| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 19 Dec 2008 10:27:08 -0500 From: Theodore Tso <tytso@....edu> To: Hannes Reinecke <hare@...e.de> Cc: Seewer Philippe <philippe.seewer@....ch>, Bernhard Walle <bwalle@...e.de>, Christoph Hellwig <hch@...radead.org>, initramfs@...r.kernel.org, linux-kernel@...r.kernel.org, Kay Sievers <kay.sievers@...y.org>, Dave Jones <davej@...hat.com>, cjwatson@...ntu.com, Bernhard Walle <bwalle@...ell.com> Subject: Re: Dracut -- Cross distribution initramfs infrastructure On Fri, Dec 19, 2008 at 02:55:26PM +0100, Hannes Reinecke wrote: > > The goal of the initrd is to activate and mount the root fs. > And the root fs _only_. Every other system should be configured > once the main system is running. Don't forget resuming from hibernation.... And of course, activating and mounting the root filesystem can be quite complicated --- it can involve loading driver modules, activiating md and/or lvm, prompting for a password, setting up networking (dhcp, routing, dns) for iSCSI and/or NFS/AFS/Lustre/et.al, the equivalent setup for Fiber Channel attached disks, etc. If there's any cryptography involved, the user may need to be prompted for a password and/or key and/or fingerprint scan to unlock TPM unit to access the key, etc. There may also be times when it is useful to operate on the root filesystem in some way before it is mounted; in most cases the operation can bedone on a filesystem mounted read-only, yes --- but at the cost of needing to reboot afterwards if the root filesystem needs to be modified by said userspace tool. Finally, note that part the discussion at the Kernel Summit, and also what David Jones was looking to work at, was to do something that could included as part of the kernel sources. The idea is that as responsibility for early boot is moved from the kernel, an mkinitramfs which is fixed and distributed by the distribution might not work with a newer kernel.org kernel. So the idea that was explored was adding a common mkinitramfs with basic functionality into kernel sources, with the ability for distributions to add various "value add" enhancements if they like. This way if the kernel wants to move more functionality (for example, in the area of resuming from hibernation) out of the kernel into initramfs, it can do so without breaking the ability of older distributions from being able to use kernel.org kernels. So IMHO, it's important not only that the distributions standardize on a single initramfs framework, but that framework get integrated into the kernel sources. Regards, - Ted -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists