cryptsetup: enable kernel crypto api support again

This is needed for tcrypt and the benchmark subcommand. If enabled, it is also used to unlock LUKS2 volumes and therefore the kernel modules providing this feature need to be available in our initrd. Fixes #42163. #54019.
author: Franz Pletz <fpletz@fnordicwalking.de> 2019-06-07 22:15:35 +0200
committer: Franz Pletz <fpletz@fnordicwalking.de> 2019-06-07 22:15:35 +0200
commit: 2587df7f0229994678c767e02f2c5707037b2da5 (patch)
tree: bd7c2ef7cec55dbe20bed79860a09cc2df323642
parent: 2ef3b5200a419787604ca922be6fd4db69228489 (diff)
2 files changed, 1 insertions, 1 deletions
diff --git a/nixos/modules/system/boot/luksroot.nix b/nixos/modules/system/boot/luksroot.nix
index 9dcb683eff43..b5c8d5241a3d 100644
--- a/nixos/modules/system/boot/luksroot.nix
+++ b/nixos/modules/system/boot/luksroot.nix
@@ -438,6 +438,7 @@ in
       default =
         [ "aes" "aes_generic" "blowfish" "twofish"
           "serpent" "cbc" "xts" "lrw" "sha1" "sha256" "sha512"
+          "af_alg" "algif_skcipher"
 
           (if pkgs.stdenv.hostPlatform.system == "x86_64-linux" then "aes_x86_64" else "aes_i586")
         ];
diff --git a/pkgs/os-specific/linux/cryptsetup/default.nix b/pkgs/os-specific/linux/cryptsetup/default.nix
index fac62597013c..ebd09759be6e 100644
--- a/pkgs/os-specific/linux/cryptsetup/default.nix
+++ b/pkgs/os-specific/linux/cryptsetup/default.nix
@@ -32,7 +32,6 @@ stdenv.mkDerivation rec {
   NIX_LDFLAGS = "-lgcc_s";
 
   configureFlags = [
-    "--disable-kernel_crypto"
     "--enable-cryptsetup-reencrypt"
     "--with-crypto_backend=openssl"
   ] ++ stdenv.lib.optional enablePython "--enable-python";
author	Franz Pletz <fpletz@fnordicwalking.de>	2019-06-07 22:15:35 +0200
committer	Franz Pletz <fpletz@fnordicwalking.de>	2019-06-07 22:15:35 +0200
commit	2587df7f0229994678c767e02f2c5707037b2da5 (patch)
tree	bd7c2ef7cec55dbe20bed79860a09cc2df323642
parent	2ef3b5200a419787604ca922be6fd4db69228489 (diff)