diff options
-rw-r--r-- | resources/grub/config/menuentries/common.cfg | 23 |
1 files changed, 22 insertions, 1 deletions
diff --git a/resources/grub/config/menuentries/common.cfg b/resources/grub/config/menuentries/common.cfg index c7601bc..c7a1bf7 100644 --- a/resources/grub/config/menuentries/common.cfg +++ b/resources/grub/config/menuentries/common.cfg @@ -26,7 +26,7 @@ menuentry 'Load Operating System (incl. fully encrypted disks) [O]' --hotkey='o for d in crypto0 (crypt0,*) (lvm/*) md/0 (md0/,*) ahci0 ahci1 (ahci0,*) (ahci1,*); do set root=${d} # a) Check possible file locations... - for p in boot/grub/libreboot_ grub/libreboot_ boot/grub/ grub/; do + for p in boot/grub/libreboot_ grub/libreboot_ boot/grub/ grub/ boot/grub2 grub2/; do if [ -f "/${p}grub.cfg" ]; then # b) And eventually try to load the config. Using ESC one can still exit and revert back to # libreboot's menu. @@ -34,6 +34,27 @@ menuentry 'Load Operating System (incl. fully encrypted disks) [O]' --hotkey='o fi done done + # (This way, we only need to scan for encrypted data once while covering every possible disk setup, + # be it LVM/BTRFS/ZFS/ext4/etc. (on LUKS) (on RAID) on/across raw devices/MBR/GPT + for d in ${devs}; do + # prompt user for passphrase if LUKS header is found but try using external keyfiles first + search -n -f /keyfile --set=kf --hint usb0, --hint usb1, + if [ $? = 0 ]; then + kf="-k (${kf})/keyfile ${d}" + fi + cryptomount ${kf} ${d} + done + # 3. Do the same routine again, but for possibly decrypted data this time. There might be an LVM + # inside the LUKS container, but check crypto0 first since lvm/* also covers already existing (and + # therefore already scanned volumes as well) + for d in crypto0 (crypt0,*) (lvm/*); do + set root=${d} + for p in boot/grub/libreboot_ grub/libreboot_ boot/grub/ grub/ boot/grub2 grub2/; do + if [ -f "/${p}grub.cfg" ]; then + configfile /${p}grub.cfg + fi + done + done # 3. Last resort, if none of the above succeeds, all you have is GRUB's shell set root=ahci0,1 |