vbatts/grub
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

LUKS and GELI support.

Browse source 
* Makefile.util.def (libgrubkern.a): Add grub-core/lib/crypto.c,
	grub-core/disk/luks.c, grub-core/disk/geli.c,
	grub-core/disk/cryptodisk.c, grub-core/disk/AFSplitter.c,
	grub-core/lib/pbkdf2.c, grub-core/commands/extcmd.c,
	grub-core/lib/arg.c.
	(libgrubmods.a): Remove gcrypts cflags and cppflags.
	Remove grub-core/commands/extcmd.c, grub-core/lib/arg.c,
	grub-core/lib/crypto.c, grub-core/lib/libgcrypt-grub/cipher/sha512.c,
	grub-core/lib/libgcrypt-grub/cipher/crc.c and grub-core/lib/pbkdf2.c.
	(grub-bin2h): Add libgcry.a.
	(grub-mkimage): Likewise.
	(grub-mkrelpath): Likewise.
	(grub-script-check): Likewise.
	(grub-editenv): Likewise.
	(grub-mkpasswd-pbkdf2): Likewise.
	(grub-pe2elf): Likewise.
	(grub-fstest): Likewise.
	(grub-mkfont): Likewise.
	(grub-mkdevicemap): Likewise.
	(grub-probe): Likewise.
	(grub-ofpath): Likewise.
	(grub-mklayout): Likewise.
	(example_unit_test): Likewise.
	(grub-menulst2cfg): Likewise.
	* autogen.sh (UTIL_DEFS): Add Makefile.utilgcry.def.
	* grub-core/Makefile.core.def (cryptodisk): New module.
	(luks): Likewise.
	(geli): Likewise.
	* grub-core/disk/AFSplitter.c: New file.
	* grub-core/disk/cryptodisk.c: Likewise.
	* grub-core/disk/geli.c: Likewise.
	* grub-core/disk/luks.c: Likewise.
	* grub-core/kern/emu/getroot.c (get_dm_uuid): New function based on
	grub_util_is_lvm.
	(grub_util_get_dm_abstraction): New function.
	(grub_util_follow_gpart_up): Likewise.
	(grub_util_get_geom_abstraction): Likewise.
	(grub_util_get_dev_abstraction): Use new functions.
	(grub_util_pull_device): Pull GELI and LUKS.
	(grub_util_get_grub_dev): Handle LUKS and GELI.
	* grub-core/kern/emu/hostdisk.c (grub_util_get_fd_sectors): New function.
	(grub_util_biosdisk_open): Use grub_util_get_fd_sectors.
	(follow_geom_up): Removed.
	(grub_util_fd_seek): New function.
	(open_device): Use grub_util_fd_seek.
	(nread): Rename to ..
	(grub_util_fd_read): ... this. All users updated.
	* grub-core/lib/crypto.c (grub_crypto_ecb_decrypt): A better prototype.
	(grub_crypto_cbc_decrypt): Likewise.
	(grub_crypto_hmac_write): Likewise.
	(grub_crypto_hmac_buffer): Likewise.
	(grub_password_get): Extend to util.
	* include/grub/crypto.h (gcry_cipher_spec) [GRUB_UTIL]:
	New member modname.
	(gcry_md_spec) [GRUB_UTIL]: Likewise.
	* include/grub/cryptodisk.h: New file.
	* include/grub/disk.h (grub_disk_dev_id): Rename LUKS to CRYPTODISK.
	* include/grub/emu/getroot.h (grub_dev_abstraction_types): Add
	LUKS and GELI.
	(grub_util_follow_gpart_up): New proto.
	* include/grub/emu/hostdisk.h (grub_util_fd_seek): Likewise.
	(grub_util_fd_read): Likewise.
	(grub_cryptodisk_cheat_mount): Likewise.
	(grub_util_cryptodisk_print_uuid): Likewise.
	(grub_util_get_fd_sectors): Likewise.
	* util/grub-fstest.c (mount_crypt): New var.
	(fstest): Mount crypto if requested.
	(options): New option -C.
	(argp_parser): Parse -C.
	(main): Init and fini gcry.
	* util/grub-install.in: Support cryptodisk install.
	* util/grub-mkconfig.in: Export GRUB_ENABLE_CRYPTODISK.
	* util/grub-mkconfig_lib.in (is_path_readable_by_grub): Support
	cryptodisk.
	(prepare_grub_to_access_device): Likewise.
	* util/grub-mkpasswd-pbkdf2.c (main): Use grub_password_get.
	* util/grub-probe.c (probe_partmap): Support cryptodisk UUID probe.
	(probe_cryptodisk_uuid): New function.
	(probe_abstraction): Likewise.
	(probe): Use new functions.
	* util/import_gcry.py: Create Makefile.utilgcry.def.
	Add modname member.

	Also-By: Michael Gorven <michael@gorven.za.net>

	Also-By: Clemens Fruhwirth <clemens@endorphin.org>
This commit is contained in:
Vladimir Serbinenko 2011-07-07 23:52:58 +02:00 committed by Vladimir 'phcoder' Serbinenko
commit a251b71915
24 changed files with 2971 additions and 346 deletions
Download patch file Download diff file Expand all files Collapse all files

17
util/grub-fstest.c
View file

@ -299,6 +299,7 @@ static char **images = NULL;
static int cmd = 0;
static char *debug_str = NULL;
static char **args = NULL;
static int mount_crypt = 0;
static void
fstest (int n, char **args)
@ -328,6 +329,15 @@ fstest (int n, char **args)
grub_free (host_file);
}
{
char *argv[2] = { "-a", NULL};
if (mount_crypt)
{
if (execute_command ("cryptomount", 1, argv))
grub_util_error (_("cryptomount command fails: %s"), grub_errmsg);
}
}
grub_lvm_fini ();
grub_mdraid09_fini ();
grub_mdraid1x_fini ();
@ -397,6 +407,7 @@ static struct argp_option options[] = {
{"length", 'n', "N", 0, N_("Handle N bytes in output file."), 2},
{"diskcount", 'c', "N", 0, N_("N input files."), 2},
{"debug", 'd', "S", 0, N_("Set debug environment variable."), 2},
{"crypto", 'C', NULL, OPTION_ARG_OPTIONAL, N_("Mount crypto devices."), 2},
{"verbose", 'v', NULL, OPTION_ARG_OPTIONAL, N_("Print verbose messages."), 2},
{0, 0, 0, 0, 0, 0}
};
@ -420,6 +431,10 @@ argp_parser (int key, char *arg, struct argp_state *state)
root = arg;
return 0;
case 'C':
mount_crypt = 1;
return 0;
case 's':
skip = grub_strtoul (arg, &p, 0);
if (*p == 's')
@ -564,6 +579,7 @@ main (int argc, char *argv[])
/* Initialize all modules. */
grub_init_all ();
grub_gcry_init_all ();
if (debug_str)
grub_env_set ("debug", debug_str);
@ -592,6 +608,7 @@ main (int argc, char *argv[])
fstest (args_count - 1 - num_disks, args);
/* Free resources. */
grub_gcry_fini_all ();
grub_fini_all ();
return 0;

8
util/grub-install.in
View file

@ -456,6 +456,8 @@ for dir in "${localedir}"/*; do
fi
done
is_path_readable_by_grub "${grubdir}" || (echo "${grubdir}" not readable 1>&2 ; exit 1)
# Write device to a variable so we don't have to traverse /dev every time.
grub_device="`"$grub_probe" --device-map="${device_map}" --target=device "${grubdir}"`" || exit 1
@ -544,6 +546,12 @@ if [ "x${devabstraction_module}" = "x" ] ; then
exit 1
fi
if [ x$GRUB_CRYPTODISK_ENABLE = xy ]; then
for uuid in "`"${grub_probe}" --device "${device}" --target=cryptodisk_uuid`"; do
echo "cryptomount -u $uuid"
done
fi
echo "search.fs_uuid ${uuid} root " >> "${grubdir}/load.cfg"
echo 'set prefix=($root)'"${relative_grubdir}" >> "${grubdir}/load.cfg"
config_opt="-c ${grubdir}/load.cfg "

1
util/grub-mkconfig.in
View file

@ -256,6 +256,7 @@ export GRUB_DEFAULT \
GRUB_DISABLE_OS_PROBER \
GRUB_INIT_TUNE \
GRUB_SAVEDEFAULT \
GRUB_ENABLE_CRYPTODISK \
GRUB_BADRAM
if test "x${grub_cfg}" != "x"; then

20
util/grub-mkconfig_lib.in
View file

@ -63,10 +63,22 @@ is_path_readable_by_grub ()
# ... or if we can't figure out the abstraction module, for example if
# memberlist fails on an LVM volume group.
if "${grub_probe}" -t abstraction "$path" > /dev/null 2>&1 ; then : ; else
if abstractions="`"${grub_probe}" -t abstraction "$path"`" 2>&1 ; then
:
else
return 1
fi
if [ x$GRUB_CRYPTODISK_ENABLE = xy ]; then
return 0
fi
for abstraction in $abstractions; do
if [ "x$abstraction" = xcryptodisk ]; then
return 1
fi
done
return 0
}
@ -126,6 +138,12 @@ prepare_grub_to_access_device ()
echo "insmod ${module}"
done
if [ x$GRUB_CRYPTODISK_ENABLE = xy ]; then
for uuid in "`"${grub_probe}" --device "${device}" --target=cryptodisk_uuid`"; do
echo "cryptomount -u $uuid"
done
fi
# If there's a filesystem UUID that GRUB is capable of identifying, use it;
# otherwise set root as per value in device.map.
echo "set root='`"${grub_probe}" --device "${device}" --target=drive`'"

76
util/grub-mkpasswd-pbkdf2.c
View file

@ -20,6 +20,7 @@
#include <grub/types.h>
#include <grub/crypto.h>
#include <grub/auth.h>
#include <grub/emu/misc.h>
#include <grub/util/misc.h>
#include <grub/i18n.h>
@ -29,7 +30,6 @@
#include <stdlib.h>
#include <string.h>
#include <getopt.h>
#include <termios.h>
#include "progname.h"
@ -85,14 +85,12 @@ int
main (int argc, char *argv[])
{
unsigned int count = 10000, buflen = 64, saltlen = 64;
char *pass1, *pass2;
char *bufhex, *salthex;
gcry_err_code_t gcry_err;
grub_uint8_t *buf, *salt;
ssize_t nr;
FILE *in, *out;
struct termios s, t;
int tty_changed;
char pass1[GRUB_AUTH_MAX_PASSLEN];
char pass2[GRUB_AUTH_MAX_PASSLEN];
set_program_name (argv[0]);
@ -160,86 +158,37 @@ main (int argc, char *argv[])
free (buf);
grub_util_error ("out of memory");
}
/* Disable echoing. Based on glibc. */
in = fopen ("/dev/tty", "w+c");
if (in == NULL)
{
in = stdin;
out = stderr;
}
else
out = in;
if (tcgetattr (fileno (in), &t) == 0)
{
/* Save the old one. */
s = t;
/* Tricky, tricky. */
t.c_lflag &= ~(ECHO|ISIG);
tty_changed = (tcsetattr (fileno (in), TCSAFLUSH, &t) == 0);
}
else
tty_changed = 0;
printf ("Enter password: ");
pass1 = NULL;
{
grub_size_t n;
nr = getline (&pass1, &n, stdin);
}
if (nr < 0 || !pass1)
if (!grub_password_get (pass1, GRUB_AUTH_MAX_PASSLEN))
{
free (buf);
free (bufhex);
free (salthex);
free (salt);
/* Restore the original setting. */
if (tty_changed)
(void) tcsetattr (fileno (in), TCSAFLUSH, &s);
grub_util_error ("failure to read password");
}
if (nr >= 1 && pass1[nr-1] == '\n')
pass1[nr-1] = 0;
printf ("\nReenter password: ");
pass2 = NULL;
{
grub_size_t n;
nr = getline (&pass2, &n, stdin);
}
/* Restore the original setting. */
if (tty_changed)
(void) tcsetattr (fileno (in), TCSAFLUSH, &s);
printf ("\n");
if (nr < 0 || !pass2)
if (!grub_password_get (pass2, GRUB_AUTH_MAX_PASSLEN))
{
memset (pass1, 0, strlen (pass1));
free (pass1);
free (buf);
free (bufhex);
free (salthex);
free (salt);
grub_util_error ("failure to read password");
}
if (nr >= 1 && pass2[nr-1] == '\n')
pass2[nr-1] = 0;
if (strcmp (pass1, pass2) != 0)
{
memset (pass1, 0, strlen (pass1));
memset (pass2, 0, strlen (pass2));
free (pass1);
free (pass2);
memset (pass1, 0, sizeof (pass1));
memset (pass2, 0, sizeof (pass2));
free (buf);
free (bufhex);
free (salthex);
free (salt);
grub_util_error ("passwords don't match");
}
memset (pass2, 0, strlen (pass2));
free (pass2);
memset (pass2, 0, sizeof (pass2));
#if ! defined (__linux__) && ! defined (__FreeBSD__)
printf ("WARNING: your random generator isn't known to be secure\n");
@ -251,8 +200,7 @@ main (int argc, char *argv[])
f = fopen ("/dev/urandom", "rb");
if (!f)
{
memset (pass1, 0, strlen (pass1));
free (pass1);
memset (pass1, 0, sizeof (pass1));
free (buf);
free (bufhex);
free (salthex);
@ -264,8 +212,7 @@ main (int argc, char *argv[])
if (rd != saltlen)
{
fclose (f);
memset (pass1, 0, strlen (pass1));
free (pass1);
memset (pass1, 0, sizeof (pass1));
free (buf);
free (bufhex);
free (salthex);
@ -279,8 +226,7 @@ main (int argc, char *argv[])
(grub_uint8_t *) pass1, strlen (pass1),
salt, saltlen,
count, buf, buflen);
memset (pass1, 0, strlen (pass1));
free (pass1);
memset (pass1, 0, sizeof (pass1));
if (gcry_err)
{

169
util/grub-probe.c
View file

@ -34,6 +34,8 @@
#include <grub/env.h>
#include <grub/raid.h>
#include <grub/i18n.h>
#include <grub/crypto.h>
#include <grub/cryptodisk.h>
#include <stdio.h>
#include <unistd.h>
@ -54,6 +56,7 @@ enum {
PRINT_DEVICE,
PRINT_PARTMAP,
PRINT_ABSTRACTION,
PRINT_CRYPTODISK_UUID
};
int print = PRINT_FS;
@ -63,15 +66,49 @@ static void
probe_partmap (grub_disk_t disk)
{
grub_partition_t part;
grub_disk_memberlist_t list = NULL, tmp;
if (disk->partition == NULL)
{
grub_util_info ("no partition map found for %s", disk->name);
return;
}
for (part = disk->partition; part; part = part->parent)
printf ("%s\n", part->partmap->name);
printf ("%s ", part->partmap->name);
/* In case of LVM/RAID, check the member devices as well. */
if (disk->dev->memberlist)
{
list = disk->dev->memberlist (disk);
}
while (list)
{
probe_partmap (list->disk);
tmp = list->next;
free (list);
list = tmp;
}
}
static void
probe_cryptodisk_uuid (grub_disk_t disk)
{
grub_disk_memberlist_t list = NULL, tmp;
/* In case of LVM/RAID, check the member devices as well. */
if (disk->dev->memberlist)
{
list = disk->dev->memberlist (disk);
}
while (list)
{
probe_cryptodisk_uuid (list->disk);
tmp = list->next;
free (list);
list = tmp;
}
if (disk->dev->id == GRUB_DISK_DEVICE_CRYPTODISK_ID)
grub_util_cryptodisk_print_uuid (disk);
}
static int
@ -88,6 +125,42 @@ probe_raid_level (grub_disk_t disk)
return ((struct grub_raid_array *) disk->data)->level;
}
static void
probe_abstraction (grub_disk_t disk)
{
grub_disk_memberlist_t list = NULL, tmp;
int raid_level;
if (disk->dev->memberlist)
list = disk->dev->memberlist (disk);
while (list)
{
probe_abstraction (list->disk);
tmp = list->next;
free (list);
list = tmp;
}
if (disk->dev->id == GRUB_DISK_DEVICE_LVM_ID)
printf ("lvm ");
if (disk->dev->id == GRUB_DISK_DEVICE_CRYPTODISK_ID)
grub_util_cryptodisk_print_abstraction (disk);
raid_level = probe_raid_level (disk);
if (raid_level >= 0)
{
printf ("raid ");
if (disk->dev->raidname)
printf ("%s ", disk->dev->raidname (disk));
}
if (raid_level == 5)
printf ("raid5rec ");
if (raid_level == 6)
printf ("raid6rec ");
}
static void
probe (const char *path, char *device_name)
{
@ -136,91 +209,23 @@ probe (const char *path, char *device_name)
if (print == PRINT_ABSTRACTION)
{
grub_disk_memberlist_t list = NULL, tmp;
const int is_lvm = (dev->disk->dev->id == GRUB_DISK_DEVICE_LVM_ID);
int is_raid = 0;
int is_raid5 = 0;
int is_raid6 = 0;
int raid_level;
grub_disk_t raid_disk;
raid_level = probe_raid_level (dev->disk);
if (raid_level >= 0)
{
is_raid = 1;
is_raid5 |= (raid_level == 5);
is_raid6 |= (raid_level == 6);
raid_disk = dev->disk;
}
if ((is_lvm) && (dev->disk->dev->memberlist))
list = dev->disk->dev->memberlist (dev->disk);
while (list)
{
raid_level = probe_raid_level (list->disk);
if (raid_level >= 0)
{
is_raid = 1;
is_raid5 |= (raid_level == 5);
is_raid6 |= (raid_level == 6);
raid_disk = list->disk;
}
tmp = list->next;
free (list);
list = tmp;
}
if (is_raid)
{
printf ("raid ");
if (is_raid5)
printf ("raid5rec ");
if (is_raid6)
printf ("raid6rec ");
if (raid_disk->dev->raidname)
printf ("%s ", raid_disk->dev->raidname (raid_disk));
}
if (is_lvm)
printf ("lvm ");
probe_abstraction (dev->disk);
printf ("\n");
goto end;
}
if (print == PRINT_CRYPTODISK_UUID)
{
probe_cryptodisk_uuid (dev->disk);
printf ("\n");
goto end;
}
if (print == PRINT_PARTMAP)
{
grub_disk_memberlist_t list = NULL, tmp;
/* Check if dev->disk itself is contained in a partmap. */
probe_partmap (dev->disk);
/* In case of LVM/RAID, check the member devices as well. */
if (dev->disk->dev->memberlist)
list = dev->disk->dev->memberlist (dev->disk);
while (list)
{
probe_partmap (list->disk);
/* LVM on RAID */
if (list->disk->dev->memberlist)
{
grub_disk_memberlist_t sub_list;
sub_list = list->disk->dev->memberlist (list->disk);
while (sub_list)
{
probe_partmap (sub_list->disk);
tmp = sub_list->next;
free (sub_list);
sub_list = tmp;
}
}
tmp = list->next;
free (list);
list = tmp;
}
printf ("\n");
goto end;
}
@ -289,8 +294,8 @@ Probe device information for a given path (or device, if the -d option is given)
\n\
-d, --device given argument is a system device, not a path\n\
-m, --device-map=FILE use FILE as the device map [default=%s]\n\
-t, --target=(fs|fs_uuid|fs_label|drive|device|partmap|abstraction)\n\
print filesystem module, GRUB drive, system device, partition map module or abstraction module [default=fs]\n\
-t, --target=(fs|fs_uuid|fs_label|drive|device|partmap|abstraction|cryptodisk_uuid)\n\
print filesystem module, GRUB drive, system device, partition map module, abstraction module or CRYPTO UUID [default=fs]\n\
-h, --help display this message and exit\n\
-V, --version print version information and exit\n\
-v, --verbose print verbose messages\n\
@ -348,6 +353,8 @@ main (int argc, char *argv[])
print = PRINT_PARTMAP;
else if (!strcmp (optarg, "abstraction"))
print = PRINT_ABSTRACTION;
else if (!strcmp (optarg, "cryptodisk_uuid"))
print = PRINT_CRYPTODISK_UUID;
else
usage (1);
break;
@ -393,6 +400,7 @@ main (int argc, char *argv[])
/* Initialize all modules. */
grub_init_all ();
grub_gcry_init_all ();
grub_lvm_fini ();
grub_mdraid09_fini ();
@ -410,6 +418,7 @@ main (int argc, char *argv[])
probe (argument, NULL);
/* Free resources. */
grub_gcry_fini_all ();
grub_fini_all ();
grub_util_biosdisk_fini ();

58
util/import_gcry.py
View file

@ -42,7 +42,15 @@ except:
cipher_files = os.listdir (cipher_dir_in)
conf = open (os.path.join ("grub-core", "Makefile.gcry.def"), "w")
conf.write ("AutoGen definitions Makefile.tpl;\n\n")
confutil = open ("Makefile.utilgcry.def", "w")
confutil.write ("AutoGen definitions Makefile.tpl;\n\n")
confutil.write ("library = {\n");
confutil.write (" name = libgrubgcry.a;\n");
confutil.write (" cflags = '$(CFLAGS_GCRY)';\n");
confutil.write (" cppflags = '$(CPPFLAGS_GCRY)';\n");
confutil.write ("\n");
chlog = ""
modules = []
# Strictly speaking CRC32/CRC24 work on bytes so this value should be 1
# But libgcrypt uses 64. Let's keep the value for compatibility. Since
@ -103,6 +111,7 @@ for cipher_file in cipher_files:
skip = False
skip2 = False
ismd = False
iscipher = False
iscryptostart = False
iscomma = False
isglue = False
@ -132,15 +141,22 @@ for cipher_file in cipher_files:
sg = s.groups()[0]
cryptolist.write (("%s: %s\n") % (sg, modname))
iscryptostart = False
if ismd:
if ismd or iscipher:
if not re.search (" *};", line) is None:
if not mdblocksizes.has_key (mdname):
print ("ERROR: Unknown digest blocksize: %s\n" % mdname)
exit (1)
if not iscomma:
fw.write (" ,\n")
fw.write (" .blocksize = %s\n" % mdblocksizes [mdname])
fw.write ("#ifdef GRUB_UTIL\n");
fw.write (" .modname = \"%s\",\n" % modname);
fw.write ("#endif\n");
if ismd:
if not mdblocksizes.has_key (mdname):
print ("ERROR: Unknown digest blocksize: %s\n"
% mdname)
exit (1)
fw.write (" .blocksize = %s\n"
% mdblocksizes [mdname])
ismd = False
iscipher = False
iscomma = not re.search (",$", line) is None
# Used only for selftests.
m = re.match ("(static byte|static unsigned char) (weak_keys_chksum)\[[0-9]*\] =", line)
@ -181,14 +197,18 @@ for cipher_file in cipher_files:
continue
m = re.match ("gcry_cipher_spec_t", line)
if isc and not m is None:
assert (not iscryptostart)
assert (not iscipher)
assert (not iscryptostart)
ciphername = line [len ("gcry_cipher_spec_t"):].strip ()
ciphername = re.match("[a-zA-Z0-9_]*",ciphername).group ()
ciphernames.append (ciphername)
iscipher = True
iscryptostart = True
m = re.match ("gcry_md_spec_t", line)
if isc and not m is None:
assert (not ismd)
assert (not iscipher)
assert (not iscryptostart)
mdname = line [len ("gcry_md_spec_t"):].strip ()
mdname = re.match("[a-zA-Z0-9_]*",mdname).group ()
@ -249,6 +269,7 @@ for cipher_file in cipher_files:
% (cipher_file, cipher_file.replace ("-glue.c", ".c"))
else:
modfiles = "lib/libgcrypt-grub/cipher/%s" % cipher_file
modules.append (modname)
chmsg = "(GRUB_MOD_INIT(%s)): New function\n" % modname
if nch:
chlognew = "%s\n %s" % (chlognew, chmsg)
@ -283,6 +304,7 @@ for cipher_file in cipher_files:
conf.write (" name = %s;\n" % modname)
for src in modfiles.split():
conf.write (" common = %s;\n" % src)
confutil.write (" common = grub-core/%s;\n" % src)
conf.write (" cflags = '$(CFLAGS_GCRY)';\n");
conf.write (" cppflags = '$(CPPFLAGS_GCRY)';\n");
conf.write ("};\n\n")
@ -329,6 +351,32 @@ fw.close ()
infile = os.path.join (cipher_dir_in, "ChangeLog")
outfile = os.path.join (cipher_dir_out, "ChangeLog")
conf.close ();
initfile = open (os.path.join (cipher_dir_out, "init.c"), "w")
for module in modules:
initfile.write ("extern void grub_%s_init (void);\n" % module)
initfile.write ("extern void grub_%s_fini (void);\n" % module)
initfile.write ("\n")
initfile.write ("void\n")
initfile.write ("grub_gcry_init_all (void)\n")
initfile.write ("{\n")
for module in modules:
initfile.write (" grub_%s_init ();\n" % module)
initfile.write ("}\n")
initfile.write ("\n")
initfile.write ("void\n")
initfile.write ("grub_gcry_fini_all (void)\n")
initfile.write ("{\n")
for module in modules:
initfile.write (" grub_%s_fini ();\n" % module)
initfile.write ("}\n")
initfile.close ()
confutil.write (" common = grub-core/lib/libgcrypt-grub/cipher/init.c;\n")
confutil.write ("};\n");
confutil.close ();
f=open (infile, "r")
fw=open (outfile, "w")