lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20200622210643.GN27801@bill-the-cat>
Date:   Mon, 22 Jun 2020 17:06:43 -0400
From:   Tom Rini <trini@...sulko.com>
To:     "H. Peter Anvin" <hpa@...or.com>
Cc:     ron minnich <rminnich@...il.com>,
        lkml - Kernel Mailing List <linux-kernel@...r.kernel.org>,
        Andrew Morton <akpm@...ux-foundation.org>,
        Borislav Petkov <bp@...e.de>,
        Dominik Brodowski <linux@...inikbrodowski.net>
Subject: Re: [PATCH] initrd: Remove erroneous comment

On Mon, Jun 22, 2020 at 01:48:45PM -0700, H. Peter Anvin wrote:
> On 2020-06-22 13:40, Tom Rini wrote:
> > On Mon, Jun 22, 2020 at 01:02:16PM -0700, ron minnich wrote:
> > 
> >> The other thing you ought to consider fixing:
> >> initrd is documented as follows:
> >>
> >>         initrd=         [BOOT] Specify the location of the initial ramdisk
> >>
> >> for bootloaders only.
> >>
> >> UEFI consumes initrd from the command line as well. As ARM servers
> >> increasingly use UEFI, there may be situations in which the initrd
> >> option doesn't make its way to the kernel? I don't know, UEFI is such
> >> a black box to me. But I've seen this "initrd consumption" happen.
> >>
> >> Based on docs, and the growing use of bootloaders that are happy to
> >> consume initrd= and not pass it to the kernel, you might be better off
> >> trying to move to the new command line option anyway.
> >>
> >> IOW, this comment may not be what people want to see, but ... it might
> >> also be right. Or possibly changed to:
> >>
> >> /*
> >>  * The initrd keyword is in use today on ARM, PowerPC, and MIPS.
> >>  * It is also reserved for use by bootloaders such as UEFI and may
> >>  * be consumed by them and not passed on to the kernel.
> >>  * The documentation also shows it as reserved for bootloaders.
> >>  * It is advised to move to the initrdmem= option whereever possible.
> >>  */
> > 
> > Fair warning, one of the other hats I wear is the chief custodian of the
> > U-Boot project.
> > 
> > Note that on most architectures in modern times the device tree is used
> > to pass in initrd type information and "initrd=" on the command line is
> > quite legacy.
> > 
> > But what do you mean UEFI "consumes" initrd= ?  It's quite expected that
> > when you configure grub/syslinux/systemd-boot/whatever via extlinux.conf
> > or similar with "initrd /some/file" something reasonable happens to
> > read that in to memory and pass along the location to Linux (which can
> > vary from arch to arch, when not using device tree).  I guess looking at 
> > Documentation/x86/boot.rst is where treating initrd= as a file that
> > should be handled and ramdisk_image / ramdisk_size set came from.  I do
> > wonder what happens in the case of ARM/ARM64 + UEFI without device tree.
> > 
> 
> UEFI plus the in-kernel UEFI stub is, in some ways, a "bootloader" in
> the traditional sense. It is totally fair that we should update the
> documentation with this as a different case, though, because it is part
> of the kernel tree and so the kernel now has partial ownership of the
> namespace.
> 
> I suggest "STUB" for "in-kernel firmware stub" for this purpose; no need
> to restrict it to a specific firmware for the purpose of namespace
> reservation.

With a little bit of quick digging, yes, it would be good to document
and be very clear which things are reserved for (and how are treated by)
the in-kernel firmware stub or "kernel EFI stub" or whatever name is
best for drivers/firmware/efi/libstub/.  I forget the last time we tried
booting a linux kernel EFI stub rather than grub/etc over in U-Boot
under our EFI loader support but it's reasonable to expect that it work.
Thanks!

-- 
Tom

Download attachment "signature.asc" of type "application/pgp-signature" (660 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ