lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <200707150824.20490.a1426z@gawab.com>
Date:	Sun, 15 Jul 2007 08:24:20 +0300
From:	Al Boldi <a1426z@...ab.com>
To:	Bodo Eggert <7eggert@....de>
Cc:	linux-kernel@...r.kernel.org
Subject: Re: [PATCH 0/3][try 1] init: enable system-on-initramfs

Bodo Eggert wrote:
> On Sat, 14 Jul 2007, H. Peter Anvin wrote:
> > Bodo Eggert wrote:
> > > On Sat, 14 Jul 2007, H. Peter Anvin wrote:
> > >> Bodo Eggert wrote:
> > >>> Setting the name of the rdinit process to the name of the init
> > >>> process in order to select the root device should not be the right
> > >>> knob.
> > >>
> > >> What's wrong with it?
> > >
> > > rdinit is supposed to be the program that mounts, root is supposed to
> > > be whatever is mounted and init is supposed to run the system. Three
> > > different things. Now if you want to change the third, just set the
> > > first to the second ...
> >
> > That only applies to a model that you explicitly doesn't want to use.
>
> I don't want to use rdinit, because there is no task for rdinit(3), and I
> don't want to mount a filesystem(3). But I do want to use init(2).
>
> I have to lie to the kernel saying (2) is (1) in order to trick it into
> beleaving I'd do (3) myself, which I don't, just in order to not do (3).
> If the bug of not calling the security hook would be fixed, this trick
> would use the path where rdinit is expected to trigger the callback, but
> since that rdinit would be no rdinit, that callback would still be wrongly
> skipped. That would not be a bad thing for my setup, but it clearly shows
> this setup to be wrong.
>
> The correct solution is tell the kernel not to do (3) if you don't want
> it to do (3). The rest will work as intended.

Sounds rather confusing.

This is how I see it:

  initrd=initrd.img.gz implies root=rootfs
  rdinit=/bin/sh is the special init=/bin/sh for initrd.

Both initrd/root and rdinit/init must be separate for pivoting to succeed.  
If you want to drop into the initrd (i.e. rootfs), then instruct your 
initrd.img.gz not to pivot (i.e. not over-mount another filesystem).


Thanks!

--
Al

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ