From 0f547668a92025fe0741a9dfcf5abfc84e6ba9f9 Mon Sep 17 00:00:00 2001 From: Sean Whitton Date: Sat, 23 Jul 2022 11:11:24 -0700 Subject: add support for passing arbitrary options to cryptsetup luksFormat Signed-off-by: Sean Whitton --- src/property/disk.lisp | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/src/property/disk.lisp b/src/property/disk.lisp index 6806bab..ab9b6f3 100644 --- a/src/property/disk.lisp +++ b/src/property/disk.lisp @@ -611,6 +611,11 @@ possible. Ignored if VOLUME-SIZE is also bound.")) "The value of the --type parameter to cryptsetup luksFormat. Note that GRUB2 older than 2.06 cannot open the default LUKS2 format, so specify \"luks1\" if this is needed.") + (cryptsetup-options + :type list :initform nil :initarg :cryptsetup-options + :documentation + "Extra arguments to pass to cryptsetup(8) when creating the volume, such as +'--cipher'. Use the LUKS-TYPE slot for '--type'.") (crypttab-options :type list :initform '("luks" "discard" "initramfs") :initarg :crypttab-options :accessor crypttab-options) @@ -632,12 +637,15 @@ specify \"luks1\" if this is needed.") (merge-pathnames volume-label #P"/dev/mapper/")))) (defmethod create-volume ((volume luks-container) (file pathname)) - (with-slots (luks-passphrase-iden1 volume-label luks-type) volume + (with-slots + (luks-passphrase-iden1 volume-label luks-type cryptsetup-options) + volume (mrun :inform :input (get-data-string luks-passphrase-iden1 (volume-label volume)) "cryptsetup" "--type" luks-type (and (member luks-type '("luks" "luks2") :test #'string=) `("--label" ,volume-label)) + cryptsetup-options "luksFormat" file "-"))) (defmethod close-volume ((volume opened-luks-container)) -- cgit v1.2.3