move luks header and keyfile handling to init

tinyramfs

@@ -245,16 +245,12 @@ install_luks() {
         install_library /usr/lib/libgcc_s.so.1
 
     # copy luks header
-    [ -f "$luks_header" ] && {
+    [ -f "$luks_header" ] &&
         install -m400 "$luks_header" "${workdir}/root/luks_header"
-        luks_args="--header=/root/luks_header $luks_args"
-    }
 
     # copy luks keyfile
-    [ -f "$luks_keyfile" ] && {
+    [ -f "$luks_keyfile" ] &&
         install -m400 "$luks_keyfile" "${workdir}/root/luks_keyfile"
-        luks_args="--key-file=/root/luks_keyfile $luks_args"
-    }
 }
 
 install_driver() {

usr/share/tinyramfs/init

@@ -89,7 +89,9 @@ findfs_sh() {
 }
 
 unlock_luks() {
-    [ "$luks_discard" = 1 ] && luks_args="--allow-discards $luks_args"
+    [ "$luks_discard" = 1   ] && luks_args="--allow-discards $luks_args"
+    [ -f /root/luks_header  ] && luks_args="--header=/root/luks_header $luks_args"
+    [ -f /root/luks_keyfile ] && luks_args="--key-file=/root/luks_keyfile $luks_args"
 
     cryptsetup $luks_args \
                luksOpen \
@@ -127,9 +129,10 @@ cleanup() {
 }
 
 boot_system() {
-    exec switch_root /mnt/root \
+    exec switch_root \
-                     ${init:-/sbin/init} ||
+         /mnt/root \
-                     panic "failed to boot system"
+         ${init:-/sbin/init} ||
+         panic "failed to boot system"
 }
 
 /sbin/busybox --install -s