-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #234 from Olf0/321+
Commits for v1.7.1
- Loading branch information
Showing
6 changed files
with
36 additions
and
66 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,65 +1,61 @@ | ||
# Since crypto-sdcard 1.6.1, it adheres to the nomenclature used in other udev rules: | ||
# - KERNEL=="sd*[!0-9]|sr*", ENV{DEVTYPE}=="disk" for all USB-attached (OTG) storage *devices* | ||
# - KERNEL=="sd*[0-9]|sr*", ENV{DEVTYPE}=="partition" for all partitions on USB-attached storage devices | ||
# - KERNEL=="sd*|sr*" for both | ||
# - SUBSYSTEMS=="usb", KERNEL=="sd*[!0-9]|sr*", ENV{DEVTYPE}=="disk" for all USB-attached (OTG) storage *devices* | ||
# - SUBSYSTEMS=="usb", KERNEL=="sd*[0-9]|sr*", ENV{DEVTYPE}=="partition" for all partitions on USB-attached storage devices | ||
# - SUBSYSTEMS=="usb", KERNEL=="sd*|sr*" for both | ||
# - KERNEL=="mmcblk[1-9]" (the test ENV{DEVTYPE}=="disk" can be omitted) for the card in the internal slot and all external (USB-attached) SD-cards and MMCs (e.g., in readers). | ||
# - KERNEL=="mmcblk[1-9]p[0-9]" (the test ENV{DEVTYPE}=="partition" can be omitted) for all partitions on the card in the internal slot and on all external SD-cards and MMCs. Side note: mmcblk[0-9]boot[0-9] are (e)MMC's special devices ("RPMB"). | ||
# - KERNEL=="mmcblk[1-9]*" for both | ||
# - KERNEL=="mmcblk[1-9]*|sd*|sr*", SUBSYSTEMS=="usb" to filter for anything attached via (presumably "external") USB. Mind that on devices without an SD-card slot mmcblk1 will be an externally attached card. | ||
# - SUBSYSTEMS=="usb", KERNEL=="mmcblk[0-9]*|sd*|sr*" to filter for anything attached via (presumably "external") USB. Mind that on devices without an SD-card slot mmcblk1 will be an externally attached card. | ||
# Reference: /usr/lib/udev/rules.d/60-persistent-storage.rules | ||
# | ||
# Is something like KERNEL=="mmcblk[1-9]*|sd*|sr*", SUBSYSTEMS=="usb", ATTR{removable}="1" possible and reasonable (means only "removable *media*"?) ? Or without restricting it to USB-attached devices / partitions? | ||
# Q: Is something like SUBSYSTEMS=="usb", KERNEL=="mmcblk[0-9]*|sd*|sr*", ATTRS{removable}=="1" possible and reasonable (means only "removable *media*"?) ? Or without restricting it to USB-attached devices / partitions? | ||
# A: Yes, but potential side effects are still evaluated. | ||
|
||
SUBSYSTEM!="block", GOTO="cryptosd_mount_end" | ||
KERNEL!="mmcblk[1-9]*|sd*|sr*", GOTO="cryptosd_open_end" | ||
SUBSYSTEM!="block", GOTO="cryptosd_end" | ||
#SUBSYSTEMS!="usb", KERNEL!="mmcblk[0-9]*|sd*|sr*", GOTO="cryptosd_open_end" | ||
# Note that this means: If NOT (SUBSYSTEMS=="usb" OR KERNEL=="mmcblk[0-9]*|sd*|sr*"), then GOTO. | ||
|
||
# Ignore the additions / changes by Jolla per | ||
# https://git.sailfishos.org/mer-core/udisks2/blob/master/rpm/0005-Add-udev-rule-for-the-sda-drives.patch | ||
# by setting these anew / clobbering these for *all suitable* devices. | ||
KERNEL=="mmcblk[1-9]*", ENV{DEVTYPE}=="disk", ENV{MMC_TYPE}!="?*", ENV{ID_DRIVE_FLASH_SD}="1", ENV{ID_DRIVE_MEDIA_FLASH_SD}="1" | ||
KERNEL=="sd*", ENV{DEVTYPE}=="disk", ENV{ID_DRIVE_FLASH_SD}="1", ENV{ID_DRIVE_MEDIA_FLASH_SD}="1" | ||
# ToDo: Only set that for storage, which is not "rotational", but also for SATA-RAIDs; check, if ATTR{queue/rotational} works!?! | ||
#KERNEL=="sd*|sr*", ENV{DEVTYPE}=="disk", ATTR{queue/rotational}=="0", ENV{ID_DRIVE_FLASH_SD}="1", ENV{ID_DRIVE_MEDIA_FLASH_SD}="1" | ||
|
||
# ToDo: Set UDISKS_CAN_POWER_OFF for all suitable devices dealt with, here: | ||
#ENV{DEVTYPE}=="disk", ATTR{power/control}=="on", ENV{UDISKS_CAN_POWER_OFF}="1" | ||
|
||
# ToDo: Use a test for ATA-Discard / -"Trim" to unlock appropriately: | ||
# See for details https://github.com/Olf0/crypto-sdcard/wiki/ToDo#starting-points-for-that | ||
# ATTR{discard_alignment}!="0", ... | ||
# ATTR{device/queue/discard_granularity}!="0", ... | ||
# ATTR{device/discard_alignment}!="0", ... | ||
# ATTRS{discard_alignment}!="0", ... | ||
# ATTRS{queue/discard_granularity}!="0", ... | ||
# or IMPORT{parent}="...", IMPORT{db}="...", | ||
SUBSYSTEMS=="usb", KERNEL=="mmcblk0*|sd*|sr*", ENV{DEVTYPE}=="disk", ATTR{queue/rotational}=="0", ENV{MMC_TYPE}!="?*", ENV{ID_DRIVE_FLASH_SD}="1", ENV{ID_DRIVE_MEDIA_FLASH_SD}="1" | ||
|
||
# Set power control / UDISKS_CAN_POWER_OFF for all devices dealt with, here: This is also supported for partitions, not only disks!?! | ||
# KERNEL=="mmcblk[1-9]*", ATTR{power/control}=="off", ATTR{power/control}="auto" | ||
# SUBSYSTEMS=="usb", KERNEL=="mmcblk0*|sd*|sr*", ATTR{power/control}=="off", ATTR{power/control}="auto" | ||
KERNEL=="mmcblk[1-9]*", ATTR{power/control}=="on", ENV{UDISKS_CAN_POWER_OFF}="1" | ||
SUBSYSTEMS=="usb", KERNEL=="mmcblk0*|sd*|sr*", ATTR{power/control}=="on", ENV{UDISKS_CAN_POWER_OFF}="1" | ||
|
||
# For DM-Crypt LUKS, match ENV{ID_FS_TYPE}=="crypto_LUKS" | ||
ENV{ID_FS_TYPE}=="crypto_LUKS", ACTION=="add|change", PROGRAM=="/bin/grep -q .* /etc/crypto-sdcard/crypto_luks_%E{ID_FS_UUID}.key", ENV{CRYPTOSD_TYPE}="LUKS" | ||
ENV{CRYPTOSD_TYPE}=="LUKS", ENV{UDISKS_SYSTEM}="0", ENV{UDISKS_AUTO}="0", ENV{UDISKS_NAME}="cryptosd_luks_dev-%k_%E{ID_FS_UUID}", MODE="0660", TAG+="systemd", PROGRAM=="/bin/systemd-escape --template=cryptosd-luks@.service %E{ID_FS_UUID}", ENV{SYSTEMD_WANTS}="%c" | ||
KERNEL=="mmcblk[1-9]*", ENV{ID_FS_TYPE}=="crypto_LUKS", ACTION=="add|change", TEST=="/etc/crypto-sdcard/crypto_luks_%E{ID_FS_UUID}.key", ENV{CRYPTOSD_TYPE}="LUKS" | ||
SUBSYSTEMS=="usb", KERNEL=="mmcblk0*|sd*|sr*", ENV{ID_FS_TYPE}=="crypto_LUKS", ACTION=="add|change", TEST=="/etc/crypto-sdcard/crypto_luks_%E{ID_FS_UUID}.key", ENV{CRYPTOSD_TYPE}="LUKS" | ||
ENV{CRYPTOSD_TYPE}=="LUKS", ACTION=="add|change", ENV{UDISKS_SYSTEM}="0", ENV{UDISKS_AUTO}="0", ENV{UDISKS_NAME}="cryptosd_luks_dev-%k_%E{ID_FS_UUID}", MODE="0660", TAG+="systemd", PROGRAM=="/bin/systemd-escape --template=cryptosd-luks@.service %E{ID_FS_UUID}", ENV{SYSTEMD_WANTS}="%c" | ||
# When above detected and assigned devices are removed | ||
ENV{CRYPTOSD_TYPE}=="LUKS", ACTION=="remove", ENV{CRYPTOSD_TYPE}="removed", ENV{UDISKS_NAME}="cryptosd_removed", PROGRAM=="/bin/systemd-escape --template=cryptosd-luks@.service %E{ID_FS_UUID}", ENV{SYSTEMD_WANTS}="", ENV{SYSTEMD_USER_WANTS}="", RUN{program}+="/bin/systemctl stop %c" | ||
|
||
# For DM-Crypt "plain", ensure (by ENV{ID_*}!="?*" statements) that it appears to be unused space | ||
# Two rules, one for partitions and a tighter one for whole disks: | ||
ENV{DEVTYPE}=="disk", ENV{ID_FS_USAGE}!="?*", ENV{ID_FS_TYPE}!="?*", ENV{ID_PART_TABLE_TYPE}!="?*", ACTION=="add|change", PROGRAM=="/bin/grep -q .* /etc/crypto-sdcard/crypto_plain_%k.key", ENV{UDISKS_PARTITIONABLE}="0", ENV{CRYPTOSD_TYPE}="PLAIN" | ||
ENV{DEVTYPE}=="partition", ENV{ID_FS_USAGE}!="?*", ENV{ID_FS_TYPE}!="?*", ACTION=="add|change", PROGRAM=="/bin/grep -q .* /etc/crypto-sdcard/crypto_plain_%k.key", ENV{CRYPTOSD_TYPE}="PLAIN" | ||
ENV{CRYPTOSD_TYPE}=="PLAIN", ENV{UDISKS_SYSTEM}="0", ENV{UDISKS_AUTO}="0", ENV{UDISKS_NAME}="cryptosd_plain_dev-%k", MODE="0660", TAG+="systemd", ENV{SYSTEMD_WANTS}="cryptosd-plain@%k.service" | ||
KERNEL=="mmcblk[1-9]*", ENV{DEVTYPE}=="disk", ENV{ID_FS_USAGE}!="?*", ENV{ID_FS_TYPE}!="?*", ENV{ID_PART_TABLE_TYPE}!="?*", ACTION=="add|change", TEST=="/etc/crypto-sdcard/crypto_plain_%k.key", ENV{UDISKS_PARTITIONABLE}="0", ENV{CRYPTOSD_TYPE}="PLAIN" | ||
SUBSYSTEMS=="usb", KERNEL=="mmcblk0*|sd*|sr*", ENV{DEVTYPE}=="disk", ENV{ID_FS_USAGE}!="?*", ENV{ID_FS_TYPE}!="?*", ENV{ID_PART_TABLE_TYPE}!="?*", ACTION=="add|change", TEST=="/etc/crypto-sdcard/crypto_plain_%k.key", ENV{UDISKS_PARTITIONABLE}="0", ENV{CRYPTOSD_TYPE}="PLAIN" | ||
KERNEL=="mmcblk[1-9]*", ENV{DEVTYPE}=="partition", ENV{ID_FS_USAGE}!="?*", ENV{ID_FS_TYPE}!="?*", ACTION=="add|change", TEST=="/etc/crypto-sdcard/crypto_plain_%k.key", ENV{CRYPTOSD_TYPE}="PLAIN" | ||
SUBSYSTEMS=="usb", KERNEL=="mmcblk0*|sd*|sr*", ENV{DEVTYPE}=="partition", ENV{ID_FS_USAGE}!="?*", ENV{ID_FS_TYPE}!="?*", ACTION=="add|change", TEST=="/etc/crypto-sdcard/crypto_plain_%k.key", ENV{CRYPTOSD_TYPE}="PLAIN" | ||
ENV{CRYPTOSD_TYPE}=="PLAIN", ACTION=="add|change", ENV{UDISKS_SYSTEM}="0", ENV{UDISKS_AUTO}="0", ENV{UDISKS_NAME}="cryptosd_plain_dev-%k", MODE="0660", TAG+="systemd", ENV{SYSTEMD_WANTS}="cryptosd-plain@%k.service" | ||
# When above detected and assigned devices are removed | ||
ENV{CRYPTOSD_TYPE}=="PLAIN", ACTION=="remove", ENV{CRYPTOSD_TYPE}="removed", ENV{UDISKS_NAME}="cryptosd_removed", ENV{SYSTEMD_WANTS}="", ENV{SYSTEMD_USER_WANTS}="", RUN{program}+="/bin/systemctl stop cryptosd-plain@%k.service" | ||
|
||
LABEL="cryptosd_open_end" | ||
#LABEL="cryptosd_open_end" | ||
|
||
|
||
KERNEL!="dm-[0-9]*", GOTO="cryptosd_mount_end" | ||
KERNEL!="dm-[0-9]*", GOTO="cryptosd_end" | ||
|
||
# Carefully match resulting virtual node dm-[0-9]* to trigger mounting it; see /lib/udev/rules.d/10-dm.rules for details | ||
ENV{ID_FS_USAGE}=="filesystem", ENV{DM_UDEV_RULES_VSN}=="[2-9]", ENV{DM_NAME}=="????????-????-????-????-????????????|????-????", ACTION=="change", ENV{DM_UDEV_PRIMARY_SOURCE_FLAG}=="1", ENV{DM_ACTIVATION}=="1", ENV{DM_SUSPENDED}=="0", ENV{CRYPTOSD_TYPE}="mount-LUKS", ENV{UDISKS_SYSTEM}="0", ENV{UDISKS_AUTO}="0", ENV{UDISKS_NAME}="mount_cryptosd_luks_%E{DM_NAME}", MODE="0660", TAG+="systemd", PROGRAM=="/bin/systemd-escape --template=mount-cryptosd-luks@.service %E{DM_NAME}", ENV{SYSTEMD_WANTS}="%c" | ||
ENV{CRYPTOSD_TYPE}=="mount-LUKS", ACTION=="remove", ENV{CRYPTOSD_TYPE}="mount-removed", ENV{UDISKS_NAME}="mount_cryptosd_removed", ENV{SYSTEMD_WANTS}="", ENV{SYSTEMD_USER_WANTS}="", PROGRAM=="/bin/systemd-escape --template=mount-cryptosd-luks@.service %E{DM_NAME}", RUN{program}+="/bin/systemctl stop %c" | ||
|
||
# Ditto for DM-Crypt "plain" | ||
ENV{ID_FS_USAGE}=="filesystem", ENV{DM_UDEV_RULES_VSN}=="[2-9]", ENV{DM_NAME}=="mmcblk[1-9]*|sd*|sr*", ACTION=="change", ENV{DM_UDEV_PRIMARY_SOURCE_FLAG}=="1", ENV{DM_ACTIVATION}=="1", ENV{DM_SUSPENDED}=="0", ENV{CRYPTOSD_TYPE}="mount-PLAIN", ENV{UDISKS_SYSTEM}="0", ENV{UDISKS_AUTO}="0", ENV{UDISKS_NAME}="mount_cryptosd_plain_%E{DM_NAME}", MODE="0660", TAG+="systemd", ENV{SYSTEMD_WANTS}="mount-cryptosd-plain@%E{DM_NAME}.service" | ||
ENV{ID_FS_USAGE}=="filesystem", ENV{DM_UDEV_RULES_VSN}=="[2-9]", ENV{DM_NAME}=="mmcblk[0-9]*|sd*|sr*", ACTION=="change", ENV{DM_UDEV_PRIMARY_SOURCE_FLAG}=="1", ENV{DM_ACTIVATION}=="1", ENV{DM_SUSPENDED}=="0", ENV{CRYPTOSD_TYPE}="mount-PLAIN", ENV{UDISKS_SYSTEM}="0", ENV{UDISKS_AUTO}="0", ENV{UDISKS_NAME}="mount_cryptosd_plain_%E{DM_NAME}", MODE="0660", TAG+="systemd", ENV{SYSTEMD_WANTS}="mount-cryptosd-plain@%E{DM_NAME}.service" | ||
ENV{CRYPTOSD_TYPE}=="mount-PLAIN", ACTION=="remove", ENV{CRYPTOSD_TYPE}="mount-removed", ENV{UDISKS_NAME}="mount_cryptosd_removed", ENV{SYSTEMD_WANTS}="", ENV{SYSTEMD_USER_WANTS}="", RUN{program}+="/bin/systemctl stop mount-cryptosd-plain@%E{DM_NAME}.service" | ||
|
||
LABEL="cryptosd_mount_end" | ||
LABEL="cryptosd_end" | ||
|