#!/bin/bash

build() {
    local mod

    map add_module 'dm-crypt' 'dm-integrity' 'hid-generic?'
    if [[ -n "$CRYPTO_MODULES" ]]; then
        for mod in $CRYPTO_MODULES; do
            add_module "$mod"
        done
    else
        add_all_modules '/crypto/'
    fi

    add_binary 'cryptsetup'

    map add_udev_rule \
        '10-dm.rules' \
        '13-dm-disk.rules' \
        '95-dm-notify.rules'

    # cryptsetup calls pthread_create(), which dlopen()s libgcc_s.so.1
    add_binary '/usr/lib/libgcc_s.so.1'

    # cryptsetup loads the legacy provider which is required for whirlpool
    add_binary '/usr/lib/ossl-modules/legacy.so'

    add_binary '/usr/bin/unl0kr'
    add_file '/etc/unl0kr.conf'

    add_file '/usr/lib/udev/hwdb.bin'
    add_binary '/usr/lib/udev/libinput-device-group'
    add_binary '/usr/lib/udev/libinput-fuzz-extract'
    add_binary '/usr/lib/udev/libinput-fuzz-to-zero'
    map add_udev_rule \
        '60-evdev.rules' \
        '60-input-id.rules' \
        '65-libwacom.rules' \
        '70-mouse.rules' \
        '70-touchpad.rules' \
        '80-libinput-device-groups.rules' \
        '90-libinput-fuzz-override.rules'

    add_full_dir '/usr/share/libinput'
    add_full_dir '/usr/share/X11/xkb'

    add_runscript
}

help() {
    cat <<HELPEOF
This hook allows for an encrypted root device. Users should specify the device
to be unlocked using 'cryptdevice=device:dmname' on the kernel command line,
where 'device' is the path to the raw device, and 'dmname' is the name given to
the device after unlocking, and will be available as /dev/mapper/dmname.

For unlocking via keyfile, 'cryptkey=device:fstype:path' should be specified on
the kernel cmdline, where 'device' represents the raw block device where the key
exists, 'fstype' is the filesystem type of 'device' (or auto), and 'path' is
the absolute path of the keyfile within the device.

Without specifying a keyfile, you will be prompted for the password at runtime
using a GUI program called unl0kr. unl0kr allows to enter the password with
an on-screen keyboard, a mouse, a touchpad or a regular hardware keyboard.
HELPEOF
}

# vim: set ft=sh ts=4 sw=4 et:
