From 4e86570976b2290e056535d74e2491b4ab4df2eb Mon Sep 17 00:00:00 2001 From: Gabriel Valcazar Date: Thu, 4 Jan 2024 14:24:49 +0100 Subject: [PATCH] cryptsetup: remove udev packageconfig to prevent unwanted packages in intramfs We use cryptsetup in both the recovery and trustfence initramfs to handle block device encryption on platforms that use eMMC as the internal storage. In meta-openembedded commit 1ce71d6ec31195280073adec0e400dda7c0dd8a7 (between DEY 2.6 and 3.0), a lot of PACKAGECONFIG options were added to the cryptsetup recipe, all of them enabled by default. One of these options is "udev", which adds a runtime dependency with udev that in turn pulls in a lot of other dependencies with it. This is unnecessary because we already use mdev in our recovery image, and the other packages simply take up space as they aren't needed at all. Our eMMC partition encryption functionality, which is the reason why we need cryptsetup to begin with, is unaffected by this change and still works as expected. Keep in mind that it was working properly without udev in DEY 2.6 and older DEY releases, so removing udev isn't an issue. Remove this PACKAGECONFIG option to get rid of udev and its dependencies in the recovery and trustfence initramfs. Signed-off-by: Gabriel Valcazar --- meta-digi-dey/conf/distro/dey.conf | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/meta-digi-dey/conf/distro/dey.conf b/meta-digi-dey/conf/distro/dey.conf index 76e970d23..db39b4a30 100644 --- a/meta-digi-dey/conf/distro/dey.conf +++ b/meta-digi-dey/conf/distro/dey.conf @@ -91,3 +91,8 @@ PACKAGECONFIG:append:class-target:pn-qtwebengine = " examples" # works (libarchive needs to be able to handle .tar.gz files, every other # format can be omitted). PACKAGECONFIG:remove:class-target:pn-libarchive = "bz2 xz lzo zstd acl xattr" + +# cryptsetup still works as expected in our eMMC partition encryption use case +# when udev support is disabled, so remove it to avoid dragging a bunch of +# dependencies into the recovery and trustfence initramfs. +PACKAGECONFIG:remove:class-target:pn-cryptsetup = "udev"