From 05546ade97734247a389a7b1252fd2088b1789b3 Mon Sep 17 00:00:00 2001 From: Craig Jennings Date: Sun, 25 Jan 2026 08:34:58 -0600 Subject: Remove session-context.org (session complete) --- docs/session-context.org | 105 ----------------------------------------------- 1 file changed, 105 deletions(-) delete mode 100644 docs/session-context.org (limited to 'docs/session-context.org') diff --git a/docs/session-context.org b/docs/session-context.org deleted file mode 100644 index c547200..0000000 --- a/docs/session-context.org +++ /dev/null @@ -1,105 +0,0 @@ -#+TITLE: Session Context - Active Session -#+DATE: 2026-01-25 - -* Session: Sunday 2026-01-25 @ 00:15 CST (continued to ~05:45) - -** Current Task: LUKS Automated Testing - Almost Working - -*** Summary -Implementing automated LUKS passphrase handling for reboot tests. Using hybrid -approach: sendkey for GRUB prompt + keyfile for initramfs. - -*** What's Working -1. sendkey for GRUB passphrase - WORKING - - Monitor socket added to VM - - handle_luks_passphrase() detects prompt and sends keystrokes - - GRUB successfully decrypts (serial shows "Slot 0 opened") - - Kernel and initramfs load successfully - -2. Keyfile setup - WORKING - - setup_luks_testing_keyfile() creates keyfile - - Adds keyfile to LUKS slot 1 - - Embeds in initramfs via FILES= - - Updates crypttab to use keyfile - -*** Bug Just Fixed -configure_btrfs_initramfs() was overwriting HOOKS and removing the encrypt hook. -Just fixed by checking if LUKS is enabled and including encrypt hook. - -The fix (in btrfs.sh line ~815-825): -#+begin_src bash -local encrypt_hook="" -[[ "$NO_ENCRYPT" != "yes" && -n "$LUKS_PASSPHRASE" ]] && encrypt_hook="encrypt " -# Then include ${encrypt_hook} in HOOKS sed command -#+end_src - -*** Next Step -Run the test again to verify the fix works: -./scripts/test-install.sh btrfs-luks - -*** Files Modified This Session -- custom/lib/btrfs.sh - - Added setup_luks_testing_keyfile() function - - Modified configure_crypttab() for keyfile support - - Modified configure_luks_initramfs() for keyfile in FILES= - - Fixed configure_btrfs_initramfs() to preserve encrypt hook - -- custom/archangel - - Added call to setup_luks_testing_keyfile() in LUKS flow - -- scripts/test-install.sh - - Added monitor socket to start_vm_from_disk() - - Added handle_luks_passphrase() function - - Added send_key_to_monitor() function - - Integrated LUKS handling into reboot test flow - -- scripts/test-configs/btrfs-luks.conf - Added TESTING=yes -- scripts/test-configs/btrfs-mirror-luks.conf - Added TESTING=yes -- docs/TESTING-STRATEGY.org - New file documenting approach - -*** Commits Made This Session -- a099f50: Add ISO naming task, update session context - -*** Test Results Before Fix -- btrfs-single: PASS -- btrfs-mirror: PASS -- btrfs-stripe: PASS -- btrfs-luks: FAIL (encrypt hook missing - just fixed) -- btrfs-mirror-luks: FAIL (same issue) - -*** Technical Details - -LUKS Boot Flow: -1. GRUB decrypts /boot with GRUB_ENABLE_CRYPTODISK (sendkey provides passphrase) -2. GRUB loads kernel and initramfs -3. Initramfs encrypt hook decrypts root (keyfile provides passphrase) -4. Root mounted, boot continues - -sendkey Implementation: -- QEMU monitor socket: -monitor unix:$VM_DIR/monitor-${test_name}.sock,server,nowait -- Watch serial log for "Enter passphrase for" -- Send passphrase char-by-char via "sendkey" monitor command -- Character mapping (a-z, 0-9, special chars to QEMU key names) - -Keyfile Implementation: -- Random 2KB keyfile at /etc/cryptroot.key -- Added to LUKS slot 1 (passphrase stays in slot 0) -- Embedded in initramfs via mkinitcpio FILES=() -- crypttab uses keyfile path instead of "none" - -*** Decision Rationale -Chose hybrid approach (sendkey + keyfile) over: -- Option A (unencrypted /boot): Tests different code path than production -- Option B (accept limitation): Would miss integration bugs like empty grub.cfg - -Documented in docs/TESTING-STRATEGY.org. - -*** ISO on Ventoy -archzfs-vmlinuz-6.12.66-lts-2026-01-25-x86_64.iso (2.1G) -Updated on Ventoy flash drive. - -*** Remaining Work -1. Verify encrypt hook fix works -2. Run full btrfs test suite including LUKS configs -3. If passing, commit all changes -4. Continue to Phase 5 (CLI tools) or Phase 6 (documentation) -- cgit v1.2.3