pmbootstrap does not install
a cross compiler for it). For now let's just edit the config manually
with the new options so everything else stays as-is.
Remove it, to prevent the following error:
rm: can't remove '.config': No such file or directory
This must have been necessary before, because the prepare script was
different, or abuild did something differently.
Make it possible to find the kernel config with "pmbootstrap kconfig
edit". While at it, also remove redundant -C "$builddir" arguments for
make (since prepare is running in $builddir already).
Only add a comment, do not try to mount the root or boot partitions
anymore. The initramfs is doing this already.
Related: https://postmarketos.org/fstab
Mount the boot partition at /sysroot/boot and keep it mounted, when
running the switch_root command. This way, OpenRC doesn't need to mount
it and possibly use the wrong partition. The OpenRC service does not use
the same logic to find the boot partition, in particular it does not
support the pmos_boot kernel parameter.
While at it, print the mountpoint and read-only/read-write arguments in
the mounting log message for both root and boot.
Fixes: #664
Get rid of the "write_unless_modified" code, which was supposed to only
change /etc/fstab, /etc/issue, /etc/motd if the user did not modify it.
This is nice in theory, but we have a bug report where the code did not
do what it should (apk audit possibly failed due to a qemu bug?), and
then it lead to strange bugs related to not having the expected
/etc/fstab installed.
Fixes: #661, #258
