Received: by 10.223.176.46 with SMTP id f43csp1572254wra; Wed, 24 Jan 2018 19:42:09 -0800 (PST) X-Google-Smtp-Source: AH8x226Wu+Ze+4/vvkCJe26lvoNZOLSsNW8s0N+1UnSUr5EdVNZ7VY9lwEeMxrlaDt7o53Nsi6Ia X-Received: by 10.98.47.193 with SMTP id v184mr14588889pfv.90.1516851729826; Wed, 24 Jan 2018 19:42:09 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1516851729; cv=none; d=google.com; s=arc-20160816; b=pb+qBiVwV6irpA7SWiZxqvM6WYpF2x25UVeC3ZFalL2EeekODfQDHrpReIlSkAao0B 03lwetHLrS0cYbMQxBjao6cUzUeTB5l7MX6Gw0mMn5Lv7r/OO0bhTGPZLmmKuIoR26hK Wu1ZtF5i1sxI7FEGDWqReo7RxzPQoib8U3jf8jIX+G1+2yMoXBG78E5aL7KWt8cQBDjB vxOCso7geTgECjQdRF7fPJQ2Tm21It7n0pEGpK6KiNszVB0UhsKOvwnWy9uuIO4DTnVe FkadbephoGk0yZn9NQ/AFOK+T1aIwXxhf6yWvygN2tUx65nzlRC3vhLG/zYcGuWyttE4 zzXQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:references:in-reply-to:message-id:date :subject:cc:to:from:dkim-signature:arc-authentication-results; bh=2Lwa3iYFDn8j4LVIzmjIK0gDF7tKOsuucKz/2hxDxIg=; b=tNn2ccv8FfC3xWeljW0Ct0qmwQbujg68iFz3EzBVqD1KUjK9O/0/fE4IT5dvHebOsS OfYXbEcTQuKVKndjDlA4A5JRM7aaf+SXcOjp4CuBjtOw7qBsvt0TysY8YtR7tqbAiK6P 2B5EAEaDY1Myr0jhXlVFeNhsVnsxP57tKv9Ci6CT2tCrKUI2sMDjVpbPyqUEHIVUpqyw j4QtJCz7NDg0seuCCJZ7DazR2xGg0tRa+nRN0DrCu/FYScNBeRqux1+O6kKSvGO99CAJ xl7jvEXHMElh6/2ImhqwLL56//GlZppD9CzFfOmtSroFPzOfjXT0VXyPT8I5q177zD5F IUng== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@cisco.com header.s=iport header.b=WW/Bkkhq; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=cisco.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 93-v6si1244717plc.515.2018.01.24.19.41.55; Wed, 24 Jan 2018 19:42:09 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@cisco.com header.s=iport header.b=WW/Bkkhq; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=cisco.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S933924AbeAYDj4 (ORCPT + 99 others); Wed, 24 Jan 2018 22:39:56 -0500 Received: from alln-iport-5.cisco.com ([173.37.142.92]:56485 "EHLO alln-iport-5.cisco.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S933394AbeAYDhb (ORCPT ); Wed, 24 Jan 2018 22:37:31 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=4385; q=dns/txt; s=iport; t=1516851451; x=1518061051; h=from:to:cc:subject:date:message-id:in-reply-to: references; bh=NWU4LY/nH5TMUYT9fw9A8+lrhtNXYJvc6/0WZT8FYuI=; b=WW/BkkhqkFf658Ip5csD49l3OSZQNEWeji2IpJmb5iLaBFi0Ukj5FIiB bCp7jRFbPq7jkgD3RgFrKjWO+q4Z0K8Zqg7OVaSFB7N2DKzjthdF6ega5 TQ5bsqqka8j5HT2SDluUc/TxXy/60JX3RALDrIhjJTKi3vUIkbdnTamGU A=; X-IronPort-AV: E=Sophos;i="5.46,409,1511827200"; d="scan'208";a="60755342" Received: from rcdn-core-6.cisco.com ([173.37.93.157]) by alln-iport-5.cisco.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 25 Jan 2018 03:27:58 +0000 Received: from sjc-ads-7132.cisco.com (sjc-ads-7132.cisco.com [10.30.217.207]) (authenticated bits=0) by rcdn-core-6.cisco.com (8.14.5/8.14.5) with ESMTP id w0P3Ruiq007601 (version=TLSv1/SSLv3 cipher=AES128-SHA256 bits=128 verify=NO); Thu, 25 Jan 2018 03:27:57 GMT From: Taras Kondratiuk To: "H. Peter Anvin" , Al Viro , Arnd Bergmann , Rob Landley , Mimi Zohar , Jonathan Corbet , James McMechan Cc: initramfs@vger.kernel.org, Victor Kamensky , linux-doc@vger.kernel.org, linux-kernel@vger.kernel.org, linux-security-module@vger.kernel.org, xe-linux-external@cisco.com Subject: [PATCH v2 01/15] Documentation: add newcx initramfs format description Date: Thu, 25 Jan 2018 03:27:41 +0000 Message-Id: <1516850875-25066-2-git-send-email-takondra@cisco.com> X-Mailer: git-send-email 2.7.4 In-Reply-To: <1516850875-25066-1-git-send-email-takondra@cisco.com> References: <1516850875-25066-1-git-send-email-takondra@cisco.com> X-Auto-Response-Suppress: DR, OOF, AutoReply X-Authenticated-User: takondra@cisco.com Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Many of the Linux security/integrity features are dependent on file metadata, stored as extended attributes (xattrs), for making decisions. These features need to be initialized during initcall and enabled as early as possible for complete security coverage. Initramfs (tmpfs) supports xattrs, but newc CPIO archive format does not support including them into the archive. This patch describes "extended" newc format (newcx) that is based on newc and has following changes: - extended attributes support - increased size of filesize to support files >4GB. - increased mtime field size to have usec precision and more than 32-bit of seconds. - removed unused checksum field. Signed-off-by: Taras Kondratiuk Signed-off-by: Mimi Zohar Signed-off-by: Victor Kamensky --- Documentation/early-userspace/buffer-format.txt | 46 ++++++++++++++++++++++--- 1 file changed, 41 insertions(+), 5 deletions(-) diff --git a/Documentation/early-userspace/buffer-format.txt b/Documentation/early-userspace/buffer-format.txt index e1fd7f9dad16..d818df4f72dc 100644 --- a/Documentation/early-userspace/buffer-format.txt +++ b/Documentation/early-userspace/buffer-format.txt @@ -24,6 +24,7 @@ grammar, where: + indicates concatenation GZIP() indicates the gzip(1) of the operand ALGN(n) means padding with null bytes to an n-byte boundary + [n] means size of field is n bytes initramfs := ("\0" | cpio_archive | cpio_gzip_archive)* @@ -31,20 +32,29 @@ grammar, where: cpio_archive := cpio_file* + ( | cpio_trailer) - cpio_file := ALGN(4) + cpio_header + filename + "\0" + ALGN(4) + data + cpio_file := (cpio_newc_file | cpio_newcx_file) + + cpio_newc_file := ALGN(4) + cpio_newc_header + filename + "\0" + \ + ALGN(4) + data + + cpio_newcx_file := ALGN(4) + cpio_newcx_header + filename + "\0" + \ + ALGN(4) + xattrs + ALGN(4) + data + + xattrs := xattr_entry* + + xattr_entry := xattr_size[8] + xattr_name + "\0" + xattr_value cpio_trailer := ALGN(4) + cpio_header + "TRAILER!!!\0" + ALGN(4) In human terms, the initramfs buffer contains a collection of -compressed and/or uncompressed cpio archives (in the "newc" or "crc" -formats); arbitrary amounts zero bytes (for padding) can be added -between members. +compressed and/or uncompressed cpio archives; arbitrary amounts +zero bytes (for padding) can be added between members. The cpio "TRAILER!!!" entry (cpio end-of-archive) is optional, but is not ignored; see "handling of hard links" below. -The structure of the cpio_header is as follows (all fields contain +The structure of the cpio_newc_header is as follows (all fields contain hexadecimal ASCII numbers fully padded with '0' on the left to the full width of the field, for example, the integer 4780 is represented by the ASCII string "000012ac"): @@ -81,6 +91,32 @@ algorithm used. If the filename is "TRAILER!!!" this is actually an end-of-archive marker; the c_filesize for an end-of-archive marker must be zero. +"Extended" newc format (newcx) +"newcx" cpio format extends "newc" by increasing size of some fields +and adding extended attributes support. cpio_newcx_header structure: + +Field name Field size Meaning +c_magic 6 bytes The string "070703" +c_ino 8 bytes File inode number +c_mode 8 bytes File mode and permissions +c_uid 8 bytes File uid +c_gid 8 bytes File gid +c_nlink 8 bytes Number of links +c_mtime 16 bytes Modification time (microseconds) +c_filesize 16 bytes Size of data field +c_maj 8 bytes Major part of file device number +c_min 8 bytes Minor part of file device number +c_rmaj 8 bytes Major part of device node reference +c_rmin 8 bytes Minor part of device node reference +c_namesize 8 bytes Length of filename, including final \0 +c_xattrs_size 8 bytes Size of xattrs field + +Most of the fields match cpio_newc_header except c_mtime that contains +microseconds. c_chksum field is dropped. + +xattr_size is a total size of xattr_entry including 8 bytes of +xattr_size. xattr_size has the same hexadecimal ASCII encoding as other +fields of cpio header. *** Handling of hard links -- 2.10.3.dirty