Received: by 10.223.176.5 with SMTP id f5csp62324wra;
        Thu, 1 Feb 2018 15:35:53 -0800 (PST)
X-Google-Smtp-Source: AH8x225sAB6jTsO1fD9AgDg7+Oby2ozwsWAQ4DdZMOJVpkNRvvntcOpKoMxs4U4zdCyg2KJxVWB2
X-Received: by 10.99.139.196 with SMTP id j187mr359128pge.188.1517528153519;
        Thu, 01 Feb 2018 15:35:53 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1517528153; cv=none;
        d=google.com; s=arc-20160816;
        b=S5c8R6IOiH5e+sNq/j7p8RKtX7Jo3aY7uNpd/uvmvnZgztVtfRMNwGUf3N0nZFSxel
         jkw+EJKI9dZ2S6pZpBdpkVCzeFMPTDXqN/OCGqUXlMRbUj+28mmIdoGTzIr+M2OHud1Q
         YoP4X7b3EorFnuiQq9ZkztxhoNEnAs1H9c12xj/lrjy4ZwXD5BoO0rBxrenUmePYbb4r
         VnA2pCHHJGezjjlJZmei6QccYkpB3cqX89cKAqgsGLn+bcIGkMC/rtg533TOaDaQ1Sgg
         Tai1QLiNKVDr7f0RZmVBPxAFDlyZafdiu/9fHrWv2dRswIxmWTmQQjZLmG3GwqkuGvYG
         E2IQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:content-transfer-encoding
         :content-language:in-reply-to:mime-version:user-agent:date
         :message-id:from:references:cc:to:subject:dkim-signature
         :arc-authentication-results;
        bh=EP/X+caNgvEmT1s8gQX1wRLe8EpymstDb7t7iX/YB4E=;
        b=QRfCjJA4tZIUUBQ9r6TyZWRzDdV4WlEVq/nRPNfJO19KOPexW0OM1XsbjqPjkIG/DQ
         9vJa0WjxMtAt/hGbKkIXbYtUZcysKis7LJpp0CliC2O/tp73jrkDHNbbgvR5KsC0F8It
         AMXLgCDXsUsHkgmsMCoCLyWtjnx0f6/14RA4kCJ/cLOV1lR1Z5bjC7BNVyDqpNOi2LNc
         DHnu4BsA9jB7MNmgGtaI//IRZPp8zMQnKPW/MP/Vs6VllaScqvzLNqRY0O6wnkmZDMJg
         k4Sp09wOkerOGl1VhtLRQHeHzZFv31yF9KgwW7waVlVLQWUsPTZPnwLjBe/7gGJbRk51
         E8zA==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@landley-net.20150623.gappssmtp.com header.s=20150623 header.b=WVNZ/OGg;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id x5si423827pgo.709.2018.02.01.15.35.38;
        Thu, 01 Feb 2018 15:35:53 -0800 (PST)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@landley-net.20150623.gappssmtp.com header.s=20150623 header.b=WVNZ/OGg;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1751664AbeBAXev (ORCPT <rfc822;learnos2017@gmail.com>
        + 99 others); Thu, 1 Feb 2018 18:34:51 -0500
Received: from mail-io0-f196.google.com ([209.85.223.196]:35164 "EHLO
        mail-io0-f196.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1751574AbeBAXeo (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 1 Feb 2018 18:34:44 -0500
Received: by mail-io0-f196.google.com with SMTP id m11so21065793iob.2
        for <linux-kernel@vger.kernel.org>; Thu, 01 Feb 2018 15:34:44 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=landley-net.20150623.gappssmtp.com; s=20150623;
        h=subject:to:cc:references:from:message-id:date:user-agent
         :mime-version:in-reply-to:content-language:content-transfer-encoding;
        bh=EP/X+caNgvEmT1s8gQX1wRLe8EpymstDb7t7iX/YB4E=;
        b=WVNZ/OGg5gxTTVcISfb9MjvPeQRGFOuEp7VPWltYiqpoc0kFg3v/AKfvJ+DD80/i/U
         HwQyhAqIiEPpDeST9B/3JG00HLZyXB3lbE137SNEv9WYiuVfOh6LTgvE1rUS0233WA05
         p4CiB5BxxzV0dl0fvI0nf0yx0lA6iy2MOK9t2DtRZBgf0Q2j7mMzwGHEtQ7CP5x9hY0o
         AD2EdIpoMfUGTdQvTEf2IiPEC5xcUW6m74NBM3otxDP5AqGkBnmTOPCyvpS/ih1nvAUu
         XPTY/6Fh2T9yYvjx04ZRdDdQ7Q5V5J/J6VHtOCFMGK4oGVoGFjoY+rZ4E1cQJOwHeEJI
         WXPg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:subject:to:cc:references:from:message-id:date
         :user-agent:mime-version:in-reply-to:content-language
         :content-transfer-encoding;
        bh=EP/X+caNgvEmT1s8gQX1wRLe8EpymstDb7t7iX/YB4E=;
        b=NWXgbAehSUkLbA/pcvW1zv+h864zh9OLouECzrDwuZgYF3KOG2GMKd6uimUQdnz2g1
         F/1w7zocpXbLV6vLD+qC18vXdJQ6CMYIt6/mvoawJcWbjVBJcnsPqiAvpKOctLCwL3sB
         GL9U1A2SLhoxtfBmBtNfr4w2XXJI7sIoxC4mB0STzXVeJlD3pxIPNK/A+YWWVeP/X6Z5
         YDdxx5/pnsw+idW2h4F2LKakxyoZHqEOUNhgpqzoxOd7w8UuwLFjayI+bF2WRCjWK7oB
         yH6g69mSQM1tTbsEWYOnAb92bN2Eb9owkSyZdqC1PdI0/Xt/3m59RKcoxFSJohRJYoiA
         mg1Q==
X-Gm-Message-State: AKwxytdCgoJ86AKHzqA/m/KNL95uhj9NFmjflcznHb6/ZjFt9v/5EEj6
        BHyzDhnNpNq5LbZ09YuOoV/EzFtRKyA=
X-Received: by 10.107.167.136 with SMTP id q130mr26608600ioe.173.1517528083581;
        Thu, 01 Feb 2018 15:34:43 -0800 (PST)
Received: from [192.168.42.92] ([172.58.139.23])
        by smtp.googlemail.com with ESMTPSA id l69sm425091ioi.11.2018.02.01.15.34.42
        (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
        Thu, 01 Feb 2018 15:34:43 -0800 (PST)
Subject: Re: [RFC PATCH] rootfs: force mounting rootfs as tmpfs
To:     Taras Kondratiuk <takondra@cisco.com>,
        Arvind Sankar <nivedita@alum.mit.edu>,
        Mimi Zohar <zohar@linux.vnet.ibm.com>
Cc:     initramfs <initramfs@vger.kernel.org>,
        Victor Kamensky <kamensky@cisco.com>,
        linux-security-module <linux-security-module@vger.kernel.org>,
        Al Viro <viro@ZenIV.linux.org.uk>,
        linux-kernel <linux-kernel@vger.kernel.org>
References: <1517348777.3469.5.camel@linux.vnet.ibm.com>
 <1814af5c-170d-39c0-58fd-02eb7216e008@landley.net>
 <1517436423.3469.237.camel@linux.vnet.ibm.com>
 <a538e55c-81ca-6d59-20cf-21b47387c3e2@landley.net>
 <20180201020331.GA3774@rani.riverdale>
 <1517458921.3329.2.camel@linux.vnet.ibm.com>
 <f9112881-772c-2568-ebfa-d2ca807124e9@landley.net>
 <1517500500.3974.45.camel@linux.vnet.ibm.com>
 <875e5d2d-9ffe-14ab-090a-4a9632af0f35@landley.net>
 <1517521912.3619.0.camel@linux.vnet.ibm.com>
 <151752488608.10051.146219644323454814@takondra-t460s>
From:   Rob Landley <rob@landley.net>
Message-ID: <8d6b1fcc-1a21-1707-dd8e-43529e1d644c@landley.net>
Date:   Thu, 1 Feb 2018 17:34:41 -0600
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101
 Thunderbird/52.5.0
MIME-Version: 1.0
In-Reply-To: <151752488608.10051.146219644323454814@takondra-t460s>
Content-Type: text/plain; charset=utf-8
Content-Language: en-US
Content-Transfer-Encoding: 8bit
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org



On 02/01/2018 04:41 PM, Taras Kondratiuk wrote:
> Quoting Mimi Zohar (2018-02-01 13:51:52)
>> On Thu, 2018-02-01 at 11:09 -0600, Rob Landley wrote:
>>> On 02/01/2018 09:55 AM, Mimi Zohar wrote:
>>>> On Thu, 2018-02-01 at 09:20 -0600, Rob Landley wrote:
>>>>
>>>>>> With your patch and specifying "root=tmpfs", dracut is complaining:
>>>>>>
>>>>>> dracut: FATAL: Don't know how to handle 'root=tmpfs'
>>>>>> dracut: refusing to continue
>>>>>
>>>>> [googles]... I do not understand why this package exists.
>>>>>
>>>>> If you're switching to another root filesystem, using a tool that
>>>>> wikipedia[citation needed] says has no purpose but to switch to another
>>>>> root filesystem, (so let's reproduce the kernel infrastructure in
>>>>> userspace while leaving it the kernel too)... why do you need initramfs
>>>>> to be tmpfs? You're using it for half a second, then discarding it,
>>>>> what's the point of it being tmpfs?
>>>>
>>>> Unlike the kernel image which is signed by the distros, the initramfs
>>>> doesn't come signed, because it is built on the target system.  Even
>>>> if the initramfs did come signed, it is beneficial to measure and
>>>> appraise the individual files in the initramfs.
>>>
>>> You can still shoot yourself in the foot with tmpfs. People mount a /run
>>> and a /tmp and then as a normal user you can go
>>> https://twitter.com/landley/status/959103235305951233 and maybe the
>>> default should be a little more clever there...
>>>
>>> I'll throw it on the todo heap. :)
>>>
>>>>> Sigh. If people are ok with having rootfs just be tmpfs whenever tmpfs
>>>>> is configured in, even when you're then going to overmount it with
>>>>> something else like you're doing, let's just _remove_ the test. If it
>>>>> can be tmpfs, have it be tmpfs.
>>>>
>>>> Very much appreciated!
>>>
>>> Not yet tested, but something like the attached? (Sorry for the
>>> half-finished doc changes in there, I'm at work and have a 5 minute
>>> break. I can test properly this evening if you don't get to it...)
>>
>> Yes, rootfs is being mounted as tmpfs.
> 
> I don't think you can unconditionally replace ramfs with initramfs by
> default. Their behavior is different in some cases (e.g. pivot_root vs
> switch_root)

Both are switch_root, you can't pivot_root off of either one. (Yes, I
hit that bug and reported it, and they fixed it, back in the day...
http://lists.busybox.net/pipermail/busybox/2006-March/053529.html )

> and it can break many systems that expect ramfs by default.

The use case I told Mimi about off-list (since they stopped cc:ing the
list in one of their replies but the conversation continued) was the guy
who was extracting an initramfs bigger than 50% of system memory, which
worked with initramfs but failed with initmpfs. A quick google didn't
find the original message but it resulted in this blog entry from the
affected party:

http://www.lightofdawn.org/blog/?viewDetailed=00128

I.E. yeah, I know, I need to redo these patches tonight.

Rob