From 56f4fb6cb755327c77c32f8c414a4a0e64fc933c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=B3hann=20B=2E=20Gu=C3=B0mundsson?= <johannbg@gmail.com>
Date: Wed, 29 Dec 2021 09:55:02 +0000
Subject: [PATCH] feat(crypt): check if pkcs11 module is needed in hostonly
 mode

In hostonly mode, include the pkcs11 module if any encrypted volumes
are configured to be decrypted using pkcs11.
---
 modules.d/90crypt/module-setup.sh | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/modules.d/90crypt/module-setup.sh b/modules.d/90crypt/module-setup.sh
index fce898f8..572cba28 100755
--- a/modules.d/90crypt/module-setup.sh
+++ b/modules.d/90crypt/module-setup.sh
@@ -21,12 +21,15 @@ depends() {
     local deps
     deps="dm rootfs-block"
     if [[ $hostonly && -f "$dracutsysrootdir"/etc/crypttab ]]; then
-        if grep -q "tpm2-device=" "$dracutsysrootdir"/etc/crypttab; then
-            deps+=" tpm2-tss"
-        fi
         if grep -q -e "fido2-device=" -e "fido2-cid=" "$dracutsysrootdir"/etc/crypttab; then
             deps+=" fido2"
         fi
+        if grep -q "pkcs11-uri" "$dracutsysrootdir"/etc/crypttab; then
+            deps+=" pkcs11"
+        fi
+        if grep -q "tpm2-device=" "$dracutsysrootdir"/etc/crypttab; then
+            deps+=" tpm2-tss"
+        fi
     fi
     echo "$deps"
     return 0