lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20150130173014.GA16754@grep.be>
Date:	Fri, 30 Jan 2015 18:30:14 +0100
From:	Wouter Verhelst <w@...r.be>
To:	Markus Pargmann <mpa@...gutronix.de>
Cc:	nbd-general@...ts.sourceforge.net,
	Paul Clements <Paul.Clements@...eleye.com>,
	linux-kernel@...r.kernel.org, kernel@...gutronix.de
Subject: Re: [Nbd] [RFC 4/4] nbd: Add support for nbd as root device

On Fri, Jan 30, 2015 at 09:04:00AM +0100, Markus Pargmann wrote:
> Hi,
> 
> On Fri, Jan 30, 2015 at 12:42:54AM +0100, Wouter Verhelst wrote:
> > Not that I'm opposed to this, but you do realize that doing nbd-client
> > from initramfs or similar is possible, right? Most initramfs
> > implementations these days support it.
> 
> Yes, that was the first idea how to implement a complete netboot for an
> embedded ARM device. However, an initramfs is at least around 1MB in
> size which has to be loaded using tftp. As the essential nbd-client
> connection setup and negotiation is quite small I decided to go with
> nbd-root support.
> 
> Also it is quite useful to have nbd-root support much like nfsroot
> directly built-in for debugging purposes. It has the big advantage of
> booting/testing read-only filesystem images for embedded systems without
> the need for an initramfs.

Fair enough, just thought I'd point it out.

When looking at your patch set, two things pop out which you should
probably look at:
- What will happen if someone boots with root-on-NBD in your scheme and
  later does a pivot_root() followed by an NBD_DISCONNECT ioctl on the
  device?
- When a connection is started by nbd-client, the kernel creates a "pid"
  file in sysfs, which contains the PID of the client and which the
  client (when called with -c, or in other cases) uses to verify whether
  a device is connected. At first glance, your patch does not do this,
  which could cause confusion.

I must admit I haven't checked your patch very well (my kernel fu isn't
that advanced) so I might have missed something, but I'd rather point
it out now than have to fix the pieces afterwards ;-)

-- 
It is easy to love a country that is famous for chocolate and beer

  -- Barack Obama, speaking in Brussels, Belgium, 2014-03-26
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ