| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20210313212528.2956377-1-linux@rasmusvillemoes.dk>
Date: Sat, 13 Mar 2021 22:25:26 +0100
From: Rasmus Villemoes <linux@...musvillemoes.dk>
To: Luis Chamberlain <mcgrof@...nel.org>,
Linus Torvalds <torvalds@...ux-foundation.org>,
Andrew Morton <akpm@...ux-foundation.org>
Cc: Jessica Yu <jeyu@...nel.org>, Borislav Petkov <bp@...en8.de>,
Jonathan Corbet <corbet@....net>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
linux-kernel@...r.kernel.org,
Nick Desaulniers <ndesaulniers@...gle.com>,
Rasmus Villemoes <linux@...musvillemoes.dk>
Subject: [PATCH v3 0/2] background initramfs unpacking, and CONFIG_MODPROBE_PATH
These two patches are independent, but better-together.
The second is a rather trivial patch that simply allows the developer
to change "/sbin/modprobe" to something else - e.g. the empty string,
so that all request_module() during early boot return -ENOENT early,
without even spawning a usermode helper, needlessly synchronizing with
the initramfs unpacking.
The first patch delegates decompressing the initramfs to a worker
thread, allowing do_initcalls() in main.c to proceed to the device_
and late_ initcalls without waiting for that decompression (and
populating of rootfs) to finish. Obviously, some of those later calls
may rely on the initramfs being available, so I've added
synchronization points in the firmware loader and usermodehelper paths
- there might be other places that would need this, but so far no one
has been able to think of any places I have missed.
There's not much to win if most of the functionality needed during
boot is only available as modules. But systems with a custom-made
.config and initramfs can boot faster, partly due to utilizing more
than one cpu earlier, partly by avoiding known-futile modprobe calls
(which would still trigger synchronization with the initramfs
unpacking, thus eliminating most of the first benefit).
Routing-wise, I hope akpm can handle both patches. Andrew, Luis?
v2 at <https://lore.kernel.org/lkml/20210309211700.2011017-1-linux@rasmusvillemoes.dk/>
Changes in v3:
- Make it asynchronous by default, and drop the CONFIG_ knob (Linus) -
the command line parameter escape hatch is still there.
With that change, it doesn't make sense to have wait_for_initramfs()
contain a micro-optimization in the form of an early return when
!initramfs_async.
I've opted to always push the work to the async machinery, but then
just do a wait_for_initramfs() in populate_rootfs when
!initramfs_async.
I did consider changing the name and sense of the command line
parameter to "initramfs_sync", but decided to keep the async, since
that's also the name of the subsystem being used.
- Add A-b, R-b to patch 2.
Rasmus Villemoes (2):
init/initramfs.c: do unpacking asynchronously
modules: add CONFIG_MODPROBE_PATH
.../admin-guide/kernel-parameters.txt | 12 ++++++
drivers/base/firmware_loader/main.c | 2 +
include/linux/initrd.h | 2 +
init/Kconfig | 12 ++++++
init/initramfs.c | 38 ++++++++++++++++++-
init/main.c | 1 +
kernel/kmod.c | 2 +-
kernel/umh.c | 2 +
8 files changed, 69 insertions(+), 2 deletions(-)
--
2.29.2
Powered by blists - more mailing lists