lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20180823191235.GA3243@localhost>
Date:   Thu, 23 Aug 2018 12:12:35 -0700
From:   Josh Triplett <josh@...htriplett.org>
To:     "Paul E. McKenney" <paulmck@...ux.vnet.ibm.com>
Cc:     nicolas.pitre@...aro.org, linux-kernel@...r.kernel.org
Subject: Re: Kernel-only deployments?

On Thu, Aug 23, 2018 at 10:43:59AM -0700, Paul E. McKenney wrote:
> Hello!
> 
> Does anyone do kernel-only deployments, for example, setting up an
> embedded device having a Linux kernel and absolutely no userspace
> whatsoever?

I would very much *like* to do this. One day I'd like to have a
CONFIG_USERSPACE that I can disable, and then just have the kernel call
an in-kernel main() where it would normally start init.

> Those who know me will not be at all surprised to learn that I went
> overboard making the resulting initrd as small as possible.  I started
> by throwing out everything not absolutely needed by the dash and sleep
> binaries, which got me down to about 2.5MB, 1.8MB of which was libc.
> This situation of course prompted me to create an initrd containing
> a statically linked binary named "init" and absolutely nothing else
> (not even /dev or /tmp directories), which weighs in at not quite 800KB.
> This is a great improvement over 10MB, to say nothing of 40MB, but 800KB
> for a C-language "for" loop containing nothing more than a single call to
> sleep()?  Much of the code is there for things that I might do (dl_open(),
> for example), but don't.  All I can say is that there clearly aren't many
> of us left who made heavy use of systems with naked-eye-visible bits!
> (Or naked-finger-feelable, for that matter.)

I have definitely built initramfs images containing nothing but a single
statically linked /init before.

If you want to make it even smaller, you could avoid linking in libc at
all, and just write a short assembly stub, but I don't know any way to
do that *portably* without writing raw assembly for each target
platform. That would get you down to a few kB though.

> This further prompted the idea of modifying kernel_init() to just loop
> forever, perhaps not even reaping orphaned zombies [*], given an appropriate
> Kconfig option and/or kernel boot parameter.  I obviously cannot justify
> this to save a sub-one-megabyte initrd for rcutorture, no matter how much
> a wasted 800K might have offended my 30-years-ago self.  If I take this
> next step, there have to be quite a few others benefiting significantly
> from it.

I would *love* to have support for omitting userspace entirely. And once
we have that, we can start ripping out so many other things...

One thought, though: that won't necessarily give you a representative
rcutorture experience, given that you need to test things like the
nohz-on-non-idle support, which interacts with "am I in userspace".

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ